HARUYAMA Seigo(@haruyama)
We adopted and use ant0ine/go-json-rest
We have some problems
We do not use “github.com/goadesign/goa/goatest”.
We use “github.com/ivpusic/httpcheck”.
func MountController(service *goa.Service) error {
uiPath := filepath.Join(system.RelaxBasePath, "apiserver/swaggerui/dist")
uiIndex := filepath.Join(uiPath, "index.html")
if err := service.ServeFiles("/swagger-ui/", uiIndex); err != nil {
return err
}
return service.ServeFiles("/swagger-ui/*filepath", uiPath)
}
var xFrameOptions = http.CanonicalHeaderKey("X-Frame-Options")
var xXSSProtection = http.CanonicalHeaderKey("X-XSS-Protection")
var xContentTypeOptions = http.CanonicalHeaderKey("X-Content-Type-Options")
var contentSecurityPolicy = http.CanonicalHeaderKey("Content-Security-Policy")
func SecurityHeaders() goa.Middleware {
return func(h goa.Handler) goa.Handler {
return func(ctx context.Context, rw http.ResponseWriter, r *http.Request) error {
rw.Header().Set(xFrameOptions, "DENY")
rw.Header().Set(xXSSProtection, "1; mode=block")
rw.Header().Set(xContentTypeOptions, "nosniff")
rw.Header().Set(contentSecurityPolicy, "default-src 'self'; script-src 'self' 'unsafe-eval'
'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:;")
return h(ctx, rw, r)
}
}
}
based on zenzen/goji:/web/middleware/realip.go
func RealIP() goa.Middleware {
return func(h goa.Handler) goa.Handler {
return func(ctx context.Context, rw http.ResponseWriter, r *http.Request) error {
if rip := realIP(r); rip != "" {
r.RemoteAddr = rip
}
return h(ctx, rw, r)
}
}
}
We use glide.
We used tools/godep: dependency tool for go before using vendoring.
We use following tools: