-
Notifications
You must be signed in to change notification settings - Fork 3
/
core.clj
154 lines (143 loc) · 6.12 KB
/
core.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
(ns ring-middleware-csp.core
(:require
[clojure.string :as str])
(:import
(java.security
SecureRandom)
(java.util
Base64)))
(defn- make-nonce-generator []
(let [sr (if (.startsWith (System/getProperty "os.name") "Windows")
(SecureRandom.)
(SecureRandom/getInstance "NativePRNGNonBlocking"))
be (Base64/getEncoder)]
(fn []
(let [ba (byte-array 32)]
(.nextBytes sr ba)
(.encodeToString be ba)))))
(defn- value->str [value nonce]
(->> (if (coll? value) value [value])
(map #(cond
(and nonce (= :nonce %)) (str "'nonce-" nonce "'")
(keyword? %) (str "'" (name %) "'")
:else %))
(str/join " ")))
(defn- ->directive
[nonce [d v]]
(case v
true (name d)
(false nil) nil
(str (name d) " " (value->str v nonce))))
(defn compose
"Make string value for CSP header from policy map"
([policy]
(compose policy nil))
([policy nonce]
(->> (for [entry policy
:let [directive-str (->directive nonce entry)]
:when (seq directive-str)]
directive-str)
(str/join ";"))))
(defn parse
"Make policy map from CSP header string value"
[policy-str]
(->> (str/split policy-str #";")
(map (fn [v]
(let [[name & values] (str/split (str/trim v) #" +")
values (map #(cond
(str/starts-with? % "'nonce-")
:nonce
(str/starts-with? % "'")
(keyword (subs % 1 (dec (count %))))
:else
%)
values)]
[(keyword name) (if (seq values)
values
true)])))
(into {})))
(def ^:private make-template
(memoize (fn [policy]
(let [nonce-placeholder ";%NONCE%;"
tmpl (-> (compose policy nonce-placeholder)
(str/split (re-pattern nonce-placeholder)))]
(fn [nonce]
(str/join nonce tmpl))))))
(defn- no-nonce-middleware
[handler {:keys [policy report-only? policy-generator report-handler report-uri]}]
(let [header-name (if report-only?
"Content-Security-Policy-Report-Only"
"Content-Security-Policy")
default-policy (compose policy)
compose* (when policy-generator (memoize compose))]
(fn no-nonce-middleware-handler
([{:keys [uri] :as req}]
(if (and report-uri (= uri report-uri))
(report-handler req)
(let [res (handler req)
header-value (or (when policy-generator
(some-> (policy-generator req)
(compose*)))
default-policy)]
(assoc-in res [:headers header-name] header-value))))
([{:keys [uri] :as req} respond raise]
(if (and report-uri (= uri report-uri))
(respond (report-handler req))
(handler req
(let [header-value (or (when policy-generator
(some-> (policy-generator req)
(compose*)))
default-policy)]
#(respond (assoc-in % [:headers header-name] header-value)))
raise))))))
(defn- nonce-middleware
[handler {:keys [policy report-only? policy-generator report-handler
report-uri nonce-generator]}]
(let [header-name (if report-only?
"Content-Security-Policy-Report-Only"
"Content-Security-Policy")
nonce-generator (or nonce-generator (make-nonce-generator))
policy-tmpl (make-template policy)]
(fn nonce-middleware-handler
([{:keys [uri] :as req}]
(if (and report-uri (= uri report-uri))
(report-handler req)
(let [nonce (nonce-generator)
res (handler (assoc req :csp-nonce nonce))
header-value (let [tmpl (or (when policy-generator
(some-> (policy-generator req)
(make-template)))
policy-tmpl)]
(tmpl nonce))]
(assoc-in res [:headers header-name] header-value))))
([{:keys [uri] :as req} respond raise]
(if (and report-uri (= uri report-uri))
(respond (report-handler req))
(let [nonce (nonce-generator)
tmpl (or (when policy-generator
(some-> (policy-generator req)
(make-template)))
policy-tmpl)]
(handler (assoc req :csp-nonce nonce)
(fn [res]
(respond (assoc-in res [:headers header-name] (tmpl nonce))))
raise)))))))
(defn wrap-csp
"Middleware that adds Content-Security-Policy header.
Accepts the following options:
:policy - CSP in {directive-name directive-values} format. See README for details.
:report-only? - true if Use Content-Security-Policy-Report-Only Header.
:policy-generator - function that dynamically generate policy map from request.
:report-handler - function that process request and return response.
:report-uri - specify the path to use report-handler.
:use-nonce? - boolean. if true, generate nonce and replace policy value :nonce to `nonce-xxxxxxxx`.
default: false
:nonce-generator - custom function that generate nonce string.
default implementation by SecureRandom class."
[handler {:keys [report-handler report-uri use-nonce?]
:as opts}]
(assert (= (nil? report-uri) (nil? report-handler))
"if use report-handler or report-uri, must set both report-handler and report-uri")
(if use-nonce?
(nonce-middleware handler opts)
(no-nonce-middleware handler opts)))