Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

etcdserver: don't allow methods other than GET in /debug/vars

Browse Source 
Currently, /debug/vars seems to allow all types of methods e.g. PUT,
POST, etc. However, this path is a readonly stuff so it should allow
GET only.
This commit is contained in:
Hitoshi Mitake 2015-10-20 17:19:42 +09:00
parent 7dcb99b60e
commit 1b0c65c299
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etcdserver/etcdhttp/client.go
View File

@ -324,6 +324,10 @@ func (h *statsHandler) serveLeader(w http.ResponseWriter, r *http.Request) {
} }
func serveVars(w http.ResponseWriter, r *http.Request) { func serveVars(w http.ResponseWriter, r *http.Request) {
if !allowMethod(w, r.Method, "GET") {
return
}
w.Header().Set("Content-Type", "application/json; charset=utf-8") w.Header().Set("Content-Type", "application/json; charset=utf-8")
fmt.Fprintf(w, "{\n") fmt.Fprintf(w, "{\n")
first := true first := true