Actions
Story #14020
closed[keep-web] Instruct browsers to allow webdav headers in cross-origin requests
Start date:
08/20/2018
Due date:
% Done:
100%
Estimated time:
(Total: 0.00 h)
Story points:
0.5
Release:
Release relationship:
Auto
Description
Some WebDAV operations (like COPY and MOVE) supply flags/arguments as HTTP request headers (like Destination). In order for a web browser to use these, keep-web has to list them in the Access-Control-Allow-Headers header in its pre-flight response.
Currently keep-web sends
Access-Control-Allow-Headers: Authorization, Content-Type, RangeThe WebDAV request headers should be added:
- Depth
- Destination
- If
- Lock-Token
- Overwrite
- Timeout
ref: https://tools.ietf.org/html/rfc4918 section 21.3
Updated by Tom Morris over 6 years ago
- Target version set to 2018-09-05 Sprint
- Story points set to 0.5
Updated by Peter Amstutz over 6 years ago
- Assigned To changed from Peter Amstutz to Fuad Muhic
Updated by Tom Clegg over 6 years ago
- Status changed from New to In Progress
- Assigned To set to Tom Clegg
Updated by Tom Clegg over 6 years ago
14020-webdav-cors @ 1a373b5f2c37cead0fe41482805fdb93ca871e37
Updated by Peter Amstutz over 6 years ago
Updated by Tom Clegg over 6 years ago
- Status changed from In Progress to Resolved
Applied in changeset arvados|5c1d46ab958097eb0da1ca692af23345e1faf66c.
Actions