mirror/navidrome
1
0
Fork 0
mirror of https://github.com/navidrome/navidrome.git synced 2025-12-23 15:08:04 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: rename HTTPSecurityHeaders.CustomFrameOptionsValue to HTTPHeaders.FrameOptions

Browse Source 
Signed-off-by: Deluan <deluan@navidrome.org>
This commit is contained in:
Deluan
2025-12-13 12:38:43 -05:00
parent 603cccde11
commit 7ccf44b8ed
2 changed files with 26 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
conf/configuration.go
View File

@@ -90,7 +90,7 @@ type configOptions struct {
ExtAuth extAuthOptions ExtAuth extAuthOptions
Plugins pluginsOptions Plugins pluginsOptions
PluginConfig map[string]map[string]string PluginConfig map[string]map[string]string
HTTPSecurityHeaders secureOptions `json:",omitzero"` HTTPHeaders httpHeaderOptions `json:",omitzero"`
Prometheus prometheusOptions `json:",omitzero"` Prometheus prometheusOptions `json:",omitzero"`
Scanner scannerOptions `json:",omitzero"` Scanner scannerOptions `json:",omitzero"`
Jukebox jukeboxOptions `json:",omitzero"` Jukebox jukeboxOptions `json:",omitzero"`
@@ -188,8 +188,8 @@ type listenBrainzOptions struct {
BaseURL string BaseURL string
} }
type secureOptions struct { type httpHeaderOptions struct {
CustomFrameOptionsValue string FrameOptions string
} }
type prometheusOptions struct { type prometheusOptions struct {
@@ -257,6 +257,7 @@ func Load(noConfigDump bool) {
// Map deprecated options to their new names for backwards compatibility // Map deprecated options to their new names for backwards compatibility
mapDeprecatedOption("ReverseProxyWhitelist", "ExtAuth.TrustedSources") mapDeprecatedOption("ReverseProxyWhitelist", "ExtAuth.TrustedSources")
mapDeprecatedOption("ReverseProxyUserHeader", "ExtAuth.UserHeader") mapDeprecatedOption("ReverseProxyUserHeader", "ExtAuth.UserHeader")
mapDeprecatedOption("HTTPSecurityHeaders.CustomFrameOptionsValue", "HTTPHeaders.FrameOptions")
err := viper.Unmarshal(&Server) err := viper.Unmarshal(&Server)
if err != nil { if err != nil {
@@ -367,10 +368,12 @@ func Load(noConfigDump bool) {
log.Warn(fmt.Sprintf("Extractor '%s' is not implemented, using 'taglib'", Server.Scanner.Extractor)) log.Warn(fmt.Sprintf("Extractor '%s' is not implemented, using 'taglib'", Server.Scanner.Extractor))
Server.Scanner.Extractor = consts.DefaultScannerExtractor Server.Scanner.Extractor = consts.DefaultScannerExtractor
} }
logDeprecatedOptions("Scanner.GenreSeparators") logDeprecatedOptions("Scanner.GenreSeparators", "")
logDeprecatedOptions("Scanner.GroupAlbumReleases") logDeprecatedOptions("Scanner.GroupAlbumReleases", "")
logDeprecatedOptions("DevEnableBufferedScrobble") // Deprecated: Buffered scrobbling is now always enabled and this option is ignored logDeprecatedOptions("DevEnableBufferedScrobble", "") // Deprecated: Buffered scrobbling is now always enabled and this option is ignored
logDeprecatedOptions("ReverseProxyWhitelist", "ReverseProxyUserHeader") logDeprecatedOptions("ReverseProxyWhitelist", "ExtAuth.TrustedSources")
logDeprecatedOptions("ReverseProxyUserHeader", "ExtAuth.UserHeader")
logDeprecatedOptions("HTTPSecurityHeaders.CustomFrameOptionsValue", "HTTPHeaders.FrameOptions")
// Call init hooks // Call init hooks
for _, hook := range hooks { for _, hook := range hooks {
@@ -378,16 +381,22 @@ func Load(noConfigDump bool) {
} }
} }
func logDeprecatedOptions(options ...string) { func logDeprecatedOptions(oldName, newName string) {
for _, option := range options { envVar := "ND_" + strings.ToUpper(strings.ReplaceAll(oldName, ".", "_"))
envVar := "ND_" + strings.ToUpper(strings.ReplaceAll(option, ".", "_")) newEnvVar := "ND_" + strings.ToUpper(strings.ReplaceAll(newName, ".", "_"))
if os.Getenv(envVar) != "" { logWarning := func(oldName, newName string) {
log.Warn(fmt.Sprintf("Option '%s' is deprecated and will be ignored in a future release", envVar)) if newName != "" {
} log.Warn(fmt.Sprintf("Option '%s' is deprecated and will be ignored in a future release. Please use the new '%s'", oldName, newName))
if viper.InConfig(option) { } else {
log.Warn(fmt.Sprintf("Option '%s' is deprecated and will be ignored in a future release", option)) log.Warn(fmt.Sprintf("Option '%s' is deprecated and will be ignored in a future release", oldName))
} }
} }
if os.Getenv(envVar) != "" {
logWarning(envVar, newEnvVar)
}
if viper.InConfig(oldName) {
logWarning(oldName, newName)
}
} }
// mapDeprecatedOption is used to provide backwards compatibility for deprecated options. It should be called after // mapDeprecatedOption is used to provide backwards compatibility for deprecated options. It should be called after
@@ -612,7 +621,7 @@ func setViperDefaults() {
viper.SetDefault("listenbrainz.enabled", true) viper.SetDefault("listenbrainz.enabled", true)
viper.SetDefault("listenbrainz.baseurl", "https://api.listenbrainz.org/1/") viper.SetDefault("listenbrainz.baseurl", "https://api.listenbrainz.org/1/")
viper.SetDefault("enablescrobblehistory", true) viper.SetDefault("enablescrobblehistory", true)
viper.SetDefault("httpsecurityheaders.customframeoptionsvalue", "DENY") viper.SetDefault("httpheaders.frameoptions", "DENY")
viper.SetDefault("backup.path", "") viper.SetDefault("backup.path", "")
viper.SetDefault("backup.schedule", "") viper.SetDefault("backup.schedule", "")
viper.SetDefault("backup.count", 0) viper.SetDefault("backup.count", 0)

2
server/middlewares.go
View File

@@ -107,7 +107,7 @@ func secureMiddleware() func(http.Handler) http.Handler {
FrameDeny: true, FrameDeny: true,
ReferrerPolicy: "same-origin", ReferrerPolicy: "same-origin",
PermissionsPolicy: "autoplay=(), camera=(), microphone=(), usb=()", PermissionsPolicy: "autoplay=(), camera=(), microphone=(), usb=()",
CustomFrameOptionsValue: conf.Server.HTTPSecurityHeaders.CustomFrameOptionsValue, CustomFrameOptionsValue: conf.Server.HTTPHeaders.FrameOptions,
//ContentSecurityPolicy: "script-src 'self' 'unsafe-inline'", //ContentSecurityPolicy: "script-src 'self' 'unsafe-inline'",
}) })
return sec.Handler return sec.Handler