Last active
December 5, 2017 07:17
-
-
Save evrardjp/5f1ae8d1afdf7b23d3224bc55388adab to your computer and use it in GitHub Desktop.
CORS using OSA. Chose the one you prefer!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Please define external_horizon_fqdn below | |
#external_horizon_fqdn: | |
cors_overrides: | |
cors: | |
# Logan said: i mean as long as headers like 'origin' aren't missing from service defaults you should be in good shape | |
# Only the first "allow_headers" entry, origin, is an override. See LP bug | |
# 1680062 for why this is necessary. The rest of the headers are defined in | |
# glance's code base but must be included to avoid removing them with the | |
# override. | |
allow_headers: origin,content-md5,x-image-meta-checksum,x-storage-token,accept-encoding,x-auth-token,x-identity-status,x-roles,x-service-catalog,x-user-id,x-tenant-id,x-openstack-request-id | |
# if you don't define external_horizon_fqdn, this will default to any ip, which is insecure. | |
allowed_origin: "{{ external_horizon_fqdn | default('*') }}" | |
allow_methods: "GET,POST,PUT,PATCH,DELETE" | |
keystone_keystone_conf_overrides: "{{ cors_overrides }}" | |
nova_nova_conf_overrides: "{{ cors_overrides }}" | |
swift_swift_conf_overrides: "{{ cors_overrides }}" | |
cinder_cinder_conf_overrides: "{{ cors_overrides }}" | |
neutron_neutron_conf_overrides: "{{ cors_overrides }}" | |
glance_glance_api_conf_overrides: "{{ cors_overrides }}" | |
ironic_ironic_conf_overrides: "{{ cors_overrides }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Please define external_horizon_fqdn below | |
#external_horizon_fqdn: | |
cors_overrides: &cors | |
cors: | |
# Logan said: i mean as long as headers like 'origin' aren't missing from service defaults you should be in good shape | |
# Only the first "allow_headers" entry, origin, is an override. See LP bug | |
# 1680062 for why this is necessary. The rest of the headers are defined in | |
# glance's code base but must be included to avoid removing them with the | |
# override. | |
allow_headers: origin,content-md5,x-image-meta-checksum,x-storage-token,accept-encoding,x-auth-token,x-identity-status,x-roles,x-service-catalog,x-user-id,x-tenant-id,x-openstack-request-id | |
# if you don't define external_horizon_fqdn, this will default to any ip, which is insecure. | |
allowed_origin: "{{ external_horizon_fqdn | default('*') }}" | |
allow_methods: "GET,POST,PUT,PATCH,DELETE" | |
# if you need an extra override for keystone.conf, but still keep this one, and you don't like the combine filter. | |
keystone_keystone_conf_overrides: | |
<<: *cors | |
other: | |
override | |
nova_nova_conf_overrides: | |
<<: *cors | |
swift_swift_conf_overrides: | |
<<: *cors | |
cinder_cinder_conf_overrides: | |
<<: *cors | |
neutron_neutron_conf_overrides: | |
<<: *cors | |
glance_glance_api_conf_overrides: | |
<<: *cors | |
ironic_ironic_conf_overrides: | |
<<: *cors |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment