From 40ba2e26da3b30ee3cba5a59aad2e9c74cbc2754 Mon Sep 17 00:00:00 2001
From: Vincent <ViBiOh@users.noreply.github.com>
Date: Tue, 13 Nov 2018 15:25:55 +0100
Subject: [PATCH] Adding gzip compression for HTTP and Headers for tracker's
 sec (#181)

Thanks @ViBiOh!
---
 .env.example                      |  1 +
 docker-compose.yml                |  1 +
 docs/Configuration.md             |  2 ++
 docs/Installation instructions.md |  1 +
 pkg/api/http.go                   |  5 +++++
 pkg/cli/server.go                 | 11 +++++++++++
 6 files changed, 21 insertions(+)

diff --git a/.env.example b/.env.example
index 030d1bda..cbedf62b 100644
--- a/.env.example
+++ b/.env.example
@@ -1,3 +1,4 @@
+FATHOM_GZIP=true
 FATHOM_DEBUG=true
 FATHOM_DATABASE_DRIVER="sqlite3"
 FATHOM_DATABASE_NAME="./fathom.db"
diff --git a/docker-compose.yml b/docker-compose.yml
index 3d0e2bd2..d2f0d7ef 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,6 +6,7 @@ services:
       - "8080:8080"
     environment:
       - "FATHOM_SERVER_ADDR=:8080"
+      - "FATHOM_GZIP=true"
       - "FATHOM_DEBUG=false"
       - "FATHOM_DATABASE_DRIVER=mysql"
       - "FATHOM_DATABASE_NAME=fathom"
diff --git a/docs/Configuration.md b/docs/Configuration.md
index aec39418..8be2f97a 100644
--- a/docs/Configuration.md
+++ b/docs/Configuration.md
@@ -13,6 +13,7 @@ fathom --config=/home/john/fathom.env server
 The default configuration looks like this:
 
 ```
+FATHOM_GZIP=true
 FATHOM_DEBUG=true
 FATHOM_DATABASE_DRIVER="sqlite3"
 FATHOM_DATABASE_NAME="./fathom.db"
@@ -29,6 +30,7 @@ FATHOM_SECRET="random-secret-string"
 | :---- | :---| :---
 | FATHOM_DEBUG | `false` | If `true` will write more log messages.
 | FATHOM_SERVER_ADDR | `:8080` | The server address to listen on
+| FATHOM_GZIP | `false` | if `true` will HTTP content gzipped
 | FATHOM_DATABASE_DRIVER | `sqlite3` | The database driver to use: `mysql`, `postgres` or `sqlite3`
 | FATHOM_DATABASE_NAME |  | The name of the database to connect to (or path to database file if using sqlite3)
 | FATHOM_DATABASE_USER |  | Database connection user
diff --git a/docs/Installation instructions.md b/docs/Installation instructions.md
index b1e678fd..4051e8f1 100644
--- a/docs/Installation instructions.md	
+++ b/docs/Installation instructions.md	
@@ -29,6 +29,7 @@ Then, create a file named `.env` with the following contents.
 
 ```
 FATHOM_SERVER_ADDR=9000
+FATHOM_GZIP=true
 FATHOM_DEBUG=true
 FATHOM_DATABASE_DRIVER="sqlite3"
 FATHOM_DATABASE_NAME="fathom.db"
diff --git a/pkg/api/http.go b/pkg/api/http.go
index de5bf094..db051b69 100644
--- a/pkg/api/http.go
+++ b/pkg/api/http.go
@@ -63,6 +63,11 @@ func serveFile(box *packr.Box, filename string) Handler {
 			return err
 		}
 
+		// setting security and cache headers
+		w.Header().Set("X-Content-Type-Options", "nosniff")
+		w.Header().Set("X-Xss-Protection", "1; mode=block")
+		w.Header().Set("Cache-Control", "max-age=432000") // 5 days
+
 		http.ServeContent(w, r, filename, d.ModTime(), f)
 		return nil
 	}
diff --git a/pkg/cli/server.go b/pkg/cli/server.go
index 5759fa9b..19dc8fb7 100644
--- a/pkg/cli/server.go
+++ b/pkg/cli/server.go
@@ -31,6 +31,12 @@ var serverCmd = cli.Command{
 			Name:   "lets-encrypt",
 		},
 
+		cli.BoolFlag{
+			EnvVar: "FATHOM_GZIP",
+			Name:   "gzip",
+			Usage:  "enable gzip compression",
+		},
+
 		cli.StringFlag{
 			EnvVar: "FATHOM_HOSTNAME",
 			Name:   "hostname",
@@ -57,6 +63,11 @@ func server(c *cli.Context) error {
 		log.SetLevel(log.WarnLevel)
 	}
 
+	// set gzip compression if --gzip was passed
+	if c.Bool("gzip") {
+		h = handlers.CompressHandler(h)
+	}
+
 	// if addr looks like a number, prefix with :
 	addr := c.String("addr")
 	if _, err := strconv.Atoi(addr); err == nil {