move src out of srv, clean up default.nix and Makefile

author: Brian Picciano <mediocregopher@gmail.com> 2022-09-13 12:56:08 +0200
committer: Brian Picciano <mediocregopher@gmail.com> 2022-09-13 12:56:08 +0200
commit: 4f01edb9230f58ff84b0dd892c931ec8ac9aad55 (patch)
tree: 9c1598a3f98203913ac2548883c02a81deb33dc7 /srv/src/http/csrf.go
parent: 5485984e05aebde22819adebfbd5ad51475a6c21 (diff)
1 files changed, 0 insertions, 43 deletions
diff --git a/srv/src/http/csrf.go b/srv/src/http/csrf.go
deleted file mode 100644
index a64e37e..0000000
--- a/srv/src/http/csrf.go
+++ /dev/null
@@ -1,43 +0,0 @@
-package http
-
-import (
-	"errors"
-	"net"
-	"net/http"
-	"net/url"
-
-	"github.com/mediocregopher/blog.mediocregopher.com/srv/http/apiutil"
-)
-
-func checkCSRF(r *http.Request, publicURL *url.URL) error {
-
-	if ipStr, _, err := net.SplitHostPort(r.Host); err == nil {
-		if ip := net.ParseIP(ipStr); ip != nil && ip.IsLoopback() {
-			return nil
-		}
-	}
-
-	refererURL, err := url.Parse(r.Referer())
-	if err != nil {
-		return errors.New("invalid Referer")
-	}
-
-	if refererURL.Scheme != publicURL.Scheme ||
-		refererURL.Host != publicURL.Host {
-		return errors.New("invalid Referer")
-	}
-
-	return nil
-}
-
-func (a *api) checkCSRFMiddleware(h http.Handler) http.Handler {
-	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
-
-		if err := checkCSRF(r, a.params.PublicURL); err != nil {
-			apiutil.BadRequest(rw, r, errors.New("invalid Referer"))
-			return
-		}
-
-		h.ServeHTTP(rw, r)
-	})
-}
author	Brian Picciano <mediocregopher@gmail.com>	2022-09-13 12:56:08 +0200
committer	Brian Picciano <mediocregopher@gmail.com>	2022-09-13 12:56:08 +0200
commit	4f01edb9230f58ff84b0dd892c931ec8ac9aad55 (patch)
tree	9c1598a3f98203913ac2548883c02a81deb33dc7 /srv/src/http/csrf.go
parent	5485984e05aebde22819adebfbd5ad51475a6c21 (diff)