opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-28 22:02:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
grafana/pkg/services/frontend/index.go
Josh Hunt 91d9cac157 FEMT: Call /bootdata and render grafana (#105176) 
* rename /mtfe route to /femt to match project name

* set correct navTree JSON property name

* call GetWebAssets in the request handler to prevent stale assets during development

* Call /bootdata and render grafana

* set nonce on script

* write csp header in index handler

* write report-only csp as well

* debug stuff

* more debug logging

* move importing app into a seperate, async-loaded module

* Clean up comments

* make /femt redirect to / in the frontend

* remove console.log

* remove stale commented code

* call __grafana_load_failed if bootstrap fails

* comment for __grafana_boot_data_promise

* remove console.log

* remove blank newline

* codeowners
2025-05-13 09:58:46 +01:00

126 lines
3.2 KiB
Go
Raw Blame History

package frontend
import (
"context"
"embed"
"errors"
"fmt"
"html/template"
"net/http"
"syscall"
"github.com/grafana/grafana-app-sdk/logging"
"github.com/grafana/grafana/pkg/api/dtos"
"github.com/grafana/grafana/pkg/api/webassets"
"github.com/grafana/grafana/pkg/middleware"
"github.com/grafana/grafana/pkg/services/licensing"
"github.com/grafana/grafana/pkg/setting"
)
type IndexProvider struct {
log logging.Logger
index *template.Template
data IndexViewData
}
type IndexViewData struct {
CSPContent string
CSPReportOnlyContent string
CSPEnabled bool
IsDevelopmentEnv bool
Config *setting.Cfg
License licensing.Licensing
AppSubUrl string
BuildVersion string
BuildCommit string
AppTitle string
Assets *dtos.EntryPointAssets // Includes CDN info
// Nonce is a cryptographic identifier for use with Content Security Policy.
Nonce string
}
// Templates setup.
var (
//go:embed *.html
templatesFS embed.FS
// templates
htmlTemplates = template.Must(template.New("html").Delims("[[", "]]").ParseFS(templatesFS, `*.html`))
)
func NewIndexProvider(cfg *setting.Cfg, license licensing.Licensing) (*IndexProvider, error) {
t := htmlTemplates.Lookup("index.html")
if t == nil {
return nil, fmt.Errorf("missing index template")
}
return &IndexProvider{
log: logging.DefaultLogger.With("logger", "index-provider"),
index: t,
data: IndexViewData{
AppTitle: "Grafana",
AppSubUrl: cfg.AppSubURL, // Based on the request?
BuildVersion: cfg.BuildVersion,
BuildCommit: cfg.BuildCommit,
Config: cfg,
License: license,
CSPEnabled: cfg.CSPEnabled,
CSPContent: cfg.CSPTemplate,
CSPReportOnlyContent: cfg.CSPReportOnlyTemplate,
IsDevelopmentEnv: cfg.Env == setting.Dev,
},
}, nil
}
func (p *IndexProvider) HandleRequest(writer http.ResponseWriter, request *http.Request) {
if request.Method != "GET" {
writer.WriteHeader(http.StatusMethodNotAllowed)
return
}
nonce, err := middleware.GenerateNonce()
if err != nil {
p.log.Error("error creating nonce", "err", err)
writer.WriteHeader(500)
return
}
// TODO -- restructure so the static stuff is under one variable and the rest is dynamic
data := p.data // copy everything
data.Nonce = nonce
if data.CSPEnabled {
data.CSPContent = middleware.ReplacePolicyVariables(p.data.CSPContent, p.data.AppSubUrl, data.Nonce)
writer.Header().Set("Content-Security-Policy", data.CSPContent)
policy := middleware.ReplacePolicyVariables(p.data.CSPReportOnlyContent, p.data.AppSubUrl, data.Nonce)
writer.Header().Set("Content-Security-Policy-Report-Only", policy)
}
// TODO: moved to request handler to prevent stale assets during dev,
// but should we do this differently?
assets, err := webassets.GetWebAssets(context.Background(), data.Config, data.License)
if err != nil {
p.log.Error("error getting assets", "err", err)
writer.WriteHeader(500)
return
}
data.Assets = assets
writer.Header().Set("Content-Type", "text/html; charset=UTF-8")
writer.WriteHeader(200)
if err := p.index.Execute(writer, &data); err != nil {
if errors.Is(err, syscall.EPIPE) { // Client has stopped listening.
return
}
panic(fmt.Sprintf("Error rendering index\n %s", err.Error()))
}
}
Reference in New Issue View Git Blame Copy Permalink