23 changed files with 190 additions and 792 deletions
--- a/.forgejo/workflows/builds.yml
+++ b/.forgejo/workflows/builds.yml
@ -1,8 +1,4 @@
-on:
-  pull_request:
-  push:
-    branches:
-      - master
+on: [pull_request]

 jobs:
  builds:
--- a/.forgejo/workflows/tests.yml
+++ b/.forgejo/workflows/tests.yml
@ -1,8 +1,4 @@
-on:
-  pull_request:
-  push:
-    branches:
-      - master
+on: [pull_request]

 jobs:
  lint:
--- a/.forgejo/workflows/vulncheck.yml
+++ b/.forgejo/workflows/vulncheck.yml
@ -1,8 +1,4 @@
-on:
-  pull_request:
-  push:
-    branches:
-      - master
+on: [pull_request]

 jobs:
  vulncheck:
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,11 +3,7 @@
 This document outlines major changes between releases.

 ## [Unreleased]
-
-### Added
 - Support percent-encoding for GET queries (#134)
- Add `trace_id` to logs (#148)
- Add `cors` config params (#158)

 ### Changed
 - Update go version to 1.22 (#132)
--- a/cmd/http-gw/app.go
+++ b/cmd/http-gw/app.go
@ -6,6 +6,7 @@ import (
 	"crypto/x509"
 	"errors"
 	"fmt"
+	"io"
 	"net/http"
 	"os"
 	"os/signal"
@ -21,7 +22,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler"
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler/middleware"
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
-	internalnet "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/net"
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/service/frostfs"
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/templates"
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/metrics"
@ -42,7 +42,6 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/spf13/viper"
 	"github.com/valyala/fasthttp"
-	"go.opentelemetry.io/otel/trace"
 	"go.uber.org/zap"
 	"golang.org/x/exp/slices"
 )
@ -88,32 +87,16 @@ type (
 	// appSettings stores reloading parameters, so it has to provide getters and setters which use RWMutex.
 	appSettings struct {
 		reconnectInterval time.Duration
-		dialerSource      *internalnet.DialerSource

-		mu                   sync.RWMutex
-		defaultTimestamp     bool
-		zipCompression       bool
-		clientCut            bool
-		returnIndexPage      bool
-		indexPageTemplate    string
-		bufferMaxSizeForPut  uint64
-		namespaceHeader      string
-		defaultNamespaces    []string
-		corsAllowOrigin      string
-		corsAllowMethods     []string
-		corsAllowHeaders     []string
-		corsExposeHeaders    []string
-		corsAllowCredentials bool
-		corsMaxAge           int
-	}
-
-	CORS struct {
-		AllowOrigin      string
-		AllowMethods     []string
-		AllowHeaders     []string
-		ExposeHeaders    []string
-		AllowCredentials bool
-		MaxAge           int
+		mu                  sync.RWMutex
+		defaultTimestamp    bool
+		zipCompression      bool
+		clientCut           bool
+		returnIndexPage     bool
+		indexPageTemplate   string
+		bufferMaxSizeForPut uint64
+		namespaceHeader     string
+		defaultNamespaces   []string
 	}
 )

@ -150,8 +133,6 @@ func newApp(ctx context.Context, opt ...Option) App {
 		opt[i](a)
 	}

-	a.initAppSettings()
-
 	// -- setup FastHTTP server --
 	a.webServer.Name = "frost-http-gw"
 	a.webServer.ReadBufferSize = a.cfg.GetInt(cfgWebReadBufferSize)
@ -165,7 +146,7 @@ func newApp(ctx context.Context, opt ...Option) App {
 	a.webServer.DisablePreParseMultipartForm = true
 	a.webServer.StreamRequestBody = a.cfg.GetBool(cfgWebStreamRequestBody)
 	// -- -- -- -- -- -- -- -- -- -- -- -- -- --
-	a.pool, a.treePool, a.key = getPools(ctx, a.log, a.cfg, a.settings.dialerSource)
+	a.pool, a.treePool, a.key = getPools(ctx, a.log, a.cfg)

 	var owner user.ID
 	user.IDFromKey(&owner, a.key.PrivateKey.PublicKey)
@ -173,63 +154,27 @@ func newApp(ctx context.Context, opt ...Option) App {

 	a.setRuntimeParameters()

+	a.initAppSettings()
 	a.initResolver()
 	a.initMetrics()
 	a.initTracing(ctx)
+	a.loadIndexPageTemplate()

 	return a
 }

-func (a *app) initAppSettings() {
-	a.settings = &appSettings{
-		reconnectInterval: fetchReconnectInterval(a.cfg),
-		dialerSource:      getDialerSource(a.log, a.cfg),
-	}
-	a.settings.update(a.cfg, a.log)
-}
-
-func (s *appSettings) update(v *viper.Viper, l *zap.Logger) {
-	defaultTimestamp := v.GetBool(cfgUploaderHeaderEnableDefaultTimestamp)
-	zipCompression := v.GetBool(cfgZipCompression)
-	returnIndexPage := v.GetBool(cfgIndexPageEnabled)
-	clientCut := v.GetBool(cfgClientCut)
-	bufferMaxSizeForPut := v.GetUint64(cfgBufferMaxSizeForPut)
-	namespaceHeader := v.GetString(cfgResolveNamespaceHeader)
-	defaultNamespaces := fetchDefaultNamespaces(v)
-	indexPage, indexEnabled := fetchIndexPageTemplate(v, l)
-	corsAllowOrigin := v.GetString(cfgCORSAllowOrigin)
-	corsAllowMethods := v.GetStringSlice(cfgCORSAllowMethods)
-	corsAllowHeaders := v.GetStringSlice(cfgCORSAllowHeaders)
-	corsExposeHeaders := v.GetStringSlice(cfgCORSExposeHeaders)
-	corsAllowCredentials := v.GetBool(cfgCORSAllowCredentials)
-	corsMaxAge := fetchCORSMaxAge(v)
-
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
-	s.defaultTimestamp = defaultTimestamp
-	s.zipCompression = zipCompression
-	s.returnIndexPage = returnIndexPage
-	s.clientCut = clientCut
-	s.bufferMaxSizeForPut = bufferMaxSizeForPut
-	s.namespaceHeader = namespaceHeader
-	s.defaultNamespaces = defaultNamespaces
-	s.returnIndexPage = indexEnabled
-	s.indexPageTemplate = indexPage
-	s.corsAllowOrigin = corsAllowOrigin
-	s.corsAllowMethods = corsAllowMethods
-	s.corsAllowHeaders = corsAllowHeaders
-	s.corsExposeHeaders = corsExposeHeaders
-	s.corsAllowCredentials = corsAllowCredentials
-	s.corsMaxAge = corsMaxAge
-}
-
 func (s *appSettings) DefaultTimestamp() bool {
 	s.mu.RLock()
 	defer s.mu.RUnlock()
 	return s.defaultTimestamp
 }

+func (s *appSettings) setDefaultTimestamp(val bool) {
+	s.mu.Lock()
+	s.defaultTimestamp = val
+	s.mu.Unlock()
+}
+
 func (s *appSettings) ZipCompression() bool {
 	s.mu.RLock()
 	defer s.mu.RUnlock()
@ -251,27 +196,42 @@ func (s *appSettings) IndexPageTemplate() string {
 	return s.indexPageTemplate
 }

-func (s *appSettings) CORS() CORS {
-	s.mu.RLock()
-	defer s.mu.RUnlock()
+func (s *appSettings) setZipCompression(val bool) {
+	s.mu.Lock()
+	s.zipCompression = val
+	s.mu.Unlock()
+}

-	allowMethods := make([]string, len(s.corsAllowMethods))
-	copy(allowMethods, s.corsAllowMethods)
+func (s *appSettings) setReturnIndexPage(val bool) {
+	s.mu.Lock()
+	s.returnIndexPage = val
+	s.mu.Unlock()
+}

-	allowHeaders := make([]string, len(s.corsAllowHeaders))
-	copy(allowHeaders, s.corsAllowHeaders)
+func (s *appSettings) setIndexTemplate(val string) {
+	s.mu.Lock()
+	s.indexPageTemplate = val
+	s.mu.Unlock()
+}

