From ab5b245182c36ecd79ea71d7ba499e3cce75bee9 Mon Sep 17 00:00:00 2001 From: Lauris BH Date: Sun, 30 Sep 2018 01:44:06 +0300 Subject: [PATCH] Disable debug routes unless PPROF is enabled in configuration (#4995) --- Gopkg.lock | 4 +-- routers/routes/routes.go | 1 + .../github.com/go-macaron/toolbox/toolbox.go | 30 +++++++++++-------- 3 files changed, 20 insertions(+), 15 deletions(-) diff --git a/Gopkg.lock b/Gopkg.lock index 056d8fd6f..e6eb721fd 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -352,11 +352,11 @@ revision = "66031fcb37a0fff002a1f028eb0b3a815c78306b" [[projects]] - digest = "1:6fb9cae2a3b4518e048a899b273e23b671802b611ccfcca0b576ecc08bb7b8f5" + digest = "1:758d2371fcdee6d02565901b348729053c636055e67ef6e17aa466c7ff6cc57c" name = "github.com/go-macaron/toolbox" packages = ["."] pruneopts = "NUT" - revision = "99a42f20e9e88daec5c0d7beb4e7eac134680ab0" + revision = "a77f45a7ce909c0ff14b28279fa1a2b674acb70f" [[projects]] digest = "1:747c1fcb10f8f6734551465ab73c6ed9c551aa6e66250fb6683d1624f554546a" diff --git a/routers/routes/routes.go b/routers/routes/routes.go index bc4879b51..4ca421065 100644 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -131,6 +131,7 @@ func NewMacaron() *macaron.Macaron { Func: models.Ping, }, }, + DisableDebug: !setting.EnablePprof, })) m.Use(context.Contexter()) return m diff --git a/vendor/github.com/go-macaron/toolbox/toolbox.go b/vendor/github.com/go-macaron/toolbox/toolbox.go index 94153ca21..8c7f03adf 100644 --- a/vendor/github.com/go-macaron/toolbox/toolbox.go +++ b/vendor/github.com/go-macaron/toolbox/toolbox.go @@ -26,7 +26,7 @@ import ( "gopkg.in/macaron.v1" ) -const _VERSION = "0.1.2" +const _VERSION = "0.1.4" func Version() string { return _VERSION @@ -58,6 +58,8 @@ type Options struct { HealthCheckFuncs []*HealthCheckFuncDesc // URL for URL map json. Default is "/urlmap.json". URLMapPrefix string + // DisableDebug turns off all debug functionality. + DisableDebug bool // URL prefix of pprof. Default is "/debug/pprof/". PprofURLPrefix string // URL prefix of profile. Default is "/debug/profile/". @@ -98,7 +100,7 @@ func prepareOptions(options []Options) { } } -func dashboard(ctx *macaron.Context) string { +func dashboard() string { return fmt.Sprintf(`

Toolbox Index:

  1. Pprof Information
    2. @@ -125,23 +127,25 @@ func Toolboxer(m *macaron.Macaron, options ...Options) macaron.Handler { for _, fd := range opt.HealthCheckFuncs { t.AddHealthCheckFunc(fd.Desc, fd.Func) } - m.Get(opt.HealthCheckURL, t.handleHealthCheck) + m.Route(opt.HealthCheckURL, "HEAD,GET", t.handleHealthCheck) // URL map. m.Get(opt.URLMapPrefix, func(rw http.ResponseWriter) { t.JSON(rw) }) - // Pprof. - m.Any(path.Join(opt.PprofURLPrefix, "cmdline"), pprof.Cmdline) - m.Any(path.Join(opt.PprofURLPrefix, "profile"), pprof.Profile) - m.Any(path.Join(opt.PprofURLPrefix, "symbol"), pprof.Symbol) - m.Any(opt.PprofURLPrefix, pprof.Index) - m.Any(path.Join(opt.PprofURLPrefix, "*"), pprof.Index) - - // Profile. - profilePath = opt.ProfilePath - m.Get(opt.ProfileURLPrefix, handleProfile) + if !opt.DisableDebug { + // Pprof + m.Any(path.Join(opt.PprofURLPrefix, "cmdline"), pprof.Cmdline) + m.Any(path.Join(opt.PprofURLPrefix, "profile"), pprof.Profile) + m.Any(path.Join(opt.PprofURLPrefix, "symbol"), pprof.Symbol) + m.Any(opt.PprofURLPrefix, pprof.Index) + m.Any(path.Join(opt.PprofURLPrefix, "*"), pprof.Index) + + // Profile + profilePath = opt.ProfilePath + m.Get(opt.ProfileURLPrefix, handleProfile) + } // Routes statistic. t.UrlMap = &UrlMap{