Skip to content

Commit

Permalink
build: merge pr #438 from lukewhrit/develop
Browse files Browse the repository at this point in the history 
Release v1.0.3: Bug fixes
  • Loading branch information
@lukewhrit
lukewhrit authored Aug 19, 2024
2 parents b1adaf7 + 5256bb6 commit f10293c
Show file tree
Hide file tree
Showing 7 changed files with 37 additions and 27 deletions.
7 changes: 5 additions & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,10 @@ require (
golang.org/x/exp v0.0.0-20230807204917-050eac23e9de
)

require github.com/dlclark/regexp2 v1.11.0 // indirect
require (
github.com/dlclark/regexp2 v1.11.0 // indirect
golang.org/x/net v0.28.0 // indirect
)

require (
github.com/alecthomas/chroma/v2 v2.14.0
Expand All @@ -26,7 +29,7 @@ require (
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.19 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
golang.org/x/sys v0.12.0 // indirect
golang.org/x/sys v0.23.0 // indirect
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
4 changes: 4 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,12 +60,16 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
golang.org/x/exp v0.0.0-20230807204917-050eac23e9de h1:l5Za6utMv/HsBWWqzt4S8X17j+kt1uVETUX5UFhn2rE=
golang.org/x/exp v0.0.0-20230807204917-050eac23e9de/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
Expand Down
9 changes: 5 additions & 4 deletions internal/config/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,11 @@ type Cfg struct {
ConnectionURI string `env:"CONNECTION_URI" json:"-"`

// Web
Headless bool `env:"HEADLESS" envDefault:"false" json:"headless"` // Enable website
Analytics string `env:"ANALYTICS" envDefault:"" json:"analytics"` // <script> tag for analytics (leave blank to disable)
Username string `env:"USERNAME" envDefault:"" json:"username"` // Basic Auth username. Required to enable Basic Auth
Password string `env:"PASSWORD" envDefault:"" json:"password"` // Basic Auth password. Required to enable Basic Auth
Headless bool `env:"HEADLESS" envDefault:"false" json:"headless"` // Enable website
Analytics string `env:"ANALYTICS" envDefault:"" json:"analytics"` // <script> tag for analytics (leave blank to disable)
Username string `env:"USERNAME" envDefault:"" json:"username"` // Basic Auth username. Required to enable Basic Auth
Password string `env:"PASSWORD" envDefault:"" json:"password"` // Basic Auth password. Required to enable Basic Auth
ContentSecurityPolicy string `env:"CSP" envDefault:"default-src 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';" json:"csp"` // Content Security Policy. Must be changed if you are using analytics.

// Document
IDLength int `env:"ID_LENGTH" envDefault:"8" json:"id_length"`
Expand Down
21 changes: 11 additions & 10 deletions internal/config/config_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,16 @@ func TestLoad(t *testing.T) {
}

require.EqualValues(t, Config, Cfg{
Host: "0.0.0.0",
Port: 9000,
CompressionLevel: 1,
Ratelimiter: "200x5",
IDLength: 8,
IDType: "key",
MaxSize: 400_000,
Headless: false,
ConnectionURI: "host=localhost port=5432 user=spacebin database=spacebin sslmode=disable",
ExpirationAge: 720,
Host: "0.0.0.0",
Port: 9000,
CompressionLevel: 1,
Ratelimiter: "200x5",
IDLength: 8,
IDType: "key",
MaxSize: 400_000,
Headless: false,
ConnectionURI: "host=localhost port=5432 user=spacebin database=spacebin sslmode=disable",
ContentSecurityPolicy: "default-src 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';",
ExpirationAge: 720,
})
}
19 changes: 10 additions & 9 deletions internal/server/config_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,15 +35,16 @@ type ConfigResponse struct {
}

var mockConfig = config.Cfg{
Host: "0.0.0.0",
Port: 9000,
CompressionLevel: 1,
Ratelimiter: "200x5",
IDLength: 8,
IDType: "key",
MaxSize: 400_000,
ExpirationAge: 720,
Headless: false,
Host: "0.0.0.0",
Port: 9000,
CompressionLevel: 1,
Ratelimiter: "200x5",
IDLength: 8,
IDType: "key",
MaxSize: 400_000,
ExpirationAge: 720,
ContentSecurityPolicy: "default-src 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';",
Headless: false,
}

// executeRequest, creates a new ResponseRecorder
Expand Down
2 changes: 1 addition & 1 deletion internal/server/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ func (s *Server) RegisterHeaders() {
s.Router.Use(middleware.SetHeader("X-Content-Type-Options", "nosniff"))
s.Router.Use(middleware.SetHeader("Referrer-Policy", "no-referrer-when-downgrade"))
s.Router.Use(middleware.SetHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains; preload"))
s.Router.Use(middleware.SetHeader("Content-Security-Policy", "default-src 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';"))
s.Router.Use(middleware.SetHeader("Content-Security-Policy", s.Config.ContentSecurityPolicy))
}

func (s *Server) MountStatic() {
Expand Down
2 changes: 1 addition & 1 deletion internal/server/server_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,5 +101,5 @@ func TestRegisterHeaders(t *testing.T) {
require.Equal(t, "nosniff", res.Result().Header.Get("X-Content-Type-Options"))
require.Equal(t, "no-referrer-when-downgrade", res.Result().Header.Get("Referrer-Policy"))
require.Equal(t, "max-age=31536000; includeSubDomains; preload", res.Result().Header.Get("Strict-Transport-Security"))
require.Equal(t, "default-src 'self'; frame-ancestors 'none'; base-uri 'none'; form-action 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';", res.Result().Header.Get("Content-Security-Policy"))
require.Equal(t, mockConfig.ContentSecurityPolicy, res.Result().Header.Get("Content-Security-Policy"))
}

0 comments on commit f10293c

Please sign in to comment.