-	exposeHeaders := make([]string, len(s.corsExposeHeaders))
-	copy(exposeHeaders, s.corsExposeHeaders)
-
-	return CORS{
-		AllowOrigin:      s.corsAllowOrigin,
-		AllowMethods:     allowMethods,
-		AllowHeaders:     allowHeaders,
-		ExposeHeaders:    exposeHeaders,
-		AllowCredentials: s.corsAllowCredentials,
-		MaxAge:           s.corsMaxAge,
+func (a *app) loadIndexPageTemplate() {
+	if !a.settings.IndexPageEnabled() {
+		return
 	}
+	reader, err := os.Open(a.cfg.GetString(cfgIndexPageTemplatePath))
+	if err != nil {
+		a.settings.setIndexTemplate("")
+		a.log.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
+		return
+	}
+	tmpl, err := io.ReadAll(reader)
+	if err != nil {
+		a.settings.setIndexTemplate("")
+		a.log.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
+		return
+	}
+	a.settings.setIndexTemplate(string(tmpl))
+	a.log.Info(logs.SetCustomIndexPageTemplate)
 }

 func (s *appSettings) ClientCut() bool {
@ -280,27 +240,29 @@ func (s *appSettings) ClientCut() bool {
 	return s.clientCut
 }

+func (s *appSettings) setClientCut(val bool) {
+	s.mu.Lock()
+	s.clientCut = val
+	s.mu.Unlock()
+}
+
 func (s *appSettings) BufferMaxSizeForPut() uint64 {
 	s.mu.RLock()
 	defer s.mu.RUnlock()
 	return s.bufferMaxSizeForPut
 }

-func (s *appSettings) NamespaceHeader() string {
-	s.mu.RLock()
-	defer s.mu.RUnlock()
-	return s.namespaceHeader
+func (s *appSettings) setBufferMaxSizeForPut(val uint64) {
+	s.mu.Lock()
+	s.bufferMaxSizeForPut = val
+	s.mu.Unlock()
 }

-func (s *appSettings) FormContainerZone(ns string) (zone string, isDefault bool) {
-	s.mu.RLock()
-	namespaces := s.defaultNamespaces
-	s.mu.RUnlock()
-	if slices.Contains(namespaces, ns) {
-		return v2container.SysAttributeZoneDefault, true
+func (a *app) initAppSettings() {
+	a.settings = &appSettings{
+		reconnectInterval: fetchReconnectInterval(a.cfg),
 	}
-
-	return ns + ".ns", false
+	a.updateSettings()
 }

 func (a *app) initResolver() {
@ -563,10 +525,6 @@ func (a *app) configReload(ctx context.Context) {
 		a.logLevel.SetLevel(lvl)
 	}

-	if err := a.settings.dialerSource.Update(fetchMultinetConfig(a.cfg, a.log)); err != nil {
-		a.log.Warn(logs.MultinetConfigWontBeUpdated, zap.Error(err))
-	}
-
 	if err := a.resolver.UpdateResolvers(a.getResolverConfig()); err != nil {
 		a.log.Warn(logs.FailedToUpdateResolvers, zap.Error(err))
 	}
@ -580,15 +538,26 @@ func (a *app) configReload(ctx context.Context) {
 	a.stopServices()
 	a.startServices()

-	a.settings.update(a.cfg, a.log)
+	a.updateSettings()

 	a.metrics.SetEnabled(a.cfg.GetBool(cfgPrometheusEnabled))
 	a.initTracing(ctx)
+	a.loadIndexPageTemplate()
 	a.setHealthStatus()

 	a.log.Info(logs.SIGHUPConfigReloadCompleted)
 }

+func (a *app) updateSettings() {
+	a.settings.setDefaultTimestamp(a.cfg.GetBool(cfgUploaderHeaderEnableDefaultTimestamp))
+	a.settings.setZipCompression(a.cfg.GetBool(cfgZipCompression))
+	a.settings.setReturnIndexPage(a.cfg.GetBool(cfgIndexPageEnabled))
+	a.settings.setClientCut(a.cfg.GetBool(cfgClientCut))
+	a.settings.setBufferMaxSizeForPut(a.cfg.GetUint64(cfgBufferMaxSizeForPut))
+	a.settings.setNamespaceHeader(a.cfg.GetString(cfgResolveNamespaceHeader))
+	a.settings.setDefaultNamespaces(a.cfg.GetStringSlice(cfgResolveDefaultNamespaces))
+}
+
 func (a *app) startServices() {
 	pprofConfig := metrics.Config{Enabled: a.cfg.GetBool(cfgPprofEnabled), Address: a.cfg.GetString(cfgPprofAddress)}
 	pprofService := metrics.NewPprofService(a.log, pprofConfig)
@ -609,6 +578,7 @@ func (a *app) stopServices() {
 		svc.ShutDown(ctx)
 	}
 }
+
 func (a *app) configureRouter(handler *handler.Handler) {
 	r := router.New()
 	r.RedirectTrailingSlash = true
@ -619,116 +589,27 @@ func (a *app) configureRouter(handler *handler.Handler) {
 		response.Error(r, "Method Not Allowed", fasthttp.StatusMethodNotAllowed)
 	}

-	r.POST("/upload/{cid}", a.addMiddlewares(handler.Upload))
-	r.OPTIONS("/upload/{cid}", a.addPreflight())
+	r.POST("/upload/{cid}", a.logger(a.canonicalizer(a.tokenizer(a.tracer(a.reqNamespace(handler.Upload))))))
 	a.log.Info(logs.AddedPathUploadCid)
-	r.GET("/get/{cid}/{oid:*}", a.addMiddlewares(handler.DownloadByAddressOrBucketName))
-	r.HEAD("/get/{cid}/{oid:*}", a.addMiddlewares(handler.HeadByAddressOrBucketName))
-	r.OPTIONS("/get/{cid}/{oid:*}", a.addPreflight())
+	r.GET("/get/{cid}/{oid:*}", a.logger(a.canonicalizer(a.tokenizer(a.tracer(a.reqNamespace(handler.DownloadByAddressOrBucketName))))))
+	r.HEAD("/get/{cid}/{oid:*}", a.logger(a.canonicalizer(a.tokenizer(a.tracer(a.reqNamespace(handler.HeadByAddressOrBucketName))))))
 	a.log.Info(logs.AddedPathGetCidOid)
-	r.GET("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.addMiddlewares(handler.DownloadByAttribute))
-	r.HEAD("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.addMiddlewares(handler.HeadByAttribute))
-	r.OPTIONS("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.addPreflight())
+	r.GET("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.logger(a.canonicalizer(a.tokenizer(a.tracer(a.reqNamespace(handler.DownloadByAttribute))))))
+	r.HEAD("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.logger(a.canonicalizer(a.tokenizer(a.tracer(a.reqNamespace(handler.HeadByAttribute))))))
 	a.log.Info(logs.AddedPathGetByAttributeCidAttrKeyAttrVal)
-	r.GET("/zip/{cid}/{prefix:*}", a.addMiddlewares(handler.DownloadZipped))
-	r.OPTIONS("/zip/{cid}/{prefix:*}", a.addPreflight())
+	r.GET("/zip/{cid}/{prefix:*}", a.logger(a.canonicalizer(a.tokenizer(a.tracer(a.reqNamespace(handler.DownloadZipped))))))
 	a.log.Info(logs.AddedPathZipCidPrefix)

