mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-24 22:08:58 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
3e03fca45f7bb3d13f242ca20557d31493cbda76
opencloud/pkg/middleware/header/header.go
Thomas Boerger b6d43661a8 Embed phoenix and serve it 
So far Phoenix have been embedded into the binary and we can customize
the required config based on flags, env variables and optionally via
config file. For now I'm embedding the whole Phonix content, optherwise
the all-in-one binary `ocis` will get pretty complicated until we add
the generate commands to that repo as well and provide a mechanism to
inject the embedding.
2019-09-06 13:40:18 +02:00

61 lines
1.8 KiB
Go
Raw Blame History

package header
import (
"net/http"
"time"
"github.com/owncloud/ocis-phoenix/pkg/version"
)
// Cache writes required cache headers to all requests.
func Cache(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate, value")
w.Header().Set("Expires", "Thu, 01 Jan 1970 00:00:00 GMT")
w.Header().Set("Last-Modified", time.Now().UTC().Format(http.TimeFormat))
next.ServeHTTP(w, r)
})
}
// Options writes required option headers to all requests.
func Options(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Method != "OPTIONS" {
next.ServeHTTP(w, r)
} else {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "authorization, origin, content-type, accept")
w.Header().Set("Allow", "HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS")
w.WriteHeader(http.StatusOK)
}
})
}
// Secure writes required access headers to all requests.
func Secure(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("X-Frame-Options", "DENY")
w.Header().Set("X-Content-Type-Options", "nosniff")
w.Header().Set("X-XSS-Protection", "1; mode=block")
if r.TLS != nil {
w.Header().Set("Strict-Transport-Security", "max-age=31536000")
}
next.ServeHTTP(w, r)
})
}
// Version writes the current version to the headers.
func Version(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-PHOENIX-VERSION", version.String)
next.ServeHTTP(w, r)
})
}
Reference in New Issue View Git Blame Copy Permalink