mirror of
https://github.com/minio/minio.git
synced 2024-12-25 06:35:56 -05:00
ee7dcc2903
Returning unexpected errors can cause problems for config handling, which is what led gateway deployments with etcd to misbehave and had stopped working properly
129 lines
4.0 KiB
Go
129 lines
4.0 KiB
Go
/*
|
|
* Minio Cloud Storage, (C) 2015, 2016 Minio, Inc.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
package cmd
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gorilla/mux"
|
|
)
|
|
|
|
func newObjectLayerFn() (layer ObjectLayer) {
|
|
globalObjLayerMutex.RLock()
|
|
layer = globalObjectAPI
|
|
globalObjLayerMutex.RUnlock()
|
|
return
|
|
}
|
|
|
|
func newCacheObjectsFn() CacheObjectLayer {
|
|
return globalCacheObjectAPI
|
|
}
|
|
|
|
// Composed function registering routers for only distributed XL setup.
|
|
func registerDistXLRouters(router *mux.Router, endpoints EndpointList) {
|
|
// Register storage rpc router only if its a distributed setup.
|
|
registerStorageRESTHandlers(router, endpoints)
|
|
|
|
// Register distributed namespace lock.
|
|
registerDistNSLockRouter(router)
|
|
|
|
// Register peer communication router.
|
|
registerPeerRPCRouter(router)
|
|
}
|
|
|
|
// List of some generic handlers which are applied for all incoming requests.
|
|
var globalHandlers = []HandlerFunc{
|
|
// set x-amz-request-id, x-minio-deployment-id header.
|
|
addCustomHeaders,
|
|
// set HTTP security headers such as Content-Security-Policy.
|
|
addSecurityHeaders,
|
|
// Forward path style requests to actual host in a bucket federated setup.
|
|
setBucketForwardingHandler,
|
|
// Ratelimit the incoming requests using a token bucket algorithm
|
|
setRateLimitHandler,
|
|
// Validate all the incoming paths.
|
|
setPathValidityHandler,
|
|
// Network statistics
|
|
setHTTPStatsHandler,
|
|
// Limits all requests size to a maximum fixed limit
|
|
setRequestSizeLimitHandler,
|
|
// Limits all header sizes to a maximum fixed limit
|
|
setRequestHeaderSizeLimitHandler,
|
|
// Adds 'crossdomain.xml' policy handler to serve legacy flash clients.
|
|
setCrossDomainPolicy,
|
|
// Redirect some pre-defined browser request paths to a static location prefix.
|
|
setBrowserRedirectHandler,
|
|
// Validates if incoming request is for restricted buckets.
|
|
setReservedBucketHandler,
|
|
// Adds cache control for all browser requests.
|
|
setBrowserCacheControlHandler,
|
|
// Validates all incoming requests to have a valid date header.
|
|
setTimeValidityHandler,
|
|
// CORS setting for all browser API requests.
|
|
setCorsHandler,
|
|
// Validates all incoming URL resources, for invalid/unsupported
|
|
// resources client receives a HTTP error.
|
|
setIgnoreResourcesHandler,
|
|
// Auth handler verifies incoming authorization headers and
|
|
// routes them accordingly. Client receives a HTTP error for
|
|
// invalid/unsupported signatures.
|
|
setAuthHandler,
|
|
// Enforce rules specific for TLS requests
|
|
setSSETLSHandler,
|
|
// filters HTTP headers which are treated as metadata and are reserved
|
|
// for internal use only.
|
|
filterReservedMetadata,
|
|
// Add new handlers here.
|
|
}
|
|
|
|
// configureServer handler returns final handler for the http server.
|
|
func configureServerHandler(endpoints EndpointList) (http.Handler, error) {
|
|
// Initialize router. `SkipClean(true)` stops gorilla/mux from
|
|
// normalizing URL path minio/minio#3256
|
|
router := mux.NewRouter().SkipClean(true)
|
|
|
|
// Initialize distributed NS lock.
|
|
if globalIsDistXL {
|
|
registerDistXLRouters(router, endpoints)
|
|
}
|
|
|
|
// Add STS router always.
|
|
registerSTSRouter(router)
|
|
|
|
// Add Admin router, all APIs are enabled in server mode.
|
|
registerAdminRouter(router, true, true)
|
|
|
|
// Add healthcheck router
|
|
registerHealthCheckRouter(router)
|
|
|
|
// Add server metrics router
|
|
registerMetricsRouter(router)
|
|
|
|
// Register web router when its enabled.
|
|
if globalIsBrowserEnabled {
|
|
if err := registerWebRouter(router); err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
// Add API router, additionally all server mode support encryption.
|
|
registerAPIRouter(router, true)
|
|
|
|
// Register rest of the handlers.
|
|
return registerHandlers(router, globalHandlers...), nil
|
|
}
|