mirror of
https://github.com/minio/minio.git
synced 2024-12-24 22:25:54 -05:00
parent
c2f7cd1104
commit
93e7e4a0e5
@ -21,6 +21,8 @@ import (
|
|||||||
|
|
||||||
"github.com/gorilla/mux"
|
"github.com/gorilla/mux"
|
||||||
xhttp "github.com/minio/minio/cmd/http"
|
xhttp "github.com/minio/minio/cmd/http"
|
||||||
|
"github.com/minio/minio/pkg/wildcard"
|
||||||
|
"github.com/rs/cors"
|
||||||
)
|
)
|
||||||
|
|
||||||
func newHTTPServerFn() *xhttp.Server {
|
func newHTTPServerFn() *xhttp.Server {
|
||||||
@ -290,8 +292,58 @@ func registerAPIRouter(router *mux.Router, encryptionEnabled, allowSSEKMS bool)
|
|||||||
apiRouter.Methods(http.MethodGet).Path(SlashSeparator + SlashSeparator).HandlerFunc(
|
apiRouter.Methods(http.MethodGet).Path(SlashSeparator + SlashSeparator).HandlerFunc(
|
||||||
maxClients(collectAPIStats("listbuckets", httpTraceAll(api.ListBucketsHandler))))
|
maxClients(collectAPIStats("listbuckets", httpTraceAll(api.ListBucketsHandler))))
|
||||||
|
|
||||||
|
// Supports cors only for S3 handlers
|
||||||
|
apiRouter.Methods(http.MethodOptions).Path(SlashSeparator).HandlerFunc(
|
||||||
|
maxClients(collectAPIStats("cors", httpTraceAll(corsHandlerFunc()))))
|
||||||
|
|
||||||
|
apiRouter.Methods(http.MethodOptions).Path(SlashSeparator + SlashSeparator).HandlerFunc(
|
||||||
|
maxClients(collectAPIStats("cors", httpTraceAll(corsHandlerFunc()))))
|
||||||
|
|
||||||
// If none of the routes match add default error handler routes
|
// If none of the routes match add default error handler routes
|
||||||
apiRouter.NotFoundHandler = http.HandlerFunc(collectAPIStats("notfound", httpTraceAll(errorResponseHandler)))
|
apiRouter.NotFoundHandler = http.HandlerFunc(collectAPIStats("notfound", httpTraceAll(errorResponseHandler)))
|
||||||
apiRouter.MethodNotAllowedHandler = http.HandlerFunc(collectAPIStats("methodnotallowed", httpTraceAll(errorResponseHandler)))
|
apiRouter.MethodNotAllowedHandler = http.HandlerFunc(collectAPIStats("methodnotallowed", httpTraceAll(errorResponseHandler)))
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// setCorsHandler handler for CORS (Cross Origin Resource Sharing)
|
||||||
|
func corsHandlerFunc() http.HandlerFunc {
|
||||||
|
commonS3Headers := []string{
|
||||||
|
xhttp.Date,
|
||||||
|
xhttp.ETag,
|
||||||
|
xhttp.ServerInfo,
|
||||||
|
xhttp.Connection,
|
||||||
|
xhttp.AcceptRanges,
|
||||||
|
xhttp.ContentRange,
|
||||||
|
xhttp.ContentEncoding,
|
||||||
|
xhttp.ContentLength,
|
||||||
|
xhttp.ContentType,
|
||||||
|
"X-Amz*",
|
||||||
|
"x-amz*",
|
||||||
|
"*",
|
||||||
|
}
|
||||||
|
|
||||||
|
c := cors.New(cors.Options{
|
||||||
|
AllowOriginFunc: func(origin string) bool {
|
||||||
|
for _, allowedOrigin := range globalAPIConfig.getCorsAllowOrigins() {
|
||||||
|
if wildcard.MatchSimple(allowedOrigin, origin) {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
},
|
||||||
|
AllowedMethods: []string{
|
||||||
|
http.MethodGet,
|
||||||
|
http.MethodPut,
|
||||||
|
http.MethodHead,
|
||||||
|
http.MethodPost,
|
||||||
|
http.MethodDelete,
|
||||||
|
http.MethodOptions,
|
||||||
|
http.MethodPatch,
|
||||||
|
},
|
||||||
|
AllowedHeaders: commonS3Headers,
|
||||||
|
ExposedHeaders: commonS3Headers,
|
||||||
|
AllowCredentials: true,
|
||||||
|
})
|
||||||
|
|
||||||
|
return c.HandlerFunc
|
||||||
|
}
|
||||||
|
@ -30,8 +30,6 @@ import (
|
|||||||
"github.com/minio/minio/cmd/http/stats"
|
"github.com/minio/minio/cmd/http/stats"
|
||||||
"github.com/minio/minio/cmd/logger"
|
"github.com/minio/minio/cmd/logger"
|
||||||
"github.com/minio/minio/pkg/handlers"
|
"github.com/minio/minio/pkg/handlers"
