|
|
|
|
@ -152,6 +152,7 @@ func containsReservedMetadata(header http.Header) bool { |
|
|
|
|
const ( |
|
|
|
|
minioReservedBucket = "minio" |
|
|
|
|
minioReservedBucketPath = SlashSeparator + minioReservedBucket |
|
|
|
|
loginPathPrefix = SlashSeparator + "login" |
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
// Adds redirect rules for incoming requests.
|
|
|
|
|
@ -279,6 +280,16 @@ func isAdminReq(r *http.Request) bool { |
|
|
|
|
return strings.HasPrefix(r.URL.Path, adminPathPrefix) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// guessIsLoginSTSReq - returns true if incoming request is Login STS user
|
|
|
|
|
func guessIsLoginSTSReq(req *http.Request) bool { |
|
|
|
|
if req == nil { |
|
|
|
|
return false |
|
|
|
|
} |
|
|
|
|
return strings.HasPrefix(req.URL.Path, loginPathPrefix) || |
|
|
|
|
(req.Method == http.MethodPost && req.URL.Path == SlashSeparator && |
|
|
|
|
getRequestAuthType(req) == authTypeSTS) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Adds verification for incoming paths.
|
|
|
|
|
type minioReservedBucketHandler struct { |
|
|
|
|
handler http.Handler |
|
|
|
|
@ -608,7 +619,7 @@ type bucketForwardingHandler struct { |
|
|
|
|
func (f bucketForwardingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { |
|
|
|
|
if globalDNSConfig == nil || len(globalDomainNames) == 0 || |
|
|
|
|
guessIsHealthCheckReq(r) || guessIsMetricsReq(r) || |
|
|
|
|
guessIsRPCReq(r) || isAdminReq(r) { |
|
|
|
|
guessIsRPCReq(r) || guessIsLoginSTSReq(r) || isAdminReq(r) { |
|
|
|
|
f.handler.ServeHTTP(w, r) |
|
|
|
|
return |
|
|
|
|
} |
|
|
|
|
|
Sergey Morgunov
5 years ago
committed by