plugin-blockpath
plugin-blockpath copied to clipboard
Published
20 hours ago •
traefik
traefik
Allow a regex whitelist
Would we consider allowing a whitelist to work against the blocklist in this plugin? My use case is that I wish to block all paths beginning with, e.g. /wp-admin (the wordpress admin backend), but allow access to /wp-admin/admin-ajax.php specifically.
As Golang/RE2 expressions do not allow lookaheads, this is a difficult express to write (or impossible depending on the functionality required). I suspect this may be a common request (something that is fairly trivial with, say, .htaccess files).
One option would be to add a second configuration to the plugin, regexWhitelist, with ServeHTTP looking something along the lines of:
currentPath := req.URL.EscapedPath()
blocked := false
for _, re := range b.regexps {
if re.MatchString(currentPath) {
blocked = true
break
}
}
for _, re := range b.regexpsWhitelist {
if re.MatchString(currentPath) {
blocked = false
break
}
}
if (blocked) {
rw.WriteHeader(http.StatusForbidden)
return
}
b.next.ServeHTTP(rw, req)
(may not be perfect, been a while since I wrote some Golang)
Thoughts?
