Quad4-Software/software-station
2
0
Fork 0
Code Issues Pull Requests 5 Actions Packages Projects Releases 1 Wiki Activity

Update security middleware and update Docker configurations
All checks were successful
CI / build (push) Successful in 1m15s
Details
renovate / renovate (push) Successful in 1m19s
Details

Browse Source 
- Added a new parameter to the SecurityMiddleware function to allow custom handling of forbidden requests.
- Updated Docker configurations to enable asset caching for improved performance.
- Bumped version number in the Dockerfile to 0.3.0 and refined the image description for clarity.
- Adjusted various frontend components and error handling to support new rate limiting and forbidden access messages.
- Improved documentation in multiple languages to reflect recent changes in features and security measures.
This commit is contained in:
ivan
2025-12-27 21:53:10 -06:00
parent bbbe1903fd
commit d954d7fe4b
22 changed files with 321 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
internal/security/security.go
View File

@@ -193,7 +193,7 @@ func GetSafeHTTPClient(timeout time.Duration) *http.Client {
}
}
func SecurityMiddleware(s *stats.Service, bb *BotBlocker) func(http.Handler) http.Handler {
func SecurityMiddleware(s *stats.Service, bb *BotBlocker, forbiddenHandler http.HandlerFunc) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
start := time.Now()
@@ -240,7 +240,11 @@ func SecurityMiddleware(s *stats.Service, bb *BotBlocker) func(http.Handler) htt
s.GlobalStats.Lock()
s.GlobalStats.BlockedRequests[fingerprint] = true
s.GlobalStats.Unlock()
http.Error(w, "Bots are not allowed", http.StatusForbidden)
if forbiddenHandler != nil {
forbiddenHandler(w, r)
} else {
http.Error(w, "Bots are not allowed", http.StatusForbidden)
}
return
}
@@ -250,7 +254,11 @@ func SecurityMiddleware(s *stats.Service, bb *BotBlocker) func(http.Handler) htt
s.GlobalStats.BlockedRequests[fingerprint] = true
s.GlobalStats.Unlock()
log.Printf("Blocked suspicious request: %s from %s (%s)", r.URL.String(), r.RemoteAddr, r.UserAgent())
http.Error(w, "Forbidden", http.StatusForbidden)
if forbiddenHandler != nil {
forbiddenHandler(w, r)
} else {
http.Error(w, "Forbidden", http.StatusForbidden)
}
return
}
}

2
internal/security/security_test.go
View File

@@ -100,7 +100,7 @@ func TestGetRequestFingerprint(t *testing.T) {
func TestSecurityMiddleware(t *testing.T) {
statsService := stats.NewService("test-hashes.json")
botBlocker := NewBotBlocker("")
handler := SecurityMiddleware(statsService, botBlocker)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := SecurityMiddleware(statsService, botBlocker, nil)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}))