| 218 | } |
| 219 | |
| 220 | func (ash *Handler) warnIfPolicyAllowsAll() { |
| 221 | allow := ash.Policy.normalizeAllowRules() |
| 222 | deny := ash.Policy.normalizeDenyRules() |
| 223 | if allow != nil || deny != nil { |
| 224 | return |
| 225 | } |
| 226 | |
| 227 | allowWildcardNames := ash.Policy != nil && ash.Policy.AllowWildcardNames |
| 228 | ash.logger.Warn( |
| 229 | "acme_server policy has no allow/deny rules; order identifiers are unrestricted (allow-all)", |
| 230 | zap.String("ca", ash.CA), |
| 231 | zap.Bool("allow_wildcard_names", allowWildcardNames), |
| 232 | ) |
| 233 | } |
| 234 | |
| 235 | func (ash Handler) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error { |
| 236 | if strings.HasPrefix(r.URL.Path, ash.PathPrefix) { |