Pull request 1807: upd-golibs
Merge in DNS/adguard-home from upd-golibs to master Squashed commit of the following: commit cde42a72c2140245f345681cbb936ed3bc4645a1 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Apr 7 13:57:02 2023 +0300 all: upd golibs, use hdrs
This commit is contained in:
Ainar Garipov
@@ -16,6 +16,7 @@ import (
|
||||
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
|
||||
"github.com/AdguardTeam/golibs/errors"
|
||||
"github.com/AdguardTeam/golibs/httphdr"
|
||||
"github.com/AdguardTeam/golibs/log"
|
||||
"github.com/AdguardTeam/golibs/netutil"
|
||||
"github.com/AdguardTeam/golibs/timeutil"
|
||||
@@ -379,9 +380,9 @@ func (a *Auth) newCookie(req loginJSON, addr string) (c *http.Cookie, err error)
|
||||
// TODO(a.garipov): Support header Forwarded from RFC 7329.
|
||||
func realIP(r *http.Request) (ip net.IP, err error) {
|
||||
proxyHeaders := []string{
|
||||
"CF-Connecting-IP",
|
||||
"True-Client-IP",
|
||||
"X-Real-IP",
|
||||
httphdr.CFConnectingIP,
|
||||
httphdr.TrueClientIP,
|
||||
httphdr.XRealIP,
|
||||
}
|
||||
|
||||
for _, h := range proxyHeaders {
|
||||
@@ -394,7 +395,7 @@ func realIP(r *http.Request) (ip net.IP, err error) {
|
||||
|
||||
// If none of the above yielded any results, get the leftmost IP address
|
||||
// from the X-Forwarded-For header.
|
||||
s := r.Header.Get("X-Forwarded-For")
|
||||
s := r.Header.Get(httphdr.XForwardedFor)
|
||||
ipStrs := strings.SplitN(s, ", ", 2)
|
||||
ip = net.ParseIP(ipStrs[0])
|
||||
if ip != nil {
|
||||
@@ -435,7 +436,7 @@ func handleLogin(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
if rateLimiter := Context.auth.raleLimiter; rateLimiter != nil {
|
||||
if left := rateLimiter.check(remoteAddr); left > 0 {
|
||||
w.Header().Set("Retry-After", strconv.Itoa(int(left.Seconds())))
|
||||
w.Header().Set(httphdr.RetryAfter, strconv.Itoa(int(left.Seconds())))
|
||||
aghhttp.Error(r, w, http.StatusTooManyRequests, "auth: blocked for %s", left)
|
||||
|
||||
return
|
||||
@@ -463,9 +464,9 @@ func handleLogin(w http.ResponseWriter, r *http.Request) {
|
||||
http.SetCookie(w, cookie)
|
||||
|
||||
h := w.Header()
|
||||
h.Set("Cache-Control", "no-store, no-cache, must-revalidate, proxy-revalidate")
|
||||
h.Set("Pragma", "no-cache")
|
||||
h.Set("Expires", "0")
|
||||
h.Set(httphdr.CacheControl, "no-store, no-cache, must-revalidate, proxy-revalidate")
|
||||
h.Set(httphdr.Pragma, "no-cache")
|
||||
h.Set(httphdr.Expires, "0")
|
||||
|
||||
aghhttp.OK(w)
|
||||
}
|
||||
@@ -476,7 +477,7 @@ func handleLogout(w http.ResponseWriter, r *http.Request) {
|
||||
if err != nil {
|
||||
// The only error that is returned from r.Cookie is [http.ErrNoCookie].
|
||||
// The user is already logged out.
|
||||
respHdr.Set("Location", "/login.html")
|
||||
respHdr.Set(httphdr.Location, "/login.html")
|
||||
w.WriteHeader(http.StatusFound)
|
||||
|
||||
return
|
||||
@@ -494,8 +495,8 @@ func handleLogout(w http.ResponseWriter, r *http.Request) {
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
}
|
||||
|
||||
respHdr.Set("Location", "/login.html")
|
||||
respHdr.Set("Set-Cookie", c.String())
|
||||
respHdr.Set(httphdr.Location, "/login.html")
|
||||
respHdr.Set(httphdr.SetCookie, c.String())
|
||||
w.WriteHeader(http.StatusFound)
|
||||
}
|
||||
|
||||
@@ -543,7 +544,7 @@ func optionalAuthThird(w http.ResponseWriter, r *http.Request) (mustAuth bool) {
|
||||
log.Debug("auth: redirected to login page by GL-Inet submodule")
|
||||
} else {
|
||||
log.Debug("auth: redirected to login page")
|
||||
w.Header().Set("Location", "/login.html")
|
||||
w.Header().Set(httphdr.Location, "/login.html")
|
||||
w.WriteHeader(http.StatusFound)
|
||||
}
|
||||
} else {
|
||||
@@ -569,7 +570,7 @@ func optionalAuth(
|
||||
// Redirect to the dashboard if already authenticated.
