aboutsummaryrefslogtreecommitdiff
path: root/pkg/instance/handler.go
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus@mullvad.net>2022-04-01 02:27:52 +0200
committerRasmus Dahlberg <rasmus@mullvad.net>2022-04-01 02:56:42 +0200
commitaa903b2f5356f35a486a8e7e6ef92e9db332748e (patch)
tree3fff6448da782fdebffe9d24bf9b70edca14d396 /pkg/instance/handler.go
parentb09d20111227be5e6d5126ec905b44a7a4e96b0d (diff)
fix non-compliant use of HTTP status code 405
See RFC 7231, ยง6.5.5.
Diffstat (limited to 'pkg/instance/handler.go')
-rw-r--r--pkg/instance/handler.go21
1 files changed, 19 insertions, 2 deletions
diff --git a/pkg/instance/handler.go b/pkg/instance/handler.go
index f2bc621..95d90a8 100644
--- a/pkg/instance/handler.go
+++ b/pkg/instance/handler.go
@@ -41,9 +41,9 @@ func (a Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithDeadline(r.Context(), now.Add(a.Instance.Deadline))
defer cancel()
- if r.Method != a.Method {
+ statusCode = a.verifyMethod(w, r)
+ if statusCode != 0 {
glog.Warningf("%s/%s: got HTTP %s, wanted HTTP %s", a.Instance.Prefix, string(a.Endpoint), r.Method, a.Method)
- http.Error(w, "", http.StatusMethodNotAllowed)
return
}
@@ -54,6 +54,23 @@ func (a Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
}
}
+// verifyMethod checks that an appropriate HTTP method is used. Error handling
+// is based on RFC 7231, see Sections 6.5.5 (Status 405) and 6.5.1 (Status 400).
+func (h *Handler) verifyMethod(w http.ResponseWriter, r *http.Request) int {
+ if h.Method == r.Method {
+ return 0
+ }
+
+ code := http.StatusBadRequest
+ if ok := h.Instance.checkHTTPMethod(r.Method); ok {
+ w.Header().Set("Allow", h.Method)
+ code = http.StatusMethodNotAllowed
+ }
+
+ http.Error(w, fmt.Sprintf("error=%s", http.StatusText(code)), code)
+ return code
+}
+
func addLeaf(ctx context.Context, i *Instance, w http.ResponseWriter, r *http.Request) (int, error) {
glog.V(3).Info("handling add-entry request")
req, err := i.leafRequestFromHTTP(ctx, r)