Project

General

Profile

Actions
Copy link

Story #14020

closed

[keep-web] Instruct browsers to allow webdav headers in cross-origin requests

Added by Tom Clegg over 6 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Tom Clegg
Category:
-
Target version:
2018-09-05 Sprint
Start date:
08/20/2018
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
0.5
Release:
Arvados 1.2
Release relationship:
Auto

Description

Some WebDAV operations (like COPY and MOVE) supply flags/arguments as HTTP request headers (like Destination). In order for a web browser to use these, keep-web has to list them in the Access-Control-Allow-Headers header in its pre-flight response.

Currently keep-web sends

Access-Control-Allow-Headers: Authorization, Content-Type, Range
The WebDAV request headers should be added:
  • Depth
  • Destination
  • If
  • Lock-Token
  • Overwrite
  • Timeout

ref: https://tools.ietf.org/html/rfc4918 section 21.3

Subtasks 1 (0 open1 closed)

Task #14049: Review 14020-webdav-corsResolvedPeter Amstutz08/20/2018

Actions
Actions
Copy link

Also available in: Atom PDF