On 04/24/2012 10:19 AM, Nick Lothian wrote:
JSONP is great, but won't work with POST requests.
I don't quite understand what "Due to the redirect nature of the auth
system" means, though.
Sorry, I am working on a few things that are related. OpenID and
various other systems have issues along these lines that are due to the
fact that they are done with redirects. UI'll try to be clearer in the
future.
That actually works fine because the token is not in the header when it
comes from Keystone. However, if you were to post toa web app that
then needed to make your browser post to a remote system (which is where
the same origin policy comes in to play) you need to set that Auth
token into a custom header, and Javascript is forbidden to do that.
Yes, the Javascript can say "post to glance" or some other openstack
API server, but it can't set the X auth header with the token from
Keystone in order to make the call authenticated.
Nick
On Tue, Apr 24, 2012 at 8:57 PM, Sandy Walsh
<[email protected] <mailto:[email protected]>> wrote:
Due to the redirect nature of the auth system we may need JSONP
support
for this to work.
_______________________________________________
Mailing list: https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack>
Post to : [email protected]
<mailto:[email protected]>
Unsubscribe : https://launchpad.net/~openstack
<https://launchpad.net/%7Eopenstack>
More help : https://help.launchpad.net/ListHelp
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : [email protected]
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : [email protected]
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
