mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 04:06:03 +00:00
Add 'X-Content-Type-Options: nosniff" to some error messages
This commit is contained in:
parent
9eb82fadc4
commit
43251c92e1
6
pkg/apiserver/filters/errors.go
Executable file → Normal file
6
pkg/apiserver/filters/errors.go
Executable file → Normal file
@ -26,6 +26,8 @@ import (
|
||||
|
||||
// badGatewayError renders a simple bad gateway error.
|
||||
func badGatewayError(w http.ResponseWriter, req *http.Request) {
|
||||
w.Header().Set("Content-Type", "text/plain")
|
||||
w.Header().Set("X-Content-Type-Options", "nosniff")
|
||||
w.WriteHeader(http.StatusBadGateway)
|
||||
fmt.Fprintf(w, "Bad Gateway: %#v", req.RequestURI)
|
||||
}
|
||||
@ -33,6 +35,8 @@ func badGatewayError(w http.ResponseWriter, req *http.Request) {
|
||||
// forbidden renders a simple forbidden error
|
||||
func forbidden(attributes authorizer.Attributes, w http.ResponseWriter, req *http.Request, reason string) {
|
||||
msg := forbiddenMessage(attributes)
|
||||
w.Header().Set("Content-Type", "text/plain")
|
||||
w.Header().Set("X-Content-Type-Options", "nosniff")
|
||||
w.WriteHeader(http.StatusForbidden)
|
||||
fmt.Fprintf(w, "%s: %q", msg, reason)
|
||||
}
|
||||
@ -57,6 +61,8 @@ func forbiddenMessage(attributes authorizer.Attributes) string {
|
||||
|
||||
// internalError renders a simple internal error
|
||||
func internalError(w http.ResponseWriter, req *http.Request, err error) {
|
||||
w.Header().Set("Content-Type", "text/plain")
|
||||
w.Header().Set("X-Content-Type-Options", "nosniff")
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
fmt.Fprintf(w, "Internal Server Error: %#v", req.RequestURI)
|
||||
runtime.HandleError(err)
|
||||
|
Loading…
Reference in New Issue
Block a user