laantungir
/
blossom
mirror of https://github.com/hzrd149/blossom.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clarify authorization requirements in BUD-04: change `MUST` to `MAY` for the `Authorization` header and specify auth type

This commit is contained in:
hzrd149 2025-03-17 21:41:34 +00:00
parent 6105ea6a6f
commit 782d382ca7
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
buds/04.md
View File

@ -19,11 +19,11 @@ Clients MUST pass the URL of the remote blob as a stringified JSON object in the
}
```
Clients MUST set the `Authorization` header to an upload authorization event defined in [BUD-02](./02.md#upload-authorization-required)
Clients MAY set the `Authorization` header to an upload authorization event defined in [BUD-02](./02.md#upload-authorization-required). When using authorization, the event MUST be of type "upload".
The `/mirror` endpoint MUST download the blob from the specified URL and verify that there is at least one `x` tag in the authorization event matching the sha256 hash of the download blob
**Multiple `x` tags MUST NOT be interpreted as the user requesting a bulk mirror.**
**Multiple `x` tags in the authorization event MUST NOT be interpreted as the user requesting a bulk mirror.**
The endpoint MUST return a [Blob Descriptor](#blob-descriptor) if the mirroring was successful or an error object if it was not