Allow X-OpenStack-Nova-API-Version header in CORS

mnaser · mnaser · commit 6305ae491e86 · 2021-06-17T14:05:52.000Z
By default, we don't currently allow the Nova microversion header for CORS requests. It should be something that is included out of the box because it's part of the core API. Deployers can workaround this by overriding allow_headers, but we should provide a better experience out of the box. Closes-Bug: #1931908 Change-Id: Idf4650f36952331f02d7512580c21451f3ee3b63 (cherry picked from commit b02a95a)
diff --git a/nova/middleware.py b/nova/middleware.py
@@ -24,11 +24,15 @@ def set_defaults():
                        'X-Roles',
                        'X-Service-Catalog',
                        'X-User-Id',
-                       'X-Tenant-Id'],
+                       'X-Tenant-Id',
+                       'X-OpenStack-Nova-API-Version',
+                       'OpenStack-API-Version'],
         expose_headers=['X-Auth-Token',
                         'X-Openstack-Request-Id',
                         'X-Subject-Token',
-                        'X-Service-Token'],
+                        'X-Service-Token',
+                        'X-OpenStack-Nova-API-Version',
+                        'OpenStack-API-Version'],
         allow_methods=['GET',
                        'PUT',
                        'POST',
