2018-11-12 13:23:39 -05:00
|
|
|
// Copyright 2018 Frédéric Guillot. All rights reserved.
|
|
|
|
// Use of this source code is governed by the Apache 2.0
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
package httpd // import "miniflux.app/service/httpd"
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
"miniflux.app/config"
|
|
|
|
"miniflux.app/http/request"
|
|
|
|
"miniflux.app/logger"
|
|
|
|
)
|
|
|
|
|
2019-06-01 21:18:09 -04:00
|
|
|
func middleware(next http.Handler) http.Handler {
|
2018-11-12 13:23:39 -05:00
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
clientIP := request.FindClientIP(r)
|
|
|
|
ctx := r.Context()
|
|
|
|
ctx = context.WithValue(ctx, request.ClientIPContextKey, clientIP)
|
|
|
|
|
|
|
|
if r.Header.Get("X-Forwarded-Proto") == "https" {
|
2019-06-01 21:18:09 -04:00
|
|
|
config.Opts.HTTPS = true
|
2018-11-12 13:23:39 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
protocol := "HTTP"
|
2019-06-01 21:18:09 -04:00
|
|
|
if config.Opts.HTTPS {
|
2018-11-12 13:23:39 -05:00
|
|
|
protocol = "HTTPS"
|
|
|
|
}
|
|
|
|
|
|
|
|
logger.Debug("[%s] %s %s %s", protocol, clientIP, r.Method, r.RequestURI)
|
|
|
|
|
2019-06-01 21:18:09 -04:00
|
|
|
if config.Opts.HTTPS && config.Opts.HasHSTS() {
|
2018-11-12 13:23:39 -05:00
|
|
|
w.Header().Set("Strict-Transport-Security", "max-age=31536000")
|
|
|
|
}
|
|
|
|
|
|
|
|
next.ServeHTTP(w, r.WithContext(ctx))
|
|
|
|
})
|
|
|
|
}
|