mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-26 09:32:01 +00:00
update code and add document
This commit is contained in:
parent
c298fba774
commit
bd78af435d
@ -365,6 +365,15 @@ Opens `https://tabix.io/` when accessing `http://localhost: http_port`.
|
||||
<http_server_default_response>
|
||||
<![CDATA[<html ng-app="SMI2"><head><base href="http://ui.tabix.io/"></head><body><div ui-view="" class="content-ui"></div><script src="http://loader.tabix.io/master.js"></script></body></html>]]>
|
||||
</http_server_default_response>
|
||||
```
|
||||
## hsts_max_age
|
||||
|
||||
Expired time for HSTS in seconds. The default value is 0 means clickhouse disabled HSTS. If you set a positive number, the HSTS will be enabled and the max-age is the number you set.
|
||||
|
||||
**Example**
|
||||
|
||||
```xml
|
||||
<hsts_max_age>600000</hsts_max_age>
|
||||
```
|
||||
|
||||
## include_from {#server_configuration_parameters-include_from}
|
||||
|
@ -26,6 +26,7 @@ HTTPServerRequest::HTTPServerRequest(ContextPtr context, HTTPServerResponse & re
|
||||
/// Now that we know socket is still connected, obtain addresses
|
||||
client_address = session.clientAddress();
|
||||
server_address = session.serverAddress();
|
||||
secure = session.socket().secure();
|
||||
|
||||
auto receive_timeout = context->getSettingsRef().http_receive_timeout;
|
||||
auto send_timeout = context->getSettingsRef().http_send_timeout;
|
||||
|
@ -30,6 +30,8 @@ public:
|
||||
|
||||
bool checkPeerConnected() const;
|
||||
|
||||
bool isSecure() const { return secure; }
|
||||
|
||||
/// Returns the client's address.
|
||||
const Poco::Net::SocketAddress & clientAddress() const { return client_address; }
|
||||
|
||||
@ -54,6 +56,8 @@ private:
|
||||
Poco::Net::SocketAddress client_address;
|
||||
Poco::Net::SocketAddress server_address;
|
||||
|
||||
bool secure;
|
||||
|
||||
void readRequest(ReadBuffer & in);
|
||||
};
|
||||
|
||||
|
@ -834,12 +834,20 @@ void HTTPHandler::trySendExceptionToClient(
|
||||
void HTTPHandler::handleRequest(HTTPServerRequest & request, HTTPServerResponse & response)
|
||||
{
|
||||
setThreadName("HTTPHandler");
|
||||
|
||||
if (request.isSecure())
|
||||
{
|
||||
size_t hsts_max_age = server.config().getUInt64("hsts_max_age", 0);
|
||||
|
||||
if (hsts_max_age > 0)
|
||||
response.add("Strict-Transport-Security", "max-age=" + std::to_string(hsts_max_age));
|
||||
}
|
||||
|
||||
ThreadStatus thread_status;
|
||||
|
||||
session = std::make_unique<Session>(server.context(), ClientInfo::Interface::HTTP);
|
||||
SCOPE_EXIT({ session.reset(); });
|
||||
std::optional<CurrentThread::QueryScope> query_scope;
|
||||
|
||||
Output used_output;
|
||||
|
||||
/// In case of exception, send stack trace to client.
|
||||
|
@ -81,6 +81,14 @@ void InterserverIOHTTPHandler::handleRequest(HTTPServerRequest & request, HTTPSe
|
||||
{
|
||||
setThreadName("IntersrvHandler");
|
||||
|
||||
if (request.isSecure())
|
||||
{
|
||||
size_t hsts_max_age = server.config().getUInt64("hsts_max_age", 0);
|
||||
|
||||
if (hsts_max_age > 0)
|
||||
response.add("Strict-Transport-Security", "max-age=" + std::to_string(hsts_max_age));
|
||||
}
|
||||
|
||||
/// In order to work keep-alive.
|
||||
if (request.getVersion() == HTTPServerRequest::HTTP_1_1)
|
||||
response.setChunkedTransferEncoding(true);
|
||||
|
@ -20,6 +20,14 @@ void PrometheusRequestHandler::handleRequest(HTTPServerRequest & request, HTTPSe
|
||||
const auto & config = server.config();
|
||||
unsigned keep_alive_timeout = config.getUInt("keep_alive_timeout", 10);
|
||||
|
||||
if (request.isSecure())
|
||||
{
|
||||
size_t hsts_max_age = config.getUInt64("hsts_max_age", 0);
|
||||
|
||||
if (hsts_max_age > 0)
|
||||
response.add("Strict-Transport-Security", "max-age=" + std::to_string(hsts_max_age));
|
||||
}
|
||||
|
||||
setResponseDefaultHeaders(response, keep_alive_timeout);
|
||||
|
||||
response.setContentType("text/plain; version=0.0.4; charset=UTF-8");
|
||||
|
@ -101,17 +101,7 @@ static inline void trySendExceptionToClient(
|
||||
|
||||
void StaticRequestHandler::handleRequest(HTTPServerRequest & request, HTTPServerResponse & response)
|
||||
{
|
||||
const auto & config = server.config();
|
||||
auto keep_alive_timeout = config.getUInt("keep_alive_timeout", 10);
|
||||
size_t hsts_max_age = config.getUInt64("hsts_max_age", 0);
|
||||
|
||||
if (hsts_max_age > 0)
|
||||
{
|
||||
std::stringstream ss;
|
||||
ss << "max-age=" << hsts_max_age;
|
||||
response.add("Strict-Transport-Security", ss.str());
|
||||
}
|
||||
|
||||
auto keep_alive_timeout = server.config().getUInt("keep_alive_timeout", 10);
|
||||
const auto & out = responseWriteBuffer(request, response, keep_alive_timeout);
|
||||
|
||||
try
|
||||
|
@ -20,7 +20,16 @@ WebUIRequestHandler::WebUIRequestHandler(IServer & server_, std::string resource
|
||||
|
||||
void WebUIRequestHandler::handleRequest(HTTPServerRequest & request, HTTPServerResponse & response)
|
||||
{
|
||||
auto keep_alive_timeout = server.config().getUInt("keep_alive_timeout", 10);
|
||||
auto & config = server.config();
|
||||
auto keep_alive_timeout = config.getUInt("keep_alive_timeout", 10);
|
||||
|
||||
if (request.isSecure())
|
||||
{
|
||||
size_t hsts_max_age = server.config().getUInt64("hsts_max_age", 0);
|
||||
|
||||
if (hsts_max_age > 0)
|
||||
response.add("Strict-Transport-Security", "max-age=" + std::to_string(hsts_max_age));
|
||||
}
|
||||
|
||||
response.setContentType("text/html; charset=UTF-8");
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user