traefik/pkg/middlewares/headers/headers.go

96 lines
2.5 KiB
Go
Raw Normal View History

2018-11-14 10:18:03 +01:00
// Package headers Middleware based on https://github.com/unrolled/secure.
package headers
import (
"context"
"errors"
"net/http"
"github.com/opentracing/opentracing-go/ext"
2022-11-21 18:36:05 +01:00
"github.com/rs/zerolog/log"
"github.com/traefik/traefik/v2/pkg/config/dynamic"
"github.com/traefik/traefik/v2/pkg/middlewares"
"github.com/traefik/traefik/v2/pkg/middlewares/connectionheader"
"github.com/traefik/traefik/v2/pkg/tracing"
2018-11-14 10:18:03 +01:00
)
const (
2019-07-12 03:46:04 -06:00
typeName = "Headers"
2018-11-14 10:18:03 +01:00
)
func handleDeprecation(ctx context.Context, cfg *dynamic.Headers) {
2022-11-21 18:36:05 +01:00
logger := log.Ctx(ctx).Warn()
if cfg.SSLRedirect {
2022-11-21 18:36:05 +01:00
logger.Msg("SSLRedirect is deprecated, please use entrypoint redirection instead.")
}
if cfg.SSLTemporaryRedirect {
2022-11-21 18:36:05 +01:00
logger.Msg("SSLTemporaryRedirect is deprecated, please use entrypoint redirection instead.")
}
if cfg.SSLHost != "" {
2022-11-21 18:36:05 +01:00
logger.Msg("SSLHost is deprecated, please use RedirectRegex middleware instead.")
}
if cfg.SSLForceHost {
2022-11-21 18:36:05 +01:00
logger.Msg("SSLForceHost is deprecated, please use RedirectScheme middleware instead.")
}
if cfg.FeaturePolicy != "" {
2022-11-21 18:36:05 +01:00
logger.Msg("FeaturePolicy is deprecated, please use PermissionsPolicy header instead.")
}
}
2018-11-14 10:18:03 +01:00
type headers struct {
name string
handler http.Handler
}
// New creates a Headers middleware.
func New(ctx context.Context, next http.Handler, cfg dynamic.Headers, name string) (http.Handler, error) {
2018-11-14 10:18:03 +01:00
// HeaderMiddleware -> SecureMiddleWare -> next
2022-11-21 18:36:05 +01:00
logger := middlewares.GetLogger(ctx, name, typeName)
logger.Debug().Msg("Creating middleware")
mCtx := logger.WithContext(ctx)
2019-09-13 19:28:04 +02:00
handleDeprecation(mCtx, &cfg)
hasSecureHeaders := cfg.HasSecureHeadersDefined()
hasCustomHeaders := cfg.HasCustomHeadersDefined()
hasCorsHeaders := cfg.HasCorsHeadersDefined()
2019-04-02 03:40:04 -05:00
if !hasSecureHeaders && !hasCustomHeaders && !hasCorsHeaders {
2018-11-14 10:18:03 +01:00
return nil, errors.New("headers configuration not valid")
}
var handler http.Handler
nextHandler := next
2019-04-02 03:40:04 -05:00
if hasSecureHeaders {
2022-11-21 18:36:05 +01:00
logger.Debug().Msgf("Setting up secureHeaders from %v", cfg)
handler = newSecure(next, cfg, name)
2018-11-14 10:18:03 +01:00
nextHandler = handler
}
2019-04-02 03:40:04 -05:00
if hasCustomHeaders || hasCorsHeaders {
2022-11-21 18:36:05 +01:00
logger.Debug().Msgf("Setting up customHeaders/Cors from %v", cfg)
h, err := NewHeader(nextHandler, cfg)
if err != nil {
return nil, err
}
handler = connectionheader.Remover(h)
2018-11-14 10:18:03 +01:00
}
return &headers{
handler: handler,
name: name,
}, nil
}
func (h *headers) GetTracingInformation() (string, ext.SpanKindEnum) {
return h.name, tracing.SpanKindNoneEnum
}
func (h *headers) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
h.handler.ServeHTTP(rw, req)
}