aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorclsr <clsr@clsr.net>2016-06-17 14:06:43 +0200
committerclsr <clsr@clsr.net>2016-06-17 14:06:43 +0200
commit8e6f1aab4cce360f62e46ba88636e0c1b3fcef8d (patch)
treee52a9f40861a8471923827f15ed85a61a297be58
parentd5bfbdefb1bb56d7062975cd04954aa1ad346018 (diff)
downloadgomf-8e6f1aab4cce360f62e46ba88636e0c1b3fcef8d.tar.gz
gomf-8e6f1aab4cce360f62e46ba88636e0c1b3fcef8d.zip
Handle HTTP OPTIONS and reject unknown HTTP methods
Diffstat
-rw-r--r--api.go2
-rw-r--r--main.go17
2 files changed, 16 insertions, 3 deletions
diff --git a/api.go b/api.go
index b3b7063..2e9df52 100644
--- a/api.go
+++ b/api.go
@@ -63,7 +63,7 @@ func handleUpload(w http.ResponseWriter, r *http.Request) {
output := r.FormValue("output")
resp := response{Files: []result{}}
- if r.Method == "GET" && output == "html" {
+ if r.Method == http.MethodGet && output == "html" {
respond(w, output, resp)
return
}
diff --git a/main.go b/main.go
index 40ba912..4c19940 100644
--- a/main.go
+++ b/main.go
@@ -33,6 +33,19 @@ func handle(w http.ResponseWriter, r *http.Request) {
}
}
+func methodHandler(handler http.Handler) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ if r.Method == http.MethodGet || r.Method == http.MethodPost || r.Method == http.MethodHead {
+ handler.ServeHTTP(w, r)
+ } else {
+ w.Header().Set("Allow", "POST, HEAD, OPTIONS, GET")
+ if r.Method != http.MethodOptions {
+ http.Error(w, "The method is not allowed for the requested URL.", http.StatusMethodNotAllowed)
+ }
+ }
+ })
+}
+
func main() {
flag.StringVar(&uploadUrl, "upload-url", "", "URL to serve uploads from")
flag.StringVar(&uploadHost, "upload-host", "", "host to serve uploads on")
@@ -93,12 +106,12 @@ func main() {
if *listenHttp != "" {
exit = false
fmt.Printf("listening on http://%s/\n", *listenHttp)
- go panic(http.ListenAndServe(*listenHttp, http.HandlerFunc(handle)))
+ go panic(http.ListenAndServe(*listenHttp, methodHandler(http.HandlerFunc(handle))))
}
if *listenHttps != "" {
exit = false
fmt.Printf("listening on https://%s/\n", *listenHttps)
- go panic(http.ListenAndServeTLS(*listenHttps, *cert, *key, http.HandlerFunc(handle)))
+ go panic(http.ListenAndServeTLS(*listenHttps, *cert, *key, methodHandler(http.HandlerFunc(handle))))
}
if !exit {