mirror of
https://github.com/openziti/zrok.git
synced 2024-12-22 06:40:50 +01:00
Merge pull request #728 from openziti/cors_private_access
Add Response Header Flag to zrok access private (#522)
This commit is contained in:
commit
d621bbd306
@ -4,6 +4,8 @@
|
||||
|
||||
FEATURE: Support `html_path` directive in `interstitial` stanza of public frontend configuration to support using an external HTML file for the interstitial page (https://github.com/openziti/zrok/issues/716)
|
||||
|
||||
FEATURE: `zrok access private` now includes a `--response-header` flag to add headers to the response for HTTP-based backends. Add flag multiple times to add multiple headers to the response. Expects `key:value` header definitions in this format: `--response-header "Access-Control-Allow-Origin: *"` (https://github.com/openziti/zrok/issues/522)
|
||||
|
||||
CHANGE: Update `github.com/openziti/sdk-golang` (and related dependencies) to version `v0.23.40`.
|
||||
|
||||
CHANGE: upgrade to ziti v1.1.7 CLI in zrok container image
|
||||
|
@ -28,9 +28,10 @@ func init() {
|
||||
}
|
||||
|
||||
type accessPrivateCommand struct {
|
||||
bindAddress string
|
||||
headless bool
|
||||
cmd *cobra.Command
|
||||
bindAddress string
|
||||
headless bool
|
||||
responseHeaders []string
|
||||
cmd *cobra.Command
|
||||
}
|
||||
|
||||
func newAccessPrivateCommand() *accessPrivateCommand {
|
||||
@ -41,8 +42,9 @@ func newAccessPrivateCommand() *accessPrivateCommand {
|
||||
}
|
||||
command := &accessPrivateCommand{cmd: cmd}
|
||||
cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless")
|
||||
cmd.Run = command.run
|
||||
cmd.Flags().StringVarP(&command.bindAddress, "bind", "b", "127.0.0.1:9191", "The address to bind the private frontend")
|
||||
cmd.Flags().StringArrayVar(&command.responseHeaders, "response-header", []string{}, "Add a response header ('key:value')")
|
||||
cmd.Run = command.run
|
||||
return command
|
||||
}
|
||||
|
||||
@ -194,6 +196,7 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) {
|
||||
cfg := proxy.DefaultFrontendConfig(env.EnvironmentIdentityName())
|
||||
cfg.ShrToken = shrToken
|
||||
cfg.Address = cmd.bindAddress
|
||||
cfg.ResponseHeaders = cmd.responseHeaders
|
||||
cfg.RequestsChan = requests
|
||||
fe, err := proxy.NewFrontend(cfg)
|
||||
if err != nil {
|
||||
|
@ -15,15 +15,17 @@ import (
|
||||
"net/http"
|
||||
"net/http/httputil"
|
||||
"net/url"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
type FrontendConfig struct {
|
||||
IdentityName string
|
||||
ShrToken string
|
||||
Address string
|
||||
Tls *endpoints.TlsConfig
|
||||
RequestsChan chan *endpoints.Request
|
||||
IdentityName string
|
||||
ShrToken string
|
||||
Address string
|
||||
ResponseHeaders []string
|
||||
Tls *endpoints.TlsConfig
|
||||
RequestsChan chan *endpoints.Request
|
||||
}
|
||||
|
||||
func DefaultFrontendConfig(identityName string) *FrontendConfig {
|
||||
@ -112,6 +114,14 @@ func newServiceProxy(cfg *FrontendConfig, ctx ziti.Context) (*httputil.ReversePr
|
||||
req.Header.Set("X-Proxy", "zrok")
|
||||
}
|
||||
proxy.ModifyResponse = func(resp *http.Response) error {
|
||||
for _, responseHeader := range cfg.ResponseHeaders {
|
||||
tokens := strings.Split(responseHeader, ":")
|
||||
if len(tokens) == 2 {
|
||||
resp.Header.Set(strings.TrimSpace(tokens[0]), strings.TrimSpace(tokens[1]))
|
||||
} else {
|
||||
logrus.Errorf("invalid response header '%v' (expecting header:value", responseHeader)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
proxy.ErrorHandler = func(w http.ResponseWriter, r *http.Request, err error) {
|
||||
|
Loading…
Reference in New Issue
Block a user