From 1535d0feca5ff3a0f3243ac5993dcd7cc094d565 Mon Sep 17 00:00:00 2001 From: Patrick O'Doherty Date: Tue, 2 Apr 2024 12:04:24 -0700 Subject: [PATCH] safeweb: move http.Serve for HTTP redirects into lib (#11592) Refactor the interaction between caller/library when establishing the HTTP to HTTPS redirects by moving the call to http.Serve into safeweb. This makes linting for other uses of http.Serve easier without having to account for false positives created by the old interface. Updates https://github.com/tailscale/corp/issues/8027 Signed-off-by: Patrick O'Doherty --- safeweb/http.go | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/safeweb/http.go b/safeweb/http.go index b41a1855d..5a8a6078a 100644 --- a/safeweb/http.go +++ b/safeweb/http.go @@ -242,10 +242,12 @@ func (s *Server) serveBrowser(w http.ResponseWriter, r *http.Request) { s.csrfProtect(s.BrowserMux).ServeHTTP(w, r) } -// RedirectHTTP returns a handler that redirects all incoming HTTP requests to -// the provided fully qualified domain name (FQDN). -func (s *Server) RedirectHTTP(fqdn string) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { +// ServeRedirectHTTP serves a single HTTP handler on the provided listener that +// redirects all incoming HTTP requests to the HTTPS address of the provided +// fully qualified domain name (FQDN). Callers are responsible for closing the +// listener. +func (s *Server) ServeRedirectHTTP(ln net.Listener, fqdn string) error { + return http.Serve(ln, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { new := url.URL{ Scheme: "https", Host: fqdn, @@ -254,7 +256,7 @@ func (s *Server) RedirectHTTP(fqdn string) http.Handler { } http.Redirect(w, r, new.String(), http.StatusMovedPermanently) - }) + })) } // Serve starts the server and listens on the provided listener. It will block