Package csrf is used to protect against login CSRF in Teleport's SSO flows.

ConvertResponse converts http error to internal error type based on HTTP response code and HTTP body contents.

GetContentSecurityPolicyString combines multiple CSP maps into a single CSP string, alphabetically sorted by the directive key.

MakeHandler returns a new httprouter.Handle func from a handler func.

MakeHandlerWithErrorWriter returns a httprouter.Handle from the HandlerFunc, and sends all errors to ErrorWriter.

MakeSecurityHeaderHandler returns a new httprouter.Handle func that wraps the provided handler func with one that will ensure the headers from SetDefaultSecurityHeaders are applied.

MakeStdHandlerWithErrorWriter returns a http.HandlerFunc from the StdHandlerFunc, and sends all errors to ErrorWriter.

MakeTracingHandler returns a new httprouter.Handle func that wraps the provided handler func with one that will add a tracing span for each request.

MakeTracingMiddleware returns an HTTP middleware that makes tracing handlers.

NewResponseStatusRecorder makes and returns a ResponseStatusRecorder.

OriginLocalRedirectURI will take an incoming URL including optionally the host and scheme and return the URI associated with the URL.

ParseBool will parse boolean variable from url query returns value, ok, error.

ReadJSON reads HTTP json request and unmarshals it into passed any obj.

ReadJSON reads an HTTP JSON request and unmarshals it into val.

Rewrite creates a rewrite pair, panics if in epxression is not a valid regular expressoin.

RewritePaths creates a middleware that rewrites paths in incoming request.

RouteNotFoundResponse writes a JSON error reply containing a not found error, a Version object, and a not found HTTP status code.

SetCacheHeaders tells proxies and browsers to cache the content.

SetDefaultSecurityHeaders adds headers that should generally be considered safe defaults.

SetEntityTagCacheHeaders tells proxies and browsers to cache the content and sets an ETag based on teleport version which can be used to check for modifications.

SetIndexContentSecurityPolicy sets the Content-Security-Policy header for main index.html page.

SetNoCacheHeaders tells proxies and browsers do not cache the content.

SetScriptHeaders sets headers for the teleport install script.

SetWebConfigHeaders sets headers for webConfig.js.

WrapSyscallConn tries to wrap rawConn and newConn into a net.Conn that implements syscall.Conn.

ProxyVersion describes the parts of a Proxy semver version in the format: major.minor.patch-preRelease.

ResponseStatusRecorder is an http.ResponseWriter that records the response status code.

RewritePair is a rewrite expression.

TLSCreds is the credentials required for authenticating a connection using TLS.

CSPMap holds a map of Content Security Policy.

ErrorWriter is a function responsible for writing the error into response body.

HandlerFunc specifies HTTP handler function that returns error.

StdHandlerFunc specifies HTTP handler function that returns error.