 	a.webServer.Handler = r.Handler
 }

-func (a *app) addMiddlewares(h fasthttp.RequestHandler) fasthttp.RequestHandler {
-	list := []func(fasthttp.RequestHandler) fasthttp.RequestHandler{
-		a.tracer,
-		a.logger,
-		a.canonicalizer,
-		a.tokenizer,
-		a.reqNamespace,
-		a.cors,
-	}
-
-	for i := len(list) - 1; i >= 0; i-- {
-		h = list[i](h)
-	}
-
-	return h
-}
-
-func (a *app) addPreflight() fasthttp.RequestHandler {
-	list := []func(fasthttp.RequestHandler) fasthttp.RequestHandler{
-		a.tracer,
-		a.logger,
-		a.reqNamespace,
-	}
-
-	h := a.preflightHandler
-	for i := len(list) - 1; i >= 0; i-- {
-		h = list[i](h)
-	}
-
-	return h
-}
-
-func (a *app) preflightHandler(c *fasthttp.RequestCtx) {
-	cors := a.settings.CORS()
-	setCORSHeaders(c, cors)
-}
-
-func (a *app) cors(h fasthttp.RequestHandler) fasthttp.RequestHandler {
-	return func(c *fasthttp.RequestCtx) {
-		h(c)
-		code := c.Response.StatusCode()
-		if code >= fasthttp.StatusOK && code < fasthttp.StatusMultipleChoices {
-			cors := a.settings.CORS()
-			setCORSHeaders(c, cors)
-		}
-	}
-}
-
-func setCORSHeaders(c *fasthttp.RequestCtx, cors CORS) {
-	c.Response.Header.Set(fasthttp.HeaderAccessControlMaxAge, strconv.Itoa(cors.MaxAge))
-
-	if len(cors.AllowOrigin) != 0 {
-		c.Response.Header.Set(fasthttp.HeaderAccessControlAllowOrigin, cors.AllowOrigin)
-	}
-
-	if len(cors.AllowMethods) != 0 {
-		c.Response.Header.Set(fasthttp.HeaderAccessControlAllowMethods, strings.Join(cors.AllowMethods, ","))
-	}
-
-	if len(cors.AllowHeaders) != 0 {
-		c.Response.Header.Set(fasthttp.HeaderAccessControlAllowHeaders, strings.Join(cors.AllowHeaders, ","))
-	}
-
-	if len(cors.ExposeHeaders) != 0 {
-		c.Response.Header.Set(fasthttp.HeaderAccessControlExposeHeaders, strings.Join(cors.ExposeHeaders, ","))
-	}
-
-	if cors.AllowCredentials {
-		c.Response.Header.Set(fasthttp.HeaderAccessControlAllowCredentials, "true")
-	}
-}
-
 func (a *app) logger(h fasthttp.RequestHandler) fasthttp.RequestHandler {
 	return func(req *fasthttp.RequestCtx) {
-		requiredFields := []zap.Field{zap.Uint64("id", req.ID())}
-		reqCtx := utils.GetContextFromRequest(req)
-		if traceID := trace.SpanFromContext(reqCtx).SpanContext().TraceID(); traceID.IsValid() {
-			requiredFields = append(requiredFields, zap.String("trace_id", traceID.String()))
-		}
-		log := a.log.With(requiredFields...)
-
-		reqCtx = utils.SetReqLog(reqCtx, log)
-		utils.SetContextToRequest(reqCtx, req)
-
-		fields := []zap.Field{
-			zap.String("remote", req.RemoteAddr().String()),
+		a.log.Info(logs.Request, zap.String("remote", req.RemoteAddr().String()),
 			zap.ByteString("method", req.Method()),
 			zap.ByteString("path", req.Path()),
 			zap.ByteString("query", req.QueryArgs().QueryString()),
-		}
-
-		log.Info(logs.Request, fields...)
+			zap.Uint64("id", req.ID()))
 		h(req)
 	}
 }
@ -767,12 +648,9 @@ func (a *app) canonicalizer(h fasthttp.RequestHandler) fasthttp.RequestHandler {

 func (a *app) tokenizer(h fasthttp.RequestHandler) fasthttp.RequestHandler {
 	return func(req *fasthttp.RequestCtx) {
-		reqCtx := utils.GetContextFromRequest(req)
-		appCtx, err := tokens.StoreBearerTokenAppCtx(reqCtx, req)
+		appCtx, err := tokens.StoreBearerTokenAppCtx(a.ctx, req)
 		if err != nil {
-			log := utils.GetReqLogOrDefault(reqCtx, a.log)
-
-			log.Error(logs.CouldNotFetchAndStoreBearerToken, zap.Error(err))
+			a.log.Error(logs.CouldNotFetchAndStoreBearerToken, zap.Uint64("id", req.ID()), zap.Error(err))
 			response.Error(req, "could not fetch and store bearer token: "+err.Error(), fasthttp.StatusBadRequest)
 			return
 		}
@ -783,7 +661,9 @@ func (a *app) tokenizer(h fasthttp.RequestHandler) fasthttp.RequestHandler {

 func (a *app) tracer(h fasthttp.RequestHandler) fasthttp.RequestHandler {
 	return func(req *fasthttp.RequestCtx) {
-		appCtx, span := utils.StartHTTPServerSpan(a.ctx, req, "REQUEST")
+		appCtx := utils.GetContextFromRequest(req)
+
+		appCtx, span := utils.StartHTTPServerSpan(appCtx, req, "REQUEST")
 		defer func() {
 			utils.SetHTTPTraceInfo(appCtx, span, req)
 			span.End()
@ -952,6 +832,39 @@ func (a *app) setRuntimeParameters() {
 	}
 }

+func (s *appSettings) NamespaceHeader() string {
+	s.mu.RLock()
+	defer s.mu.RUnlock()
+	return s.namespaceHeader
+}
+
+func (s *appSettings) setNamespaceHeader(nsHeader string) {
+	s.mu.Lock()
+	s.namespaceHeader = nsHeader
+	s.mu.Unlock()
+}
+
+func (s *appSettings) FormContainerZone(ns string) (zone string, isDefault bool) {
+	s.mu.RLock()
+	namespaces := s.defaultNamespaces
+	s.mu.RUnlock()
+	if slices.Contains(namespaces, ns) {
+		return v2container.SysAttributeZoneDefault, true
+	}
+
+	return ns + ".ns", false
+}
+
+func (s *appSettings) setDefaultNamespaces(namespaces []string) {
+	for i := range namespaces { // to be set namespaces in env variable as `HTTP_GW_RESOLVE_BUCKET_DEFAULT_NAMESPACES="" "root"`
+		namespaces[i] = strings.Trim(namespaces[i], "\"")
+	}
+
+	s.mu.Lock()
+	s.defaultNamespaces = namespaces
+	s.mu.Unlock()
+}
+
 func (a *app) scheduleReconnect(ctx context.Context, srv *fasthttp.Server) {
 	go func() {
 		t := time.NewTicker(a.settings.reconnectInterval)
--- a/cmd/http-gw/integration_test.go
+++ b/cmd/http-gw/integration_test.go
@ -102,7 +102,7 @@ func runServer(pathToWallet string) (App, context.CancelFunc) {
 	v.Set(cfgWalletPath, pathToWallet)
 	v.Set(cfgWalletPassphrase, "")

-	l, lvl := newStdoutLogger(v, zapcore.DebugLevel)
+	l, lvl := newStdoutLogger(zapcore.DebugLevel)
 	application := newApp(cancelCtx, WithConfig(v), WithLogger(l, lvl))
 	go application.Serve()

@ -525,7 +525,7 @@ func putObject(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID
 	id, err := clientPool.PutObject(ctx, prm)
 	require.NoError(t, err)

-	return id.ObjectID
+	return id
 }

 func makeBearerToken(t *testing.T, key *keys.PrivateKey, ownerID user.ID, version string) string {
--- a/cmd/http-gw/settings.go
+++ b/cmd/http-gw/settings.go
@ -4,7 +4,6 @@ import (
 	"context"
 	"encoding/hex"
 	"fmt"
-	"io"
 	"math"
 	"os"
 	"path"
@ -16,7 +15,6 @@ import (

 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/cache"
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
-	internalnet "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/net"
 	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
 	grpctracing "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing/grpc"
 	"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
@ -57,10 +55,6 @@ const (

 	defaultReconnectInterval = time.Minute

-	defaultCORSMaxAge = 600 // seconds
-
-	defaultMultinetFallbackDelay = 300 * time.Millisecond
-
 	cfgServer      = "server"
 	cfgTLSEnabled  = "tls.enabled"
 	cfgTLSCertFile = "tls.cert_file"
@ -146,21 +140,6 @@ const (
 	cfgResolveNamespaceHeader   = "resolve_bucket.namespace_header"
 	cfgResolveDefaultNamespaces = "resolve_bucket.default_namespaces"

