in internal/artifact/artifact.go [85:150]
func (a *Artifact) makeRequest(w http.ResponseWriter, r *http.Request, reqURL *url.URL, token string, additionalHandler func(*http.Response) bool) {
req, err := http.NewRequestWithContext(r.Context(), "GET", reqURL.String(), nil)
if err != nil {
logging.LogRequest(r).WithError(err).Error(createArtifactRequestErrMsg)
errortracking.CaptureErrWithReqAndStackTrace(err, r)
httperrors.Serve500(w)
return
}
if token != "" {
req.Header.Add("Authorization", "Bearer "+token)
}
// The GitLab API expects this value for Group IP restriction to work properly
// on requests coming through Pages.
req.Header.Set("X-Forwarded-For", request.GetRemoteAddrWithoutPort(r))
resp, err := a.client.Do(req)
if err != nil {
if errors.Is(err, context.Canceled) {
httperrors.Serve404(w)
return
}
logging.LogRequest(r).WithError(err).Error(artifactRequestErrMsg)
errortracking.CaptureErrWithReqAndStackTrace(err, r)
httperrors.Serve502(w)
return
}
defer resp.Body.Close()
if additionalHandler(resp) {
return
}
if resp.StatusCode == http.StatusNotFound {
httperrors.Serve404(w)
return
}
if resp.StatusCode == http.StatusInternalServerError {
logging.LogRequest(r).Error(errArtifactResponse)
errortracking.CaptureErrWithReqAndStackTrace(errArtifactResponse, r)
httperrors.Serve500(w)
return
}
// we only cache responses within the 2xx series response codes and that were not private
if token == "" {
addCacheHeader(w, resp)
}
w.Header().Set("Content-Type", resp.Header.Get("Content-Type"))
// If the API uses chunked encoding, it will omit the Content-Length Header.
// Go uses a value of -1, which is an invalid value.
// We should omit the header entirely in that case.
// see: https://gitlab.com/gitlab-org/gitlab-pages/-/issues/1078
if resp.ContentLength >= 0 {
w.Header().Set("Content-Length", strconv.FormatInt(resp.ContentLength, 10))
}
w.WriteHeader(resp.StatusCode)
io.Copy(w, resp.Body)
}