Browse Source

Add ability to set arbitrary headers

This is useful if you want to add headers for things like HTTP Strict
Transport Security or HTTP Public Key Pinning.
pull/81/head
mutantmonkey 9 years ago
parent
commit
39bb999db6
  1. 27
      headers.go
  2. 16
      server.go
  3. 18
      server_test.go

27
headers.go

@ -0,0 +1,27 @@
package main
import (
"net/http"
"strings"
)
type addheaders struct {
h http.Handler
headers []string
}
func (a addheaders) ServeHTTP(w http.ResponseWriter, r *http.Request) {
for _, header := range a.headers {
headerSplit := strings.SplitN(header, ": ", 2)
w.Header().Add(headerSplit[0], headerSplit[1])
}
a.h.ServeHTTP(w, r)
}
func AddHeaders(headers []string) func(http.Handler) http.Handler {
fn := func(h http.Handler) http.Handler {
return addheaders{h, headers}
}
return fn
}

16
server.go

@ -10,6 +10,7 @@ import (
"os" "os"
"regexp" "regexp"
"strconv" "strconv"
"strings"
"time" "time"
"github.com/GeertJohan/go.rice" "github.com/GeertJohan/go.rice"
@ -20,6 +21,17 @@ import (
"github.com/zenazn/goji/web/middleware" "github.com/zenazn/goji/web/middleware"
) )
type headerList []string
func (h *headerList) String() string {
return strings.Join(*h, ",")
}
func (h *headerList) Set(value string) error {
*h = append(*h, value)
return nil
}
var Config struct { var Config struct {
bind string bind string
filesDir string filesDir string
@ -40,6 +52,7 @@ var Config struct {
remoteUploads bool remoteUploads bool
authFile string authFile string
remoteAuthFile string remoteAuthFile string
addHeaders headerList
} }
var Templates = make(map[string]*pongo2.Template) var Templates = make(map[string]*pongo2.Template)
@ -69,6 +82,7 @@ func setup() *web.Mux {
policy: Config.contentSecurityPolicy, policy: Config.contentSecurityPolicy,
frame: Config.xFrameOptions, frame: Config.xFrameOptions,
})) }))
mux.Use(AddHeaders(Config.addHeaders))
if Config.authFile != "" { if Config.authFile != "" {
mux.Use(UploadAuth(AuthOptions{ mux.Use(UploadAuth(AuthOptions{
@ -205,6 +219,8 @@ func main() {
"value of Content-Security-Policy header for file access") "value of Content-Security-Policy header for file access")
flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN", flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN",
"value of X-Frame-Options header") "value of X-Frame-Options header")
flag.Var(&Config.addHeaders, "addheader",
"Add an arbitrary header to the response. This option can be used multiple times.")
iniflags.Parse() iniflags.Parse()

18
server_test.go

@ -52,6 +52,24 @@ func TestIndex(t *testing.T) {
} }
} }
func TestAddHeader(t *testing.T) {
Config.addHeaders = []string{"Linx-Test: It works!"}
mux := setup()
w := httptest.NewRecorder()
req, err := http.NewRequest("GET", "/", nil)
if err != nil {
t.Fatal(err)
}
mux.ServeHTTP(w, req)
if w.Header().Get("Linx-Test") != "It works!" {
t.Fatal("Header 'Linx-Test: It works!' not found in index response")
}
}
func TestAuthKeys(t *testing.T) { func TestAuthKeys(t *testing.T) {
Config.authFile = "/dev/null" Config.authFile = "/dev/null"

Loading…
Cancel
Save