mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-16 11:23:11 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add warning message if metrics are exposed without protection

Browse source
This commit is contained in:
Till Faelligen 2019-10-11 10:07:07 +02:00
parent e2cca682be
commit 0b1dd5cf35
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
common/httpapi.go
View file

@ -13,6 +13,7 @@ import (
"github.com/opentracing/opentracing-go/ext" "github.com/opentracing/opentracing-go/ext"
"github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promhttp" "github.com/prometheus/client_golang/prometheus/promhttp"
"github.com/sirupsen/logrus"
) )
// BasicAuth is used for authorization on /metrics handlers // BasicAuth is used for authorization on /metrics handlers
@ -125,6 +126,9 @@ func SetupHTTPAPI(servMux *http.ServeMux, apiMux http.Handler, cfg *config.Dendr
// WrapHandlerInBasicAuth adds basic auth to a handler. Only used for /metrics // WrapHandlerInBasicAuth adds basic auth to a handler. Only used for /metrics
func WrapHandlerInBasicAuth(h http.Handler, b BasicAuth) http.HandlerFunc { func WrapHandlerInBasicAuth(h http.Handler, b BasicAuth) http.HandlerFunc {
if b.Username == "" || b.Password == "" {
logrus.Info("Metrics are exposed without protection. Make sure you set up protection at proxy level.")
}
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Serve without authorization if either Username or Password is unset // Serve without authorization if either Username or Password is unset
if b.Username == "" || b.Password == "" { if b.Username == "" || b.Password == "" {