This change pulls in some code copied from net/http's fs.go so that we
can support If-Match/If-None-Match requests. This will make it easy to
put a caching proxy in front of linx-server instances. Request
validation will still happen as long as the proxy can contact the
origin, so expiration and deletion will still work as expected under
normal circumstances.
With the localfs backend, it's possible for a file to be removed but its
metadata file to remain intact. In this case, viewing the selif URL for
that file would return a broken page with two error pages stacked on top
of each other. This changes fixes that by replacing the output in that
case with a single "Unable to open file." error message.
Use of the Content-Security-Policy header to specify a referrer policy
was deprecated in favor of a [new
header](fc55d917be).
This change changes the existing referrer policy directives to use this
header and adds corresponding config options/command line flags.
We can use the Host property of the request and the X-Forwarded-Proto to
infer the site URL. To reduce complexity, the path is not inferred, and
it is assumed that linx-server is running at /. If this is not the case,
the site URL must be manually configured; this is no different than it
was before.
The policy of "referrer none" was incorrect and was nonfunctional. With
this change, the CSP referrer policy is set to origin, which
will causes only the origin to be sent for requests made from the main
site.
A fix was also needed for referrer checks in two places.
Andrei Marcu
Viktor Oreshkin
mutantmonkey
mutantmonkey
Matt Hazinski
Jacob Melton