From 30b97f2367ed078a7fe278c79518cd6d8c1162b0 Mon Sep 17 00:00:00 2001 From: Tim Burke Date: Tue, 19 Apr 2016 09:41:50 -0700 Subject: [PATCH] Drop X-Auth-Token from all versioned_writes subrequests It is not necessary for versioned_writes to function (all of these were pre-authed requests anyway), and transaction ID should be used to trace requests instead. Change-Id: If55c1586aa38f9a3bc9e1d00768ca00201af94cd --- swift/common/middleware/versioned_writes.py | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/swift/common/middleware/versioned_writes.py b/swift/common/middleware/versioned_writes.py index ae091cff20..2010d29d6e 100644 --- a/swift/common/middleware/versioned_writes.py +++ b/swift/common/middleware/versioned_writes.py @@ -256,16 +256,12 @@ class VersionedWritesContext(WSGIContext): yield sublisting def _get_source_object(self, req, path_info): - # make a GET request to check object versions - _headers = {'X-Newest': 'True', - 'x-auth-token': req.headers.get('x-auth-token')} - # make a pre_auth request in case the user has write access # to container, but not READ. This was allowed in previous version # (i.e., before middleware) so keeping the same behavior here get_req = make_pre_authed_request( req.environ, path=path_info, - headers=_headers, method='GET', swift_source='VW') + headers={'X-Newest': 'True'}, method='GET', swift_source='VW') source_resp = get_req.get_response(self.app) if source_resp.content_length is None or \ @@ -282,7 +278,6 @@ class VersionedWritesContext(WSGIContext): swift_source='VW') copy_header_subset(source_resp, put_req, lambda k: k.lower() != 'x-timestamp') - put_req.headers['x-auth-token'] = req.headers.get('x-auth-token') put_req.environ['wsgi.input'] = FileLikeIter(source_resp.app_iter) return put_req.get_response(self.app)