Add ability to set arbitrary headers
This is useful if you want to add headers for things like HTTP Strict Transport Security or HTTP Public Key Pinning.
This commit is contained in:
parent
1f3bc4bfea
commit
39bb999db6
27
headers.go
Normal file
27
headers.go
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
type addheaders struct {
|
||||||
|
h http.Handler
|
||||||
|
headers []string
|
||||||
|
}
|
||||||
|
|
||||||
|
func (a addheaders) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||||
|
for _, header := range a.headers {
|
||||||
|
headerSplit := strings.SplitN(header, ": ", 2)
|
||||||
|
w.Header().Add(headerSplit[0], headerSplit[1])
|
||||||
|
}
|
||||||
|
|
||||||
|
a.h.ServeHTTP(w, r)
|
||||||
|
}
|
||||||
|
|
||||||
|
func AddHeaders(headers []string) func(http.Handler) http.Handler {
|
||||||
|
fn := func(h http.Handler) http.Handler {
|
||||||
|
return addheaders{h, headers}
|
||||||
|
}
|
||||||
|
return fn
|
||||||
|
}
|
16
server.go
16
server.go
@ -10,6 +10,7 @@ import (
|
|||||||
"os"
|
"os"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/GeertJohan/go.rice"
|
"github.com/GeertJohan/go.rice"
|
||||||
@ -20,6 +21,17 @@ import (
|
|||||||
"github.com/zenazn/goji/web/middleware"
|
"github.com/zenazn/goji/web/middleware"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
type headerList []string
|
||||||
|
|
||||||
|
func (h *headerList) String() string {
|
||||||
|
return strings.Join(*h, ",")
|
||||||
|
}
|
||||||
|
|
||||||
|
func (h *headerList) Set(value string) error {
|
||||||
|
*h = append(*h, value)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
var Config struct {
|
var Config struct {
|
||||||
bind string
|
bind string
|
||||||
filesDir string
|
filesDir string
|
||||||
@ -40,6 +52,7 @@ var Config struct {
|
|||||||
remoteUploads bool
|
remoteUploads bool
|
||||||
authFile string
|
authFile string
|
||||||
remoteAuthFile string
|
remoteAuthFile string
|
||||||
|
addHeaders headerList
|
||||||
}
|
}
|
||||||
|
|
||||||
var Templates = make(map[string]*pongo2.Template)
|
var Templates = make(map[string]*pongo2.Template)
|
||||||
@ -69,6 +82,7 @@ func setup() *web.Mux {
|
|||||||
policy: Config.contentSecurityPolicy,
|
policy: Config.contentSecurityPolicy,
|
||||||
frame: Config.xFrameOptions,
|
frame: Config.xFrameOptions,
|
||||||
}))
|
}))
|
||||||
|
mux.Use(AddHeaders(Config.addHeaders))
|
||||||
|
|
||||||
if Config.authFile != "" {
|
if Config.authFile != "" {
|
||||||
mux.Use(UploadAuth(AuthOptions{
|
mux.Use(UploadAuth(AuthOptions{
|
||||||
@ -205,6 +219,8 @@ func main() {
|
|||||||
"value of Content-Security-Policy header for file access")
|
"value of Content-Security-Policy header for file access")
|
||||||
flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN",
|
flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN",
|
||||||
"value of X-Frame-Options header")
|
"value of X-Frame-Options header")
|
||||||
|
flag.Var(&Config.addHeaders, "addheader",
|
||||||
|
"Add an arbitrary header to the response. This option can be used multiple times.")
|
||||||
|
|
||||||
iniflags.Parse()
|
iniflags.Parse()
|
||||||
|
|
||||||
|
@ -52,6 +52,24 @@ func TestIndex(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAddHeader(t *testing.T) {
|
||||||
|
Config.addHeaders = []string{"Linx-Test: It works!"}
|
||||||
|
|
||||||
|
mux := setup()
|
||||||
|
w := httptest.NewRecorder()
|
||||||
|
|
||||||
|
req, err := http.NewRequest("GET", "/", nil)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
mux.ServeHTTP(w, req)
|
||||||
|
|
||||||
|
if w.Header().Get("Linx-Test") != "It works!" {
|
||||||
|
t.Fatal("Header 'Linx-Test: It works!' not found in index response")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestAuthKeys(t *testing.T) {
|
func TestAuthKeys(t *testing.T) {
|
||||||
Config.authFile = "/dev/null"
|
Config.authFile = "/dev/null"
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user