2.2 KiB
BUD-04
Mirroring blobs
draft optional
Defines the /mirror endpoint
PUT /mirror - Mirror Blob
A server MAY expose a PUT /mirror endpoint to allow users to copy a blob from a URL instead of uploading it
Clients MUST pass the URL of the remote blob as a stringified JSON object in the request body
// request body...
{
"url": "https://cdn.satellite.earth/b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553.pdf"
}
Clients MAY set the Authorization header to an upload authorization event defined in BUD-02. When using authorization, the event MUST be of type "upload".
The /mirror endpoint MUST download the blob from the specified URL and verify that there is at least one x tag in the authorization event matching the sha256 hash of the download blob
Multiple x tags in the authorization event MUST NOT be interpreted as the user requesting to mirror multiple blobs.
The endpoint MUST return a Blob Descriptor and a 2xx status code if the mirroring was successful
or a 4xx status code and error message if it was not.
The destination server SHOULD use the Content-Type header returned from the origin server to infer the mime type of
the blob. If the Content-Type header is not present the destination server SHOULD attempt to detect the Content-Type
from the blob contents and file extension, falling back to application/octet-stream if it cannot determine the type.
Servers MAY use the Content-Length header to determine the size of the blob.
Servers MAY reject a mirror request for any reason and MUST respond with the appropriate HTTP 4xx status code and an error message explaining the reason for the rejection.
Example Flow
- Client signs an
uploadauthorization event and uploads blob to Server A - Server A returns a Blob Descriptor with the
url - Client sends the
urlto Server B/mirrorusing the originaluploadauthorization event - Server B downloads the blob from Server A using the
url - Server B verifies the downloaded blob hash matches the
xtag in the authorization event - Server B returns a Blob Descriptor