github.com/web-platform-tests/wpt.fyi@v0.0.0-20240530210107-70cf978996f1/shared/routing.go (about) 1 // Copyright 2018 The WPT Dashboard Project. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 package shared 6 7 import ( 8 "net/http" 9 10 "github.com/gorilla/handlers" 11 "github.com/gorilla/mux" 12 ) 13 14 var globalRouter *mux.Router 15 16 // Router returns the global mux.Router used for handling all requests. 17 func Router() *mux.Router { 18 if globalRouter == nil { 19 globalRouter = mux.NewRouter() 20 globalRouter.StrictSlash(true) 21 http.Handle("/", globalRouter) 22 } 23 return globalRouter 24 } 25 26 // AddRoute is a helper for registering a handler for an http path (route). 27 // Note that it adds an HSTS header to the response. 28 func AddRoute(route, name string, h http.HandlerFunc) *mux.Route { 29 return Router().Handle(route, HandleWithLogging(WrapHSTS(h))).Name(name) 30 } 31 32 // WrapHSTS wraps the given handler func in one that sets the 33 // Strict-Transport-Security header on the response. 34 func WrapHSTS(h http.HandlerFunc) http.HandlerFunc { 35 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 36 value := "max-age=31536000; preload" 37 w.Header().Add("Strict-Transport-Security", value) 38 h.ServeHTTP(w, r) 39 }) 40 } 41 42 // WrapPermissiveCORS wraps the given handler func in one that sets an 43 // all-permissive CORS header on the response. 44 func WrapPermissiveCORS(h http.HandlerFunc, methods ...string) http.HandlerFunc { 45 opts := []handlers.CORSOption{ 46 handlers.AllowedOrigins([]string{"*"}), 47 handlers.AllowedHeaders([]string{"Content-Type"}), 48 } 49 if len(methods) > 0 { 50 opts = append(opts, handlers.AllowedMethods(methods)) 51 } 52 return handlers.CORS(opts...)(h).ServeHTTP 53 } 54 55 // WrapTrustedCORS wraps the given handler func in one that sets 56 // an Allow-Credentials CORS header with specified origins and methods on the response. 57 func WrapTrustedCORS(h http.HandlerFunc, origins []string, methods []string) http.HandlerFunc { 58 opts := []handlers.CORSOption{ 59 handlers.AllowedOrigins(origins), 60 handlers.AllowedHeaders([]string{"Content-Type"}), 61 handlers.AllowCredentials(), 62 } 63 if len(methods) > 0 { 64 opts = append(opts, handlers.AllowedMethods(methods)) 65 } 66 return handlers.CORS(opts...)(h).ServeHTTP 67 } 68 69 // WrapApplicationJSON wraps the given handler func in one that sets a Content-Type 70 // header of "text/json" on the response. 71 func WrapApplicationJSON(h http.HandlerFunc) http.HandlerFunc { 72 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 73 w.Header().Add("Content-Type", "application/json") 74 h.ServeHTTP(w, r) 75 }) 76 }