|
|
@ -18,12 +18,12 @@ type UnsignedCallback func(w http.ResponseWriter, r *http.Request, next http.Han
|
|
|
|
// ContentSecurityHandler returns a middleware to verify content security.
|
|
|
|
// ContentSecurityHandler returns a middleware to verify content security.
|
|
|
|
func ContentSecurityHandler(decrypters map[string]codec.RsaDecrypter, tolerance time.Duration,
|
|
|
|
func ContentSecurityHandler(decrypters map[string]codec.RsaDecrypter, tolerance time.Duration,
|
|
|
|
strict bool, callbacks ...UnsignedCallback) func(http.Handler) http.Handler {
|
|
|
|
strict bool, callbacks ...UnsignedCallback) func(http.Handler) http.Handler {
|
|
|
|
return LimitContentSecurityHandler(maxBytes, decrypters, tolerance, strict, callbacks)
|
|
|
|
return LimitContentSecurityHandler(maxBytes, decrypters, tolerance, strict, callbacks...)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// LimitContentSecurityHandler returns a middleware to verify content security.
|
|
|
|
// LimitContentSecurityHandler returns a middleware to verify content security.
|
|
|
|
func LimitContentSecurityHandler(maxBytesSize int64, decrypters map[string]codec.RsaDecrypter, tolerance time.Duration,
|
|
|
|
func LimitContentSecurityHandler(limitBytes int64, decrypters map[string]codec.RsaDecrypter,
|
|
|
|
strict bool, callbacks []UnsignedCallback) func(http.Handler) http.Handler {
|
|
|
|
tolerance time.Duration, strict bool, callbacks ...UnsignedCallback) func(http.Handler) http.Handler {
|
|
|
|
if len(callbacks) == 0 {
|
|
|
|
if len(callbacks) == 0 {
|
|
|
|
callbacks = append(callbacks, handleVerificationFailure)
|
|
|
|
callbacks = append(callbacks, handleVerificationFailure)
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -42,7 +42,7 @@ func LimitContentSecurityHandler(maxBytesSize int64, decrypters map[string]codec
|
|
|
|
r.Header.Get(contentSecurity))
|
|
|
|
r.Header.Get(contentSecurity))
|
|
|
|
executeCallbacks(w, r, next, strict, code, callbacks)
|
|
|
|
executeCallbacks(w, r, next, strict, code, callbacks)
|
|
|
|
} else if r.ContentLength > 0 && header.Encrypted() {
|
|
|
|
} else if r.ContentLength > 0 && header.Encrypted() {
|
|
|
|
LimitCryptionHandler(maxBytesSize, header.Key)(next).ServeHTTP(w, r)
|
|
|
|
LimitCryptionHandler(limitBytes, header.Key)(next).ServeHTTP(w, r)
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
}
|
|
|
|
}
|
|
|
|