403 forbidden from Riak 1.2.0 when referer header is set

Fredrik Lindström Fredrik.Lindstrom at qbranch.se
Wed Aug 15 08:24:26 EDT 2012

Hi everyone,
One of the things we use Riak for is to serve images straight to the browser (obviously via a firewall etc etc). These images are displayed on our webpages so when the browser loads the page it will fire off GET requests for the image URLs and for good measure it will include a referer header when doing this. This works fine in production since we're still on Riak 1.0.2 but our dev and stage clusters have been upgraded to 1.2.0 and the story is a bit different there.
Riak will respond with 403 Forbidden if the referer header is set, the same is also logged in the access.log files.

I found this while digging around:
"Validate that the Referer matches up with scheme, host and port of the machine that received the request"

Since the referer (http://mysupderduperwebapp.xyz/snazzypage.html) will not match the scheme, host and port of the riak node that received the request no image will be served.
Is there any way to configure riak 1.2.0 to allow any referer header value?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.basho.com/pipermail/riak-users_lists.basho.com/attachments/20120815/be0345f0/attachment.html>

More information about the riak-users mailing list