api

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2022 License: Apache-2.0 Imports: 22 Imported by: 5

Documentation

Index

Constants

View Source 
const (
	CSPBaseURI cspDirectiveType = iota
	CSPBlockAllMixedContent
	CSPDefaultSrc
	CSPFontSrc
	CSPFormSrc
	CSPFrameAncestors
	CSPFrameSrc
	CSPManifestSrc
	CSPMediaSrc
	CSPScriptSrc
	CSPStyleSrc
	CSPImgSrc
)

This is an incomplete list of directives for the Content-Security-Policy header. More directives can be added here for further CSP support.

View Source 
const (
	MaxContentDispositionHeaderFilenameLength = 256
	DefaultAttachmentFilename                 = "attachment"
)

Variables

View Source 
var ErrRangeHeaderInvalid = errors.New("Invalid Range header")

Functions

func AccessControlMiddleware 

func AccessControlMiddleware(next http.Handler) http.Handler

func ErrorSensitivityFromContext 

func ErrorSensitivityFromContext(ctx context.Context) (s errawr.ErrorSensitivity, ok bool)

func LogMiddleware 

func LogMiddleware(next http.Handler) http.Handler

func NewContextWithErrorSensitivity 

func NewContextWithErrorSensitivity(ctx context.Context, sensitivity errawr.ErrorSensitivity) context.Context

func NewPath 

func NewPath(escaped string) *url.URL

func RequestMiddleware 

func RequestMiddleware(next http.Handler) http.Handler

func SetContentDispositionHeader 

func SetContentDispositionHeader(w http.ResponseWriter, filename string)

SetContentDispositionHeader cleans the given filename, setting the sanitized name in the response as the Content-Disposition header filename value.

Content-Disposition is so hard to get right that there's an entire RFC dedicated to it [https://tools.ietf.org/html/rfc6266]. It is recommended to just use this function and accept the resulting filename rather than trying to customize anything.

func SetPageQuery 

func SetPageQuery(out url.Values, r *http.Request)

func SetQuery 

func SetQuery(u *url.URL, r *http.Request, fns ...SetQueryFunc)

func WriteError 

func WriteError(ctx context.Context, w http.ResponseWriter, err errors.Error)

func WriteObjectCreated 

func WriteObjectCreated(ctx context.Context, w http.ResponseWriter, object interface{})

func WriteObjectOK 

func WriteObjectOK(ctx context.Context, w http.ResponseWriter, object interface{})

func WriteObjectWithStatus 

func WriteObjectWithStatus(ctx context.Context, w http.ResponseWriter, status int, object interface{})

func WriteRedirect 

func WriteRedirect(w http.ResponseWriter, u *url.URL)

Types

type CORSBuilder 

type CORSBuilder struct {
	// contains filtered or unexported fields
}

CORSBuilder builds an http.Handler that can be used as a middleware to set CORS access control headers for relaxing same-origin browser policies.

func NewCORSBuilder 

func NewCORSBuilder() *CORSBuilder

NewCORSBuilder returns a new CORSBuilder.

func (*CORSBuilder) AllowHeaderPrefix 

func (cb *CORSBuilder) AllowHeaderPrefix(prefix string) *CORSBuilder

AllowHeaderPrefix takes a header prefix and allows all headers that match the given prefix for requests.

example AllowHeaderPrefix("example-") will allow a request with header Example-XYZ.

func (*CORSBuilder) AllowHeaders 

func (cb *CORSBuilder) AllowHeaders(headers ...string) *CORSBuilder

AllowHeaders takes a variadic of header strings to allow. It is similar to AllowHeaderPrefix, but it matches against the entire string instead of matching against a partial prefix.

func (*CORSBuilder) AllowMethods 

func (cb *CORSBuilder) AllowMethods(methods ...string) *CORSBuilder

AllowMethods takes a variadic of http methods to allow.

func (*CORSBuilder) AllowOrigins 

func (cb *CORSBuilder) AllowOrigins(origins ...string) *CORSBuilder

AllowOrigins takes a variadic of http origins to allow. The match is against the entire origin string and no patterns are allowed. The first one in the list is the default origin to return in the event the origin in the request isn't. There is no attempt to error on an origin that isn't in the list because this is the client's job. We simple return an origin that _is_ allowed and let the client block the request from happening.

func (*CORSBuilder) Build 

func (cb *CORSBuilder) Build() http.Handler

Build returns an http.Handler that can set Access-Control-Allow-* headers based on requests it receives.

