forked from TrueCloudLab/distribution
Add a section to the config file for HTTP headers to add to responses
The example configuration files add X-Content-Type-Options: nosniff. Add coverage in existing registry/handlers unit tests. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This commit is contained in:
parent
e7435725af
commit
d9a20377f3
2 changed files with 21 additions and 0 deletions
|
@ -30,6 +30,10 @@ import (
|
||||||
"golang.org/x/net/context"
|
"golang.org/x/net/context"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var headerConfig = http.Header{
|
||||||
|
"X-Content-Type-Options": []string{"nosniff"},
|
||||||
|
}
|
||||||
|
|
||||||
// TestCheckAPI hits the base endpoint (/v2/) ensures we return the specified
|
// TestCheckAPI hits the base endpoint (/v2/) ensures we return the specified
|
||||||
// 200 OK response.
|
// 200 OK response.
|
||||||
func TestCheckAPI(t *testing.T) {
|
func TestCheckAPI(t *testing.T) {
|
||||||
|
@ -215,6 +219,7 @@ func TestURLPrefix(t *testing.T) {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
config.HTTP.Prefix = "/test/"
|
config.HTTP.Prefix = "/test/"
|
||||||
|
config.HTTP.Headers = headerConfig
|
||||||
|
|
||||||
env := newTestEnvWithConfig(t, &config)
|
env := newTestEnvWithConfig(t, &config)
|
||||||
|
|
||||||
|
@ -1009,6 +1014,8 @@ func newTestEnv(t *testing.T, deleteEnabled bool) *testEnv {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
config.HTTP.Headers = headerConfig
|
||||||
|
|
||||||
return newTestEnvWithConfig(t, &config)
|
return newTestEnvWithConfig(t, &config)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1225,6 +1232,14 @@ func checkResponse(t *testing.T, msg string, resp *http.Response, expectedStatus
|
||||||
|
|
||||||
t.FailNow()
|
t.FailNow()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// We expect the headers included in the configuration
|
||||||
|
if !reflect.DeepEqual(resp.Header["X-Content-Type-Options"], []string{"nosniff"}) {
|
||||||
|
t.Logf("missing or incorrect header X-Content-Type-Options %s", msg)
|
||||||
|
maybeDumpResponse(t, resp)
|
||||||
|
|
||||||
|
t.FailNow()
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// checkBodyHasErrorCodes ensures the body is an error body and has the
|
// checkBodyHasErrorCodes ensures the body is an error body and has the
|
||||||
|
|
|
@ -428,6 +428,12 @@ type dispatchFunc func(ctx *Context, r *http.Request) http.Handler
|
||||||
// handler, using the dispatch factory function.
|
// handler, using the dispatch factory function.
|
||||||
func (app *App) dispatcher(dispatch dispatchFunc) http.Handler {
|
func (app *App) dispatcher(dispatch dispatchFunc) http.Handler {
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
for headerName, headerValues := range app.Config.HTTP.Headers {
|
||||||
|
for _, value := range headerValues {
|
||||||
|
w.Header().Add(headerName, value)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
context := app.context(w, r)
|
context := app.context(w, r)
|
||||||
|
|
||||||
if err := app.authorized(w, r, context); err != nil {
|
if err := app.authorized(w, r, context); err != nil {
|
||||||
|
|
Loading…
Reference in a new issue