diff options
Diffstat (limited to 'resources/resource_factories/create/create.go')
-rw-r--r-- | resources/resource_factories/create/create.go | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/resources/resource_factories/create/create.go b/resources/resource_factories/create/create.go index 64e2f95a6..f7d0efe64 100644 --- a/resources/resource_factories/create/create.go +++ b/resources/resource_factories/create/create.go @@ -154,6 +154,9 @@ func (c *Client) FromString(targetPath, content string) (resource.Resource, erro // FromRemote expects one or n-parts of a URL to a resource // If you provide multiple parts they will be joined together to the final URL. func (c *Client) FromRemote(uri string, options map[string]interface{}) (resource.Resource, error) { + if err := c.validateFromRemoteArgs(uri, options); err != nil { + return nil, err + } rURL, err := url.Parse(uri) if err != nil { return nil, errors.Wrapf(err, "failed to parse URL for resource %s", uri) @@ -262,6 +265,19 @@ func (c *Client) FromRemote(uri string, options map[string]interface{}) (resourc } +func (c *Client) validateFromRemoteArgs(uri string, options map[string]interface{}) error { + if err := c.rs.ExecHelper.Sec().CheckAllowedHTTPURL(uri); err != nil { + return err + } + + if method, ok := options["method"].(string); ok { + if err := c.rs.ExecHelper.Sec().CheckAllowedHTTPMethod(method); err != nil { + return err + } + } + return nil +} + func addDefaultHeaders(req *http.Request, accepts ...string) { for _, accept := range accepts { if !hasHeaderValue(req.Header, "Accept", accept) { |