storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/cmd/crossdomain-xml-handler.go (about) 1 /* 2 * MinIO Cloud Storage, (C) 2016 MinIO, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package cmd 18 19 import "net/http" 20 21 // Standard cross domain policy information located at https://s3.amazonaws.com/crossdomain.xml 22 const crossDomainXML = `<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" secure="false" /></cross-domain-policy>` 23 24 // Standard path where an app would find cross domain policy information. 25 const crossDomainXMLEntity = "/crossdomain.xml" 26 27 // Cross domain policy implements http.Handler interface, implementing a custom ServerHTTP. 28 type crossDomainPolicy struct { 29 handler http.Handler 30 } 31 32 // A cross-domain policy file is an XML document that grants a web client, such as Adobe Flash Player 33 // or Adobe Acrobat (though not necessarily limited to these), permission to handle data across domains. 34 // When clients request content hosted on a particular source domain and that content make requests 35 // directed towards a domain other than its own, the remote domain needs to host a cross-domain 36 // policy file that grants access to the source domain, allowing the client to continue the transaction. 37 func setCrossDomainPolicy(h http.Handler) http.Handler { 38 return crossDomainPolicy{handler: h} 39 } 40 41 func (c crossDomainPolicy) ServeHTTP(w http.ResponseWriter, r *http.Request) { 42 // Look for 'crossdomain.xml' in the incoming request. 43 switch r.URL.Path { 44 case crossDomainXMLEntity: 45 // Write the standard cross domain policy xml. 46 w.Write([]byte(crossDomainXML)) 47 // Request completed, no need to serve to other handlers. 48 return 49 } 50 // Continue to serve the request further. 51 c.handler.ServeHTTP(w, r) 52 }