mirror of https://github.com/go-gitea/gitea
Git with a cup of tea, painless self-hosted git service
Mirror for internal git.with.parts use
https://git.with.parts
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.1 KiB
34 lines
1.1 KiB
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
"strings"
|
|
)
|
|
|
|
// AllowContentEncoding enforces a whitelist of request Content-Encoding otherwise responds
|
|
// with a 415 Unsupported Media Type status.
|
|
func AllowContentEncoding(contentEncoding ...string) func(next http.Handler) http.Handler {
|
|
allowedEncodings := make(map[string]struct{}, len(contentEncoding))
|
|
for _, encoding := range contentEncoding {
|
|
allowedEncodings[strings.TrimSpace(strings.ToLower(encoding))] = struct{}{}
|
|
}
|
|
return func(next http.Handler) http.Handler {
|
|
fn := func(w http.ResponseWriter, r *http.Request) {
|
|
requestEncodings := r.Header["Content-Encoding"]
|
|
// skip check for empty content body or no Content-Encoding
|
|
if r.ContentLength == 0 {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
// All encodings in the request must be allowed
|
|
for _, encoding := range requestEncodings {
|
|
if _, ok := allowedEncodings[strings.TrimSpace(strings.ToLower(encoding))]; !ok {
|
|
w.WriteHeader(http.StatusUnsupportedMediaType)
|
|
return
|
|
}
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
}
|
|
return http.HandlerFunc(fn)
|
|
}
|
|
}
|
|
|