Home Explore Help
Sign In
LBP
/
miniflux_v2
mirror of https://github.com/miniflux/v2.git
4
0
Fork 0
Files Issues 0 Wiki
Tree: 6b360d08c1
Branches Tags
miniflux_v2
/
http
/
handler
/
response.go

response.go 2.6 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. // Copyright 2017 Frédéric Guillot. All rights reserved.
    2. 

  2. // Use of this source code is governed by the Apache 2.0
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. package handler
    6. 

  6. 

  7. import (
    8. 

  8. 	"net/http"
    9. 

  9. 	"time"
    10. 

  10. 

  11. 	"github.com/miniflux/miniflux/config"
    12. 

  12. 	"github.com/miniflux/miniflux/template"
    13. 

  13. )
    14. 

  14. 

  15. // Response handles HTTP responses.
    16. 

  16. type Response struct {
    17. 

  17. 	cfg      *config.Config
    18. 

  18. 	writer   http.ResponseWriter
    19. 

  19. 	request  *http.Request
    20. 

  20. 	template *template.Engine
    21. 

  21. }
    22. 

  22. 

  23. // SetCookie send a cookie to the client.
    24. 

  24. func (r *Response) SetCookie(cookie *http.Cookie) {
    25. 

  25. 	http.SetCookie(r.writer, cookie)
    26. 

  26. }
    27. 

  27. 

  28. // JSON returns a JSONResponse.
    29. 

  29. func (r *Response) JSON() *JSONResponse {
    30. 

  30. 	r.commonHeaders()
    31. 

  31. 	return NewJSONResponse(r.writer, r.request)
    32. 

  32. }
    33. 

  33. 

  34. // HTML returns a HTMLResponse.
    35. 

  35. func (r *Response) HTML() *HTMLResponse {
    36. 

  36. 	r.commonHeaders()
    37. 

  37. 	return &HTMLResponse{writer: r.writer, request: r.request, template: r.template}
    38. 

  38. }
    39. 

  39. 

  40. // XML returns a XMLResponse.
    41. 

  41. func (r *Response) XML() *XMLResponse {
    42. 

  42. 	r.commonHeaders()
    43. 

  43. 	return &XMLResponse{writer: r.writer, request: r.request}
    44. 

  44. }
    45. 

  45. 

  46. // Redirect redirects the user to another location.
    47. 

  47. func (r *Response) Redirect(path string) {
    48. 

  48. 	http.Redirect(r.writer, r.request, path, http.StatusFound)
    49. 

  49. }
    50. 

  50. 

  51. // NotModified sends a response with a 304 status code.
    52. 

  52. func (r *Response) NotModified() {
    53. 

  53. 	r.commonHeaders()
    54. 

  54. 	r.writer.WriteHeader(http.StatusNotModified)
    55. 

  55. }
    56. 

  56. 

  57. // Cache returns a response with caching headers.
    58. 

  58. func (r *Response) Cache(mimeType, etag string, content []byte, duration time.Duration) {
    59. 

  59. 	r.writer.Header().Set("Content-Type", mimeType)
    60. 

  60. 	r.writer.Header().Set("ETag", etag)
    61. 

  61. 	r.writer.Header().Set("Cache-Control", "public")
    62. 

  62. 	r.writer.Header().Set("Expires", time.Now().Add(duration).Format(time.RFC1123))
    63. 

  63. 

  64. 	if etag == r.request.Header.Get("If-None-Match") {
    65. 

  65. 		r.writer.WriteHeader(http.StatusNotModified)
    66. 

  66. 	} else {
    67. 

  67. 		r.writer.Write(content)
    68. 

  68. 	}
    69. 

  69. }
    70. 

  70. 

  71. func (r *Response) commonHeaders() {
    72. 

  72. 	r.writer.Header().Set("X-XSS-Protection", "1; mode=block")
    73. 

  73. 	r.writer.Header().Set("X-Content-Type-Options", "nosniff")
    74. 

  74. 	r.writer.Header().Set("X-Frame-Options", "DENY")
    75. 

  75. 

  76. 	// Even if the directive "frame-src" has been deprecated in Firefox,
    77. 

  77. 	// we keep it to stay compatible with other browsers.
    78. 

  78. 	r.writer.Header().Set("Content-Security-Policy", "default-src 'self'; img-src *; media-src *; frame-src *; child-src *")
    79. 

  79. 

  80. 	if r.cfg.IsHTTPS && r.cfg.HasHSTS() {
    81. 

  81. 		r.writer.Header().Set("Strict-Transport-Security", "max-age=31536000")
    82. 

  82. 	}
    83. 

  83. }
    84. 

  84. 

  85. // NewResponse returns a new Response.
    86. 

  86. func NewResponse(cfg *config.Config, w http.ResponseWriter, r *http.Request, template *template.Engine) *Response {
    87. 

  87. 	return &Response{cfg: cfg, writer: w, request: r, template: template}
    88. 

  88. }
    89.