|
||||
res := Context.auth.checkSession(cookie.Value)
|
||||
if res == checkSessionOK {
|
||||
w.Header().Set("Location", "/")
|
||||
w.Header().Set(httphdr.Location, "/")
|
||||
w.WriteHeader(http.StatusFound)
|
||||
|
||||
return
|
||||
|
||||
@@ -12,6 +12,7 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/AdguardTeam/golibs/httphdr"
|
||||
"github.com/AdguardTeam/golibs/testutil"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
@@ -135,11 +136,11 @@ func TestAuthHTTP(t *testing.T) {
|
||||
handlerCalled = false
|
||||
handler2(&w, &r)
|
||||
assert.Equal(t, http.StatusFound, w.statusCode)
|
||||
assert.NotEmpty(t, w.hdr.Get("Location"))
|
||||
assert.NotEmpty(t, w.hdr.Get(httphdr.Location))
|
||||
assert.False(t, handlerCalled)
|
||||
|
||||
// go to login page
|
||||
loginURL := w.hdr.Get("Location")
|
||||
loginURL := w.hdr.Get(httphdr.Location)
|
||||
r.URL = &url.URL{Path: loginURL}
|
||||
handlerCalled = false
|
||||
handler2(&w, &r)
|
||||
@@ -153,13 +154,13 @@ func TestAuthHTTP(t *testing.T) {
|
||||
// get /
|
||||
handler2 = optionalAuth(handler)
|
||||
w.hdr = make(http.Header)
|
||||
r.Header.Set("Cookie", cookie.String())
|
||||
r.Header.Set(httphdr.Cookie, cookie.String())
|
||||
r.URL = &url.URL{Path: "/"}
|
||||
handlerCalled = false
|
||||
handler2(&w, &r)
|
||||
assert.True(t, handlerCalled)
|
||||
|
||||
r.Header.Del("Cookie")
|
||||
r.Header.Del(httphdr.Cookie)
|
||||
|
||||
// get / with basic auth
|
||||
handler2 = optionalAuth(handler)
|
||||
@@ -169,28 +170,28 @@ func TestAuthHTTP(t *testing.T) {
|
||||
handlerCalled = false
|
||||
handler2(&w, &r)
|
||||
assert.True(t, handlerCalled)
|
||||
r.Header.Del("Authorization")
|
||||
r.Header.Del(httphdr.Authorization)
|
||||
|
||||
// get login page with a valid cookie - we're redirected to /
|
||||
handler2 = optionalAuth(handler)
|
||||
w.hdr = make(http.Header)
|
||||
r.Header.Set("Cookie", cookie.String())
|
||||
r.Header.Set(httphdr.Cookie, cookie.String())
|
||||
r.URL = &url.URL{Path: loginURL}
|
||||
handlerCalled = false
|
||||
handler2(&w, &r)
|
||||
assert.NotEmpty(t, w.hdr.Get("Location"))
|
||||
assert.NotEmpty(t, w.hdr.Get(httphdr.Location))
|
||||
assert.False(t, handlerCalled)
|
||||
r.Header.Del("Cookie")
|
||||
r.Header.Del(httphdr.Cookie)
|
||||
|
||||
// get login page with an invalid cookie
|
||||
handler2 = optionalAuth(handler)
|
||||
w.hdr = make(http.Header)
|
||||
r.Header.Set("Cookie", "bad")
|
||||
r.Header.Set(httphdr.Cookie, "bad")
|
||||
r.URL = &url.URL{Path: loginURL}
|
||||
handlerCalled = false
|
||||
handler2(&w, &r)
|
||||
assert.True(t, handlerCalled)
|
||||
r.Header.Del("Cookie")
|
||||
r.Header.Del(httphdr.Cookie)
|
||||
|
||||
Context.auth.Close()
|
||||
}
|
||||
@@ -213,7 +214,7 @@ func TestRealIP(t *testing.T) {
|
||||
}, {
|
||||
name: "success_proxy",
|
||||
header: http.Header{
|
||||
textproto.CanonicalMIMEHeaderKey("X-Real-IP"): []string{"1.2.3.5"},
|
||||
textproto.CanonicalMIMEHeaderKey(httphdr.XRealIP): []string{"1.2.3.5"},
