feat: Allow specifying a custom CSP
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
This commit is contained in:
@@ -23,7 +23,7 @@ import (
|
||||
"github.com/urfave/cli/v2"
|
||||
)
|
||||
|
||||
func handleSubdomain(domain string, cname string, path, giteaUrl string, giteaClient *repo.GiteaClient, w http.ResponseWriter) {
|
||||
func handleSubdomain(domain, cname, path, giteaUrl, defaultCsp string, giteaClient *repo.GiteaClient, w http.ResponseWriter) {
|
||||
hostParts := strings.Split(domain, ".")
|
||||
username := hostParts[0]
|
||||
|
||||
@@ -45,16 +45,16 @@ func handleSubdomain(domain string, cname string, path, giteaUrl string, giteaCl
|
||||
return
|
||||
}
|
||||
|
||||
pages.ServeFile(username, repo.Name, path, giteaClient, w)
|
||||
pages.ServeFile(username, repo.Name, path, defaultCsp, giteaClient, w)
|
||||
}
|
||||
|
||||
func Handler(pagesDomain, giteaUrl string, giteaClient *repo.GiteaClient) http.HandlerFunc {
|
||||
func Handler(pagesDomain, giteaUrl, defaultCsp string, giteaClient *repo.GiteaClient) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, req *http.Request) {
|
||||
w.Header().Set("Server", "rio")
|
||||
|
||||
if strings.HasSuffix(req.Host, pagesDomain) {
|
||||
log.Debug("Domain can be directly handled")
|
||||
handleSubdomain(req.Host, "", req.URL.Path, giteaUrl, giteaClient, w)
|
||||
handleSubdomain(req.Host, "", req.URL.Path, giteaUrl, defaultCsp, giteaClient, w)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -68,7 +68,7 @@ func Handler(pagesDomain, giteaUrl string, giteaClient *repo.GiteaClient) http.H
|
||||
|
||||
if strings.HasSuffix(cname, pagesDomain) {
|
||||
log.Debugf("%s is alias of %s and can be handled after a CNAME query", req.Host, cname)
|
||||
handleSubdomain(cname, cname, req.URL.Path, giteaUrl, giteaClient, w)
|
||||
handleSubdomain(cname, cname, req.URL.Path, giteaUrl, defaultCsp, giteaClient, w)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -87,6 +87,7 @@ func runServer(ctx *cli.Context) error {
|
||||
acmeHost := ctx.String("acme-host")
|
||||
acmePort := ctx.String("acme-port")
|
||||
acmeDisable := ctx.Bool("acme-disable")
|
||||
defaultCsp := ctx.String("default-csp")
|
||||
|
||||
// Init Logging
|
||||
if ctx.Bool("debug") {
|
||||
@@ -172,7 +173,7 @@ func runServer(ctx *cli.Context) error {
|
||||
listener = tls.NewListener(listener, tlsConfig)
|
||||
}
|
||||
|
||||
if err := http.Serve(listener, Handler(domain, giteaUrl, &giteaClient)); err != nil {
|
||||
if err := http.Serve(listener, Handler(domain, giteaUrl, defaultCsp, &giteaClient)); err != nil {
|
||||
fmt.Printf("Listening failed")
|
||||
return err
|
||||
}
|
||||
@@ -254,6 +255,12 @@ func main() {
|
||||
Usage: "Whether to enable debug logging",
|
||||
EnvVars: []string{"DEBUG_ENABLE"},
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "default-csp",
|
||||
Usage: "The default CSP to include when sending HTTP responses",
|
||||
Value: "",
|
||||
EnvVars: []string{"DEFAULT_CSP"},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user