diff options
author | David Lawrence <dkl@mozilla.com> | 2015-03-11 15:26:14 +0100 |
---|---|---|
committer | David Lawrence <dkl@mozilla.com> | 2015-03-11 15:26:14 +0100 |
commit | c3b984aa204bdb318b05302ab50702b789c305b0 (patch) | |
tree | f33eb6bbfa25bf771848e22b026733f8b2d0d67b /Bugzilla/WebService/Constants.pm | |
parent | 74fb163c93ccb10475f507b4b1fe7f4817990a10 (diff) | |
download | bugzilla-c3b984aa204bdb318b05302ab50702b789c305b0.tar.gz bugzilla-c3b984aa204bdb318b05302ab50702b789c305b0.tar.xz |
Bug 1141440: OPTION response for CORS requests to REST doesn't allow X-Bugzilla headers
r=glob,a=glob
Diffstat (limited to 'Bugzilla/WebService/Constants.pm')
-rw-r--r-- | Bugzilla/WebService/Constants.pm | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index cf2666551..42aa600ee 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -33,6 +33,8 @@ our @EXPORT = qw( REST_CONTENT_TYPE_WHITELIST WS_DISPATCH + + API_AUTH_HEADERS ); # This maps the error names in global/*-error.html.tmpl to numbers. @@ -313,6 +315,16 @@ sub WS_DISPATCH { return $dispatch; }; +# Custom HTTP headers that can be used for API authentication rather than +# passing as URL parameters. This is useful if you do not want sensitive +# information to show up in webserver log files. +use constant API_AUTH_HEADERS => { + X_BUGZILLA_LOGIN => 'Bugzilla_login', + X_BUGZILLA_PASSWORD => 'Bugzilla_password', + X_BUGZILLA_API_KEY => 'Bugzilla_api_key', + X_BUGZILLA_TOKEN => 'Bugzilla_token', +}; + 1; =head1 B<Methods in need of POD> |