|
||||||
"github.com/minio/minio/pkg/wildcard"
|
|
||||||
"github.com/rs/cors"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// MiddlewareFunc - useful to chain different http.Handler middlewares
|
// MiddlewareFunc - useful to chain different http.Handler middlewares
|
||||||
@ -394,49 +392,6 @@ type resourceHandler struct {
|
|||||||
handler http.Handler
|
handler http.Handler
|
||||||
}
|
}
|
||||||
|
|
||||||
// setCorsHandler handler for CORS (Cross Origin Resource Sharing)
|
|
||||||
func setCorsHandler(h http.Handler) http.Handler {
|
|
||||||
commonS3Headers := []string{
|
|
||||||
xhttp.Date,
|
|
||||||
xhttp.ETag,
|
|
||||||
xhttp.ServerInfo,
|
|
||||||
xhttp.Connection,
|
|
||||||
xhttp.AcceptRanges,
|
|
||||||
xhttp.ContentRange,
|
|
||||||
xhttp.ContentEncoding,
|
|
||||||
xhttp.ContentLength,
|
|
||||||
xhttp.ContentType,
|
|
||||||
"X-Amz*",
|
|
||||||
"x-amz*",
|
|
||||||
"*",
|
|
||||||
}
|
|
||||||
|
|
||||||
c := cors.New(cors.Options{
|
|
||||||
AllowOriginFunc: func(origin string) bool {
|
|
||||||
for _, allowedOrigin := range globalAPIConfig.getCorsAllowOrigins() {
|
|
||||||
if wildcard.MatchSimple(allowedOrigin, origin) {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
},
|
|
||||||
AllowedMethods: []string{
|
|
||||||
http.MethodGet,
|
|
||||||
http.MethodPut,
|
|
||||||
http.MethodHead,
|
|
||||||
http.MethodPost,
|
|
||||||
http.MethodDelete,
|
|
||||||
http.MethodOptions,
|
|
||||||
http.MethodPatch,
|
|
||||||
},
|
|
||||||
AllowedHeaders: commonS3Headers,
|
|
||||||
ExposedHeaders: commonS3Headers,
|
|
||||||
AllowCredentials: true,
|
|
||||||
})
|
|
||||||
|
|
||||||
return c.Handler(h)
|
|
||||||
}
|
|
||||||
|
|
||||||
// setIgnoreResourcesHandler -
|
// setIgnoreResourcesHandler -
|
||||||
// Ignore resources handler is wrapper handler used for API request resource validation
|
// Ignore resources handler is wrapper handler used for API request resource validation
|
||||||
// Since we do not support all the S3 queries, it is necessary for us to throw back a
|
// Since we do not support all the S3 queries, it is necessary for us to throw back a
|
||||||
|
@ -63,8 +63,6 @@ var globalHandlers = []MiddlewareFunc{
|
|||||||
setBrowserCacheControlHandler,
|
setBrowserCacheControlHandler,
|
||||||
// Validates all incoming requests to have a valid date header.
|
// Validates all incoming requests to have a valid date header.
|
||||||
setTimeValidityHandler,
|
setTimeValidityHandler,
|
||||||
// CORS setting for all browser API requests.
|
|
||||||
setCorsHandler,
|
|
||||||
// Validates all incoming URL resources, for invalid/unsupported
|
// Validates all incoming URL resources, for invalid/unsupported
|
||||||
// resources client receives a HTTP error.
|
// resources client receives a HTTP error.
|
||||||
setIgnoreResourcesHandler,
|
setIgnoreResourcesHandler,
|
||||||
@ -114,10 +112,7 @@ func configureServerHandler(endpointZones EndpointZones) (http.Handler, error) {
|
|||||||
// but don't allow SSE-KMS.
|
// but don't allow SSE-KMS.
|
||||||
registerAPIRouter(router, true, false)
|
registerAPIRouter(router, true, false)
|
||||||
|
|
||||||
// If none of the routes match add default error handler routes
|
|
||||||
router.NotFoundHandler = http.HandlerFunc(httpTraceAll(errorResponseHandler))
|
|
||||||
router.MethodNotAllowedHandler = http.HandlerFunc(httpTraceAll(errorResponseHandler))
|
|
||||||
|
|
||||||
router.Use(registerMiddlewares)
|
router.Use(registerMiddlewares)
|
||||||
|
|
||||||
return router, nil
|
return router, nil
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user