diff options
author | clsr <clsr@clsr.net> | 2016-06-17 17:21:01 +0200 |
---|---|---|
committer | clsr <clsr@clsr.net> | 2016-06-17 17:21:01 +0200 |
commit | 783606fd17f893964f751905e4d55b6202e22652 (patch) | |
tree | d566789bd535d4f20951e54423aa1646d03cd4a3 | |
parent | dca31a582775ad2c2248b4f472305c285bc9b43f (diff) | |
download | gomf-783606fd17f893964f751905e4d55b6202e22652.tar.gz gomf-783606fd17f893964f751905e4d55b6202e22652.zip |
Fix --https and add --redirect-httpsv0.1.8
-rw-r--r-- | USAGE | 4 | ||||
-rw-r--r-- | main.go | 69 |
2 files changed, 42 insertions, 31 deletions
@@ -43,6 +43,10 @@ Running uses PATH as the TLS certificate key for HTTPS example: --key ssl/cert.key + --redirect-https + redirect HTTP request to HTTPS + example: --redirect-https + --hsts enables the HSTS header example: --hsts @@ -12,42 +12,44 @@ import ( var storage *Storage var ( - uploadUrl string - uploadHost string - siteName string - contactMail string - abuseMail string - csp string - hsts bool - allowHtml bool - cors bool + uploadUrl string + uploadHost string + siteName string + contactMail string + abuseMail string + csp string + hsts bool + allowHtml bool + cors bool + redirectHttps bool ) func handle(w http.ResponseWriter, r *http.Request) { + if cors { + w.Header().Set("Access-Control-Allow-Origin", "*") + } if hsts { w.Header().Set("Strict-Transport-Security", "max-age=15552000") } - if uploadHost != "" && r.URL.Host == uploadHost { - handleFile(w, r) - } else { - http.DefaultServeMux.ServeHTTP(w, r) + if redirectHttps && r.TLS == nil { + targ := &*r.URL + targ.Host = r.Host + targ.Scheme = "https" + http.Redirect(w, r, targ.String(), http.StatusFound) + return } -} - -func globalHandler(handler http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if cors { - w.Header().Set("Access-Control-Allow-Origin", "*") - } - if r.Method == http.MethodGet || r.Method == http.MethodPost || r.Method == http.MethodHead { - handler.ServeHTTP(w, r) + if r.Method == http.MethodGet || r.Method == http.MethodPost || r.Method == http.MethodHead { + if uploadHost != "" && r.Host == uploadHost { + handleFile(w, r) } else { - w.Header().Set("Allow", "POST, HEAD, OPTIONS, GET") - if r.Method != http.MethodOptions { - http.Error(w, "The method is not allowed for the requested URL.", http.StatusMethodNotAllowed) - } + http.DefaultServeMux.ServeHTTP(w, r) + } + } else { + w.Header().Set("Allow", "POST, HEAD, OPTIONS, GET") + if r.Method != http.MethodOptions { + http.Error(w, "The method is not allowed for the requested URL.", http.StatusMethodNotAllowed) } - }) + } } func main() { @@ -60,6 +62,7 @@ func main() { flag.BoolVar(&hsts, "hsts", false, "enable HSTS") flag.BoolVar(&allowHtml, "allow-html", false, "serve (X)HTML uploads with (X)HTML filetypes") flag.BoolVar(&cors, "cors", false, "enable CORS and allow all origins") + flag.BoolVar(&redirectHttps, "redirect-https", false, "redirect HTTP traffic to HTTPS") listenHttp := flag.String("http", "localhost:8080", "address to listen on for HTTP") listenHttps := flag.String("https", "", "address to listen on for HTTPS") cert := flag.String("cert", "", "path to TLS certificate (for HTTPS)") @@ -105,22 +108,26 @@ func main() { uploadUrl = "http://" + *listenHttp + "/u/" } } + fmt.Printf("using %q as uploaded file URL\n", uploadUrl) } exit := true if *listenHttp != "" { exit = false fmt.Printf("listening on http://%s/\n", *listenHttp) - go panic(http.ListenAndServe(*listenHttp, globalHandler(http.HandlerFunc(handle)))) + go func() { + panic(http.ListenAndServe(*listenHttp, http.HandlerFunc(handle))) + }() } if *listenHttps != "" { exit = false fmt.Printf("listening on https://%s/\n", *listenHttps) - go panic(http.ListenAndServeTLS(*listenHttps, *cert, *key, globalHandler(http.HandlerFunc(handle)))) + go func() { + panic(http.ListenAndServeTLS(*listenHttps, *cert, *key, http.HandlerFunc(handle))) + }() } if !exit { - switch { - } + select {} } } |