From ac09baae7d03d9df7baeaff11d59b8713f72c26d Mon Sep 17 00:00:00 2001 From: Arve Knudsen Date: Mon, 14 Dec 2020 15:13:01 +0100 Subject: [PATCH] Chore: Use Header.Set method instead of Header.Add (#29804) Signed-off-by: Arve Knudsen --- pkg/api/avatar/avatar.go | 6 +++--- pkg/api/basic_auth_test.go | 4 ++-- pkg/api/pluginproxy/access_token_provider.go | 4 ++-- pkg/api/pluginproxy/ds_proxy_test.go | 6 +++--- pkg/middleware/middleware.go | 14 +++++++------- pkg/middleware/recovery_test.go | 2 +- pkg/middleware/testing.go | 4 ++-- pkg/plugins/backendplugin/manager.go | 2 ++ pkg/services/notifications/webhook.go | 6 +++--- pkg/tsdb/elasticsearch/client/client_test.go | 2 +- pkg/util/proxyutil/proxyutil_test.go | 8 ++++---- 11 files changed, 30 insertions(+), 28 deletions(-) diff --git a/pkg/api/avatar/avatar.go b/pkg/api/avatar/avatar.go index 95b6cea3efc..616ac79abfd 100644 --- a/pkg/api/avatar/avatar.go +++ b/pkg/api/avatar/avatar.go @@ -107,13 +107,13 @@ func (a *CacheServer) Handler(ctx *models.ReqContext) { } } - ctx.Resp.Header().Add("Content-Type", "image/jpeg") + ctx.Resp.Header().Set("Content-Type", "image/jpeg") if !setting.EnableGzip { - ctx.Resp.Header().Add("Content-Length", strconv.Itoa(len(avatar.data.Bytes()))) + ctx.Resp.Header().Set("Content-Length", strconv.Itoa(len(avatar.data.Bytes()))) } - ctx.Resp.Header().Add("Cache-Control", "private, max-age=3600") + ctx.Resp.Header().Set("Cache-Control", "private, max-age=3600") if err := avatar.Encode(ctx.Resp); err != nil { log.Warnf("avatar encode error: %v", err) diff --git a/pkg/api/basic_auth_test.go b/pkg/api/basic_auth_test.go index 46b575aeb5a..72e9383ec1f 100644 --- a/pkg/api/basic_auth_test.go +++ b/pkg/api/basic_auth_test.go @@ -22,7 +22,7 @@ func TestBasicAuthenticatedRequest(t *testing.T) { Request: httpReq, } encodedCreds := encodeBasicAuthCredentials(expectedUser, expectedPass) - req.Header.Add("Authorization", fmt.Sprintf("Basic %s", encodedCreds)) + req.Header.Set("Authorization", fmt.Sprintf("Basic %s", encodedCreds)) authenticated := BasicAuthenticatedRequest(req, expectedUser, expectedPass) assert.True(t, authenticated) @@ -35,7 +35,7 @@ func TestBasicAuthenticatedRequest(t *testing.T) { Request: httpReq, } encodedCreds := encodeBasicAuthCredentials("invaliduser", "invalidpass") - req.Header.Add("Authorization", fmt.Sprintf("Basic %s", encodedCreds)) + req.Header.Set("Authorization", fmt.Sprintf("Basic %s", encodedCreds)) authenticated := BasicAuthenticatedRequest(req, expectedUser, expectedPass) assert.False(t, authenticated) diff --git a/pkg/api/pluginproxy/access_token_provider.go b/pkg/api/pluginproxy/access_token_provider.go index fd2b9e25144..e91d291f598 100644 --- a/pkg/api/pluginproxy/access_token_provider.go +++ b/pkg/api/pluginproxy/access_token_provider.go @@ -114,8 +114,8 @@ func (provider *accessTokenProvider) getAccessToken(data templateData) (string, } getTokenReq, _ := http.NewRequest("POST", urlInterpolated, bytes.NewBufferString(params.Encode())) - getTokenReq.Header.Add("Content-Type", "application/x-www-form-urlencoded") - getTokenReq.Header.Add("Content-Length", strconv.Itoa(len(params.Encode()))) + getTokenReq.Header.Set("Content-Type", "application/x-www-form-urlencoded") + getTokenReq.Header.Set("Content-Length", strconv.Itoa(len(params.Encode()))) resp, err := client.Do(getTokenReq) if err != nil { diff --git a/pkg/api/pluginproxy/ds_proxy_test.go b/pkg/api/pluginproxy/ds_proxy_test.go index dc08c7f3f53..50e68c8e567 100644 --- a/pkg/api/pluginproxy/ds_proxy_test.go +++ b/pkg/api/pluginproxy/ds_proxy_test.go @@ -390,9 +390,9 @@ func TestDataSourceProxy_routeRule(t *testing.T) { proxy, err := NewDataSourceProxy(ds, plugin, ctx, "/path/to/folder/", &setting.Cfg{}) require.NoError(t, err) req, err := http.NewRequest(http.MethodGet, "http://grafana.com/sub", nil) - req.Header.Add("Origin", "grafana.com") - req.Header.Add("Referer", "grafana.com") - req.Header.Add("X-Canary", "stillthere") + req.Header.Set("Origin", "grafana.com") + req.Header.Set("Referer", "grafana.com") + req.Header.Set("X-Canary", "stillthere") require.NoError(t, err) proxy.director(req) diff --git a/pkg/middleware/middleware.go b/pkg/middleware/middleware.go index a49155445d6..02048480ff4 100644 --- a/pkg/middleware/middleware.go +++ b/pkg/middleware/middleware.go @@ -51,24 +51,24 @@ func addSecurityHeaders(w macaron.ResponseWriter, cfg *setting.Cfg) { if cfg.StrictTransportSecuritySubDomains { strictHeaderValues = append(strictHeaderValues, "includeSubDomains") } - w.Header().Add("Strict-Transport-Security", strings.Join(strictHeaderValues, "; ")) + w.Header().Set("Strict-Transport-Security", strings.Join(strictHeaderValues, "; ")) } if cfg.ContentTypeProtectionHeader { - w.Header().Add("X-Content-Type-Options", "nosniff") + w.Header().Set("X-Content-Type-Options", "nosniff") } if cfg.XSSProtectionHeader { - w.Header().Add("X-XSS-Protection", "1; mode=block") + w.Header().Set("X-XSS-Protection", "1; mode=block") } } func addNoCacheHeaders(w macaron.ResponseWriter) { - w.Header().Add("Cache-Control", "no-cache") - w.Header().Add("Pragma", "no-cache") - w.Header().Add("Expires", "-1") + w.Header().Set("Cache-Control", "no-cache") + w.Header().Set("Pragma", "no-cache") + w.Header().Set("Expires", "-1") } func addXFrameOptionsDenyHeader(w macaron.ResponseWriter) { - w.Header().Add("X-Frame-Options", "deny") + w.Header().Set("X-Frame-Options", "deny") } diff --git a/pkg/middleware/recovery_test.go b/pkg/middleware/recovery_test.go index 9842b4ad659..2e56f07ed14 100644 --- a/pkg/middleware/recovery_test.go +++ b/pkg/middleware/recovery_test.go @@ -21,7 +21,7 @@ func TestRecoveryMiddleware(t *testing.T) { recoveryScenario(t, "recovery middleware should return json", apiURL, func(t *testing.T, sc *scenarioContext) { sc.handlerFunc = panicHandler sc.fakeReq("GET", apiURL).exec() - sc.req.Header.Add("content-type", "application/json") + sc.req.Header.Set("content-type", "application/json") assert.Equal(t, 500, sc.resp.Code) assert.Equal(t, "Internal Server Error - Check the Grafana server logs for the detailed error message.", sc.respJson["message"]) diff --git a/pkg/middleware/testing.go b/pkg/middleware/testing.go index 72cccac2843..6f387b12a5b 100644 --- a/pkg/middleware/testing.go +++ b/pkg/middleware/testing.go @@ -88,12 +88,12 @@ func (sc *scenarioContext) exec() { if sc.apiKey != "" { sc.t.Logf(`Adding header "Authorization: Bearer %s"`, sc.apiKey) - sc.req.Header.Add("Authorization", "Bearer "+sc.apiKey) + sc.req.Header.Set("Authorization", "Bearer "+sc.apiKey) } if sc.authHeader != "" { sc.t.Logf(`Adding header "Authorization: %s"`, sc.authHeader) - sc.req.Header.Add("Authorization", sc.authHeader) + sc.req.Header.Set("Authorization", sc.authHeader) } if sc.tokenSessionCookie != "" { diff --git a/pkg/plugins/backendplugin/manager.go b/pkg/plugins/backendplugin/manager.go index a2add9f3ef8..51804d89277 100644 --- a/pkg/plugins/backendplugin/manager.go +++ b/pkg/plugins/backendplugin/manager.go @@ -343,6 +343,8 @@ func flushStream(plugin Plugin, stream CallResourceClientResponseStream, w http. } for _, v := range values { + // TODO: Figure out if we should use Set here instead + // nolint:gocritic w.Header().Add(k, v) } } diff --git a/pkg/services/notifications/webhook.go b/pkg/services/notifications/webhook.go index 819f0458300..028814dc3ec 100644 --- a/pkg/services/notifications/webhook.go +++ b/pkg/services/notifications/webhook.go @@ -61,11 +61,11 @@ func (ns *NotificationService) sendWebRequestSync(ctx context.Context, webhook * webhook.ContentType = "application/json" } - request.Header.Add("Content-Type", webhook.ContentType) - request.Header.Add("User-Agent", "Grafana") + request.Header.Set("Content-Type", webhook.ContentType) + request.Header.Set("User-Agent", "Grafana") if webhook.User != "" && webhook.Password != "" { - request.Header.Add("Authorization", util.GetBasicAuthHeader(webhook.User, webhook.Password)) + request.Header.Set("Authorization", util.GetBasicAuthHeader(webhook.User, webhook.Password)) } for k, v := range webhook.HttpHeader { diff --git a/pkg/tsdb/elasticsearch/client/client_test.go b/pkg/tsdb/elasticsearch/client/client_test.go index 993310d6beb..29ede5670f4 100644 --- a/pkg/tsdb/elasticsearch/client/client_test.go +++ b/pkg/tsdb/elasticsearch/client/client_test.go @@ -407,7 +407,7 @@ func httpClientScenario(t *testing.T, desc string, ds *models.DataSource, fn sce sc.requestBody = bytes.NewBuffer(buf) - rw.Header().Add("Content-Type", "application/json") + rw.Header().Set("Content-Type", "application/json") _, err = rw.Write([]byte(sc.responseBody)) require.Nil(t, err) rw.WriteHeader(sc.responseStatus) diff --git a/pkg/util/proxyutil/proxyutil_test.go b/pkg/util/proxyutil/proxyutil_test.go index 47664527a22..5ff61ec1d29 100644 --- a/pkg/util/proxyutil/proxyutil_test.go +++ b/pkg/util/proxyutil/proxyutil_test.go @@ -11,9 +11,9 @@ func TestPrepareProxyRequest(t *testing.T) { t.Run("Prepare proxy request should clear X-Forwarded headers", func(t *testing.T) { req, err := http.NewRequest(http.MethodGet, "/", nil) require.NoError(t, err) - req.Header.Add("X-Forwarded-Host", "host") - req.Header.Add("X-Forwarded-Port", "123") - req.Header.Add("X-Forwarded-Proto", "http1") + req.Header.Set("X-Forwarded-Host", "host") + req.Header.Set("X-Forwarded-Port", "123") + req.Header.Set("X-Forwarded-Proto", "http1") PrepareProxyRequest(req) require.NotContains(t, req.Header, "X-Forwarded-Host") @@ -34,7 +34,7 @@ func TestPrepareProxyRequest(t *testing.T) { t.Run("Prepare proxy request should append client ip at the end of X-Forwarded-For", func(t *testing.T) { req, err := http.NewRequest(http.MethodGet, "/", nil) req.RemoteAddr = "127.0.0.1:1234" - req.Header.Add("X-Forwarded-For", "192.168.0.1") + req.Header.Set("X-Forwarded-For", "192.168.0.1") require.NoError(t, err) PrepareProxyRequest(req)