Add endpoint info in OPTIONS

[leplatrem]

With django rest framework, that's what we obtain with OPTIONS:

➜  ~ http OPTIONS https://x.x.x.x/api/fr/reports/report
HTTP/1.1 200 OK
Allow: POST, OPTIONS
Connection: close
Content-Language: fr
Content-Type: application/json
Date: Wed, 06 Jul 2016 15:01:46 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept, Accept-Language, Cookie

{
    "actions": {
        "POST": {
            "category": {
                "label": "Catégorie", 
                "read_only": false, 
                "required": false, 
                "type": "field"
            }, 
            "comment": {
                "label": "Commentaire", 
                "read_only": false, 
                "required": false, 
                "type": "string"
            }
        }
    }, 
    "description": "Send report", 
    "name": "Report", 
    "parses": [
        "application/json", 
        "application/x-www-form-urlencoded", 
        "multipart/form-data"
    ], 
    "renders": [
        "application/json", 
        "application/json", 
        "text/html"
    ]
}

On Kinto (via Cornice), we have a 400 if we don't provide CORS headers:

➜  ~ http OPTIONS https://kinto.dev.mozaws.net/v1/buckets                              
HTTP/1.1 400 Bad Request
Connection: keep-alive
Content-Length: 324
Content-Type: application/json; charset=UTF-8
Date: Wed, 06 Jul 2016 15:13:05 GMT
Server: nginx

{
    "code": 400, 
    "details": [
        {
            "description": "this header is mandatory", 
            "location": "header", 
            "name": "Origin"
        }, 
        {
            "description": "this header is mandatory", 
            "location": "header", 
            "name": "Access-Control-Request-Method"
        }
    ], 
    "errno": 107, 
    "error": "Invalid parameters", 
    "message": "Access-Control-Request-Method in header: this header is mandatory"
}

Providing the required headers, we only receive null:

➜  ~ http OPTIONS https://kinto.dev.mozaws.net/v1/buckets "Origin:http://localhost" "Access-Control-Request-Method:GET"
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Length,Expires,Backoff,Retry-After,Last-Modified,Total-Records,ETag,Pragma,Cache-Control,Alert,Next-Page
Access-Control-Allow-Methods: GET,HEAD,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 4
Content-Type: application/json; charset=UTF-8
Date: Wed, 06 Jul 2016 15:16:17 GMT
Server: nginx

null

It would be nice if we'd mimic what DRF does!

Related: #631 swagger

/cc @almet

[gabisurita]

Once we get cornice_swagger to work we could provide the OpenAPI documentation for the path at this endpoint with almost no effort, but if we want to support it, it would be a good idea to change a bit the design of #1033. Opinions?

[glasserc]

I think providing the OpenAPI documentation for an endpoint is the easiest way to solve this issue, but I don't think solving this issue is itself the highest priority.

[leplatrem]

Closed by #1078