Pull request: home: set vary hdr to origin

Merge in DNS/adguard-home from 2658-vary-origin to master

Updates #2658.

Squashed commit of the following:

commit b4bf6c16e19f1c0b04cc2e526e2b0968956cf56c
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Thu Feb 11 18:18:32 2021 +0300

    all: doc changes

commit f2599c5b48759565e2f621c2fcf89440de56e4a4
Merge: 3eb08ac8 6b8a46ef
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Thu Feb 11 18:16:53 2021 +0300

    Merge branch 'master' into 2658-vary-origin

commit 3eb08ac889163d123b5ca638a83a9289b456d04e
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Thu Feb 11 18:04:04 2021 +0300

    home: set vary hdr to origin
This commit is contained in:
Ainar Garipov 2021-02-11 18:40:14 +03:00
parent 6b8a46ef3b
commit 7b014082ab
2 changed files with 8 additions and 1 deletions

View File

@ -26,10 +26,14 @@ and this project adheres to
### Fixed ### Fixed
- The `Vary` header is now added along with `Access-Control-Allow-Origin` to
prevent cache-related and other issues in browsers ([#2658]).
domain, but with an HTTP scheme as opposed to `*` ([#2484]).
- The request body size limit is now set for HTTPS requests as well. - The request body size limit is now set for HTTPS requests as well.
- Incorrect version tag in the Docker release ([#2663]). - Incorrect version tag in the Docker release ([#2663]).
- DNSCrypt queries weren't marked as such in logs ([#2662]). - DNSCrypt queries weren't marked as such in logs ([#2662]).
[#2658]: https://github.com/AdguardTeam/AdGuardHome/issues/2658
[#2662]: https://github.com/AdguardTeam/AdGuardHome/issues/2662 [#2662]: https://github.com/AdguardTeam/AdGuardHome/issues/2662
[#2663]: https://github.com/AdguardTeam/AdGuardHome/issues/2663 [#2663]: https://github.com/AdguardTeam/AdGuardHome/issues/2663
[#2664]: https://github.com/AdguardTeam/AdGuardHome/issues/2664 [#2664]: https://github.com/AdguardTeam/AdGuardHome/issues/2664

View File

@ -251,12 +251,15 @@ func handleHTTPSRedirect(w http.ResponseWriter, r *http.Request) (ok bool) {
// Allow the frontend from the HTTP origin to send requests to the HTTPS // Allow the frontend from the HTTP origin to send requests to the HTTPS
// server. This can happen when the user has just set up HTTPS with // server. This can happen when the user has just set up HTTPS with
// redirects. // redirects. Prevent cache-related errors by setting the Vary header.
//
// See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin.
originURL := &url.URL{ originURL := &url.URL{
Scheme: "http", Scheme: "http",
Host: r.Host, Host: r.Host,
} }
w.Header().Set("Access-Control-Allow-Origin", originURL.String()) w.Header().Set("Access-Control-Allow-Origin", originURL.String())
w.Header().Set("Vary", "Origin")
return true return true
} }