Marten Seemann
32f7dd44ae
chore: Update quic-go to v0.42.0 ( #6176 )
...
* update quic-go to v0.42.0
* use a rate limiter to control QUIC source address verification
* Lint
* remove deprecated ListenQUIC
* remove number of requests tracking
* increase the number of handshakes before source address verification is needed
* remove references to request counters
* remove deprecated listen*
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
2024-03-21 10:56:10 -06:00
Francis Lavoie
63d597c09d
caddyhttp: Accept XFF header values with ports, when parsing client IP ( #6183 )
2024-03-21 10:54:25 -06:00
Sam Ottenhoff
e65b97f55b
reverseproxy: configurable active health_passes and health_fails ( #6154 )
...
* reverseproxy: active health check allows configurable health_passes and health_fails
* Need to reset counters after recovery
* rename methods to be more clear that these are coming from active health checks
* do not export methods
2024-03-20 11:13:35 -06:00
Justin Angel
a9768d2fde
reverseproxy: Configurable forward proxy URL ( #6114 )
...
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
2024-03-18 04:07:25 +00:00
jbrown-stripe
52822a41cb
caddyhttp: upgrade to cel v0.20.0 ( #6161 )
...
* upgrade to cel v0.20.0
* Attempt to address feedback and fix linter
* Let's try this
* Take that, you linter!
* Oh there's more
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Tristan Swadell @TristonianJones
2024-03-13 21:32:42 -06:00
WeidiDeng
c93e30454f
caddyhttp: suppress flushing if the response is being buffered ( #6150 )
...
* suppress flushing if the response is being buffered
* fix lint
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-11 20:03:20 +00:00
WeidiDeng
1bd598e90c
chore: encode: use FlushError instead of Flush ( #6168 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-03-10 23:04:35 -04:00
WeidiDeng
e698ec5139
encode: write status immediately when status code is informational ( #6164 )
2024-03-10 10:49:49 -04:00
Aziz Rmadi
69290d232d
rewrite: Implement uri query
operations ( #6120 )
...
* Implemented basic uri query operations
* Added support for query operations block
* Applied Replacer on all query keys and values
* Implemented rename query key opration
* Rewrite struct: Changed QueryOperations field to Query and comments cleanup
* Cleaned up comments, changed the order of operations and added more tests
* Changed order of fields in queryOps struct to match the operations order
2024-03-06 10:08:46 -05:00
huajin tong
277472d081
fix struct names ( #6151 )
...
Signed-off-by: thirdkeyword <fliterdashen@gmail.com>
2024-03-06 13:53:03 +00:00
Francis Lavoie
5a4374bea0
fileserver: Preserve query during canonicalization redirect ( #6109 )
...
* fileserver: Preserve query during canonicalization redirect
* Clarify that only a path should be passed
2024-03-05 22:51:26 -07:00
Francis Lavoie
0d44e3ecba
logging: Implement log_append
handler ( #6066 )
...
* logging: Implement `extra_log` handler
* Rename to `log_append`
* Rename `skip_log` to `log_skip`
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-05 17:03:59 -07:00
Francis Lavoie
5ed8689629
vars: Allow overriding http.auth.user.id
in replacer as a special case ( #6108 )
2024-03-05 22:25:38 +00:00
Matt Holt
72ce78d9af
reverseproxy: SRV dynamic upstream failover ( #5832 )
...
* Implement grace period, but probably needs sync
* Update cached freshness value
* D'oh, actually use the grace period
* Fix freshness math
2024-03-05 12:08:31 -07:00
Sam Ottenhoff
da6a569e85
reverseproxy: cookie should be Secure and SameSite=None when TLS ( #6115 )
...
* reverseproxy: cookie should be Secure and SameSite=None when TLS
* Update modules/caddyhttp/reverseproxy/selectionpolicies_test.go
Co-authored-by: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
---------
Co-authored-by: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
2024-02-23 12:45:58 -07:00
WeidiDeng
53f7035299
reverseproxy: use context.WithoutCancel ( #6116 )
2024-02-19 20:25:02 -07:00
Matt Holt
127788807f
caddyhttp: Register post-shutdown callbacks ( #5948 )
2024-02-14 21:21:23 -07:00
Francis Lavoie
2c48dda109
caddyhttp: Only attempt to enable full duplex for HTTP/1.x ( #6102 )
2024-02-13 13:45:38 -05:00
Francis Lavoie
30d63648f5
caddyauth: Drop support for scrypt
( #6091 )
2024-02-12 19:33:54 +00:00
Francis Lavoie
f9e11158bc
caddyauth: Rename basicauth
to basic_auth
( #6092 )
2024-02-12 17:34:23 +00:00
Kévin Dunglas
2348ac897a
update comment
2024-02-09 09:35:55 +01:00
Kévin Dunglas
d3f23a8eeb
improved list
2024-02-09 09:35:55 +01:00
Kévin Dunglas
60abd72c7a
fix: add back text/*
2024-02-09 09:35:55 +01:00
Kévin Dunglas
b8f729b88f
fix: add more media types to the compressed by default list
2024-02-09 09:35:55 +01:00
Francis Lavoie
8c2a72ad07
matchers: Drop forwarded
option from remote_ip
matcher ( #6085 )
2024-02-07 10:09:29 -05:00
Francis Lavoie
bde46211e3
caddyhttp: Test cases for %2F
and %252F
( #6084 )
2024-02-07 05:13:17 -05:00
Aziz Rmadi
feb07a7b59
fileserver: Browse can show symlink target if enabled ( #5973 )
...
