signer

package
v0.0.0-...-a20b76d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 5, 2019 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Overview

Auxiliary functions for use by Signer.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetJoined

func GetJoined(h http.Header, name string) string

Gets all values of the named header, joined on comma.

func MutateFetchedContentSecurityPolicy

func MutateFetchedContentSecurityPolicy(fetched string) string

Some Content-Security-Policy (CSP) configurations have the ability to break AMPHTML document functionality on the AMPHTML Cache if set on the document. This method parses the publisher's provided CSP and mutates it to ensure that the document is not broken on the AMP Cache.

Specifically, the following CSP directives are passed through unmodified:

  • base-uri
  • block-all-mixed-content
  • font-src
  • form-action
  • manifest-src
  • referrer
  • upgrade-insecure-requests

And the following CSP directives are overridden to specific values:

  • object-src
  • report-uri
  • script-src
  • style-src
  • default-src

All other CSP directives (see https://w3c.github.io/webappsec-csp/) are stripped from the publisher provided CSP.

Types

type Signer

type Signer struct {
	// contains filtered or unexported fields
}

func New

func New(cert *x509.Certificate, key crypto.PrivateKey, urlSets []util.URLSet,
	rtvCache *rtv.RTVCache, shouldPackage func() bool, overrideBaseURL *url.URL,
	requireHeaders bool, forwardedRequestHeaders []string) (*Signer, error)

func (*Signer) ServeHTTP

func (this *Signer) ServeHTTP(resp http.ResponseWriter, req *http.Request)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL