handlers: Little bit more optimizations (#11211)

master
Anis Elleuch 4 years ago committed by GitHub
parent c4b1d394d6
commit dfd99b6d8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 57
      cmd/generic-handlers.go

@ -172,6 +172,9 @@ type browserRedirectHandler struct {
} }
func setBrowserRedirectHandler(h http.Handler) http.Handler { func setBrowserRedirectHandler(h http.Handler) http.Handler {
if !globalBrowserEnabled {
return h
}
return browserRedirectHandler{handler: h} return browserRedirectHandler{handler: h}
} }
@ -183,19 +186,17 @@ func shouldProxy() bool {
} }
func (h redirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (h redirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if guessIsRPCReq(r) || guessIsBrowserReq(r) || if !shouldProxy() || guessIsRPCReq(r) || guessIsBrowserReq(r) ||
guessIsHealthCheckReq(r) || guessIsMetricsReq(r) || isAdminReq(r) { guessIsHealthCheckReq(r) || guessIsMetricsReq(r) || isAdminReq(r) {
h.handler.ServeHTTP(w, r) h.handler.ServeHTTP(w, r)
return return
} }
if shouldProxy() { // if this server is still initializing, proxy the request
// if this server is still initializing, proxy the request // to any other online servers to avoid 503 for any incoming
// to any other online servers to avoid 503 for any incoming // API calls.
// API calls. if idx := getOnlineProxyEndpointIdx(); idx >= 0 {
if idx := getOnlineProxyEndpointIdx(); idx >= 0 { proxyRequest(context.TODO(), w, r, globalProxyEndpoints[idx])
proxyRequest(context.TODO(), w, r, globalProxyEndpoints[idx]) return
return
}
} }
h.handler.ServeHTTP(w, r) h.handler.ServeHTTP(w, r)
} }
@ -290,6 +291,9 @@ type cacheControlHandler struct {
} }
func setBrowserCacheControlHandler(h http.Handler) http.Handler { func setBrowserCacheControlHandler(h http.Handler) http.Handler {
if !globalBrowserEnabled {
return h
}
return cacheControlHandler{h} return cacheControlHandler{h}
} }
@ -337,15 +341,11 @@ func setReservedBucketHandler(h http.Handler) http.Handler {
} }
func (h minioReservedBucketHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (h minioReservedBucketHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
switch { // For all other requests reject access to reserved buckets
case guessIsRPCReq(r), guessIsBrowserReq(r), guessIsHealthCheckReq(r), guessIsMetricsReq(r), isAdminReq(r): bucketName, _ := request2BucketObjectName(r)
// Allow access to reserved buckets if isMinioReservedBucket(bucketName) || isMinioMetaBucket(bucketName) {
default: if !guessIsRPCReq(r) && !guessIsBrowserReq(r) && !guessIsHealthCheckReq(r) && !guessIsMetricsReq(r) && !isAdminReq(r) {
// For all other requests reject access to reserved buckets writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrAllAccessDisabled), r.URL, guessIsBrowserReq(r))
bucketName, _ := request2BucketObjectName(r)
if isMinioReservedBucket(bucketName) || isMinioMetaBucket(bucketName) {
browser := guessIsBrowserReq(r)
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrAllAccessDisabled), r.URL, browser)
return return
} }
} }
@ -624,17 +624,15 @@ type bucketForwardingHandler struct {
} }
func (f bucketForwardingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (f bucketForwardingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if globalDNSConfig == nil || len(globalDomainNames) == 0 || if guessIsHealthCheckReq(r) || guessIsMetricsReq(r) ||
guessIsHealthCheckReq(r) || guessIsMetricsReq(r) || guessIsRPCReq(r) || guessIsLoginSTSReq(r) || isAdminReq(r) {
guessIsRPCReq(r) || guessIsLoginSTSReq(r) || isAdminReq(r) ||
!globalBucketFederation {
f.handler.ServeHTTP(w, r) f.handler.ServeHTTP(w, r)
return return
} }
// For browser requests, when federation is setup we need to // For browser requests, when federation is setup we need to
// specifically handle download and upload for browser requests. // specifically handle download and upload for browser requests.
if globalDNSConfig != nil && len(globalDomainNames) > 0 && guessIsBrowserReq(r) { if guessIsBrowserReq(r) {
var bucket, _ string var bucket, _ string
switch r.Method { switch r.Method {
case http.MethodPut: case http.MethodPut:
@ -729,6 +727,10 @@ func (f bucketForwardingHandler) ServeHTTP(w http.ResponseWriter, r *http.Reques
// on a bucket to the right bucket location, bucket to IP configuration // on a bucket to the right bucket location, bucket to IP configuration
// is obtained from centralized etcd configuration service. // is obtained from centralized etcd configuration service.
func setBucketForwardingHandler(h http.Handler) http.Handler { func setBucketForwardingHandler(h http.Handler) http.Handler {
if globalDNSConfig == nil || len(globalDomainNames) == 0 || !globalBucketFederation {
return h
}
fwd := handlers.NewForwarder(&handlers.Forwarder{ fwd := handlers.NewForwarder(&handlers.Forwarder{
PassHost: true, PassHost: true,
RoundTripper: newGatewayHTTPTransport(1 * time.Hour), RoundTripper: newGatewayHTTPTransport(1 * time.Hour),
@ -791,14 +793,19 @@ func (h criticalErrorHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
h.handler.ServeHTTP(w, r) h.handler.ServeHTTP(w, r)
} }
func setSSETLSHandler(h http.Handler) http.Handler { return sseTLSHandler{h} } func setSSETLSHandler(h http.Handler) http.Handler {
if globalIsTLS {
return h
}
return sseTLSHandler{h}
}
// sseTLSHandler enforces certain rules for SSE requests which are made / must be made over TLS. // sseTLSHandler enforces certain rules for SSE requests which are made / must be made over TLS.
type sseTLSHandler struct{ handler http.Handler } type sseTLSHandler struct{ handler http.Handler }
func (h sseTLSHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (h sseTLSHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// Deny SSE-C requests if not made over TLS // Deny SSE-C requests if not made over TLS
if !globalIsTLS && (crypto.SSEC.IsRequested(r.Header) || crypto.SSECopy.IsRequested(r.Header)) { if crypto.SSEC.IsRequested(r.Header) || crypto.SSECopy.IsRequested(r.Header) {
if r.Method == http.MethodHead { if r.Method == http.MethodHead {
writeErrorResponseHeadersOnly(w, errorCodes.ToAPIErr(ErrInsecureSSECustomerRequest)) writeErrorResponseHeadersOnly(w, errorCodes.ToAPIErr(ErrInsecureSSECustomerRequest))
} else { } else {

Loading…
Cancel
Save