Add Feature-Policy header support

2019-07-29 08:12:05 -06:00 · 2019-07-29 08:12:05 -06:00 · cd164de776
commit cd164de776
parent c0ef5ce512
15 changed files with 194 additions and 41 deletions
--- a/pkg/config/dynamic/fixtures/sample.toml
+++ b/pkg/config/dynamic/fixtures/sample.toml
@ -384,6 +384,7 @@
        contentSecurityPolicy = "foobar"
        publicKey = "foobar"
        referrerPolicy = "foobar"
+        featurePolicy = "foobar"
        isDevelopment = true
        [http.middlewares.Middleware8.headers.customRequestHeaders]
          name0 = "foobar"
@ -476,4 +477,4 @@
    [tls.stores.Store1]
      [tls.stores.Store1.defaultCertificate]
        certFile = "foobar"
-        keyFile = "foobar"
+        keyFile = "foobar"
--- a/pkg/config/dynamic/middlewares.go
+++ b/pkg/config/dynamic/middlewares.go
@ -167,6 +167,7 @@ type Headers struct {
 	ContentSecurityPolicy   string            `json:"contentSecurityPolicy,omitempty" toml:"contentSecurityPolicy,omitempty" yaml:"contentSecurityPolicy,omitempty"`
 	PublicKey               string            `json:"publicKey,omitempty" toml:"publicKey,omitempty" yaml:"publicKey,omitempty"`
 	ReferrerPolicy          string            `json:"referrerPolicy,omitempty" toml:"referrerPolicy,omitempty" yaml:"referrerPolicy,omitempty"`
+	FeaturePolicy           string            `json:"featurePolicy,omitempty" toml:"featurePolicy,omitempty" yaml:"featurePolicy,omitempty"`
 	IsDevelopment           bool              `json:"isDevelopment,omitempty" toml:"isDevelopment,omitempty" yaml:"isDevelopment,omitempty"`
 }

@ -208,6 +209,7 @@ func (h *Headers) HasSecureHeadersDefined() bool {
 		h.ContentSecurityPolicy != "" ||
 		h.PublicKey != "" ||
 		h.ReferrerPolicy != "" ||
+		h.FeaturePolicy != "" ||
 		h.IsDevelopment)
 }

--- a/pkg/config/file/fixtures/sample.toml
+++ b/pkg/config/file/fixtures/sample.toml
@ -376,6 +376,7 @@
        contentSecurityPolicy = "foobar"
        publicKey = "foobar"
        referrerPolicy = "foobar"
+        featurePolicy = "foobar"
        isDevelopment = true
        [http.middlewares.Middleware8.headers.customRequestHeaders]
          name0 = "foobar"
@ -468,4 +469,4 @@
    [tls.stores.Store1]
      [tls.stores.Store1.defaultCertificate]
        certFile = "foobar"
-        keyFile = "foobar"
+        keyFile = "foobar"
--- a/pkg/config/label/label_test.go
+++ b/pkg/config/label/label_test.go
@ -63,6 +63,7 @@ func TestDecodeConfiguration(t *testing.T) {
 		"traefik.http.middlewares.Middleware8.headers.isdevelopment":                           "true",
 		"traefik.http.middlewares.Middleware8.headers.publickey":                               "foobar",
 		"traefik.http.middlewares.Middleware8.headers.referrerpolicy":                          "foobar",
+		"traefik.http.middlewares.Middleware8.headers.featurepolicy":                           "foobar",
 		"traefik.http.middlewares.Middleware8.headers.sslforcehost":                            "true",
 		"traefik.http.middlewares.Middleware8.headers.sslhost":                                 "foobar",
 		"traefik.http.middlewares.Middleware8.headers.sslproxyheaders.name0":                   "foobar",
@ -487,6 +488,7 @@ func TestDecodeConfiguration(t *testing.T) {
 						ContentSecurityPolicy:   "foobar",
 						PublicKey:               "foobar",
 						ReferrerPolicy:          "foobar",
+						FeaturePolicy:           "foobar",
 						IsDevelopment:           true,
 					},
 				},
@ -884,6 +886,7 @@ func TestEncodeConfiguration(t *testing.T) {
 						ContentSecurityPolicy:   "foobar",
 						PublicKey:               "foobar",
 						ReferrerPolicy:          "foobar",
+						FeaturePolicy:           "foobar",
 						IsDevelopment:           true,
 					},
 				},
@ -1020,6 +1023,7 @@ func TestEncodeConfiguration(t *testing.T) {
 		"traefik.HTTP.Middlewares.Middleware8.Headers.IsDevelopment":                           "true",
 		"traefik.HTTP.Middlewares.Middleware8.Headers.PublicKey":                               "foobar",
 		"traefik.HTTP.Middlewares.Middleware8.Headers.ReferrerPolicy":                          "foobar",
+		"traefik.HTTP.Middlewares.Middleware8.Headers.FeaturePolicy":                           "foobar",
 		"traefik.HTTP.Middlewares.Middleware8.Headers.SSLForceHost":                            "true",
 		"traefik.HTTP.Middlewares.Middleware8.Headers.SSLHost":                                 "foobar",
 		"traefik.HTTP.Middlewares.Middleware8.Headers.SSLProxyHeaders.name0":                   "foobar",
--- a/pkg/middlewares/headers/headers.go
+++ b/pkg/middlewares/headers/headers.go
@ -29,7 +29,6 @@ func New(ctx context.Context, next http.Handler, config dynamic.Headers, name st
 	// HeaderMiddleware -> SecureMiddleWare -> next
 	logger := middlewares.GetLogger(ctx, name, typeName)
 	logger.Debug("Creating middleware")
-
 	hasSecureHeaders := config.HasSecureHeadersDefined()
 	hasCustomHeaders := config.HasCustomHeadersDefined()
 	hasCorsHeaders := config.HasCorsHeadersDefined()
@ -94,6 +93,7 @@ func newSecure(next http.Handler, headers dynamic.Headers) *secureHeader {
 		HostsProxyHeaders:       headers.HostsProxyHeaders,
 		SSLProxyHeaders:         headers.SSLProxyHeaders,
 		STSSeconds:              headers.STSSeconds,
+		FeaturePolicy:           headers.FeaturePolicy,
 	}

 	return &secureHeader{
--- a/pkg/responsemodifiers/headers.go
+++ b/pkg/responsemodifiers/headers.go
@ -30,6 +30,7 @@ func buildHeaders(hdrs *dynamic.Headers) func(*http.Response) error {
 		HostsProxyHeaders:       hdrs.HostsProxyHeaders,
 		SSLProxyHeaders:         hdrs.SSLProxyHeaders,
 		STSSeconds:              hdrs.STSSeconds,
+		FeaturePolicy:           hdrs.FeaturePolicy,
 	}

 	return func(resp *http.Response) error {