Commit Graph

12 Commits

Author SHA1 Message Date
Stephen J Day
1944be9db3 Stronger validation for uuid field in urls
This change adds strong validation for the uuid variable for v2 routes. This is
a minor specification change but is okay since the uuid field is controlled by
the server. The character set is restricted to avoid path traversal, allowing
for alphanumeric values and urlsafe base64 encoding.

This change has no effect on client implementations.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-04-01 18:57:59 -07:00
Nghia Tran
5e06d6500c Update api.md
It seems a few places "download" instead of "upload".

Signed-off-by: Nghia Tran <tcnghia@gmail.com>
2015-03-20 07:56:30 -07:00
Stephen Day
ac550484be Merge pull request #226 from stevvooe/json-canonicalization
doc/spec: canonicalized JSON format for distribution APIs
2015-03-16 13:21:39 -07:00
Stephen J Day
e891939ebc spec: Canonicalized JSON Format for Distribution APIs
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-16 13:03:02 -07:00
Stephen J Day
f536633ca8 spec: fetch manifests by tag or digest
Manifests are now fetched by a field called "reference", which may be a tag or
a digest. When using digests to reference a manifest, the data is immutable.
The routes and specification have been updated to allow this.

There are a few caveats to this approach:

1. It may be problematic to rely on data format to differentiate between a tag
   and a digest. Currently, they are disjoint but there may modifications on
   either side that break this guarantee.
2. The caching characteristics of returned content are very different for
   digest versus tag-based references. Digest urls can be cached forever while tag
   urls cannot.

Both of these are minimal caveats that we can live with in the future.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-04 21:39:36 -08:00
xiekeyang
4f9a6782bb patch #222 to api.md.tmpl 2015-03-05 13:12:27 +08:00
Stephen Day
16d8b2c34d Merge pull request #213 from stevvooe/docker-upload-uuid
doc/spec, registry/handlers: specify and implement Docker-Upload-UUID
2015-03-02 10:51:15 -08:00
xiekeyang
10841a068d jump to relevant issue page 2015-02-28 11:38:38 +08:00
xiekeyang
d46cf006a3 update api.md 2015-02-28 11:02:47 +08:00
Stephen J Day
996235dc59 Specify and implement Docker-Upload-UUID
This changeset adds support for a header to identify docker upload uuids. This
id can be used as a key to manage local state for resumable uploads. The goal
is remove the necessity for a client to parse the url to get an upload uuid.
The restrictions for clients to use the location header are still strongly in
place.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 16:43:47 -08:00
Josh Hawn
a46af29783 Documentation for Token based Auth
Outlines the format of the tokens and how they are verified.

Outlines how clients should respond to bearer token authorization
challenges.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-02-10 18:15:14 -08:00
Stephen J Day
b429176dd7 Move API specification into correct position
The goal is to maintain a specification heirarchy under doc/spec. This change
sets the example. The Makefile has also been changed update the AUTHORS file
and can now generate the specification.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-06 17:49:50 -08:00