signer

Documentation

Overview

Auxiliary functions for use by Signer.

Index

• func GetJoined(h http.Header, name string) string
• func MutateFetchedContentSecurityPolicy(fetched string) string
• type SXGParams
• type Signer
  • func New(certHandler certcache.CertHandler, key crypto.PrivateKey, ...) (*Signer, error)
  • func (this *Signer) ServeHTTP(resp http.ResponseWriter, req *http.Request)

Functions

func GetJoined

func GetJoined(h http.Header, name string) string

Gets all values of the named header, joined on comma.

func MutateFetchedContentSecurityPolicy

func MutateFetchedContentSecurityPolicy(fetched string) string

Some Content-Security-Policy (CSP) configurations have the ability to break AMPHTML document functionality on the AMPHTML Cache if set on the document. This method parses the publisher's provided CSP and mutates it to ensure that the document is not broken on the AMP Cache.

Specifically, the following CSP directives are passed through unmodified:

• base-uri
• block-all-mixed-content
• font-src
• form-action
• manifest-src
• referrer
• upgrade-insecure-requests

And the following CSP directives are overridden to specific values:

• object-src
• report-uri
• script-src
• style-src
• default-src

All other CSP directives (see https://w3c.github.io/webappsec-csp/) are stripped from the publisher provided CSP.

Types

type SXGParams

type SXGParams struct {
	// contains filtered or unexported fields
}

type Signer

type Signer struct {
	// contains filtered or unexported fields
}

func New

func New(certHandler certcache.CertHandler, key crypto.PrivateKey, urlSets []util.URLSet,
	rtvCache *rtv.RTVCache, shouldPackage func() error, overrideBaseURL *url.URL,
	requireHeaders bool, forwardedRequestHeaders []string, timeNow func() time.Time) (*Signer, error)

func (*Signer) ServeHTTP

func (this *Signer) ServeHTTP(resp http.ResponseWriter, req *http.Request)