Support adding PUT headers for object storage from Rails
As revealed in https://gitlab.com/gitlab-org/gitlab-ce/issues/49957, Rails
generates a signed URL with a fixed HTTP header with Content-Type: application/octet-stream
. However, if we change or remove that for
some reason in Workhorse, this breaks the upload with a 403 Unauthorized because
the signed URL is not valid.
We can make this more robust by doing the following:
- In the
/uploads/authorize
request, Rails can return aPutHeaders
key-value pair in the JSON response containing the required headers that the PUT request must include. - Use those HTTP headers if that value is present.
- For backwards compatibility, if that key is not present, default to
the old behavior of sending the fixed
Content-Type
header.
See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/21319.