This package provides debugging endpoints to which IP whitelisting and timeout constrains can be added. It is designed to return an HTTP handler that can be integrated into whatever HTTP server setup is being used.
While I was working on adding debugging support to an existing project
(CFSSL), I wanted to integrate the net/http/pprof
package into
our existing server. However, an ACL needed to be added to restrict
viewing these endpoints to localhost. The pprof
package registers
a number of handlers in its init
function, and the net/http
package doesn't allow overriding handled functions.
What I wanted was something that would enable us to access control
these endpoints while being able to provide a single http.Handler
to present to my programs.
The net/http/pprof
package was copied over from the Go 1.7.4
branch, and modified to remove the init
function.
The golang.org/x/net/trace{,/internal/timeseries}
packages were
copied from the golang.org/x/net tree at Git commit
45e771701b814666a7eb299e6c7a57d0b1799e91.
The pprof endpoints are
- /debug/pprof
- /debug/pprof/block
- /debug/pprof/cmdline
- /debug/pprof/goroutine
- /debug/pprof/heap
- /debug/pprof/profile
- /debug/pprof/symbol
- /debug/pprof/threadcreate
- /debug/pprof/trace
The trace endpoints are
- /debug/requests
- /debug/events
Additional debugging endpoints can be added with the Handle and HandleFunc packages. New handlers added here are wrapped in the same ACL and timeout applied to all the other endpoints.
The example/example.go
package provides a good starting point.:
// package main provides a quick demo of the httpdebug package. package main import ( "flag" "log" "net/http" "github.com/kisom/httpdebug" ) func index(w http.ResponseWriter, r *http.Request) { w.Write([]byte("Hello, world.\r\n")) } func main() { var addr string var pprofEnable, traceEnable bool var timeout time.Duration flag.StringVar(&addr, "a", "127.0.0.1:8080", "`address` to listen on") flag.BoolVar(&pprofEnable, "p", false, "enable pprof endpoints") flag.BoolVar(&traceEnable, "r", false, "enable request tracing") flag.DurationVar(&timeout, "t", 0, "`timeout` period for requests; 0 disables") flag.Parse() err := httpdebug.NewLocalhost(timeout, !pprofEnable, !traceEnable) if err != nil { log.Fatal(err.Error()) } http.HandleFunc("/", index) err = httpdebug.Register(nil) if err != nil { log.Fatal(err.Error()) } log.Println("listening on", addr) log.Fatal(http.ListenAndServe(addr, nil)) }
The godocs have a complete list, but the following are the intended common functions.
New
: set up the debug handler, providing finer control over the access control mechanism.NewLocalhost
: set up the debug handler with access restricted to localhost, and sensitive tracing access disabled.Handler
returns anhttp.Handler
for/debug
.HandlerFunc
returns anhttp.HandlerFunc
for/debug
.Register
registers thehttp.Handler
with an existing*http.ServeMux
or thehttp.DefaultServeMux
.