go-safeweb icon indicating copy to clipboard operation
go-safeweb copied to clipboard

Published 20 hours ago verified publisher icon google

Find a way to make plugins cooperate

Open kele opened this issue 4 years ago • 1 comments

Problem

Some plugins need to cooperate. For instance: framing plugin needs to cooperate with a csp plugin, cors would usually disable xsrf.

Proposed solution

To avoid the extra complexity of facilitating plugins (their interceptors) cooperation during execution time, we want to introduce orchestrators (name TBD).

At mux startup time, orchestrators would add other plugins to the respective handlers. Example:

mux.Handler(..., framing.Orchestrate(framing.UseCSP, framing.UseXFO))

The framing package would depend on the csp and the xfo packages in order to install and/or amend their configuration to support safe iframing.

kele avatar Aug 14 '20 19:08 kele

SGTM, should I provide some sample implementations?

empijei avatar Aug 14 '20 20:08 empijei