mirror of
https://github.com/caddyserver/caddy.git
synced 2025-01-06 22:40:31 -05:00
e2991eb019
See #5074
269 lines
7.2 KiB
Go
269 lines
7.2 KiB
Go
// Copyright 2015 Matthew Holt and The Caddy Authors
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package headers
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"reflect"
|
|
"strings"
|
|
|
|
"github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile"
|
|
"github.com/caddyserver/caddy/v2/modules/caddyhttp"
|
|
)
|
|
|
|
func init() {
|
|
httpcaddyfile.RegisterDirective("header", parseCaddyfile)
|
|
httpcaddyfile.RegisterDirective("request_header", parseReqHdrCaddyfile)
|
|
}
|
|
|
|
// parseCaddyfile sets up the handler for response headers from
|
|
// Caddyfile tokens. Syntax:
|
|
//
|
|
// header [<matcher>] [[+|-|?]<field> [<value|regexp>] [<replacement>]] {
|
|
// [+]<field> [<value|regexp> [<replacement>]]
|
|
// ?<field> <default_value>
|
|
// -<field>
|
|
// [defer]
|
|
// }
|
|
//
|
|
// Either a block can be opened or a single header field can be configured
|
|
// in the first line, but not both in the same directive. Header operations
|
|
// are deferred to write-time if any headers are being deleted or if the
|
|
// 'defer' subdirective is used. + appends a header value, - deletes a field,
|
|
// and ? conditionally sets a value only if the header field is not already
|
|
// set.
|
|
func parseCaddyfile(h httpcaddyfile.Helper) ([]httpcaddyfile.ConfigValue, error) {
|
|
if !h.Next() {
|
|
return nil, h.ArgErr()
|
|
}
|
|
|
|
matcherSet, err := h.ExtractMatcherSet()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
makeHandler := func() Handler {
|
|
return Handler{
|
|
Response: &RespHeaderOps{
|
|
HeaderOps: &HeaderOps{},
|
|
},
|
|
}
|
|
}
|
|
handler, handlerWithRequire := makeHandler(), makeHandler()
|
|
|
|
for h.Next() {
|
|
// first see if headers are in the initial line
|
|
var hasArgs bool
|
|
if h.NextArg() {
|
|
hasArgs = true
|
|
field := h.Val()
|
|
var value, replacement string
|
|
if h.NextArg() {
|
|
value = h.Val()
|
|
}
|
|
if h.NextArg() {
|
|
replacement = h.Val()
|
|
}
|
|
err := applyHeaderOp(
|
|
handler.Response.HeaderOps,
|
|
handler.Response,
|
|
field,
|
|
value,
|
|
replacement,
|
|
)
|
|
if err != nil {
|
|
return nil, h.Err(err.Error())
|
|
}
|
|
if len(handler.Response.HeaderOps.Delete) > 0 {
|
|
handler.Response.Deferred = true
|
|
}
|
|
}
|
|
|
|
// if not, they should be in a block
|
|
for h.NextBlock(0) {
|
|
field := h.Val()
|
|
if field == "defer" {
|
|
handler.Response.Deferred = true
|
|
continue
|
|
}
|
|
if hasArgs {
|
|
return nil, h.Err("cannot specify headers in both arguments and block") // because it would be weird
|
|
}
|
|
|
|
// sometimes it is habitual for users to suffix a field name with a colon,
|
|
// as if they were writing a curl command or something; see
|
|
// https://caddy.community/t/v2-reverse-proxy-please-add-cors-example-to-the-docs/7349/19
|
|
field = strings.TrimSuffix(field, ":")
|
|
|
|
var value, replacement string
|
|
if h.NextArg() {
|
|
value = h.Val()
|
|
}
|
|
if h.NextArg() {
|
|
replacement = h.Val()
|
|
}
|
|
|
|
handlerToUse := handler
|
|
if strings.HasPrefix(field, "?") {
|
|
handlerToUse = handlerWithRequire
|
|
}
|
|
|
|
err := applyHeaderOp(
|
|
handlerToUse.Response.HeaderOps,
|
|
handlerToUse.Response,
|
|
field,
|
|
value,
|
|
replacement,
|
|
)
|
|
if err != nil {
|
|
return nil, h.Err(err.Error())
|
|
}
|
|
}
|
|
}
|
|
|
|
var configValues []httpcaddyfile.ConfigValue
|
|
if !reflect.DeepEqual(handler, makeHandler()) {
|
|
configValues = append(configValues, h.NewRoute(matcherSet, handler)...)
|
|
}
|
|
if !reflect.DeepEqual(handlerWithRequire, makeHandler()) {
|
|
configValues = append(configValues, h.NewRoute(matcherSet, handlerWithRequire)...)
