MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-02-04 10:26:01 -05:00
Code Issues Packages Projects Releases Wiki Activity

Validate incoming requests (#7234)

Browse Source
This commit is contained in:
Krishna Srinivas 2019-02-12 13:24:14 -08:00 committed by Harshavardhana
parent 118270d76f
commit 14544d8d84
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/storage-rest-common.go
View File

@ -16,7 +16,7 @@
package cmd package cmd
const storageRESTVersion = "v3" const storageRESTVersion = "v4"
const storageRESTPath = minioReservedBucketPath + "/storage/" + storageRESTVersion + "/" const storageRESTPath = minioReservedBucketPath + "/storage/" + storageRESTVersion + "/"
const ( const (

10
cmd/storage-rest-server.go
View File

@ -43,8 +43,18 @@ func (s *storageRESTServer) writeErrorResponse(w http.ResponseWriter, err error)
w.Write([]byte(err.Error())) w.Write([]byte(err.Error()))
} }
// Authenticates storage client's requests.
func storageServerRequestAuthenticate(r *http.Request) error {
_, _, err := webRequestAuthenticate(r)
return err
}
// IsValid - To authenticate and verify the time difference. // IsValid - To authenticate and verify the time difference.
func (s *storageRESTServer) IsValid(w http.ResponseWriter, r *http.Request) bool { func (s *storageRESTServer) IsValid(w http.ResponseWriter, r *http.Request) bool {
if err := storageServerRequestAuthenticate(r); err != nil {
w.WriteHeader(http.StatusForbidden)
return false
}
requestTimeStr := r.Header.Get("X-Minio-Time") requestTimeStr := r.Header.Get("X-Minio-Time")
requestTime, err := time.Parse(time.RFC3339, requestTimeStr) requestTime, err := time.Parse(time.RFC3339, requestTimeStr)
if err != nil { if err != nil {