DEPRECATED use PreflightHandler.

func (*CORSBuilder) Middleware 

func (cb *CORSBuilder) Middleware(next http.Handler) http.Handler

Middleware wraps an http.Handler to set ACAO headers on responses.

func (*CORSBuilder) PreflightHandler 

func (cb *CORSBuilder) PreflightHandler() http.Handler

PreflightHandler returns an http.Handler that can set Access-Control-Allow-* headers for preflight-requests (OPTIONS).

type CSPBuilder 

type CSPBuilder struct {
	// contains filtered or unexported fields
}

CSPBuilder uses values stored for src's and builds a valid Content-Security-Policy header.

func (*CSPBuilder) Middleware 

func (cb *CSPBuilder) Middleware(next http.Handler) http.Handler

Middleware is a middleware wrapper that can be used to inject a Content-Security-Policy header into a server's response. It builds the header value and joins it together in the proper format then passes the request off to the `next` http.Handler.

func (*CSPBuilder) SetDirective 

func (cb *CSPBuilder) SetDirective(dt cspDirectiveType, sources ...string) *CSPBuilder

SetDirective sets sources for directive types. Sources is a variadic and not every directive type uses them, so they are not always required.

type Cacheable 

type Cacheable interface {
	CacheKey() (string, bool)
}

type ConditionalResolver 

type ConditionalResolver interface {
	Accept(ctx context.Context, w http.ResponseWriter, c Cacheable) bool
}

func NewConditionalResolver 

func NewConditionalResolver(r *http.Request) ConditionalResolver

type ETag 

type ETag struct {
	Weak  bool
	Value string
}

func (ETag) String 

func (et ETag) String() string

type ErrorEnvelope 

type ErrorEnvelope struct {
	Error *encoding.ErrorDisplayEnvelope `json:"error"`
}

func NewErrorEnvelope 

func NewErrorEnvelope(err errors.Error) *ErrorEnvelope

func NewErrorEnvelopeWithSensitivity 

func NewErrorEnvelopeWithSensitivity(err errors.Error, sensitivity errawr.ErrorSensitivity) *ErrorEnvelope

type Page 

type Page interface {
	Offset() string
	Limit() int
}

func FirstPage 

func FirstPage(limit int) Page

func NewPage 

func NewPage(offset string, limit int) Page

func NewPageFromRequest 

func NewPageFromRequest(r *http.Request, defaultLimit int) Page

type RangeError 

type RangeError struct {
	Code    RangeErrorCode
	Message string
}

func (*RangeError) Error 

func (e *RangeError) Error() string

type RangeErrorCode 

type RangeErrorCode string
const (
	InvalidRangeHeader   RangeErrorCode = "InvalidRangeHeader"
	UnsupportedRangeUnit RangeErrorCode = "UnsupportedRangeUnit"
	UnsatisfiableRange   RangeErrorCode = "UnsatisfiableRange"
)

type RangeHeader 

type RangeHeader struct {
	Unit  string // always "bytes" for now
	Specs []RangeSpec
}

func ScanRangeHeader 

func ScanRangeHeader(header string) (*RangeHeader, error)

type RangeSpec 

type RangeSpec struct {
	First *int64
	Last  *int64
	// If non-null First/Last are null.
	SuffixLength *int64
}

type SetQueryFunc 

type SetQueryFunc func(out url.Values, in *http.Request)

type TrackingResponseWriter 

type TrackingResponseWriter interface {
	http.ResponseWriter

	StatusCode() (int, bool)
	Committed() bool
}

func NewTrackingResponseWriter 

func NewTrackingResponseWriter(delegate http.ResponseWriter) TrackingResponseWriter

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.