Ask Your Question

Swift CORS support for tempurl middleware

asked 2014-12-01 19:56:10 -0500

bgagnon gravatar image

Does OpenStack Swift Object Storage support cross-origin PUT requests (CORS) through the temporary url system?


  • generate temp url to non-existing object with method PUT in the signature
  • temp url is given to web page form
  • browser performs PUT request on the temp url with some data
  • browser's CORS security kicks in automatically
  • browser performs OPTIONS request on the tempurl
  • server responds with 401 Unauthorized : Temp URL invalid

Is this supposed to work? Must we add OPTIONS to the [filter:tempurl] section of /etc/swift/proxy-server.conf?

# Note: Put tempurl before dlo, slo and your auth filter(s) in the pipeline
use = egg:swift#tempurl
# The methods allowed with Temp URLs.

Must we add OPTIONS to the signature of the tempurl? What about the X-Container-Meta-Access-Control headers on the container?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2016-04-18 10:25:16 -0500

Schillinger gravatar image

For those who arrive here via Google...

Yes, but you must create a containerwith the proper CORS headers; see (


swift post corstest -H X-Container-Meta-Access-Control-Allow-Origin:* -H X-Container-Meta-Access-Control-Expose-Headers:* -v

All objects put into this container now support CORS, including for requests using tempurls. This will take care of your issues with the 401 on the OPTIONS call.

There is no need to modify the tempurl filter, nor request for the object at the tempurl.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-12-01 19:54:24 -0500

Seen: 684 times

Last updated: Dec 01 '14