|
|
}
|
|
|
|
return configValues, nil
|
|
}
|
|
|
|
// parseReqHdrCaddyfile sets up the handler for request headers
|
|
// from Caddyfile tokens. Syntax:
|
|
//
|
|
// request_header [<matcher>] [[+|-]<field> [<value|regexp>] [<replacement>]]
|
|
func parseReqHdrCaddyfile(h httpcaddyfile.Helper) ([]httpcaddyfile.ConfigValue, error) {
|
|
if !h.Next() {
|
|
return nil, h.ArgErr()
|
|
}
|
|
|
|
matcherSet, err := h.ExtractMatcherSet()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
configValues := []httpcaddyfile.ConfigValue{}
|
|
|
|
for h.Next() {
|
|
if !h.NextArg() {
|
|
return nil, h.ArgErr()
|
|
}
|
|
field := h.Val()
|
|
|
|
hdr := Handler{
|
|
Request: &HeaderOps{},
|
|
}
|
|
|
|
// sometimes it is habitual for users to suffix a field name with a colon,
|
|
// as if they were writing a curl command or something; see
|
|
// https://caddy.community/t/v2-reverse-proxy-please-add-cors-example-to-the-docs/7349/19
|
|
field = strings.TrimSuffix(field, ":")
|
|
|
|
var value, replacement string
|
|
if h.NextArg() {
|
|
value = h.Val()
|
|
}
|
|
if h.NextArg() {
|
|
replacement = h.Val()
|
|
if h.NextArg() {
|
|
return nil, h.ArgErr()
|
|
}
|
|
}
|
|
|
|
if hdr.Request == nil {
|
|
hdr.Request = new(HeaderOps)
|
|
}
|
|
if err := CaddyfileHeaderOp(hdr.Request, field, value, replacement); err != nil {
|
|
return nil, h.Err(err.Error())
|
|
}
|
|
|
|
configValues = append(configValues, h.NewRoute(matcherSet, hdr)...)
|
|
|
|
if h.NextArg() {
|
|
return nil, h.ArgErr()
|
|
}
|
|
}
|
|
return configValues, nil
|
|
}
|
|
|
|
// CaddyfileHeaderOp applies a new header operation according to
|
|
// field, value, and replacement. The field can be prefixed with
|
|
// "+" or "-" to specify adding or removing; otherwise, the value
|
|
// will be set (overriding any previous value). If replacement is
|
|
// non-empty, value will be treated as a regular expression which
|
|
// will be used to search and then replacement will be used to
|
|
// complete the substring replacement; in that case, any + or -
|
|
// prefix to field will be ignored.
|
|
func CaddyfileHeaderOp(ops *HeaderOps, field, value, replacement string) error {
|
|
return applyHeaderOp(ops, nil, field, value, replacement)
|
|
}
|
|
|
|
func applyHeaderOp(ops *HeaderOps, respHeaderOps *RespHeaderOps, field, value, replacement string) error {
|
|
switch {
|
|
case strings.HasPrefix(field, "+"): // append
|
|
if ops.Add == nil {
|
|
ops.Add = make(http.Header)
|
|
}
|
|
ops.Add.Add(field[1:], value)
|
|
|
|
case strings.HasPrefix(field, "-"): // delete
|
|
ops.Delete = append(ops.Delete, field[1:])
|
|
if respHeaderOps != nil {
|
|
respHeaderOps.Deferred = true
|
|
}
|
|
|
|
case strings.HasPrefix(field, "?"): // default (conditional on not existing) - response headers only
|
|
if respHeaderOps == nil {
|
|
return fmt.Errorf("%v: the default header modifier ('?') can only be used on response headers; for conditional manipulation of request headers, use matchers", field)
|
|
}
|
|
if respHeaderOps.Require == nil {
|
|
respHeaderOps.Require = &caddyhttp.ResponseMatcher{
|
|
Headers: make(http.Header),
|
|
}
|
|
}
|
|
field = strings.TrimPrefix(field, "?")
|
|
respHeaderOps.Require.Headers[field] = nil
|
|
if respHeaderOps.Set == nil {
|
|
respHeaderOps.Set = make(http.Header)
|
|
}
|
|
respHeaderOps.Set.Set(field, value)
|
|
|
|
case replacement != "": // replace
|
|
if ops.Replace == nil {
|
|
ops.Replace = make(map[string][]Replacement)
|
|
}
|
|
field = strings.TrimLeft(field, "+-?")
|
|
ops.Replace[field] = append(
|
|
ops.Replace[field],
|
|
Replacement{
|
|
SearchRegexp: value,
|
|
Replace: replacement,
|
|
},
|
|
)
|
|
|
|
default: // set (overwrite)
|
|
if ops.Set == nil {
|
|
ops.Set = make(http.Header)
|
|
}
|
|
ops.Set.Set(field, value)
|
|
}
|
|
|
|
return nil
|
|
}
|