Affected by 
Documentation
¶
Index ¶
- Constants
- Variables
- func CSRFFailureHandler(w http.ResponseWriter, r *http.Request)
- func Client(ctx context.Context, method, endpoint, userAgent string, ...) error
- func Error(message string, code int, err error) error
- func ErrorResponse(w http.ResponseWriter, r *http.Request, e error)
- func HealthCheck(w http.ResponseWriter, r *http.Request)
- func NewReverseProxy(target *url.URL) *httputil.ReverseProxy
- func NewRouter() *mux.Router
- func NewServer(opt *ServerOptions, h http.Handler, wg *sync.WaitGroup) (*http.Server, error)
- func Redirect(w http.ResponseWriter, r *http.Request, url string, code int)
- func RedirectHandler() http.Handler
- func Shutdown(srv *http.Server)
- type ServerOptions
Constants ¶
const ( HeaderForwardedFor = "X-Forwarded-For" HeaderForwardedHost = "X-Forwarded-Host" HeaderForwardedMethod = "X-Forwarded-Method" // traefik HeaderForwardedPort = "X-Forwarded-Port" HeaderForwardedProto = "X-Forwarded-Proto" HeaderForwardedServer = "X-Forwarded-Server" HeaderForwardedURI = "X-Forwarded-Uri" // traefik HeaderOriginalMethod = "X-Original-Method" // nginx HeaderOriginalURL = "X-Original-Url" // nginx HeaderRealIP = "X-Real-Ip" HeaderSentFrom = "X-Sent-From" )
Forward headers contains information from the client-facing side of proxy servers that is altered or lost when a proxy is involved in the path of the request.
https://tools.ietf.org/html/rfc7239 https://en.wikipedia.org/wiki/X-Forwarded-For
const HeaderForwardHost = "X-Forwarded-Host"
HeaderForwardHost is the header key that identifies the original host requested by the client in the Host HTTP request header. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host
const ( // HeaderPomeriumResponse is set when pomerium itself creates a response, // as opposed to the downstream application and can be used to distinguish // between an application error, and a pomerium related error when debugging. // Especially useful when working with single page apps (SPA). HeaderPomeriumResponse = "x-pomerium-intercepted-response" )
Variables ¶
var ErrTokenRevoked = errors.New("token expired or revoked")
ErrTokenRevoked signifies a token revokation or expiration error
var HeadersContentSecurityPolicy = map[string]string{
"Content-Security-Policy": "default-src 'none'; style-src 'self'; img-src *;",
"Referrer-Policy": "Same-origin",
}
HeadersContentSecurityPolicy are the content security headers added to the service's handlers by default includes profile photo exceptions for supported identity providers. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
var HeadersXForwarded = []string{ HeaderForwardedFor, HeaderForwardedHost, HeaderForwardedMethod, HeaderForwardedPort, HeaderForwardedProto, HeaderForwardedServer, HeaderForwardedURI, HeaderOriginalMethod, HeaderOriginalURL, HeaderRealIP, HeaderSentFrom, }
HeadersXForwarded is the slice of the header keys used to contain information from the client-facing side of proxy servers that is altered or lost when a proxy is involved in the path of the request.
https://tools.ietf.org/html/rfc7239 https://en.wikipedia.org/wiki/X-Forwarded-For
Functions ¶
func CSRFFailureHandler ¶ added in v0.4.0
func CSRFFailureHandler(w http.ResponseWriter, r *http.Request)
CSRFFailureHandler sets a HTTP 403 Forbidden status and writes the CSRF failure reason to the response.
func Client ¶
func Client(ctx context.Context, method, endpoint, userAgent string, headers map[string]string, params url.Values, response interface{}) error
Client provides a simple helper interface to make HTTP requests
func Error ¶ added in v0.0.5
Error formats creates a HTTP error with code, user friendly (and safe) error message. If nil or empty, HTTP status code defaults to 500 and message defaults to the text of the status code.
func ErrorResponse ¶
func ErrorResponse(w http.ResponseWriter, r *http.Request, e error)
ErrorResponse renders an error page given an error. If the error is a http error from this package, a user friendly message is set, http status code, the ability to debug are also set.
func HealthCheck ¶ added in v0.4.0
func HealthCheck(w http.ResponseWriter, r *http.Request)
HealthCheck is a simple healthcheck handler that responds to GET and HEAD http requests.
func NewReverseProxy ¶ added in v0.4.0
func NewReverseProxy(target *url.URL) *httputil.ReverseProxy
NewReverseProxy returns a new ReverseProxy that routes URLs to the scheme, host, and base path provided in target, rewrites the Host header, and sets `X-Forwarded-Host`.
func NewServer ¶ added in v0.4.0
NewServer creates a new HTTP server given a set of options, handler, and waitgroup. It is the callers responsibility to close the resturned server.
func Redirect ¶ added in v0.5.0
Redirect wraps the std libs's redirect method indicating that pomerium is the origin of the response.
func RedirectHandler ¶ added in v0.2.0
RedirectHandler takes an incoming request and redirects to its HTTPS counterpart
func Shutdown ¶ added in v0.2.0
Shutdown attempts to shut down the server when a os interrupt or sigterm signal are received without interrupting any active connections. Shutdown works by first closing all open listeners, then closing all idle connections, and then waiting indefinitely for connections to return to idle and then shut down. If the provided context expires before the shutdown is complete, Shutdown returns the context's error, otherwise it returns any error returned from closing the Server's underlying Listener(s).
When Shutdown is called, Serve, ListenAndServe, and ListenAndServeTLS immediately return ErrServerClosed.
Types ¶
type ServerOptions ¶ added in v0.2.0
type ServerOptions struct {
// Addr specifies the host and port on which the server should serve
// HTTPS requests. If empty, ":443" is used.
Addr string
// TLS certificates to use.
TLSCertificate *tls.Certificate
// Timeouts
ReadHeaderTimeout time.Duration
ReadTimeout time.Duration
WriteTimeout time.Duration
IdleTimeout time.Duration
}
ServerOptions contains the configurations settings for a http server.
Source Files