* Added optional subdirective to browse allowing to reveal symlink paths.
* Update modules/caddyhttp/fileserver/browsetplcontext.go
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-02-06 04:31:26 +00:00
Marten Seemann
697cc593a1
chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 ( #6043 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-01-25 13:58:19 -05:00
Yolan Romailler
2fe69a828f
chore: enabling a few more linters ( #5961 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 15:24:58 +00:00
Francis Lavoie
f5344f8cad
caddyhttp: Fix panic when request missing ClientIPVarKey ( #6040 )
2024-01-24 00:45:50 +00:00
Francis Lavoie
750d0b8331
caddyfile: Normalize & flatten all unmarshalers ( #6037 )
2024-01-23 19:36:59 -05:00
Mohammed Al Sahaf
54823f52bc
cmd: reverseproxy: log: use caddy logger ( #6042 )
2024-01-23 10:52:02 -07:00
Aziz Rmadi
ed7e3c906a
matchers: query
now ANDs multiple keys ( #6054 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-22 02:36:44 +00:00
Francis Lavoie
5e2f1b5ced
httpcaddyfile: Rewrite root
and rewrite
parsing to allow omitting matcher ( #5844 )
2024-01-15 09:57:08 -07:00
Francis Lavoie
f3e849e49f
fileserver: Implement caddyfile.Unmarshaler interface ( #5850 )
2024-01-13 21:32:44 +00:00
Bas Westerbaan
f658fd05ac
reverseproxy: Add tls_curves
option to HTTP transport ( #5851 )
2024-01-13 20:56:23 +00:00
Nebez Briefkani
cc0c0cf03e
caddyhttp: Security enhancements for client IP parsing ( #5805 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-13 20:46:37 +00:00
a
c839a98ff5
filesystem: Globally declared filesystems, fs
directive ( #5833 )
2024-01-13 20:12:43 +00:00
Fred Cox
d9ff7b1872
reverseproxy: Only change Content-Length when full request is buffered ( #5830 )
...
fixes: https://github.com/caddyserver/caddy/issues/5829
Signed-off-by: Fred Cox <mcfedr@gmail.com>
2024-01-09 12:59:30 -07:00
Mohammed Al Sahaf
787f6b257f
chore: check against errors of io/fs
instead of os
( #6011 )
...
* chore: replace `os.ErrNotExist` with `fs.ErrNotExist`
* check against permission error from `io/fs` package
2024-01-02 08:48:55 +03:00
networkException
b568a10dd4
caddyhttp: support unix sockets in caddy respond
command ( #6010 )
...
previously the `caddy respond` command would treat the argument
passed to --listen as a TCP socket address, iterating over a possible
port range.
this patch factors the server creation out into a separate function,
allowing this to be reused in case the listen address is a unix network
address.
2023-12-31 22:34:00 -05:00
Steffen Busch
8f9ffc587e
fileserver: Add total file size to directory listing ( #6003 )
...
* browse: Add total file size to directory listing
* Apply suggestion to remove "in "
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-12-30 18:47:13 +00:00
Francis Lavoie
3248e4c89f
logging: Add zap.Option
support ( #5944 )
2023-12-18 20:48:34 +00:00
Tim Geoghegan
387545a895
metrics: Record request metrics on HTTP errors ( #5979 )
2023-12-15 20:14:00 +00:00
Kévin Dunglas
b16aba5c27
fileserver: Enable compression for command by default ( #5855 )
...
* feat: enable compression for file-server
* refactor
* const
* Update help text
* Update modules/caddyhttp/fileserver/command.go
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-12-13 20:44:22 -07:00
David DeMoss
362f33daae
fileserver: New --precompressed flag ( #5880 )
...
exposes the file_server precompressed functionality to be used with the
file-server command
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-12-13 20:26:20 -07:00
Francis Lavoie
3d7d60f7cf
caddyhttp: Add uuid
to access logs when used ( #5859 )
2023-12-13 15:40:15 -07:00
Mohammed Al Sahaf
dc12bd9743
proxyprotocol: use github.com/pires/go-proxyproto ( #5915 )
...
* proxyprotocol: use github.com/pires/go-proxyproto
* Fix typo: r/generelly/generally
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* add config options for `Deny` CIDR and fallback policy
* use `netip` package & trust unix sockets
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-12-13 09:07:43 -07:00
Matt Holt
18f34290d2
templates: Offically make templates extensible ( #5939 )
...
* templates: Offically make templates extensible
This supercedes #4757 (and #4568 ) by making template extensions
configurable.
The previous implementation was never documented AFAIK and had only
1 consumer, which I'll notify as a courtesy.
* templates: Add 'maybe' function for optional components
* Try to fix lint error
2023-11-28 09:39:14 -07:00
WeidiDeng
22eecdb90c
http2 uses new round-robin scheduler ( #5946 )
2023-11-24 01:54:27 +00:00