-	// CORS.
-	cfgCORSAllowOrigin      = "cors.allow_origin"
-	cfgCORSAllowMethods     = "cors.allow_methods"
-	cfgCORSAllowHeaders     = "cors.allow_headers"
-	cfgCORSExposeHeaders    = "cors.expose_headers"
-	cfgCORSAllowCredentials = "cors.allow_credentials"
-	cfgCORSMaxAge           = "cors.max_age"
-
-	// Multinet.
-	cfgMultinetEnabled       = "multinet.enabled"
-	cfgMultinetBalancer      = "multinet.balancer"
-	cfgMultinetRestrict      = "multinet.restrict"
-	cfgMultinetFallbackDelay = "multinet.fallback_delay"
-	cfgMultinetSubnets       = "multinet.subnets"
-
 	// Command line args.
 	cmdHelp          = "help"
 	cmdVersion       = "version"
@ -255,9 +234,6 @@ func settings() *viper.Viper {
 	v.SetDefault(cfgResolveNamespaceHeader, defaultNamespaceHeader)
 	v.SetDefault(cfgResolveDefaultNamespaces, []string{"", "root"})

-	// multinet
-	v.SetDefault(cfgMultinetFallbackDelay, defaultMultinetFallbackDelay)
-
 	// Binding flags
 	if err := v.BindPFlag(cfgPprofEnabled, flags.Lookup(cmdPprof)); err != nil {
 		panic(err)
@ -529,46 +505,6 @@ func fetchReconnectInterval(cfg *viper.Viper) time.Duration {
 	return reconnect
 }

-func fetchIndexPageTemplate(v *viper.Viper, l *zap.Logger) (string, bool) {
-	if !v.GetBool(cfgIndexPageEnabled) {
-		return "", false
-	}
-
-	reader, err := os.Open(v.GetString(cfgIndexPageTemplatePath))
-	if err != nil {
-		l.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
-		return "", true
-	}
-
-	tmpl, err := io.ReadAll(reader)
-	if err != nil {
-		l.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err))
-		return "", true
-	}
-
-	l.Info(logs.SetCustomIndexPageTemplate)
-	return string(tmpl), true
-}
-
-func fetchDefaultNamespaces(v *viper.Viper) []string {
-	namespaces := v.GetStringSlice(cfgResolveDefaultNamespaces)
-
-	for i := range namespaces { // to be set namespaces in env variable as `HTTP_GW_RESOLVE_BUCKET_DEFAULT_NAMESPACES="" "root"`
-		namespaces[i] = strings.Trim(namespaces[i], "\"")
-	}
-
-	return namespaces
-}
-
-func fetchCORSMaxAge(v *viper.Viper) int {
-	maxAge := v.GetInt(cfgCORSMaxAge)
-	if maxAge <= 0 {
-		maxAge = defaultCORSMaxAge
-	}
-
-	return maxAge
-}
-
 func fetchServers(v *viper.Viper, log *zap.Logger) []ServerInfo {
 	var servers []ServerInfo
 	seen := make(map[string]struct{})
@ -597,7 +533,7 @@ func fetchServers(v *viper.Viper, log *zap.Logger) []ServerInfo {
 	return servers
 }

-func getPools(ctx context.Context, logger *zap.Logger, cfg *viper.Viper, dialSource *internalnet.DialerSource) (*pool.Pool, *treepool.Pool, *keys.PrivateKey) {
+func getPools(ctx context.Context, logger *zap.Logger, cfg *viper.Viper) (*pool.Pool, *treepool.Pool, *keys.PrivateKey) {
 	key, err := getFrostFSKey(cfg, logger)
 	if err != nil {
 		logger.Fatal(logs.CouldNotLoadFrostFSPrivateKey, zap.Error(err))
@ -653,13 +589,18 @@ func getPools(ctx context.Context, logger *zap.Logger, cfg *viper.Viper, dialSou

 	prmTree.SetMaxRequestAttempts(cfg.GetInt(cfgTreePoolMaxAttempts))

-	interceptors := []grpc.DialOption{
-		grpc.WithUnaryInterceptor(grpctracing.NewUnaryClientInteceptor()),
-		grpc.WithStreamInterceptor(grpctracing.NewStreamClientInterceptor()),
-		grpc.WithContextDialer(dialSource.GrpcContextDialer()),
+	var apiGRPCDialOpts []grpc.DialOption
+	var treeGRPCDialOpts []grpc.DialOption
+	if cfg.GetBool(cfgTracingEnabled) {
+		interceptors := []grpc.DialOption{
+			grpc.WithUnaryInterceptor(grpctracing.NewUnaryClientInteceptor()),
+			grpc.WithStreamInterceptor(grpctracing.NewStreamClientInterceptor()),
+		}
+		treeGRPCDialOpts = append(treeGRPCDialOpts, interceptors...)
+		apiGRPCDialOpts = append(apiGRPCDialOpts, interceptors...)
 	}
-	prm.SetGRPCDialOptions(interceptors...)
-	prmTree.SetGRPCDialOptions(interceptors...)
+	prm.SetGRPCDialOptions(apiGRPCDialOpts...)
+	prmTree.SetGRPCDialOptions(treeGRPCDialOpts...)

 	p, err := pool.NewPool(prm)
 	if err != nil {
@ -759,34 +700,3 @@ func fetchCacheSize(v *viper.Viper, l *zap.Logger, cfgEntry string, defaultValue

 	return defaultValue
 }
-
-func getDialerSource(logger *zap.Logger, cfg *viper.Viper) *internalnet.DialerSource {
-	source, err := internalnet.NewDialerSource(fetchMultinetConfig(cfg, logger))
-	if err != nil {
-		logger.Fatal(logs.FailedToLoadMultinetConfig, zap.Error(err))
-	}
-	return source
-}
-
-func fetchMultinetConfig(v *viper.Viper, l *zap.Logger) (cfg internalnet.Config) {
-	cfg.Enabled = v.GetBool(cfgMultinetEnabled)
-	cfg.Balancer = v.GetString(cfgMultinetBalancer)
-	cfg.Restrict = v.GetBool(cfgMultinetRestrict)
-	cfg.FallbackDelay = v.GetDuration(cfgMultinetFallbackDelay)
-	cfg.Subnets = make([]internalnet.Subnet, 0, 5)
-	cfg.EventHandler = internalnet.NewLogEventHandler(l)
-
-	for i := 0; ; i++ {
-		key := cfgMultinetSubnets + "." + strconv.Itoa(i) + "."
-		subnet := internalnet.Subnet{}
-
-		subnet.Prefix = v.GetString(key + "mask")
-		if subnet.Prefix == "" {
-			break
-		}
-		subnet.SourceIPs = v.GetStringSlice(key + "source_ips")
-		cfg.Subnets = append(cfg.Subnets, subnet)
-	}
-
-	return
-}
--- a/config/config.env
+++ b/config/config.env
@ -126,23 +126,3 @@ HTTP_GW_RESOLVE_BUCKET_DEFAULT_NAMESPACES="" "root"
 # Max attempt to make successful tree request.
 # default value is 0 that means the number of attempts equals to number of nodes in pool.
 HTTP_GW_FROSTFS_TREE_POOL_MAX_ATTEMPTS=0
-
-HTTP_GW_CORS_ALLOW_ORIGIN="*"
-HTTP_GW_CORS_ALLOW_METHODS="GET" "POST"
-HTTP_GW_CORS_ALLOW_HEADERS="*"
-HTTP_GW_CORS_EXPOSE_HEADERS="*"
-HTTP_GW_CORS_ALLOW_CREDENTIALS=false
-HTTP_GW_CORS_MAX_AGE=600
-
-# Multinet properties
-# Enable multinet support
-HTTP_GW_MULTINET_ENABLED=false
-# Strategy to pick source IP address
-HTTP_GW_MULTINET_BALANCER=roundrobin
-# Restrict requests with unknown destination subnet
-HTTP_GW_MULTINET_RESTRICT=false
-# Delay between ipv6 to ipv4 fallback switch
-HTTP_GW_MULTINET_FALLBACK_DELAY=300ms
-# List of subnets and IP addresses to use as source for those subnets
-HTTP_GW_MULTINET_SUBNETS_1_MASK=1.2.3.4/24
-HTTP_GW_MULTINET_SUBNETS_1_SOURCE_IPS=1.2.3.4 1.2.3.5
--- a/config/config.yaml
+++ b/config/config.yaml
@ -138,28 +138,3 @@ cache:
 resolve_bucket:
  namespace_header: X-Frostfs-Namespace
  default_namespaces: [ "", "root" ]
-
-cors:
-  allow_origin: ""
-  allow_methods: []
-  allow_headers: []
-  expose_headers: []
-  allow_credentials: false
-  max_age: 600
-
-# Multinet properties
-multinet:
-  # Enable multinet support
-  enabled: false
-  # Strategy to pick source IP address
-  balancer: roundrobin
-  # Restrict requests with unknown destination subnet
-  restrict: false
-  # Delay between ipv6 to ipv4 fallback switch
-  fallback_delay: 300ms
-  # List of subnets and IP addresses to use as source for those subnets
-  subnets:
-    - mask: 1.2.3.4/24
-      source_ips:
-        - 1.2.3.4
-        - 1.2.3.5
--- a/docs/gate-configuration.md
+++ b/docs/gate-configuration.md
@ -58,7 +58,6 @@ $ cat http.log
 | `cache`          | [Cache configuration](#cache-section)                          |
 | `resolve_bucket` | [Bucket name resolving configuration](#resolve_bucket-section) |
 | `index_page`     | [Index page configuration](#index_page-section)                |
-| `multinet`       | [Multinet configuration](#multinet-section)                    |


