traefik/responsemodifiers/headers.go

package responsemodifiers

import (
	"net/http"

	"github.com/containous/traefik/config"
	"github.com/unrolled/secure"
)

func buildHeaders(headers *config.Headers) func(*http.Response) error {
	opt := secure.Options{
		BrowserXssFilter:        headers.BrowserXSSFilter,
		ContentTypeNosniff:      headers.ContentTypeNosniff,
		ForceSTSHeader:          headers.ForceSTSHeader,
		FrameDeny:               headers.FrameDeny,
		IsDevelopment:           headers.IsDevelopment,
		SSLRedirect:             headers.SSLRedirect,
		SSLForceHost:            headers.SSLForceHost,
		SSLTemporaryRedirect:    headers.SSLTemporaryRedirect,
		STSIncludeSubdomains:    headers.STSIncludeSubdomains,
		STSPreload:              headers.STSPreload,
		ContentSecurityPolicy:   headers.ContentSecurityPolicy,
		CustomBrowserXssValue:   headers.CustomBrowserXSSValue,
		CustomFrameOptionsValue: headers.CustomFrameOptionsValue,
		PublicKey:               headers.PublicKey,
		ReferrerPolicy:          headers.ReferrerPolicy,
		SSLHost:                 headers.SSLHost,
		AllowedHosts:            headers.AllowedHosts,
		HostsProxyHeaders:       headers.HostsProxyHeaders,
		SSLProxyHeaders:         headers.SSLProxyHeaders,
		STSSeconds:              headers.STSSeconds,
	}

	return func(resp *http.Response) error {
		if headers.HasCustomHeadersDefined() {
			// Loop through Custom response headers
			for header, value := range headers.CustomResponseHeaders {
				if value == "" {
					resp.Header.Del(header)
				} else {
					resp.Header.Set(header, value)
				}
			}
		}

		if headers.HasSecureHeadersDefined() {
			err := secure.New(opt).ModifyResponseHeaders(resp)
			if err != nil {
				return err
			}
		}

		return nil
	}
}
Dynamic Configuration Refactoring 2018-11-14 09:18:03 +00:00			`package responsemodifiers`
Create Header Middleware 2017-06-13 00:48:21 +00:00
			`import (`
Dynamic Configuration Refactoring 2018-11-14 09:18:03 +00:00			`"net/http"`

			`"github.com/containous/traefik/config"`
Create Header Middleware 2017-06-13 00:48:21 +00:00			`"github.com/unrolled/secure"`
			`)`

Dynamic Configuration Refactoring 2018-11-14 09:18:03 +00:00			`func buildHeaders(headers config.Headers) func(http.Response) error {`
Create Header Middleware 2017-06-13 00:48:21 +00:00			`opt := secure.Options{`
Dynamic Configuration Refactoring 2018-11-14 09:18:03 +00:00			`BrowserXssFilter: headers.BrowserXSSFilter,`
			`ContentTypeNosniff: headers.ContentTypeNosniff,`
			`ForceSTSHeader: headers.ForceSTSHeader,`
			`FrameDeny: headers.FrameDeny,`
			`IsDevelopment: headers.IsDevelopment,`
Create Header Middleware 2017-06-13 00:48:21 +00:00			`SSLRedirect: headers.SSLRedirect,`
Dynamic Configuration Refactoring 2018-11-14 09:18:03 +00:00			`SSLForceHost: headers.SSLForceHost,`
Create Header Middleware 2017-06-13 00:48:21 +00:00			`SSLTemporaryRedirect: headers.SSLTemporaryRedirect,`
			`STSIncludeSubdomains: headers.STSIncludeSubdomains,`
			`STSPreload: headers.STSPreload,`
			`ContentSecurityPolicy: headers.ContentSecurityPolicy,`
Dynamic Configuration Refactoring 2018-11-14 09:18:03 +00:00			`CustomBrowserXssValue: headers.CustomBrowserXSSValue,`
			`CustomFrameOptionsValue: headers.CustomFrameOptionsValue,`
Create Header Middleware 2017-06-13 00:48:21 +00:00			`PublicKey: headers.PublicKey,`
			`ReferrerPolicy: headers.ReferrerPolicy,`
Dynamic Configuration Refactoring 2018-11-14 09:18:03 +00:00			`SSLHost: headers.SSLHost,`
			`AllowedHosts: headers.AllowedHosts,`
			`HostsProxyHeaders: headers.HostsProxyHeaders,`
			`SSLProxyHeaders: headers.SSLProxyHeaders,`
			`STSSeconds: headers.STSSeconds,`
			`}`

			`return func(resp *http.Response) error {`
			`if headers.HasCustomHeadersDefined() {`
			`// Loop through Custom response headers`
			`for header, value := range headers.CustomResponseHeaders {`
			`if value == "" {`
			`resp.Header.Del(header)`
			`} else {`
			`resp.Header.Set(header, value)`
			`}`
			`}`
			`}`

			`if headers.HasSecureHeadersDefined() {`
			`err := secure.New(opt).ModifyResponseHeaders(resp)`
			`if err != nil {`
			`return err`
			`}`
			`}`

			`return nil`
Create Header Middleware 2017-06-13 00:48:21 +00:00			`}`
			`}`