From 1fe8c0bac1fe5590e14c4fca711a2aa5ab5dd101 Mon Sep 17 00:00:00 2001
From: Michael Krotscheck <krotscheck@gmail.com>
Date: Fri, 8 Jan 2016 10:42:32 -0800
Subject: [PATCH] Added Keystone and RequestID headers to CORS middleware

CORS middleware's latent configuration feature, new in 3.0.0,
allows adding headers that apply to all valid origins.
This patch adds headers commonly used in openstack to trove's
paste pipeline, so that operators do not have to be aware of
additional configuration magic to ensure that browsers can talk
to the API.

For more information:
http://docs.openstack.org/developer/oslo.middleware/cors.html#configuration-for-pastedeploy

Change-Id: Idf2cd7a0d0d701002f2c1f178475da39ae1a9caf
---
 etc/trove/api-paste.ini | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/etc/trove/api-paste.ini b/etc/trove/api-paste.ini
index ea3612b937..f7cac61ecd 100644
--- a/etc/trove/api-paste.ini
+++ b/etc/trove/api-paste.ini
@@ -22,6 +22,9 @@ paste.filter_factory = trove.common.auth:AuthorizationMiddleware.factory
 [filter:cors]
 paste.filter_factory = oslo_middleware.cors:filter_factory
 oslo_config_project = trove
+latent_allow_headers = X-Auth-Token, X-Identity-Status, X-Roles, X-Service-Catalog, X-User-Id, X-Tenant-Id, X-OpenStack-Request-ID
+latent_expose_headers = X-Auth-Token, X-Subject-Token, X-Service-Token, X-OpenStack-Request-ID
+latent_allow_methods = GET, PUT, POST, DELETE, PATCH
 
 [filter:contextwrapper]
 paste.filter_factory = trove.common.wsgi:ContextMiddleware.factory