mirrors/owncast
1
0
Fork 0
mirror of https://github.com/owncast/owncast.git synced 2024-10-23 04:55:56 +03:00
Code Issues Projects Releases Packages Wiki Activity

Explicitly block requests to /debug/vars

Browse source
This commit is contained in:
Gabe Kangas 2022-12-09 14:10:08 -08:00
parent 5a6f2859d8
commit 75e22c58ef
No known key found for this signature in database
GPG key ID: 4345B2060657F330
1 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
router/router.go
View file

@ -373,11 +373,25 @@ func Start() error {
port := config.WebServerPort
ip := config.WebServerIP
// Create a custom mux handler to intercept the /debug/vars endpoint.
// This is a hack because Prometheus enables this endpoint by default
// due to its use of expvar and we do not want this exposed.
h2s := &http2.Server{}
defaultMux := h2c.NewHandler(http.DefaultServeMux, h2s)
m := http.NewServeMux()
m.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
if r.URL.Path == "/debug/vars" {
w.WriteHeader(http.StatusNotFound)
return
} else {
defaultMux.ServeHTTP(w, r)
}
})
server := &http.Server{
Addr: fmt.Sprintf("%s:%d", ip, port),
ReadHeaderTimeout: 4 * time.Second,
Handler: h2c.NewHandler(http.DefaultServeMux, h2s),
Handler: m,
}
log.Infof("Web server is listening on IP %s port %d.", ip, port)