github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Update docker resolver to authorize redirects

Browse Source 
Allows redirects to be authorized if authorization is provided
for the redirected to host. The authorization will always go
to the redirect and never to the referrer.

Signed-off-by: Derek McGowan <derek@mcg.dev>
This commit is contained in:
Derek McGowan 2021-05-14 12:12:37 -07:00
parent fe5d3496a4
commit b1d4140a22
No known key found for this signature in database
GPG Key ID: F58C5D0A4405ACDB
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
remotes/docker/resolver.go
View File

@ -539,7 +539,21 @@ func (r *request) do(ctx context.Context) (*http.Response, error) {
if err := r.authorize(ctx, req); err != nil {
return nil, errors.Wrap(err, "failed to authorize")
}
resp, err := ctxhttp.Do(ctx, r.host.Client, req)
var client = &http.Client{}
if r.host.Client != nil {
*client = *r.host.Client
}
if client.CheckRedirect == nil {
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
if len(via) >= 10 {
return errors.New("stopped after 10 redirects")
}
return errors.Wrap(r.authorize(ctx, req), "failed to authorize redirect")
}
}
resp, err := ctxhttp.Do(ctx, client, req)
if err != nil {
return nil, errors.Wrap(err, "failed to do request")
}