laantungir/blossom
1
0
Fork 0
mirror of https://github.com/hzrd149/blossom.git synced 2025-12-08 14:58:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clarify authorization requirements in BUD-04: change MUST to MAY for the Authorization header and specify auth type

Browse Source
This commit is contained in:
hzrd149
2025-03-17 21:41:34 +00:00
parent 6105ea6a6f
commit 782d382ca7
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
buds/04.md
View File

@@ -19,11 +19,11 @@ Clients MUST pass the URL of the remote blob as a stringified JSON object in the
} }
``` ```
Clients MUST set the `Authorization` header to an upload authorization event defined in [BUD-02](./02.md#upload-authorization-required) Clients MAY set the `Authorization` header to an upload authorization event defined in [BUD-02](./02.md#upload-authorization-required). When using authorization, the event MUST be of type "upload".
The `/mirror` endpoint MUST download the blob from the specified URL and verify that there is at least one `x` tag in the authorization event matching the sha256 hash of the download blob The `/mirror` endpoint MUST download the blob from the specified URL and verify that there is at least one `x` tag in the authorization event matching the sha256 hash of the download blob
**Multiple `x` tags MUST NOT be interpreted as the user requesting a bulk mirror.** **Multiple `x` tags in the authorization event MUST NOT be interpreted as the user requesting a bulk mirror.**
The endpoint MUST return a [Blob Descriptor](#blob-descriptor) if the mirroring was successful or an error object if it was not The endpoint MUST return a [Blob Descriptor](#blob-descriptor) if the mirroring was successful or an error object if it was not