OpenStack Identity (keystone)

Header format causes trouble webob

Bug #835045 reported by Rick Harris
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)
Invalid
High
Dolph Mathews

Bug Description

Both Nova and Glance use webob to encapsulate HTTP requests.

Webob canoncalizes headers, changing the underscore '_' to a dash '-':

http://paste.openstack.org/show/2295/

This is a problem because it means that `nova_auth_token` and `glance_auth_token` shims may not work since webob may have changed 'X_ROLE' to 'X-Role'.

Googling around, it seems like many proxies do some form of header canonicalization, so, this really isn't just a webob problem.

Given that dashes are the standard, we should probably switch over to using them for max compatibility.

Joe Savak (jsavak)
Changed in keystone:
importance: Undecided → Medium
Ziad Sawalha (ziad-sawalha)
Changed in keystone:
milestone: none → essex-3
importance: Medium → High
Joe Savak (jsavak)
Changed in keystone:
assignee: nobody → Dolph Mathews (dolph)
Revision history for this message
Dolph Mathews (dolph) wrote :

My understanding is that the WSGI spec (PEP-333) says that the "environ parameter is a dictionary object, containing CGI-style environment variables." In turn, the CGI spec (RFC-3875) explicitly defines the grammar for environment meta-variables (section 4.1), based on the HTTP spec (section 4.2 & 2.2, RFC-2616), but also narrows the grammar for implementation-defined HTTP variables as "HTTP_X_*", which I'm guessing establishes the convention for normalizing to all underscores (HTTP_X_AUTH_TOKEN in the CGI env. Our own spec defines our HTTP headers Using-Hyphens (X-Auth-Token).

Looking through the keystone codebase, we appear to always read/write to/from the dictionary of CGI-style environment variables using underscores, and always read/write raw HTTP headers using hyphens, which appears to follow both the convention and our defined spec concerning headers.

If there's a specific usage I missed which is causing issues, please point it out, otherwise I think we can close this for e3.

PEP-333: http://www.python.org/dev/peps/pep-0333/
RFC-3875: http://www.ietf.org/rfc/rfc3875
RFC-2616: http://www.ietf.org/rfc/rfc2616.txt

Changed in keystone:
status: New → Invalid
Thierry Carrez (ttx)
Changed in keystone:
milestone: essex-3 → none
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.