diff options
author | David Lawrence <dkl@mozilla.com> | 2015-03-11 15:26:14 +0100 |
---|---|---|
committer | David Lawrence <dkl@mozilla.com> | 2015-03-11 15:52:24 +0100 |
commit | 7c6230d6f8a9bd3311252c2c66cbb81b1053f5e2 (patch) | |
tree | b043e0dcbaf0595ccb143d8bb3bdcebcdd2dbaec /Bugzilla/WebService/Constants.pm | |
parent | d1a2eb853f7ae3af4f4985ddd25b4f32add7db70 (diff) | |
download | bugzilla-7c6230d6f8a9bd3311252c2c66cbb81b1053f5e2.tar.gz bugzilla-7c6230d6f8a9bd3311252c2c66cbb81b1053f5e2.tar.xz |
Bug 1141440 - OPTION response for CORS requests to REST doesn't allow X-Bugzilla headers
Diffstat (limited to 'Bugzilla/WebService/Constants.pm')
-rw-r--r-- | Bugzilla/WebService/Constants.pm | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index 34981c565..4678d468d 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -40,6 +40,8 @@ our @EXPORT = qw( REST_CONTENT_TYPE_WHITELIST WS_DISPATCH + + API_AUTH_HEADERS ); # This maps the error names in global/*-error.html.tmpl to numbers. @@ -295,4 +297,14 @@ sub WS_DISPATCH { return $dispatch; }; +# Custom HTTP headers that can be used for API authentication rather than +# passing as URL parameters. This is useful if you do not want sensitive +# information to show up in webserver log files. +use constant API_AUTH_HEADERS => { + X_BUGZILLA_LOGIN => 'Bugzilla_login', + X_BUGZILLA_PASSWORD => 'Bugzilla_password', + X_BUGZILLA_API_KEY => 'Bugzilla_api_key', + X_BUGZILLA_TOKEN => 'Bugzilla_token', +}; + 1; |