satellite/server diagnostics and http headers improved (#2978)

This commit is contained in:
Yehor Butko 2019-09-09 21:33:05 +03:00 committed by GitHub
parent 646f290ff3
commit 1e22f58043
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 2 deletions

View File

@ -115,6 +115,7 @@ func NewServer(logger *zap.Logger, config Config, service *console.Service, mail
mux.Handle("/registrationToken/", http.HandlerFunc(server.createRegistrationTokenHandler)) mux.Handle("/registrationToken/", http.HandlerFunc(server.createRegistrationTokenHandler))
mux.Handle("/usage-report/", http.HandlerFunc(server.bucketUsageReportHandler)) mux.Handle("/usage-report/", http.HandlerFunc(server.bucketUsageReportHandler))
mux.Handle("/static/", server.gzipHandler(http.StripPrefix("/static", fs))) mux.Handle("/static/", server.gzipHandler(http.StripPrefix("/static", fs)))
mux.Handle("/robots.txt", http.HandlerFunc(server.seoHandler))
mux.Handle("/", http.HandlerFunc(server.appHandler)) mux.Handle("/", http.HandlerFunc(server.appHandler))
} }
@ -170,8 +171,9 @@ func (server *Server) appHandler(w http.ResponseWriter, r *http.Request) {
"img-src 'self' data:", "img-src 'self' data:",
} }
header.Set("Content-Type", "text/html; charset=UTF-8") header.Set(contentType, "text/html; charset=UTF-8")
header.Set("Content-Security-Policy", strings.Join(cspValues, "; ")) header.Set("Content-Security-Policy", strings.Join(cspValues, "; "))
header.Set("X-Content-Type-Options", "nosniff")
if server.templates.index == nil || server.templates.index.Execute(w, nil) != nil { if server.templates.index == nil || server.templates.index.Execute(w, nil) != nil {
server.log.Error("satellite/console/server: index template could not be executed") server.log.Error("satellite/console/server: index template could not be executed")
@ -437,6 +439,19 @@ func (server *Server) grapqlHandler(w http.ResponseWriter, r *http.Request) {
sugar.Debug(result) sugar.Debug(result)
} }
// seoHandler used to communicate with web crawlers and other web robots
func (server *Server) seoHandler(w http.ResponseWriter, req *http.Request) {
header := w.Header()
header.Set(contentType, mime.TypeByExtension(".txt"))
header.Set("X-Content-Type-Options", "nosniff")
_, err := w.Write([]byte("User-agent: *\nDisallow: \nDisallow: /cgi-bin/)"))
if err != nil {
server.log.Error(err.Error())
}
}
// gzipHandler is used to gzip static content to minify resources if browser support such decoding // gzipHandler is used to gzip static content to minify resources if browser support such decoding
func (server *Server) gzipHandler(fn http.Handler) http.Handler { func (server *Server) gzipHandler(fn http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -455,6 +470,9 @@ func (server *Server) gzipHandler(fn http.Handler) http.Handler {
// TODO: find better solution, its a temporary fix // TODO: find better solution, its a temporary fix
isFromStaticDir := strings.Contains(r.URL.Path, "/static/dist/") isFromStaticDir := strings.Contains(r.URL.Path, "/static/dist/")
w.Header().Set(contentType, mime.TypeByExtension(extension))
w.Header().Set("X-Content-Type-Options", "nosniff")
// in case if old browser doesn't support gzip decoding or if file extension is not recommended to gzip // in case if old browser doesn't support gzip decoding or if file extension is not recommended to gzip
// just return original file // just return original file
if !isGzipSupported || !isNeededFormatToGzip || !isFromStaticDir { if !isGzipSupported || !isNeededFormatToGzip || !isFromStaticDir {
@ -462,7 +480,6 @@ func (server *Server) gzipHandler(fn http.Handler) http.Handler {
return return
} }
w.Header().Set("Content-Type", mime.TypeByExtension(extension))
w.Header().Set("Content-Encoding", "gzip") w.Header().Set("Content-Encoding", "gzip")
// updating request URL // updating request URL

View File

@ -6,6 +6,7 @@ package consoleweb
import ( import (
"encoding/json" "encoding/json"
"io/ioutil" "io/ioutil"
"mime"
"net/http" "net/http"
"strings" "strings"
@ -14,6 +15,18 @@ import (
"storj.io/storj/satellite/console/consoleweb/consoleql" "storj.io/storj/satellite/console/consoleweb/consoleql"
) )
func init() {
err := mime.AddExtensionType(".ttf", "font/ttf")
if err != nil {
panic(err.Error())
}
err = mime.AddExtensionType(".txt", "text/plain")
if err != nil {
panic(err.Error())
}
}
// JSON request from graphql clients // JSON request from graphql clients
type graphqlJSON struct { type graphqlJSON struct {
Query string Query string