httpd: allow to restrict allowed hosts ...

... and to add security headers to the responses Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-08 07:10:56 +03:00 · 2022-02-17 18:22:27 +01:00
parent 876bf8aa4f
commit f1a255aa6c
15 changed files with 415 additions and 24 deletions
--- a/httpd/httpd_test.go
+++ b/httpd/httpd_test.go
@@ -338,6 +338,15 @@ func TestMain(m *testing.M) {
 	httpdConf := config.GetHTTPDConfig()

 	httpdConf.Bindings[0].Port = 8081
+	httpdConf.Bindings[0].Security = httpd.SecurityConf{
+		Enabled: true,
+		HTTPSProxyHeaders: []httpd.HTTPSProxyHeader{
+			{
+				Key:   "X-Forwarded-Proto",
+				Value: "https",
+			},
+		},
+	}
 	httpdtest.SetBaseURL(httpBaseURL)
 	backupsPath = filepath.Join(os.TempDir(), "test_backups")
 	httpdConf.BackupsPath = backupsPath