From 5bcd86f3787783c65620c6353e709f483486ee04 Mon Sep 17 00:00:00 2001 From: Raphael 'kena' Poss Date: Fri, 8 Jan 2021 18:27:07 +0100 Subject: [PATCH] server: remove support for binary protobuf payloads in the HTTP endpoints For a couple of releases we've only ever used JSON over the HTTP protocol. There is no need to support the binary protobuf encoding. This patch removes that option, which also reduces the opportunity for bugs in protobuf to be exploited. Release note: None --- pkg/server/server.go | 3 --- pkg/util/httputil/http.go | 4 ---- 2 files changed, 7 deletions(-) diff --git a/pkg/server/server.go b/pkg/server/server.go index 3bf0543347f1..9599c70114be 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -1182,13 +1182,10 @@ func (s *Server) Start(ctx context.Context) error { EmitDefaults: true, Indent: " ", } - protopb := new(protoutil.ProtoPb) gwMux := gwruntime.NewServeMux( gwruntime.WithMarshalerOption(gwruntime.MIMEWildcard, jsonpb), gwruntime.WithMarshalerOption(httputil.JSONContentType, jsonpb), gwruntime.WithMarshalerOption(httputil.AltJSONContentType, jsonpb), - gwruntime.WithMarshalerOption(httputil.ProtoContentType, protopb), - gwruntime.WithMarshalerOption(httputil.AltProtoContentType, protopb), gwruntime.WithOutgoingHeaderMatcher(authenticationHeaderMatcher), gwruntime.WithMetadata(forwardAuthenticationMetadata), ) diff --git a/pkg/util/httputil/http.go b/pkg/util/httputil/http.go index fd02d3030b71..fcd9f7a94387 100644 --- a/pkg/util/httputil/http.go +++ b/pkg/util/httputil/http.go @@ -34,10 +34,6 @@ const ( JSONContentType = "application/json" // AltJSONContentType is the alternate JSON content type. AltJSONContentType = "application/x-json" - // ProtoContentType is the protobuf content type. - ProtoContentType = "application/x-protobuf" - // AltProtoContentType is the alternate protobuf content type. - AltProtoContentType = "application/x-google-protobuf" // PlaintextContentType is the plaintext content type. PlaintextContentType = "text/plain" // GzipEncoding is the gzip encoding.