-
Notifications
You must be signed in to change notification settings - Fork 567
/
http.go
98 lines (92 loc) · 2.82 KB
/
http.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package archiveserver
import (
"context"
"fmt"
"net/http"
"net/url"
"github.com/pachyderm/pachyderm/v2/src/client"
"github.com/pachyderm/pachyderm/v2/src/internal/errors"
"github.com/pachyderm/pachyderm/v2/src/internal/log"
"go.uber.org/zap"
)
// HTTP is an http.Server that serves the archiveserver endpoints.
type HTTP struct {
mux http.Handler // For testing.
server *http.Server // For ListenAndServe.
}
// NewHTTP creates a new Archive Server and an HTTP server to serve it on.
func NewHTTP(port uint16, pachClientFactory func(ctx context.Context) *client.APIClient) *HTTP {
mux := http.NewServeMux()
handler := &Server{
pachClientFactory: pachClientFactory,
}
mux.Handle("/download/", CSRFWrapper(handler))
mux.Handle("/healthz", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
w.Write([]byte("healthy\n")) //nolint:errcheck
}))
return &HTTP{
mux: mux,
server: &http.Server{
Addr: fmt.Sprintf(":%d", port),
Handler: mux,
},
}
}
// CSRFWrapper is an http.Handler that provides CSRF protection to the underlying handler.
func CSRFWrapper(h http.Handler) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
origin := r.Header.Get("origin")
if origin != "" {
u, err := url.Parse(origin)
if err != nil {
origin = "error(origin): " + err.Error()
} else if u.Host == "" {
origin = "error(origin): no host"
} else {
origin = u.Host
}
} else {
// No Origin header, try Referer.
if r := r.Header.Get("referer"); r != "" {
u, err := url.Parse(r)
if err != nil {
origin = "error(referer): " + err.Error() // We must deny in this case.
} else if u.Host == "" {
origin = "error(referer): no host"
} else {
origin = u.Host
}
}
// Neither header exists.
}
if origin == "" {
log.Debug(r.Context(), "csrf: no origin or referer header; assuming cli; allow")
h.ServeHTTP(w, r)
return
}
if origin != r.Host {
log.Info(r.Context(), "csrf: origin/host mismatch; deny", zap.String("resolved_origin", origin), zap.Strings("origin", r.Header.Values("origin")), zap.Strings("referer", r.Header.Values("referer")), zap.String("host", r.Host))
http.Error(w, "csrf: origin/host mismatch", http.StatusForbidden)
return
}
// Origin and Host match; allow.
h.ServeHTTP(w, r)
}
}
// ListenAndServe begins serving the server, and returns when the context is canceled or the server
// dies on its own.
func (h *HTTP) ListenAndServe(ctx context.Context) error {
log.AddLoggerToHTTPServer(ctx, "download", h.server)
errCh := make(chan error, 1)
go func() {
errCh <- h.server.ListenAndServe()
}()
select {
case <-ctx.Done():
log.Info(ctx, "terminating download server", zap.Error(ctx.Err()))
return errors.EnsureStack(h.server.Shutdown(ctx))
case err := <-errCh:
return err
}
}