Documentation ¶
Overview ¶
Package risky provides additional options that complement those provided by package github.com/jub0bs/fcors but that are potentially dangerous. Only resort to these options if you must and if you understand the consequences of doing so.
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AssumeNoExtendedWildcardSupport ¶
func AssumeNoExtendedWildcardSupport() fcors.OptionAnon
AssumeNoExtendedWildcardSupport configures a CORS middleware to eschew the use of the wildcard (*) in the following headers:
- Access-Control-Allow-Headers
- Access-Control-Allow-Methods
- Access-Control-Expose-Headers
Use this option to maximize compatibility of your CORS policy with older browsers. Be aware that, all other things being equal, using this option leads to comparatively larger responses.
Using this option in conjunction with option github.com/jub0bs/fcors.ExposeAllResponseHeaders in a call to github.com/jub0bs/fcors.AllowAccess results in a failure to build the corresponding middleware.
func AssumeNoWebCachingOfPreflightResponses ¶
AssumeNoWebCachingOfPreflightResponses configures a CORS middleware to eschew the use of the Vary header in preflight responses. Responses to OPTIONS requests are not meant to be cached but, for better or worse, some caching intermediaries can nevertheless be configured to cache such responses. To avoid poisoning such caches with inadequate preflight responses, github.com/jub0bs/fcors by default lists the following header names in the Vary header of preflight responses:
- Access-Control-Request-Headers
- Access-Control-Request-Methods
- Access-Control-Request-Private-Network
- Origin
Use this option if you are absolutely sure that no caching intermediaries cache your responses to OPTIONS requests and you want to minimize the size of preflight responses.
func PrivateNetworkAccess ¶
PrivateNetworkAccess configures a CORS middleware to enable Private Network Access, which is a W3C initiative that strengthens the Same-Origin Policy by denying clients in more public networks (e.g. the public Internet) access to less public networks (e.g. localhost) and provides a server-side opt-in mechanism for such access.
This option applies to all the origins allowed in the configuration of the corresponding middleware.
Using this option in conjunction with option PrivateNetworkAccessInNoCorsModeOnly in a call to github.com/jub0bs/fcors.AllowAccess or github.com/jub0bs/fcors.AllowAccessWithCredentials results in a failure to build the corresponding middleware.
func PrivateNetworkAccessInNoCorsModeOnly ¶
PrivateNetworkAccessInNoCorsModeOnly configures a CORS middleware to enable Private Network Access but in no-cors mode only. One use case for this option is given by the link-shortening-service example in the Private Network Access draft.
This option applies to all the origins allowed in the configuration of the corresponding middleware.
Using this option in conjunction with option PrivateNetworkAccess in a call to github.com/jub0bs/fcors.AllowAccess or github.com/jub0bs/fcors.AllowAccessWithCredentials results in a failure to build the corresponding middleware.
func SkipPublicSuffixCheck ¶
SkipPublicSuffixCheck enables you to allow all subdomains of some public suffix (also known as "effective top-level domain"), which option github.com/jub0bs/fcors.FromOrigins by default prohibits. Be aware that allowing all subdomains of a public suffix (e.g. com) is dangerous because such domains (e.g. jub0bs-attacker.com) are typically registrable by anyone, including attackers.
Example ¶
package main import ( "fmt" "io" "net/http" "os" "github.com/jub0bs/fcors" "github.com/jub0bs/fcors/risky" ) func main() { cors, err := fcors.AllowAccessWithCredentials( fcors.FromOrigins("https://*.com"), risky.SkipPublicSuffixCheck(), ) if err != nil { // This branch would get executed if the call to // risky.SkipPublicSuffixCheck were missing above. fmt.Fprintln(os.Stderr, err) os.Exit(1) } helloHandler := http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { io.WriteString(w, "Hello, world!\n") }) http.Handle("/hello_public_suffix", cors(helloHandler)) }
Output:
func TolerateInsecureOrigins ¶
TolerateInsecureOrigins enables you to allow insecure origins (i.e. origins whose scheme is http), which option github.com/jub0bs/fcors.FromOrigins by default prohibits. Be aware that allowing insecure origins exposes your clients to active network attacks that can lead to exfiltration of sensitive data, as described by James Kettle in the talk he gave at AppSec EU 2017.
Example ¶
package main import ( "fmt" "io" "net/http" "os" "github.com/jub0bs/fcors" "github.com/jub0bs/fcors/risky" ) func main() { cors, err := fcors.AllowAccessWithCredentials( fcors.FromOrigins("http://example.com"), risky.TolerateInsecureOrigins(), ) if err != nil { // This branch would get executed if the call to // risky.TolerateInsecureOrigins were missing above. fmt.Fprintln(os.Stderr, err) os.Exit(1) } helloHandler := http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { io.WriteString(w, "Hello, world!\n") }) http.Handle("/hello_insecure_origin", cors(helloHandler)) if err := http.ListenAndServe(":8080", nil); err != nil { fmt.Fprintln(os.Stderr, err) os.Exit(1) } }
Output:
Types ¶
This section is empty.