traefik/responsemodifiers/headers.go

56 lines
1.7 KiB
Go
Raw Normal View History

2018-11-14 10:18:03 +01:00
package responsemodifiers
2017-06-12 18:48:21 -06:00
import (
2018-11-14 10:18:03 +01:00
"net/http"
"github.com/containous/traefik/config"
2017-06-12 18:48:21 -06:00
"github.com/unrolled/secure"
)
2018-11-14 10:18:03 +01:00
func buildHeaders(headers *config.Headers) func(*http.Response) error {
2017-06-12 18:48:21 -06:00
opt := secure.Options{
2018-11-14 10:18:03 +01:00
BrowserXssFilter: headers.BrowserXSSFilter,
ContentTypeNosniff: headers.ContentTypeNosniff,
ForceSTSHeader: headers.ForceSTSHeader,
FrameDeny: headers.FrameDeny,
IsDevelopment: headers.IsDevelopment,
2017-06-12 18:48:21 -06:00
SSLRedirect: headers.SSLRedirect,
2018-11-14 10:18:03 +01:00
SSLForceHost: headers.SSLForceHost,
2017-06-12 18:48:21 -06:00
SSLTemporaryRedirect: headers.SSLTemporaryRedirect,
STSIncludeSubdomains: headers.STSIncludeSubdomains,
STSPreload: headers.STSPreload,
ContentSecurityPolicy: headers.ContentSecurityPolicy,
2018-11-14 10:18:03 +01:00
CustomBrowserXssValue: headers.CustomBrowserXSSValue,
CustomFrameOptionsValue: headers.CustomFrameOptionsValue,
2017-06-12 18:48:21 -06:00
PublicKey: headers.PublicKey,
ReferrerPolicy: headers.ReferrerPolicy,
2018-11-14 10:18:03 +01:00
SSLHost: headers.SSLHost,
AllowedHosts: headers.AllowedHosts,
HostsProxyHeaders: headers.HostsProxyHeaders,
SSLProxyHeaders: headers.SSLProxyHeaders,
STSSeconds: headers.STSSeconds,
}
return func(resp *http.Response) error {
if headers.HasCustomHeadersDefined() {
// Loop through Custom response headers
for header, value := range headers.CustomResponseHeaders {
if value == "" {
resp.Header.Del(header)
} else {
resp.Header.Set(header, value)
}
}
}
if headers.HasSecureHeadersDefined() {
err := secure.New(opt).ModifyResponseHeaders(resp)
if err != nil {
return err
}
}
return nil
2017-06-12 18:48:21 -06:00
}
}