 # General section
@ -272,7 +271,7 @@ tracing:

 | Parameter    | Type     | SIGHUP reload | Default value | Description                                                                                                                     |
 |--------------|----------|---------------|---------------|---------------------------------------------------------------------------------------------------------------------------------|
-| `enabled`    | `bool`   | yes           | `false`       | Flag to enable the tracing.                                                                                                     |
+| `enabled`    | `bool`   | no            | `false`       | Flag to enable the tracing.                                                                                                     |
 | `exporter`   | `string` | yes           |               | Trace collector type (`stdout` or `otlp_grpc` are supported).                                                                   |
 | `endpoint`   | `string` | yes           |               | Address of collector endpoint for OTLP exporters.                                                                               |
 | `trusted_ca` | `string` | yes           |               | Path to certificate of a certification authority in pem format, that issued the TLS certificate of the telemetry remote server. |
@ -364,66 +363,3 @@ index_page:
 |-----------------|----------|---------------|---------------|---------------------------------------------------------------------------------|
 | `enabled`       | `bool`   | yes           | `false`       | Flag to enable index_page return if no object with specified S3-name was found. |
 | `template_path` | `string` | yes           | `""`          | Path to .gotmpl file with html template for index_page.                         |
-
-# `cors` section
-
-Parameters for CORS (used in OPTIONS requests and responses in all handlers).
-If values are not set, headers will not be included to response.
-
-```yaml
-cors:
-  allow_origin: "*"
-  allow_methods: ["GET", "HEAD"]
-  allow_headers: ["Authorization"]
-  expose_headers: ["*"]
-  allow_credentials: false
-  max_age: 600
-```
-
-| Parameter           | Type       | SIGHUP reload | Default value | Description                                            |
-|---------------------|------------|---------------|---------------|--------------------------------------------------------|
-| `allow_origin`      | `string`   | yes           |               | Values for `Access-Control-Allow-Origin` headers.      |
-| `allow_methods`     | `[]string` | yes           |               | Values for `Access-Control-Allow-Methods` headers.     |
-| `allow_headers`     | `[]string` | yes           |               | Values for `Access-Control-Allow-Headers` headers.     |
-| `expose_headers`    | `[]string` | yes           |               | Values for `Access-Control-Expose-Headers` headers.    |
-| `allow_credentials` | `bool`     | yes           | `false`       | Values for `Access-Control-Allow-Credentials` headers. |
-| `max_age`           | `int`      | yes           | `600`         | Values for `Access-Control-Max-Age ` headers.          |
-
-# `multinet` section
-
-Configuration of multinet support.
-
-```yaml
-multinet:
-   enabled: false
-   balancer: roundrobin
-   restrict: false
-   fallback_delay: 300ms
-   subnets:
-      - mask: 1.2.3.4/24
-        source_ips:
-           - 1.2.3.4
-           - 1.2.3.5
-```
-
-| Parameter        | Type                           | SIGHUP reload | Default value | Description                                                                                |
-|------------------|--------------------------------|---------------|---------------|--------------------------------------------------------------------------------------------|
-| `enabled`        | `bool`                         | yes           | `false`       | Enables multinet setting to manage source ip of outcoming requests.                        |
-| `balancer`       | `string`                       | yes           | `""`          | Strategy to pick source IP. By default picks first address. Supports `roundrobin` setting. |
-| `restrict`       | `bool`                         | yes           | `false`       | Restricts requests to an undefined subnets.                                                |
-| `fallback_delay` | `duration`                     | yes           | `300ms`       | Delay between IPv6 and IPv4 fallback stack switch.                                         |
-| `subnets`        | [[]Subnet](#subnet-subsection) | yes           |               | Set of subnets to apply multinet dial settings.                                            |
-
-#### `subnet` subsection
-
-```yaml
- mask: 1.2.3.4/24
-  source_ips:
-    - 1.2.3.4
-    - 1.2.3.5
-```
-
-| Parameter    | Type       | SIGHUP reload | Default value | Description                                                          |
-|--------------|------------|---------------|---------------|----------------------------------------------------------------------|
-| `mask`       | `string`   | yes           |               | Destination subnet.                                                  |
-| `source_ips` | `[]string` | yes           |               | Array of source IP addresses to use when dialing destination subnet. |
--- a/go.mod
+++ b/go.mod
@ -3,10 +3,9 @@ module git.frostfs.info/TrueCloudLab/frostfs-http-gw
 go 1.22

 require (
-	git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20241011114054-f0fc40e116d1
+	git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20240916093537-13fa0da3741e
 	git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20240909114314-666d326cc573
-	git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20241022124111-5361f0ecebd3
-	git.frostfs.info/TrueCloudLab/multinet v0.0.0-20241015075604-6cb0d80e0972
+	git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20240918095938-e580ee991d98
 	git.frostfs.info/TrueCloudLab/zapjournald v0.0.0-20240124114243-cb2e66427d02
 	github.com/bluele/gcache v0.0.2
 	github.com/docker/go-units v0.4.0
@ -24,9 +23,8 @@ require (
 	go.opentelemetry.io/otel v1.28.0
 	go.opentelemetry.io/otel/trace v1.28.0
 	go.uber.org/zap v1.27.0
-	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
+	golang.org/x/exp v0.0.0-20240222234643-814bf88cf225
 	golang.org/x/net v0.26.0
-	golang.org/x/sys v0.22.0
 	google.golang.org/grpc v1.66.2
 )

