5538: update the test to set resp.body with the given string from stub than hard...

[arvados.git] / services / keep-web / handler.go

diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index 2704263e7172f09f449ec6c6558b9f6740119023..3e38cc35cad611b5944d5c68221f43989daf4bb5 100644 (file)
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -10,7 +10,6 @@ import (
        "net/url"
        "os"
        "strings"
-       "time"
 
        "git.curoverse.com/arvados.git/sdk/go/arvadosclient"
        "git.curoverse.com/arvados.git/sdk/go/auth"
@@ -23,15 +22,14 @@ type handler struct{}
 var (
        clientPool         = arvadosclient.MakeClientPool()
        trustAllContent    = false
-       anonymousTokens    []string
        attachmentOnlyHost = ""
 )
 
 func init() {
-       flag.BoolVar(&trustAllContent, "trust-all-content", false,
-               "Serve non-public content from a single origin. Dangerous: read docs before using!")
        flag.StringVar(&attachmentOnlyHost, "attachment-only-host", "",
                "Accept credentials, and add \"Content-Disposition: attachment\" response headers, for requests at this hostname:port. Prohibiting inline display makes it possible to serve untrusted and non-public content from a single origin, i.e., without wildcard DNS or SSL.")
+       flag.BoolVar(&trustAllContent, "trust-all-content", false,
+               "Serve non-public content from a single origin. Dangerous: read docs before using!")
 }
 
 // return a UUID or PDH if s begins with a UUID or URL-encoded PDH;
@@ -181,7 +179,6 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
                        Name:     "arvados_api_token",
                        Value:    auth.EncodeTokenCookie([]byte(t)),
                        Path:     "/",
-                       Expires:  time.Now().AddDate(10, 0, 0),
                        HttpOnly: true,
                })
                redir := (&url.URL{Host: r.Host, Path: r.URL.Path}).String()