traefik/pkg/responsemodifiers/headers.go

54 lines
1.7 KiB
Go
Raw Normal View History

2018-11-14 10:18:03 +01:00
package responsemodifiers
2017-06-12 18:48:21 -06:00
import (
2018-11-14 10:18:03 +01:00
"net/http"
2019-08-03 03:58:23 +02:00
"github.com/containous/traefik/v2/pkg/config/dynamic"
"github.com/containous/traefik/v2/pkg/middlewares/headers"
2017-06-12 18:48:21 -06:00
"github.com/unrolled/secure"
)
func buildHeaders(hdrs *dynamic.Headers) func(*http.Response) error {
2017-06-12 18:48:21 -06:00
opt := secure.Options{
2019-04-02 03:40:04 -05:00
BrowserXssFilter: hdrs.BrowserXSSFilter,
ContentTypeNosniff: hdrs.ContentTypeNosniff,
ForceSTSHeader: hdrs.ForceSTSHeader,
FrameDeny: hdrs.FrameDeny,
IsDevelopment: hdrs.IsDevelopment,
SSLRedirect: hdrs.SSLRedirect,
SSLForceHost: hdrs.SSLForceHost,
SSLTemporaryRedirect: hdrs.SSLTemporaryRedirect,
STSIncludeSubdomains: hdrs.STSIncludeSubdomains,
STSPreload: hdrs.STSPreload,
ContentSecurityPolicy: hdrs.ContentSecurityPolicy,
CustomBrowserXssValue: hdrs.CustomBrowserXSSValue,
CustomFrameOptionsValue: hdrs.CustomFrameOptionsValue,
PublicKey: hdrs.PublicKey,
ReferrerPolicy: hdrs.ReferrerPolicy,
SSLHost: hdrs.SSLHost,
AllowedHosts: hdrs.AllowedHosts,
HostsProxyHeaders: hdrs.HostsProxyHeaders,
SSLProxyHeaders: hdrs.SSLProxyHeaders,
STSSeconds: hdrs.STSSeconds,
2019-07-29 08:12:05 -06:00
FeaturePolicy: hdrs.FeaturePolicy,
2018-11-14 10:18:03 +01:00
}
return func(resp *http.Response) error {
2019-04-02 03:40:04 -05:00
if hdrs.HasCustomHeadersDefined() || hdrs.HasCorsHeadersDefined() {
2019-07-12 03:46:04 -06:00
err := headers.NewHeader(nil, *hdrs).PostRequestModifyResponseHeaders(resp)
2019-04-02 03:40:04 -05:00
if err != nil {
return err
2018-11-14 10:18:03 +01:00
}
}
2019-04-02 03:40:04 -05:00
if hdrs.HasSecureHeadersDefined() {
2018-11-14 10:18:03 +01:00
err := secure.New(opt).ModifyResponseHeaders(resp)
if err != nil {
return err
}
}
return nil
2017-06-12 18:48:21 -06:00
}
}