dcarrillo/whatismyip
1
0
Fork 0
mirror of https://github.com/dcarrillo/whatismyip.git synced 2025-07-01 22:09:26 +00:00
Code Issues Projects Releases Wiki Activity

Use gin-gonic/contrib/secure instead of deprecated module

Browse Source
This commit is contained in:
Daniel Carrillo
2022-05-07 12:40:25 +02:00
parent 1ee7256506
commit ca1d002974
5 changed files with 14 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
cmd/whatismyip.go
View File

@ -13,11 +13,12 @@ import (
"github.com/dcarrillo/whatismyip/internal/httputils"
"github.com/dcarrillo/whatismyip/internal/setting"
"github.com/gin-gonic/contrib/secure"
"github.com/dcarrillo/whatismyip/models"
"github.com/dcarrillo/whatismyip/router"
"github.com/gin-gonic/gin"
"github.com/unrolled/secure"
)
var (
@ -140,27 +141,12 @@ func setupEngine() {
engine.Use(gin.LoggerWithFormatter(httputils.GetLogFormatter))
engine.Use(gin.Recovery())
if setting.App.EnableSecureHeaders {
engine.Use(addSecureHeaders())
engine.Use(secure.Secure(secure.Options{
BrowserXssFilter: true,
ContentTypeNosniff: true,
FrameDeny: true,
}))
}
_ = engine.SetTrustedProxies(nil)
engine.TrustedPlatform = setting.App.TrustedHeader
}
func addSecureHeaders() gin.HandlerFunc {
return func(c *gin.Context) {
err := secure.New(secure.Options{
BrowserXssFilter: true,
ContentTypeNosniff: true,
FrameDeny: true,
}).Process(c.Writer, c.Request)
if err != nil {
c.Abort()
return
}
// Avoid header rewrite if response is a redirection.
if status := c.Writer.Status(); status > 300 && status < 399 {
c.Abort()
}
}
}