Add ability to set arbitrary headers

This is useful if you want to add headers for things like HTTP Strict Transport Security or HTTP Public Key Pinning.
2026-01-23 02:14:33 +00:00 · 2016-06-03 22:49:01 -07:00 · 2016-06-03 22:49:01 -07:00 · 39bb999db6
commit 39bb999db6
parent 1f3bc4bfea
3 changed files with 61 additions and 0 deletions
--- a/server.go
+++ b/server.go
@ -10,6 +10,7 @@ import (
 	"os"
 	"regexp"
 	"strconv"
+	"strings"
 	"time"

 	"github.com/GeertJohan/go.rice"
@ -20,6 +21,17 @@ import (
 	"github.com/zenazn/goji/web/middleware"
 )

+type headerList []string
+
+func (h *headerList) String() string {
+	return strings.Join(*h, ",")
+}
+
+func (h *headerList) Set(value string) error {
+	*h = append(*h, value)
+	return nil
+}
+
 var Config struct {
 	bind                      string
 	filesDir                  string
@ -40,6 +52,7 @@ var Config struct {
 	remoteUploads             bool
 	authFile                  string
 	remoteAuthFile            string
+	addHeaders                headerList
 }

 var Templates = make(map[string]*pongo2.Template)
@ -69,6 +82,7 @@ func setup() *web.Mux {
 		policy: Config.contentSecurityPolicy,
 		frame:  Config.xFrameOptions,
 	}))
+	mux.Use(AddHeaders(Config.addHeaders))

 	if Config.authFile != "" {
 		mux.Use(UploadAuth(AuthOptions{
@ -205,6 +219,8 @@ func main() {
 		"value of Content-Security-Policy header for file access")
 	flag.StringVar(&Config.xFrameOptions, "xframeoptions", "SAMEORIGIN",
 		"value of X-Frame-Options header")
+	flag.Var(&Config.addHeaders, "addheader",
+		"Add an arbitrary header to the response. This option can be used multiple times.")

 	iniflags.Parse()