Documentation ¶
Overview ¶
Package camo provides an HTTP proxy server with content type restrictions as well as regex host allow list support.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ValidReqHeaders = map[string]bool{ "Accept": true, "Accept-Charset": true, "Accept-Encoding": false, "Accept-Language": true, "Cache-Control": true, "If-None-Match": true, "If-Modified-Since": true, "X-Forwarded-For": false, "Range": true, }
ValidReqHeaders are http request headers that are acceptable to pass from the client to the remote server. Only those present and true, are forwarded. Empty implies no filtering.
var ValidRespHeaders = map[string]bool{ "Accept-Ranges": true, "Content-Length": true, "Content-Range": true, "Cache-Control": true, "Content-Encoding": true, "Content-Type": true, "Etag": true, "Expires": true, "Last-Modified": true, "Server": false, "Transfer-Encoding": true, }
ValidRespHeaders are http response headers that are acceptable to pass from the remote server to the client. Only those present and true, are forwarded. Empty implies no filtering.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { // HMACKey is a byte slice to be used as the hmac key HMACKey []byte // AllowList is a list of string represenstations of regex (not compiled // regex) that are used as a whitelist filter. If an AllowList is present, // then anything not matching is dropped. If no AllowList is present, // no Allow filtering is done. AllowList []string // Server name used in Headers and Via checks ServerName string // MaxSize is the maximum valid image size response (in bytes). MaxSize int64 // MaxRedirects is the maximum number of redirects to follow. MaxRedirects int // Request timeout is a timeout for fetching upstream data. RequestTimeout time.Duration // Keepalive enable/disable DisableKeepAlivesFE bool DisableKeepAlivesBE bool // x-forwarded-for enable/disable EnableXFwdFor bool // additional content types to allow AllowContentVideo bool // allow URLs to contain user/pass credentials AllowCredetialURLs bool // contains filtered or unexported fields }
Config holds configuration data used when creating a Proxy with New.
type Proxy ¶
type Proxy struct {
// contains filtered or unexported fields
}
A Proxy is a Camo like HTTP proxy, that provides content type restrictions as well as regex host allow list support.
func New ¶
New returns a new Proxy. An error is returned if there was a failure to parse the regex from the passed Config.
func (*Proxy) ServeHTTP ¶
func (p *Proxy) ServeHTTP(w http.ResponseWriter, req *http.Request)
ServerHTTP handles the client request, validates the request is validly HMAC signed, filters based on the Allow list, and then proxies valid requests to the desired endpoint. Responses are filtered for proper image content types.