undefined | Better HN

0 pointsnl12y ago0 comments

IMHO that's good. I've done some OpenStack work (a JS client), and I think it could benefit from an alternate implementation - there was too much reverse engineering involved.

0 comments

justinsb12y ago

Sounds interesting - would love a link to your work if it's open source!

nlOP12y ago

I raised a bug on CORS support[1], and then switched over to doing it all Serverside.

I was writing a cross-provider control console. Got a fair way along, but haven't released it.

[1]https://bugs.launchpad.net/oslo/+bug/987044

justinsb12y ago

Cool idea. I don't see any reason not to support CORS; all the OpenStack requests require a custom Auth http header anyway, so I don't think there's any danger in turning on CORS there. I didn't see anyone in the Launchpad bug report that was against it.

The only call that I think _might_ be dangerous to expose is the login API, but that should be rate-limited and / or have lockout anyway.

I've opened a bug to support CORS in FathomCloud. It's not a lot of work (I already have the filter in the repo, it's just not configured in). I just want to think it through to make sure it's safe: https://github.com/fathomdb/cloud/issues/50

1 more reply

j / k navigate · click thread line to collapse

0 comments

justinsb12y ago

Sounds interesting - would love a link to your work if it's open source!

nlOP12y ago

I raised a bug on CORS support[1], and then switched over to doing it all Serverside.

I was writing a cross-provider control console. Got a fair way along, but haven't released it.

[1]https://bugs.launchpad.net/oslo/+bug/987044

justinsb12y ago

The only call that I think _might_ be dangerous to expose is the login API, but that should be rate-limited and / or have lockout anyway.

1 more reply

j / k navigate · click thread line to collapse