laantungir/blossom
1
0
Fork 0
mirror of https://github.com/hzrd149/blossom.git synced 2025-12-12 15:58:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
cacfa520dd9b26f3f7220625d00798da5062422e
blossom/buds/04.md
Anthony Accioly cacfa520dd Clarify requirements around Content-Type and Content-Length 
- Specify that the server must return the MIME type in the Content-Type header for blob retrieval.
- Clarify fallback behaviour for unknown MIME types to application/octet-stream.
- Improve the description of how servers should infer MIME types and handle Content-Length for mirror requests.
2025-06-17 23:01:20 +01:00

2.2 KiB
Raw Blame History

BUD-04

Mirroring blobs

draft optional

Defines the /mirror endpoint

PUT /mirror - Mirror Blob

A server MAY expose a PUT /mirror endpoint to allow users to copy a blob from a URL instead of uploading it

Clients MUST pass the URL of the remote blob as a stringified JSON object in the request body

// request body...
{
  "url": "https://cdn.satellite.earth/b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553.pdf"
}

Clients MAY set the Authorization header to an upload authorization event defined in BUD-02. When using authorization, the event MUST be of type "upload".

The /mirror endpoint MUST download the blob from the specified URL and verify that there is at least one x tag in the authorization event matching the sha256 hash of the download blob

Multiple x tags in the authorization event MUST NOT be interpreted as the user requesting to mirror multiple blobs.

The endpoint MUST return a Blob Descriptor and a 2xx status code if the mirroring was successful or a 4xx status code and error message if it was not.

Servers SHOULD use the Content-Type header returned from the requested URL to infer the mime type of the blob. If the Content-Type header is not present they SHOULD attempt to detect the Content-Type from the blob contents and file extension, falling back to application/octet-stream if they cannot determine the type.

Servers MAY use the Content-Length header to determine the size of the blob.

Servers MAY reject a mirror request for any reason and MUST respond with the appropriate HTTP 4xx status code and an error message explaining the reason for the rejection.

Example Flow

  1. Client signs an upload authorization event and uploads blob to Server A
  2. Server A returns a Blob Descriptor with the url
  3. Client sends the url to Server B /mirror using the original upload authorization event
  4. Server B downloads the blob from Server A using the url
  5. Server B verifies the downloaded blob hash matches the x tag in the authorization event
  6. Server B returns a Blob Descriptor