@ -41,7 +39,7 @@ require (
 	github.com/Microsoft/hcsshim v0.9.2 // indirect
 	github.com/VictoriaMetrics/easyproto v0.1.4 // indirect
 	github.com/andybalholm/brotli v1.0.4 // indirect
-	github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
+	github.com/antlr4-go/antlr/v4 v4.13.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
@ -108,6 +106,7 @@ require (
 	go.uber.org/multierr v1.11.0 // indirect
 	golang.org/x/crypto v0.24.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
 	golang.org/x/term v0.21.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -37,20 +37,18 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
-git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20241011114054-f0fc40e116d1 h1:ivcdxQeQDnx4srF2ezoaeVlF0FAycSAztwfIUJnUI4s=
-git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20241011114054-f0fc40e116d1/go.mod h1:F5GS7hRb62PUy5sTYDC4ajVdeffoAfjHSSHTKUJEaYU=
+git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20240916093537-13fa0da3741e h1:740ABnOBYx4o6jxULHdSSnVW2fYIO35ohg+Uz59sxd0=
+git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.16.1-0.20240916093537-13fa0da3741e/go.mod h1:F5GS7hRb62PUy5sTYDC4ajVdeffoAfjHSSHTKUJEaYU=
 git.frostfs.info/TrueCloudLab/frostfs-contract v0.19.3-0.20240621131249-49e5270f673e h1:kcBqZBiFIUBATUqEuvVigtkJJWQ2Gug/eYXn967o3M4=
 git.frostfs.info/TrueCloudLab/frostfs-contract v0.19.3-0.20240621131249-49e5270f673e/go.mod h1:F/fe1OoIDKr5Bz99q4sriuHDuf3aZefZy9ZsCqEtgxc=
 git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0 h1:FxqFDhQYYgpe41qsIHVOcdzSVCB8JNSfPG7Uk4r2oSk=
 git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0/go.mod h1:RUIKZATQLJ+TaYQa60X2fTDwfuhMfm8Ar60bQ5fr+vU=
 git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20240909114314-666d326cc573 h1:6qCcm1oqFbmf9C5AauXzrL5OPGnTbI9HoB/jAtD9274=
 git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20240909114314-666d326cc573/go.mod h1:kbwB4v2o6RyOfCo9kEFeUDZIX3LKhmS0yXPrtvzkQ1g=
-git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20241022124111-5361f0ecebd3 h1:f7jan6eBDN88DKnKj8GKyWpfjBbSzjDALcDejYKRgCs=
-git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20241022124111-5361f0ecebd3/go.mod h1:3txOjFJ8M/JFs01h7xOrnQHVn6hZgDNA16ivyUlu1iU=
+git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20240918095938-e580ee991d98 h1:ijUci3thz0EwWkuRJDocW5D1RkVAJlt9xNG4CYepC90=
+git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20240918095938-e580ee991d98/go.mod h1:GeNpo12HcEW4J412sH5yf8xFYapxlrt5fcYzRwg0Ino=
 git.frostfs.info/TrueCloudLab/hrw v1.2.1 h1:ccBRK21rFvY5R1WotI6LNoPlizk7qSvdfD8lNIRudVc=
 git.frostfs.info/TrueCloudLab/hrw v1.2.1/go.mod h1:C1Ygde2n843yTZEQ0FP69jYiuaYV0kriLvP4zm8JuvM=
-git.frostfs.info/TrueCloudLab/multinet v0.0.0-20241015075604-6cb0d80e0972 h1:/960fWeyn2AFHwQUwDsWB3sbP6lTEnFnMzLMM6tx6N8=
-git.frostfs.info/TrueCloudLab/multinet v0.0.0-20241015075604-6cb0d80e0972/go.mod h1:2hM42MBrlhvN6XToaW6OWNk5ZLcu1FhaukGgxtfpDDI=
 git.frostfs.info/TrueCloudLab/rfc6979 v0.4.0 h1:M2KR3iBj7WpY3hP10IevfIB9MURr4O9mwVfJ+SjT3HA=
 git.frostfs.info/TrueCloudLab/rfc6979 v0.4.0/go.mod h1:okpbKfVYf/BpejtfFTfhZqFP+sZ8rsHrP8Rr/jYPNRc=
 git.frostfs.info/TrueCloudLab/tzhash v1.8.0 h1:UFMnUIk0Zh17m8rjGHJMqku2hCgaXDqjqZzS4gsb4UA=
@ -114,8 +112,8 @@ github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu
 github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
 github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
-github.com/antlr4-go/antlr/v4 v4.13.1 h1:SqQKkuVZ+zWkMMNkjy5FZe5mr5WURWnlpmOuzYWrPrQ=
-github.com/antlr4-go/antlr/v4 v4.13.1/go.mod h1:GKmUxMtwp6ZgGwZSva4eWPC5mS6vUAmOABFgjdkM7Nw=
+github.com/antlr4-go/antlr/v4 v4.13.0 h1:lxCg3LAv+EUK6t1i0y1V6/SLeUi0eKEKdhQAlS8TVTI=
+github.com/antlr4-go/antlr/v4 v4.13.0/go.mod h1:pfChB/xh/Unjila75QW7+VU4TSnWnnk9UTnmpPaOR2g=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
 github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0=
@ -928,8 +926,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJkTFJCVUX+S/ZT6wYzM=
-golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
+golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
+golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
--- a/internal/handler/browse.go
+++ b/internal/handler/browse.go
@ -113,10 +113,8 @@ func urlencode(prefix, filename string) string {
 }

 func (h *Handler) browseObjects(c *fasthttp.RequestCtx, bucketInfo *data.BucketInfo, prefix string) {
+	log := h.log.With(zap.String("bucket", bucketInfo.Name))
 	ctx := utils.GetContextFromRequest(c)
-	reqLog := utils.GetReqLogOrDefault(ctx, h.log)
-	log := reqLog.With(zap.String("bucket", bucketInfo.Name))
-
 	nodes, err := h.listObjects(ctx, bucketInfo, prefix)
 	if err != nil {
 		logAndSendBucketError(c, log, err)
--- a/internal/handler/download.go
+++ b/internal/handler/download.go
@ -84,17 +84,16 @@ func (h *Handler) DownloadZipped(c *fasthttp.RequestCtx) {
 	scid, _ := c.UserValue("cid").(string)
 	prefix, _ := c.UserValue("prefix").(string)

-	ctx := utils.GetContextFromRequest(c)
-	log := utils.GetReqLogOrDefault(ctx, h.log)
-
 	prefix, err := url.QueryUnescape(prefix)
 	if err != nil {
-		log.Error(logs.FailedToUnescapeQuery, zap.String("cid", scid), zap.String("prefix", prefix), zap.Error(err))
+		h.log.Error(logs.FailedToUnescapeQuery, zap.String("cid", scid), zap.String("prefix", prefix), zap.Uint64("id", c.ID()), zap.Error(err))
 		response.Error(c, "could not unescape prefix: "+err.Error(), fasthttp.StatusBadRequest)
 		return
 	}

-	log = log.With(zap.String("cid", scid), zap.String("prefix", prefix))
+	log := h.log.With(zap.String("cid", scid), zap.String("prefix", prefix), zap.Uint64("id", c.ID()))
+
+	ctx := utils.GetContextFromRequest(c)

 	bktInfo, err := h.getBucketInfo(ctx, scid, log)
 	if err != nil {
--- a/internal/handler/handler.go
+++ b/internal/handler/handler.go
@ -190,12 +190,13 @@ func New(params *AppParams, config Config, tree *tree.Tree) *Handler {
 // byAddress is a wrapper for function (e.g. request.headObject, request.receiveFile) that
 // prepares request and object address to it.
 func (h *Handler) byAddress(c *fasthttp.RequestCtx, f func(context.Context, request, oid.Address)) {
-	idCnr, _ := c.UserValue("cid").(string)
-	idObj, _ := c.UserValue("oid").(string)
+	var (
+		idCnr, _ = c.UserValue("cid").(string)
+		idObj, _ = c.UserValue("oid").(string)
+		log      = h.log.With(zap.String("cid", idCnr), zap.String("oid", idObj))
+	)

 	ctx := utils.GetContextFromRequest(c)
-	reqLog := utils.GetReqLogOrDefault(ctx, h.log)
-	log := reqLog.With(zap.String("cid", idCnr), zap.String("oid", idObj))

 	bktInfo, err := h.getBucketInfo(ctx, idCnr, log)
 	if err != nil {
@ -218,13 +219,12 @@ func (h *Handler) byAddress(c *fasthttp.RequestCtx, f func(context.Context, requ
 // byObjectName is a wrapper for function (e.g. request.headObject, request.receiveFile) that
 // prepares request and object address to it.
 func (h *Handler) byObjectName(c *fasthttp.RequestCtx, f func(context.Context, request, oid.Address)) {
-	bucketname := c.UserValue("cid").(string)
-	key := c.UserValue("oid").(string)
-	download := c.QueryArgs().GetBool("download")
-
-	ctx := utils.GetContextFromRequest(c)
-	reqLog := utils.GetReqLogOrDefault(ctx, h.log)
-	log := reqLog.With(zap.String("bucketname", bucketname), zap.String("key", key))
+	var (
+		bucketname = c.UserValue("cid").(string)
+		key        = c.UserValue("oid").(string)
+		log        = h.log.With(zap.String("bucketname", bucketname), zap.String("key", key))
+		download   = c.QueryArgs().GetBool("download")
+	)

 	unescapedKey, err := url.QueryUnescape(key)
 	if err != nil {
@ -232,6 +232,8 @@ func (h *Handler) byObjectName(c *fasthttp.RequestCtx, f func(context.Context, r
 		return
 	}

