This repository has been archived by the owner on Sep 15, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 20
/
pac.go
122 lines (100 loc) · 2.93 KB
/
pac.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
package winch
import (
"bytes"
"io/ioutil"
"net/http"
"text/template"
"time"
"github.com/pkg/errors"
http_ctxtags "github.com/improbable-eng/go-httpwares/tags"
"github.com/improbable-eng/kedge/pkg/sharedflags"
)
var (
// TODO(bplotka): Consider another default, autodeducted from routing mapper (complex)
flagShExpressions = sharedflags.Set.StringSlice("pac_redirect_sh_expressions", []string{},
"Comma delimited array of shExpMatch expressions for host in the PAC. They will influence on what host"+
" browser will redirect to winch. If empty it will redirect everything via winch.")
flagPACFile = sharedflags.Set.String("pac_file", "",
"Path to PAC file that should be read. This flag has priority over 'pac_redirect_sh_expressions'")
)
func NewPacFromFlags(winchHostPort string) (pac *Pac, err error) {
pac = &Pac{modTime: time.Now()}
if *flagPACFile != "" {
if len(*flagShExpressions) > 0 {
return nil, errors.New("flag 'pac_redirect_sh_expressions' cannot be specified with 'pac_file'")
}
b, err := ioutil.ReadFile(*flagPACFile)
if err != nil {
return nil, errors.Wrapf(err, "failed to read PAC bytes from %s file", *flagPACFile)
}
pac.PAC = b
return pac, nil
}
b, err := generatePAC(winchHostPort, *flagShExpressions)
if err != nil {
return nil, err
}
pac.PAC = b
return pac, nil
}
// Pac is a handler that serves auto generated PAC file based on mapping routes.
type Pac struct {
PAC []byte
modTime time.Time
}
func (p *Pac) ServeHTTP(resp http.ResponseWriter, req *http.Request) {
// TODO(bplotka): Pass only local connections.
tags := http_ctxtags.ExtractInbound(req)
tags.Set(http_ctxtags.TagForCallService, "PAC")
resp.Header().Set("Content-Type", "application/x-ns-proxy-autoconfig")
http.ServeContent(resp, req, "wpad.dat", p.modTime, bytes.NewReader(p.PAC)) // or proxy.pac
return
}
var (
pacTemplate = `function FindProxyForURL(url, host) {
var proxy = "PROXY {{.WinchHostPort}}; DIRECT";
var direct = "DIRECT";
// no proxy for local hosts without domain:
if(isPlainHostName(host)) return direct;
// We only proxy http, not even https.
if (
url.substring(0, 4) == "ftp:" ||
url.substring(0, 6) == "rsync:" ||
url.substring(0, 6) == "https:"
)
return direct;
// Commented for debug purposes.
// Use direct connection whenever we have direct network connectivity.
//if (isResolvable(host)) {
// return direct
//}
{{- if .Routes }}
{{- range .Routes}}
if (shExpMatch(host, "{{ . }}")) {
return proxy;
}
{{- end}}
return direct;
{{- else }}
return proxy;
{{- end }}
}`
)
func generatePAC(winchHostPort string, rules []string) ([]byte, error) {
tmpl, err := template.New("PAC").Parse(pacTemplate)
if err != nil {
return nil, err
}
buf := &bytes.Buffer{}
err = tmpl.Execute(buf, struct {
WinchHostPort string
Routes []string
}{
WinchHostPort: winchHostPort,
Routes: rules,
})
if err != nil {
return nil, err
}
return buf.Bytes(), nil
}