|
||||
},
|
||||
remoteAddr: remoteAddr,
|
||||
wantErrMsg: "",
|
||||
@@ -221,7 +222,7 @@ func TestRealIP(t *testing.T) {
|
||||
}, {
|
||||
name: "success_proxy_multiple",
|
||||
header: http.Header{
|
||||
textproto.CanonicalMIMEHeaderKey("X-Forwarded-For"): []string{
|
||||
textproto.CanonicalMIMEHeaderKey(httphdr.XForwardedFor): []string{
|
||||
"1.2.3.6, 1.2.3.5",
|
||||
},
|
||||
},
|
||||
|
||||
@@ -13,6 +13,7 @@ import (
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/aghnet"
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/dnsforward"
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/version"
|
||||
"github.com/AdguardTeam/golibs/httphdr"
|
||||
"github.com/AdguardTeam/golibs/log"
|
||||
"github.com/AdguardTeam/golibs/netutil"
|
||||
"github.com/NYTimes/gziphandler"
|
||||
@@ -229,7 +230,7 @@ func modifiesData(m string) (ok bool) {
|
||||
func ensureContentType(w http.ResponseWriter, r *http.Request) (ok bool) {
|
||||
const statusUnsup = http.StatusUnsupportedMediaType
|
||||
|
||||
cType := r.Header.Get(aghhttp.HdrNameContentType)
|
||||
cType := r.Header.Get(httphdr.ContentType)
|
||||
if r.ContentLength == 0 {
|
||||
if cType == "" {
|
||||
return true
|
||||
@@ -337,7 +338,7 @@ func handleHTTPSRedirect(w http.ResponseWriter, r *http.Request) (ok bool) {
|
||||
// default is 24 hours.
|
||||
if serveHTTP3 {
|
||||
altSvc := fmt.Sprintf(`h3=":%d"`, portHTTPS)
|
||||
respHdr.Set(aghhttp.HdrNameAltSvc, altSvc)
|
||||
respHdr.Set(httphdr.AltSvc, altSvc)
|
||||
}
|
||||
|
||||
if r.TLS == nil && web.forceHTTPS {
|
||||
@@ -367,8 +368,8 @@ func handleHTTPSRedirect(w http.ResponseWriter, r *http.Request) (ok bool) {
|
||||
Host: r.Host,
|
||||
}
|
||||
|
||||
respHdr.Set(aghhttp.HdrNameAccessControlAllowOrigin, originURL.String())
|
||||
respHdr.Set(aghhttp.HdrNameVary, aghhttp.HdrNameOrigin)
|
||||
respHdr.Set(httphdr.AccessControlAllowOrigin, originURL.String())
|
||||
respHdr.Set(httphdr.Vary, httphdr.Origin)
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
|
||||
"github.com/AdguardTeam/AdGuardHome/internal/dnsforward"
|
||||
"github.com/AdguardTeam/golibs/errors"
|
||||
"github.com/AdguardTeam/golibs/httphdr"
|
||||
"github.com/AdguardTeam/golibs/log"
|
||||
"github.com/google/uuid"
|
||||
"howett.net/plist"
|
||||
@@ -170,7 +171,7 @@ func handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
|
||||
return
|
||||
}
|
||||
|
||||
w.Header().Set("Content-Type", "application/xml")
|
||||
w.Header().Set(httphdr.ContentType, "application/xml")
|
||||
|
||||
const (
|
||||
dohContDisp = `attachment; filename=doh.mobileconfig`
|
||||
@@ -182,7 +183,7 @@ func handleMobileConfig(w http.ResponseWriter, r *http.Request, dnsp string) {
|
||||
contDisp = dotContDisp
|
||||
}
|
||||
|
||||
w.Header().Set("Content-Disposition", contDisp)
|
||||
w.Header().Set(httphdr.ContentDisposition, contDisp)
|
||||
|
||||
_, _ = w.Write(mobileconfig)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user