Story #14020

[keep-web] Instruct browsers to allow webdav headers in cross-origin requests

Added by Tom Clegg almost 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Start date:
08/20/2018
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
0.5
Release:
Release relationship:
Auto

Description

Some WebDAV operations (like COPY and MOVE) supply flags/arguments as HTTP request headers (like Destination). In order for a web browser to use these, keep-web has to list them in the Access-Control-Allow-Headers header in its pre-flight response.

Currently keep-web sends

Access-Control-Allow-Headers: Authorization, Content-Type, Range
The WebDAV request headers should be added:
  • Depth
  • Destination
  • If
  • Lock-Token
  • Overwrite
  • Timeout

ref: https://tools.ietf.org/html/rfc4918 section 21.3


Subtasks

Task #14049: Review 14020-webdav-corsResolvedPeter Amstutz

Associated revisions

Revision 5c1d46ab
Added by Tom Clegg almost 2 years ago

Merge branch '14020-webdav-cors'

closes #14020

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <>

History

#1 Updated by Tom Morris almost 2 years ago

  • Target version set to 2018-09-05 Sprint
  • Story points set to 0.5

#2 Updated by Peter Amstutz almost 2 years ago

  • Assigned To set to Peter Amstutz

#3 Updated by Peter Amstutz almost 2 years ago

  • Assigned To changed from Peter Amstutz to Fuad Muhic

#4 Updated by Peter Amstutz almost 2 years ago

  • Assigned To deleted (Fuad Muhic)

#5 Updated by Tom Clegg almost 2 years ago

  • Status changed from New to In Progress
  • Assigned To set to Tom Clegg

#7 Updated by Peter Amstutz almost 2 years ago

Tom Clegg wrote:

14020-webdav-cors @ 1a373b5f2c37cead0fe41482805fdb93ca871e37

LGTM

#8 Updated by Tom Clegg almost 2 years ago

  • Status changed from In Progress to Resolved

#9 Updated by Ward Vandewege almost 2 years ago

  • Release set to 13

Also available in: Atom PDF