github.com/web-platform-tests/wpt.fyi@v0.0.0-20240530210107-70cf978996f1/shared/routing.go

github.com/web-platform-tests/wpt.fyi@v0.0.0-20240530210107-70cf978996f1/shared/routing.go (about)

     1  // Copyright 2018 The WPT Dashboard Project. All rights reserved.
     2  // Use of this source code is governed by a BSD-style license that can be
     3  // found in the LICENSE file.
     4  
     5  package shared
     6  
     7  import (
     8  	"net/http"
     9  
    10  	"github.com/gorilla/handlers"
    11  	"github.com/gorilla/mux"
    12  )
    13  
    14  var globalRouter *mux.Router
    15  
    16  // Router returns the global mux.Router used for handling all requests.
    17  func Router() *mux.Router {
    18  	if globalRouter == nil {
    19  		globalRouter = mux.NewRouter()
    20  		globalRouter.StrictSlash(true)
    21  		http.Handle("/", globalRouter)
    22  	}
    23  	return globalRouter
    24  }
    25  
    26  // AddRoute is a helper for registering a handler for an http path (route).
    27  // Note that it adds an HSTS header to the response.
    28  func AddRoute(route, name string, h http.HandlerFunc) *mux.Route {
    29  	return Router().Handle(route, HandleWithLogging(WrapHSTS(h))).Name(name)
    30  }
    31  
    32  // WrapHSTS wraps the given handler func in one that sets the
    33  // Strict-Transport-Security header on the response.
    34  func WrapHSTS(h http.HandlerFunc) http.HandlerFunc {
    35  	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    36  		value := "max-age=31536000; preload"
    37  		w.Header().Add("Strict-Transport-Security", value)
    38  		h.ServeHTTP(w, r)
    39  	})
    40  }
    41  
    42  // WrapPermissiveCORS wraps the given handler func in one that sets an
    43  // all-permissive CORS header on the response.
    44  func WrapPermissiveCORS(h http.HandlerFunc, methods ...string) http.HandlerFunc {
    45  	opts := []handlers.CORSOption{
    46  		handlers.AllowedOrigins([]string{"*"}),
    47  		handlers.AllowedHeaders([]string{"Content-Type"}),
    48  	}
    49  	if len(methods) > 0 {
    50  		opts = append(opts, handlers.AllowedMethods(methods))
    51  	}
    52  	return handlers.CORS(opts...)(h).ServeHTTP
    53  }
    54  
    55  // WrapTrustedCORS wraps the given handler func in one that sets
    56  // an Allow-Credentials CORS header with specified origins and methods on the response.
    57  func WrapTrustedCORS(h http.HandlerFunc, origins []string, methods []string) http.HandlerFunc {
    58  	opts := []handlers.CORSOption{
    59  		handlers.AllowedOrigins(origins),
    60  		handlers.AllowedHeaders([]string{"Content-Type"}),
    61  		handlers.AllowCredentials(),
    62  	}
    63  	if len(methods) > 0 {
    64  		opts = append(opts, handlers.AllowedMethods(methods))
    65  	}
    66  	return handlers.CORS(opts...)(h).ServeHTTP
    67  }
    68  
    69  // WrapApplicationJSON wraps the given handler func in one that sets a Content-Type
    70  // header of "text/json" on the response.
    71  func WrapApplicationJSON(h http.HandlerFunc) http.HandlerFunc {
    72  	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    73  		w.Header().Add("Content-Type", "application/json")
    74  		h.ServeHTTP(w, r)
    75  	})
    76  }