config+proxy: disable static file serving by default

aperture.go

@@ -391,7 +391,9 @@ func createProxy(cfg *config, genInvoiceReq InvoiceRequestGenerator,
 		ServiceLimiter: newStaticServiceLimiter(cfg.Services),
 	})
 	authenticator := auth.NewLsatAuthenticator(minter)
-	return proxy.New(authenticator, cfg.Services, cfg.StaticRoot)
+	return proxy.New(
+		authenticator, cfg.Services, cfg.ServeStatic, cfg.StaticRoot,
+	)
 }
 
 // cleanup closes the given server and shuts down the log rotator.

config.go

@@ -61,6 +61,10 @@ type config struct {
 	// is located.
 	StaticRoot string `long:"staticroot" description:"The folder where the static content is located."`
 
+	// ServeStatic defines if static content should be served from the
+	// directory defined by StaticRoot.
+	ServeStatic bool `long:"servestatic" description:"Flag to enable or disable static content serving."`
+
 	Etcd *etcdConfig `long:"etcd" description:"Configuration for the etcd instance backing the proxy."`
 
 	Authenticator *authConfig `long:"authenticator" description:"Configuration for the authenticator."`

proxy/proxy.go

@@ -41,10 +41,22 @@ type Proxy struct {
 // New returns a new Proxy instance that proxies between the services specified,
 // using the auth to validate each request's headers and get new challenge
 // headers if necessary.
-func New(auth auth.Authenticator, services []*Service, staticRoot string) (
-	*Proxy, error) {
+func New(auth auth.Authenticator, services []*Service, serveStatic bool,
+	staticRoot string) (*Proxy, error) {
+
+	// By default the static file server only returns 404 answers for
+	// security reasons. Serving files from the staticRoot directory has to
+	// be enabled intentionally.
+	staticServer := http.NotFoundHandler()
+	if serveStatic {
+		if len(strings.TrimSpace(staticRoot)) == 0 {
+			return nil, fmt.Errorf("staticroot cannot be empty, " +
+				"must contain path to directory that " +
+				"contains index.html")
+		}
+		staticServer = http.FileServer(http.Dir(staticRoot))
+	}
 
-	staticServer := http.FileServer(http.Dir(staticRoot))
 	proxy := &Proxy{
 		staticServer:  staticServer,
 		authenticator: auth,

proxy/proxy_test.go

@@ -71,7 +71,7 @@ func TestProxyHTTP(t *testing.T) {
 	}}
 
 	mockAuth := auth.NewMockAuthenticator()
-	p, err := proxy.New(mockAuth, services, "static")
+	p, err := proxy.New(mockAuth, services, true, "static")
 	if err != nil {
 		t.Fatalf("failed to create new proxy: %v", err)
 	}
@@ -169,7 +169,7 @@ func TestProxyGRPC(t *testing.T) {
 
 	// Create the proxy server and start serving on TLS.
 	mockAuth := auth.NewMockAuthenticator()
-	p, err := proxy.New(mockAuth, services, "static")
+	p, err := proxy.New(mockAuth, services, true, "static")
 	if err != nil {
 		t.Fatalf("failed to create new proxy: %v", err)
 	}
@@ -269,7 +269,7 @@ func TestWhitelistHTTP(t *testing.T) {
 	}}
 
 	mockAuth := auth.NewMockAuthenticator()
-	p, err := proxy.New(mockAuth, services, "static")
+	p, err := proxy.New(mockAuth, services, true, "static")
 	if err != nil {
 		t.Fatalf("failed to create new proxy: %v", err)
 	}
@@ -368,7 +368,7 @@ func TestWhitelistGRPC(t *testing.T) {
 
 	// Create the proxy server and start serving on TLS.
 	mockAuth := auth.NewMockAuthenticator()
-	p, err := proxy.New(mockAuth, services, "static")
+	p, err := proxy.New(mockAuth, services, true, "static")
 	if err != nil {
 		t.Fatalf("failed to create new proxy: %v", err)
 	}

sample-conf.yaml

@@ -5,6 +5,10 @@ listenaddr: "localhost:8081"
 # cannot handle.
 staticroot: "./static"
 
+# Should the static file server be enabled that serves files from the directory
+# specified in `staticroot`?
+servestatic: false
+
 # The log level that should be used for the proxy.
 #
 # Valid options include: trace, debug, info, warn, error, critical, off.