1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-24 17:30:55 +00:00

fix the http: multiple response.WriteHeader calls

This commit is contained in:
astaxie 2015-08-28 23:08:00 +08:00
parent 306effa300
commit ad6547936e
2 changed files with 8 additions and 11 deletions

View File

@ -83,41 +83,41 @@ func APIBaiscAuth(appid, appkey string) beego.FilterFunc {
func APIAuthWithFunc(f AppIdToAppSecret, timeout int) beego.FilterFunc { func APIAuthWithFunc(f AppIdToAppSecret, timeout int) beego.FilterFunc {
return func(ctx *context.Context) { return func(ctx *context.Context) {
if ctx.Input.Query("appid") == "" { if ctx.Input.Query("appid") == "" {
ctx.Output.SetStatus(403) ctx.ResponseWriter.WriteHeader(403)
ctx.WriteString("miss query param: appid") ctx.WriteString("miss query param: appid")
return return
} }
appsecret := f(ctx.Input.Query("appid")) appsecret := f(ctx.Input.Query("appid"))
if appsecret == "" { if appsecret == "" {
ctx.Output.SetStatus(403) ctx.ResponseWriter.WriteHeader(403)
ctx.WriteString("not exist this appid") ctx.WriteString("not exist this appid")
return return
} }
if ctx.Input.Query("signature") == "" { if ctx.Input.Query("signature") == "" {
ctx.Output.SetStatus(403) ctx.ResponseWriter.WriteHeader(403)
ctx.WriteString("miss query param: signature") ctx.WriteString("miss query param: signature")
return return
} }
if ctx.Input.Query("timestamp") == "" { if ctx.Input.Query("timestamp") == "" {
ctx.Output.SetStatus(403) ctx.ResponseWriter.WriteHeader(403)
ctx.WriteString("miss query param: timestamp") ctx.WriteString("miss query param: timestamp")
return return
} }
u, err := time.Parse("2006-01-02 15:04:05", ctx.Input.Query("timestamp")) u, err := time.Parse("2006-01-02 15:04:05", ctx.Input.Query("timestamp"))
if err != nil { if err != nil {
ctx.Output.SetStatus(403) ctx.ResponseWriter.WriteHeader(403)
ctx.WriteString("timestamp format is error, should 2006-01-02 15:04:05") ctx.WriteString("timestamp format is error, should 2006-01-02 15:04:05")
return return
} }
t := time.Now() t := time.Now()
if t.Sub(u).Seconds() > float64(timeout) { if t.Sub(u).Seconds() > float64(timeout) {
ctx.Output.SetStatus(403) ctx.ResponseWriter.WriteHeader(403)
ctx.WriteString("timeout! the request time is long ago, please try again") ctx.WriteString("timeout! the request time is long ago, please try again")
return return
} }
if ctx.Input.Query("signature") != if ctx.Input.Query("signature") !=
Signature(appsecret, ctx.Input.Method(), ctx.Request.Form, ctx.Input.Uri()) { Signature(appsecret, ctx.Input.Method(), ctx.Request.Form, ctx.Input.Uri()) {
ctx.Output.SetStatus(403) ctx.ResponseWriter.WriteHeader(403)
ctx.WriteString("auth failed") ctx.WriteString("auth failed")
} }
} }

View File

@ -24,7 +24,7 @@
// // - PUT and PATCH methods // // - PUT and PATCH methods
// // - Origin header // // - Origin header
// // - Credentials share // // - Credentials share
// beego.InsertFilter("*", beego.BeforeRouter,cors.Allow(&cors.Options{ // beego.InsertFilter("*", beego.BeforeRouter, cors.Allow(&cors.Options{
// AllowOrigins: []string{"https://*.foo.com"}, // AllowOrigins: []string{"https://*.foo.com"},
// AllowMethods: []string{"PUT", "PATCH"}, // AllowMethods: []string{"PUT", "PATCH"},
// AllowHeaders: []string{"Origin"}, // AllowHeaders: []string{"Origin"},
@ -36,7 +36,6 @@
package cors package cors
import ( import (
"net/http"
"regexp" "regexp"
"strconv" "strconv"
"strings" "strings"
@ -216,8 +215,6 @@ func Allow(opts *Options) beego.FilterFunc {
for key, value := range headers { for key, value := range headers {
ctx.Output.Header(key, value) ctx.Output.Header(key, value)
} }
ctx.Output.SetStatus(http.StatusOK)
ctx.WriteString("")
return return
} }
headers = opts.Header(origin) headers = opts.Header(origin)