+	ctx := utils.GetContextFromRequest(c)
+
 	bktInfo, err := h.getBucketInfo(ctx, bucketname, log)
 	if err != nil {
 		logAndSendBucketError(c, log, err)
@ -273,24 +275,23 @@ func (h *Handler) byAttribute(c *fasthttp.RequestCtx, f func(context.Context, re
 	key, _ := c.UserValue("attr_key").(string)
 	val, _ := c.UserValue("attr_val").(string)

-	ctx := utils.GetContextFromRequest(c)
-	log := utils.GetReqLogOrDefault(ctx, h.log)
-
 	key, err := url.QueryUnescape(key)
 	if err != nil {
-		log.Error(logs.FailedToUnescapeQuery, zap.String("cid", scid), zap.String("attr_key", key), zap.Error(err))
+		h.log.Error(logs.FailedToUnescapeQuery, zap.String("cid", scid), zap.String("attr_key", key), zap.Uint64("id", c.ID()), zap.Error(err))
 		response.Error(c, "could not unescape attr_key: "+err.Error(), fasthttp.StatusBadRequest)
 		return
 	}

 	val, err = url.QueryUnescape(val)
 	if err != nil {
-		log.Error(logs.FailedToUnescapeQuery, zap.String("cid", scid), zap.String("attr_val", val), zap.Error(err))
+		h.log.Error(logs.FailedToUnescapeQuery, zap.String("cid", scid), zap.String("attr_val", val), zap.Uint64("id", c.ID()), zap.Error(err))
 		response.Error(c, "could not unescape attr_val: "+err.Error(), fasthttp.StatusBadRequest)
 		return
 	}

-	log = log.With(zap.String("cid", scid), zap.String("attr_key", key), zap.String("attr_val", val))
+	log := h.log.With(zap.String("cid", scid), zap.String("attr_key", key), zap.String("attr_val", val))
+
+	ctx := utils.GetContextFromRequest(c)

 	bktInfo, err := h.getBucketInfo(ctx, scid, log)
 	if err != nil {
--- a/internal/handler/upload.go
+++ b/internal/handler/upload.go
@ -45,18 +45,16 @@ func (pr *putResponse) encode(w io.Writer) error {
 // Upload handles multipart upload request.
 func (h *Handler) Upload(c *fasthttp.RequestCtx) {
 	var (
-		file  MultipartFile
-		idObj oid.ID
-		addr  oid.Address
+		file       MultipartFile
+		idObj      oid.ID
+		addr       oid.Address
+		scid, _    = c.UserValue("cid").(string)
+		log        = h.log.With(zap.String("cid", scid))
+		bodyStream = c.RequestBodyStream()
+		drainBuf   = make([]byte, drainBufSize)
 	)

-	scid, _ := c.UserValue("cid").(string)
-	bodyStream := c.RequestBodyStream()
-	drainBuf := make([]byte, drainBufSize)
-
 	ctx := utils.GetContextFromRequest(c)
-	reqLog := utils.GetReqLogOrDefault(ctx, h.log)
-	log := reqLog.With(zap.String("cid", scid))

 	bktInfo, err := h.getBucketInfo(ctx, scid, log)
 	if err != nil {
@ -77,15 +75,13 @@ func (h *Handler) Upload(c *fasthttp.RequestCtx) {
 			zap.Error(err),
 		)
 	}()
-
 	boundary := string(c.Request.Header.MultipartFormBoundary())
-	if file, err = fetchMultipartFile(log, bodyStream, boundary); err != nil {
+	if file, err = fetchMultipartFile(h.log, bodyStream, boundary); err != nil {
 		log.Error(logs.CouldNotReceiveMultipartForm, zap.Error(err))
 		response.Error(c, "could not receive multipart/form: "+err.Error(), fasthttp.StatusBadRequest)
 		return
 	}
-
-	filtered, err := filterHeaders(log, &c.Request.Header)
+	filtered, err := filterHeaders(h.log, &c.Request.Header)
 	if err != nil {
 		log.Error(logs.CouldNotProcessHeaders, zap.Error(err))
 		response.Error(c, err.Error(), fasthttp.StatusBadRequest)
@ -147,7 +143,7 @@ func (h *Handler) Upload(c *fasthttp.RequestCtx) {
 	}

 	if idObj, err = h.frostfs.CreateObject(ctx, prm); err != nil {
-		h.handlePutFrostFSErr(c, err, log)
+		h.handlePutFrostFSErr(c, err)
 		return
 	}

@ -178,11 +174,11 @@ func (h *Handler) Upload(c *fasthttp.RequestCtx) {
 	c.Response.Header.SetContentType(jsonHeader)
 }

-func (h *Handler) handlePutFrostFSErr(r *fasthttp.RequestCtx, err error, log *zap.Logger) {
+func (h *Handler) handlePutFrostFSErr(r *fasthttp.RequestCtx, err error) {
 	statusCode, msg, additionalFields := response.FormErrorResponse("could not store file in frostfs", err)
 	logFields := append([]zap.Field{zap.Error(err)}, additionalFields...)

-	log.Error(logs.CouldNotStoreFileInFrostfs, logFields...)
+	h.log.Error(logs.CouldNotStoreFileInFrostfs, logFields...)
 	response.Error(r, msg, statusCode)
 }

