Merge pull request #7520 from hashicorp/audit-httphandler

wrap http.Handlers
2020-03-27 10:31:29 -04:00 · 2020-03-27 10:31:29 -04:00 · beb21d4fdb
parent c7097bac90 a66b4be0f3
commit beb21d4fdb
3 changed files with 15 additions and 10 deletions
--- a/command/agent/http.go
+++ b/command/agent/http.go
@ -323,14 +323,14 @@ func (s *HTTPServer) registerHandlers(enableDebug bool) {
 	s.mux.HandleFunc("/v1/operator/scheduler/configuration", s.wrap(s.OperatorSchedulerConfiguration))

 	if uiEnabled {
-		s.mux.Handle("/ui/", http.StripPrefix("/ui/", handleUI(http.FileServer(&UIAssetWrapper{FileSystem: assetFS()}))))
+		s.mux.Handle("/ui/", http.StripPrefix("/ui/", s.handleUI(http.FileServer(&UIAssetWrapper{FileSystem: assetFS()}))))
 	} else {
 		// Write the stubHTML
 		s.mux.HandleFunc("/ui/", func(w http.ResponseWriter, r *http.Request) {
 			w.Write([]byte(stubHTML))
 		})
 	}
-	s.mux.Handle("/", handleRootFallthrough())
+	s.mux.Handle("/", s.handleRootFallthrough())

 	if enableDebug {
 		if !s.agent.config.DevMode {
@ -386,7 +386,7 @@ func (e *codedError) Code() int {
 	return e.code
 }

-func handleUI(h http.Handler) http.Handler {
+func (s *HTTPServer) handleUI(h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		header := w.Header()
 		header.Add("Content-Security-Policy", "default-src 'none'; connect-src *; img-src 'self' data:; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'none'; frame-ancestors 'none'")
@ -395,14 +395,14 @@ func handleUI(h http.Handler) http.Handler {
 	})
 }

-func handleRootFallthrough() http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+func (s *HTTPServer) handleRootFallthrough() http.Handler {
+	return s.auditHTTPHandler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		if req.URL.Path == "/" {
 			http.Redirect(w, req, "/ui/", 307)
 		} else {
 			w.WriteHeader(http.StatusNotFound)
 		}
-	})
+	}))
 }

 func errCodeFromHandler(err error) (int, string) {
--- a/command/agent/http_oss.go
+++ b/command/agent/http_oss.go
@ -2,7 +2,9 @@

 package agent

-import "net/http"
+import (
+	"net/http"
+)

 // registerEnterpriseHandlers is a no-op for the oss release
 func (s *HTTPServer) registerEnterpriseHandlers() {
@ -23,14 +25,17 @@ func (s *HTTPServer) entOnly(resp http.ResponseWriter, req *http.Request) (inter
 	return nil, CodedError(501, ErrEntOnly)
 }

-func (s HTTPServer) auditHandler(h handlerFn) handlerFn {
+// auditHandler wraps the passed handlerFn
+func (s *HTTPServer) auditHandler(h handlerFn) handlerFn {
 	return h
 }

+// auditHTTPHandler wraps  the passed handlerByteFn
 func (s *HTTPServer) auditNonJSONHandler(h handlerByteFn) handlerByteFn {
 	return h
 }

+// auditHTTPHandler wraps the passed http.Handler
 func (s *HTTPServer) auditHTTPHandler(h http.Handler) http.Handler {
 	return h
 }
--- a/website/pages/docs/configuration/audit.mdx
+++ b/website/pages/docs/configuration/audit.mdx
@ -121,10 +121,10 @@ logging as well as reducing the amount of events generated.
 `endpoints`, `stages`, and `operations` support [globbed pattern](https://github.com/ryanuber/go-glob/blob/master/README.md#example) matching.

 ```hcl
-# Filter all requests and all stages for /ui/ and /v1/agent/health
+# Filter all requests and all stages for /v1/agent/health
 filter "default" {
  type       = "HTTPEvent"
-  endpoints  = ["/ui/", "/v1/agent/health"]
+  endpoints  = ["/v1/agent/health"]
  stages     = ["*"]
  operations = ["*"]
 }