28 lines
554 B
Go
28 lines
554 B
Go
package middlewares
|
|
|
|
import (
|
|
"net/http"
|
|
"slices"
|
|
|
|
"git.secnex.io/secnex/api-gateway/config"
|
|
"git.secnex.io/secnex/api-gateway/res"
|
|
)
|
|
|
|
func WAF(next http.Handler, wafConfig config.WAFConfiguration) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if !wafConfig.Enabled {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
if slices.Contains(wafConfig.Methods, "*") {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
if !slices.Contains(wafConfig.Methods, r.Method) {
|
|
res.Forbidden(w)
|
|
return
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|