--- a/internal/logs/logs.go
+++ b/internal/logs/logs.go
@ -79,8 +79,4 @@ const (
 	ServerReconnectedSuccessfully                                         = "server reconnected successfully"
 	ServerReconnectFailed                                                 = "failed to reconnect server"
 	WarnDuplicateAddress                                                  = "duplicate address"
-	MultinetDialSuccess                                                   = "multinet dial successful"
-	MultinetDialFail                                                      = "multinet dial failed"
-	FailedToLoadMultinetConfig                                            = "failed to load multinet config"
-	MultinetConfigWontBeUpdated                                           = "multinet config won't be updated"
 )
--- a/internal/net/config.go
+++ b/internal/net/config.go
@ -1,68 +0,0 @@
-package net
-
-import (
-	"errors"
-	"fmt"
-	"net/netip"
-	"slices"
-	"time"
-
-	"git.frostfs.info/TrueCloudLab/multinet"
-)
-
-var errEmptySourceIPList = errors.New("empty source IP list")
-
-type Subnet struct {
-	Prefix    string
-	SourceIPs []string
-}
-
-type Config struct {
-	Enabled       bool
-	Subnets       []Subnet
-	Balancer      string
-	Restrict      bool
-	FallbackDelay time.Duration
-	EventHandler  multinet.EventHandler
-}
-
-func (c Config) toMultinetConfig() (multinet.Config, error) {
-	var subnets []multinet.Subnet
-	for _, s := range c.Subnets {
-		var ms multinet.Subnet
-		p, err := netip.ParsePrefix(s.Prefix)
-		if err != nil {
-			return multinet.Config{}, fmt.Errorf("parse IP prefix '%s': %w", s.Prefix, err)
-		}
-		ms.Prefix = p
-		for _, ip := range s.SourceIPs {
-			addr, err := netip.ParseAddr(ip)
-			if err != nil {
-				return multinet.Config{}, fmt.Errorf("parse IP address '%s': %w", ip, err)
-			}
-			ms.SourceIPs = append(ms.SourceIPs, addr)
-		}
-		if len(ms.SourceIPs) == 0 {
-			return multinet.Config{}, errEmptySourceIPList
-		}
-		subnets = append(subnets, ms)
-	}
-	return multinet.Config{
-		Subnets:       subnets,
-		Balancer:      multinet.BalancerType(c.Balancer),
-		Restrict:      c.Restrict,
-		FallbackDelay: c.FallbackDelay,
-		Dialer:        newDefaultDialer(),
-		EventHandler:  c.EventHandler,
-	}, nil
-}
-
-func (c Config) equals(other Config) bool {
-	return c.Enabled == other.Enabled &&
-		slices.EqualFunc(c.Subnets, other.Subnets, func(lhs, rhs Subnet) bool {
-			return lhs.Prefix == rhs.Prefix && slices.Equal(lhs.SourceIPs, rhs.SourceIPs)
-		}) &&
-		c.Balancer == other.Balancer &&
-		c.Restrict == other.Restrict &&
-		c.FallbackDelay == other.FallbackDelay
-}
--- a/internal/net/dial_target.go
+++ b/internal/net/dial_target.go
@ -1,54 +0,0 @@
-// NOTE: code is taken from https://github.com/grpc/grpc-go/blob/v1.68.x/internal/transport/http_util.go
-
-/*
- *
- * Copyright 2014 gRPC authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package net
-
-import (
-	"net/url"
-	"strings"
-)
-
-// parseDialTarget returns the network and address to pass to dialer.
-func parseDialTarget(target string) (string, string) {
-	net := "tcp"
-	m1 := strings.Index(target, ":")
-	m2 := strings.Index(target, ":/")
-	// handle unix:addr which will fail with url.Parse
-	if m1 >= 0 && m2 < 0 {
-		if n := target[0:m1]; n == "unix" {
-			return n, target[m1+1:]
-		}
-	}
-	if m2 >= 0 {
-		t, err := url.Parse(target)
-		if err != nil {
-			return net, target
-		}
-		scheme := t.Scheme
-		addr := t.Path
-		if scheme == "unix" {
-			if addr == "" {
-				addr = t.Host
-			}
-			return scheme, addr
-		}
-	}
-	return net, target
-}
--- a/internal/net/dialer.go
+++ b/internal/net/dialer.go
@ -1,36 +0,0 @@
-package net
-
-import (
-	"net"
-	"syscall"
-	"time"
-
-	"golang.org/x/sys/unix"
-)
-
-func newDefaultDialer() net.Dialer {
-	// From `grpc.WithContextDialer` comment:
-	//
-	// Note: All supported releases of Go (as of December 2023) override the OS
-	// defaults for TCP keepalive time and interval to 15s. To enable TCP keepalive
-	// with OS defaults for keepalive time and interval, use a net.Dialer that sets
-	// the KeepAlive field to a negative value, and sets the SO_KEEPALIVE socket
-	// option to true from the Control field. For a concrete example of how to do
-	// this, see internal.NetDialerWithTCPKeepalive().
-	//
-	// https://github.com/grpc/grpc-go/blob/830135e6c5a351abf75f0c9cfdf978e5df8daeba/dialoptions.go#L432
-	//
-	// From `internal.NetDialerWithTCPKeepalive` comment:
-	//
-	// TODO: Once https://github.com/golang/go/issues/62254 lands, and the
-	// appropriate Go version becomes less than our least supported Go version, we
-	// should look into using the new API to make things more straightforward.
-	return net.Dialer{
-		KeepAlive: time.Duration(-1),
-		Control: func(_, _ string, c syscall.RawConn) error {
-			return c.Control(func(fd uintptr) {
-				_ = unix.SetsockoptInt(int(fd), unix.SOL_SOCKET, unix.SO_KEEPALIVE, 1)
-			})
-		},
-	}
-}
--- a/internal/net/dialer_source.go
+++ b/internal/net/dialer_source.go
@ -1,69 +0,0 @@
-package net
-
-import (
-	"context"
-	"net"
-	"sync"
-
-	"git.frostfs.info/TrueCloudLab/multinet"
-)
-
-type DialerSource struct {
-	guard sync.RWMutex
-
-	c Config
-
-	md multinet.Dialer
-}
-
-func NewDialerSource(c Config) (*DialerSource, error) {
-	result := &DialerSource{}
-	if err := result.build(c); err != nil {
-		return nil, err
-	}
-	return result, nil
-}
-
-func (s *DialerSource) build(c Config) error {
-	if c.Enabled {
-		mc, err := c.toMultinetConfig()
-		if err != nil {
-			return err
-		}
-		md, err := multinet.NewDialer(mc)
-		if err != nil {
-			return err
-		}
-		s.md = md
-		s.c = c
-		return nil
-	}
-	s.md = nil
-	s.c = c
-	return nil
-}
-
-// GrpcContextDialer returns grpc.WithContextDialer func.
-// Returns nil if multinet disabled.
-func (s *DialerSource) GrpcContextDialer() func(context.Context, string) (net.Conn, error) {
-	s.guard.RLock()
-	defer s.guard.RUnlock()
-
-	if s.c.Enabled {
-		return func(ctx context.Context, address string) (net.Conn, error) {
-			network, address := parseDialTarget(address)
-			return s.md.DialContext(ctx, network, address)
-		}
-	}
-	return nil
-}
-
-func (s *DialerSource) Update(c Config) error {
-	s.guard.Lock()
-	defer s.guard.Unlock()
-
-	if s.c.equals(c) {
-		return nil
-	}
-	return s.build(c)
-}
--- a/internal/net/event_handler.go
+++ b/internal/net/event_handler.go
@ -1,28 +0,0 @@
-package net
-
-import (
-	"net"
-
-	"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
-	"go.uber.org/zap"
-)
-
-type LogEventHandler struct {
-	logger *zap.Logger
-}
-
-func (l LogEventHandler) DialPerformed(sourceIP net.Addr, _, address string, err error) {
-	sourceIPString := "undefined"
-	if sourceIP != nil {
-		sourceIPString = sourceIP.Network() + "://" + sourceIP.String()
-	}
-	if err == nil {
-		l.logger.Debug(logs.MultinetDialSuccess, zap.String("source", sourceIPString), zap.String("destination", address))
-	} else {
-		l.logger.Debug(logs.MultinetDialFail, zap.String("source", sourceIPString), zap.String("destination", address), zap.Error(err))
-	}
-}
-
-func NewLogEventHandler(logger *zap.Logger) LogEventHandler {
-	return LogEventHandler{logger: logger}
-}
--- a/utils/util.go
+++ b/utils/util.go
@ -4,7 +4,6 @@ import (
 	"context"

 	"github.com/valyala/fasthttp"
-	"go.uber.org/zap"
 )

 // SetContextToRequest adds new context to fasthttp request.
@ -16,34 +15,3 @@ func SetContextToRequest(ctx context.Context, c *fasthttp.RequestCtx) {
 func GetContextFromRequest(c *fasthttp.RequestCtx) context.Context {
 	return c.UserValue("context").(context.Context)
 }
-
-type ctxReqLoggerKeyType struct{}
-
-// SetReqLog sets child zap.Logger in the context.
-func SetReqLog(ctx context.Context, log *zap.Logger) context.Context {
-	if ctx == nil {
-		return nil
-	}
-	return context.WithValue(ctx, ctxReqLoggerKeyType{}, log)
-}
-
-// GetReqLog returns log if set.
-// If zap.Logger isn't set returns nil.
-func GetReqLog(ctx context.Context) *zap.Logger {
-	if ctx == nil {
-		return nil
-	} else if r, ok := ctx.Value(ctxReqLoggerKeyType{}).(*zap.Logger); ok {
-		return r
-	}
-	return nil
-}
-
-// GetReqLogOrDefault returns log from context, if it exists.
-// If the log is missing from the context, the default logger is returned.
-func GetReqLogOrDefault(ctx context.Context, defaultLog *zap.Logger) *zap.Logger {
-	log := GetReqLog(ctx)
-	if log == nil {
-		log = defaultLog
-	}
-	return log
-}