MCPcopy
hub / github.com/dgraph-io/dgraph / filteredExpvarHandler

Function filteredExpvarHandler

x/server.go:101–116  ·  view source on GitHub ↗

filteredExpvarHandler serves /debug/vars but omits the "cmdline" key that expvar publishes by default (os.Args), which may contain the admin token from --security "token=...".

(w http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

99// expvar publishes by default (os.Args), which may contain the admin token
100// from --security "token=...".
101func filteredExpvarHandler(w http.ResponseWriter, r *http.Request) {
102 w.Header().Set("Content-Type", "application/json; charset=utf-8")
103 fmt.Fprintf(w, "{\n")
104 first := true
105 expvar.Do(func(kv expvar.KeyValue) {
106 if kv.Key == "cmdline" {
107 return
108 }
109 if !first {
110 fmt.Fprintf(w, ",\n")
111 }
112 first = false
113 fmt.Fprintf(w, "%q: %s", kv.Key, kv.Value)
114 })
115 fmt.Fprintf(w, "\n}\n")
116}
117
118// SanitizedDefaultServeMux returns an http.Handler that wraps
119// http.DefaultServeMux but blocks endpoints that expose the full process

Callers 1

SanitizedDefaultServeMuxFunction · 0.85

Calls 1

SetMethod · 0.65

Tested by

no test coverage detected