Add Cache-Control: private, no-store HTTP header to server endpoints that respond with sensitive info.

km274 · km274 · commit 31ddf65a53af · 2023-09-15T10:52:41.000-05:00
Fixes #793
diff --git a/authority/admin/api/provisioner.go b/authority/admin/api/provisioner.go
@@ -55,6 +55,8 @@ func GetProvisioner(w http.ResponseWriter, r *http.Request) {
 		render.Error(w, err)
 		return
 	}
+
+	w.Header().Set("Cache-Control", "private, no-store")
 	render.ProtoJSON(w, prov)
 }
 
@@ -72,6 +74,7 @@ func GetProvisioners(w http.ResponseWriter, r *http.Request) {
 		render.Error(w, errs.InternalServerErr(err))
 		return
 	}
+
 	render.JSON(w, &GetProvisionersResponse{
 		Provisioners: p,
 		NextCursor:   next,
@@ -102,6 +105,8 @@ func CreateProvisioner(w http.ResponseWriter, r *http.Request) {
 		render.Error(w, admin.WrapErrorISE(err, "error storing provisioner %s", prov.Name))
 		return
 	}
+
+	w.Header().Set("Cache-Control", "private, no-store")
 	render.ProtoJSONStatus(w, prov, http.StatusCreated)
 }
 
@@ -198,6 +203,8 @@ func UpdateProvisioner(w http.ResponseWriter, r *http.Request) {
 		render.Error(w, err)
 		return
 	}
+
+	w.Header().Set("Cache-Control", "private, no-store")
 	render.ProtoJSON(w, nu)
 }
 
diff --git a/authority/admin/api/webhook.go b/authority/admin/api/webhook.go
@@ -127,6 +127,7 @@ func (war *webhookAdminResponder) CreateProvisionerWebhook(w http.ResponseWriter
 		return
 	}
 
+	w.Header().Set("Cache-Control", "private, no-store")
 	render.ProtoJSONStatus(w, newWebhook, http.StatusCreated)
 }
 
@@ -231,5 +232,7 @@ func (war *webhookAdminResponder) UpdateProvisionerWebhook(w http.ResponseWriter
 		Auth:                 newWebhook.Auth,
 		DisableTlsClientAuth: newWebhook.DisableTlsClientAuth,
 	}
+
+	w.Header().Set("Cache-Control", "private, no-store")
 	render.ProtoJSONStatus(w, whResponse, http.StatusCreated)
 }

Original file line number	Diff line number	Diff line change
`@@ -55,6 +55,8 @@ func GetProvisioner(w http.ResponseWriter, r *http.Request) {`
`55`	`55`	`render.Error(w, err)`
`56`	`56`	`return`
`57`	`57`	`}`
	`58`	`+`
	`59`	`+ w.Header().Set("Cache-Control", "private, no-store")`
`58`	`60`	`render.ProtoJSON(w, prov)`
`59`	`61`	`}`
`60`	`62`
`@@ -72,6 +74,7 @@ func GetProvisioners(w http.ResponseWriter, r *http.Request) {`
`72`	`74`	`render.Error(w, errs.InternalServerErr(err))`
`73`	`75`	`return`
`74`	`76`	`}`
	`77`	`+`
`75`	`78`	`render.JSON(w, &GetProvisionersResponse{`
`76`	`79`	`Provisioners: p,`
`77`	`80`	`NextCursor: next,`
`@@ -102,6 +105,8 @@ func CreateProvisioner(w http.ResponseWriter, r *http.Request) {`
`102`	`105`	`render.Error(w, admin.WrapErrorISE(err, "error storing provisioner %s", prov.Name))`
`103`	`106`	`return`
`104`	`107`	`}`
	`108`	`+`
	`109`	`+ w.Header().Set("Cache-Control", "private, no-store")`
`105`	`110`	`render.ProtoJSONStatus(w, prov, http.StatusCreated)`
`106`	`111`	`}`
`107`	`112`
`@@ -198,6 +203,8 @@ func UpdateProvisioner(w http.ResponseWriter, r *http.Request) {`
`198`	`203`	`render.Error(w, err)`
`199`	`204`	`return`
`200`	`205`	`}`
	`206`	`+`
	`207`	`+ w.Header().Set("Cache-Control", "private, no-store")`
`201`	`208`	`render.ProtoJSON(w, nu)`
`202`	`209`	`}`
`203`	`210`
Original file line number	Diff line number	Diff line change
`@@ -127,6 +127,7 @@ func (war *webhookAdminResponder) CreateProvisionerWebhook(w http.ResponseWriter`
`127`	`127`	`return`
`128`	`128`	`}`
`129`	`129`
	`130`	`+ w.Header().Set("Cache-Control", "private, no-store")`
`130`	`131`	`render.ProtoJSONStatus(w, newWebhook, http.StatusCreated)`
`131`	`132`	`}`
`132`	`133`
`@@ -231,5 +232,7 @@ func (war *webhookAdminResponder) UpdateProvisionerWebhook(w http.ResponseWriter`
`231`	`232`	`Auth: newWebhook.Auth,`
`232`	`233`	`DisableTlsClientAuth: newWebhook.DisableTlsClientAuth,`
`233`	`234`	`}`
	`235`	`+`
	`236`	`+ w.Header().Set("Cache-Control", "private, no-store")`
`234`	`237`	`render.ProtoJSONStatus(w, whResponse, http.StatusCreated)`
`235`	`238`	`}`