pages/pages-server
1
0
Fork 0
mirror of https://codeberg.org/Codeberg/pages-server.git synced 2025-04-25 06:16:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add HSTS & cipher suites, handle fallback cert errors & change default port to 443

Browse source
This commit is contained in:
Moritz Marquardt 2021-07-13 10:28:36 +02:00
parent 0602811709
commit 7c70be21d7
No known key found for this signature in database
GPG key ID: D5788327BEE388B6
3 changed files with 86 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

11
handler.go
View file

@ -28,6 +28,11 @@ func handler(ctx *fasthttp.RequestCtx) {
// Enable caching, but require revalidation to reduce confusion
ctx.Response.Header.Set("Cache-Control", "must-revalidate")
// Add HSTS for RawDomain and MainDomainSuffix
if hsts := GetHSTSHeader(ctx.Host()); hsts != "" {
ctx.Response.Header.Set("Strict-Transport-Security", hsts)
}
// Block all methods not required for static pages
if !ctx.IsGet() && !ctx.IsHead() && !ctx.IsOptions() {
ctx.Response.Header.Set("Allow", "GET, HEAD, OPTIONS")
@ -275,7 +280,11 @@ func handler(ctx *fasthttp.RequestCtx) {
func returnErrorPage(ctx *fasthttp.RequestCtx, code int) {
ctx.Response.SetStatusCode(code)
ctx.Response.Header.SetContentType("text/html; charset=utf-8")
ctx.Response.SetBody(bytes.ReplaceAll(NotFoundPage, []byte("%status"), []byte(strconv.Itoa(code)+" "+fasthttp.StatusMessage(code))))
message := fasthttp.StatusMessage(code)
if code == fasthttp.StatusFailedDependency {
message += " - owner, repo or branch doesn't exist"
}
ctx.Response.SetBody(bytes.ReplaceAll(NotFoundPage, []byte("%status"), []byte(strconv.Itoa(code)+" "+message)))
}
// BranchExistanceCacheTimeout specifies the timeout for the default branch cache. It can be quite long.