forked from opensearch-project/OpenSearch-Dashboards
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
move request handler to its own class
Signed-off-by: Tianle Huang <[email protected]>
- Loading branch information
Showing
2 changed files
with
58 additions
and
46 deletions.
There are no files selected for viewing
50 changes: 50 additions & 0 deletions
50
src/plugins/csp_configuration_provider/server/csp_handlers.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
/* | ||
* Copyright OpenSearch Contributors | ||
* SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
import { CoreSetup, OnPreResponseHandler, OpenSearchClient } from '../../../core/server'; | ||
import { CspClient } from './types'; | ||
|
||
const OPENSEARCH_DASHBOARDS_CONFIG_INDEX_NAME = '.opensearch_dashboards_config'; | ||
const OPENSEARCH_DASHBOARDS_CONFIG_DOCUMENT_NAME = 'csp.rules'; | ||
|
||
export function createCspRulesPreResponseHandler( | ||
core: CoreSetup, | ||
getCspClient: (inputOpenSearchClient: OpenSearchClient) => CspClient | ||
): OnPreResponseHandler { | ||
return async (request, response, toolkit) => { | ||
const shouldCheckDest = ['document', 'frame', 'iframe', 'embed', 'object']; | ||
|
||
const currentDest = request.headers['sec-fetch-dest']; | ||
|
||
if (!shouldCheckDest.includes(currentDest)) { | ||
return toolkit.next({}); | ||
} | ||
|
||
const [coreStart] = await core.getStartServices(); | ||
|
||
const myClient = getCspClient(coreStart.opensearch.client.asInternalUser); | ||
|
||
const existsData = await myClient.exists(OPENSEARCH_DASHBOARDS_CONFIG_INDEX_NAME); | ||
|
||
let header; | ||
const defaultHeader = core.http.csp.header; | ||
|
||
if (!existsData) { | ||
header = defaultHeader; | ||
} else { | ||
const data = await myClient.get( | ||
OPENSEARCH_DASHBOARDS_CONFIG_INDEX_NAME, | ||
OPENSEARCH_DASHBOARDS_CONFIG_DOCUMENT_NAME | ||
); | ||
header = data || defaultHeader; | ||
} | ||
|
||
const additionalHeaders = { | ||
['content-security-policy']: header, | ||
}; | ||
|
||
return toolkit.next({ headers: additionalHeaders }); | ||
}; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters