Commit Graph

500 Commits

Author SHA1 Message Date
Matt Holt
e26a855d8b Merge pull request #1546 from wmark/browse-sort-size
browse: fix arbitrary ordering of directories with sort=size
2017-04-07 18:32:02 -06:00
Peer Beckmann
c0ce2b1d50 proxy: Respect insecure_skip_verify for health check (#1558)
* Respect the 'insecure_skip_verify' for the health check.

* WIP: Trying to add a test. Non functional.

* Fixing tests.

* Creating better error messages.

* Optimize two more error messages.

* Move the tests into an extra function.
2017-04-03 15:16:31 -06:00
Angel Santiago
59bf71c293 proxy: Cleanly shutdown health checks on restart (#1524)
* Add a shutdown function and context to staticUpstream so that running goroutines can be cancelled. Add a GetShutdownFunc to Upstream interface to expose the shutdown function to the caddy Controller for performing it on restarts.

* Make fakeUpstream implement new Upstream methods.

Implement new Upstream method for fakeWSUpstream as well.

* Rename GetShutdownFunc to Stop(). Add a waitgroup to the staticUpstream for controlling individual object's goroutines. Add the Stop function to OnRestart and OnShutdown. Add tests for checking to see if healthchecks continue hitting a backend server after stop has been called.

* Go back to using a stop channel since the context adds no additional benefit.
Only register stop function for onShutdown since it's called as part of restart.

* Remove assignment to atomic value

* Incrementing WaitGroup outside of goroutine to avoid race condition. Loading atomic values in test.

* Linting: change counter to just use the default zero value instead of setting it

* Clarify Stop method comments, add comments to stop channel and waitgroup and remove out of date comment about handling stopping the proxy. Stop the ticker when the stop signal is sent
2017-04-02 14:58:15 -06:00
Toby Allen
464ade1da7 Add new browse sort - namedirfirst (#1551)
* Revert "browse: sort listing by dir first (#1527)"

 commit 4e1229e7c9.

* Add new browse sort order  namedirfirst. Make namedirfirst default sort
2017-04-02 20:38:14 +01:00
W-Mark Kubacki
398d9a6bb5
browse: when sorting by size, sort directory section by name
Previously directories have been merely pulled to the front, and then
sorted arbitrarily. That is, their order among themselves depended on
the filesystem implementations. Something opaque to the visitor.

This fixes said inconsistency, and implements the by-size-then-by-name
order I initially intended for this.
2017-03-29 16:40:29 +02:00
Toby Allen
4e1229e7c9 browse: sort listing by dir first (#1527)
* Default Browse sort by Dir, File

* Ignore temp template files

* Add folder to test

* unneeded chagne
2017-03-24 22:54:16 -06:00
Matthew Holt
fbd6412359
Don't modify request URL values from Caddyfile (fixes #1528)
HTTP redirects can use host-relative URLs. See discussion in #1497.
2017-03-20 21:05:11 -06:00
ericdreeves
36d2027493 browse: Use helper functions in staticfiles to redirect (#1497)
* Use helper functions in staticfiles to redirect.

Previously the browse package invoked staticfiles.Redirect when
redirecting clients who requested a directory but with a Request-URI
that did not contain a trailing '/'. staticfiles.Redirect only used a
relative URI. This change defers the decision of how to format the
Location header value to the helper methods in the staticfiles package.

* Update const URLPathCtxKey in browse package.
2017-03-15 10:17:12 -06:00
Peer Beckmann
a148b92381 proxy: Add the first policy (#1513)
* Add the first policy which sends the request to the first available host

* Make the error message clear. As we expect the second not first upstream
host.
2017-03-14 09:57:08 -06:00
Chao Huang
36a62f0915 markdown: backup title should use TrimSuffix, not TrimRight (#1515) 2017-03-13 15:24:03 -06:00
Toby Allen
d5cc10f7aa Added Const for use of CtxKeys (#1511)
* Added Const for CtxKeys

* Move CtxKey Const declarations

* Fixed tests

* fix test
2017-03-13 09:22:46 -06:00
Martin Bertschler
96bfb9f347 staticfiles: add Content-Length header (closes #1479) (#1492)
* staticfiles: add Content-Length header (closes #1479)

* make linter happy, rename "Html" in identifiers to "HTML"
2017-03-12 16:41:49 -06:00
Toby Allen
cfe52084aa Fix issue #1346 {path} logging {uri} and add {rewrite_uri} placeholder (#1481)
* Fixed issue with {path} actually {uri}

* Test added for path rewrite

* add in uri_escaped

* added rewrite_uri and test

* fix broken test.  Just checks for existance of rewrite header

* gitignore

* Use context to store uri value

* ignore .vscode

* tidy up, removal of comments and invalidated tests

* Remove commented out code.

* added comment as requested by lint

* fixed spelling mistake

* clarified code with variable name

* added context for uri and test

* added TODO comment to move consts
2017-03-11 14:59:47 -07:00
Matthew Holt
6aa0e30af3 basicauth: Don't remove Authorization header on good auth (fixes #1508) 2017-03-10 16:45:51 -07:00
Leonard Hecker
5a41e8bc1a proxy: Fixed #1484, websockets with h2 disabled (#1488)
* Fixed #1484

Fixed a nil pointer runtime error in newConnHijackerTransport,
where the access to the TLSClientConfig did not check for nil values.

* Minor improvement to UseInsecureTransport

This prevents overwriting a possibly preexisting TLSClientConfig,
even though only a single field should be changed.
2017-03-10 10:41:37 -07:00
Nathan Caza
9e4eeb4fb7 Add proxyprotocol directive and listener middleware plugin type (#1349)
* add support for listener middleware

* add proxyprotocol directive

* make caddy.Listener interface required

* Remove tcpKeepAliveListener wrapper from Serve()
This is now done in the Listen() function, along with other potential middleware.
2017-03-09 22:31:37 -07:00
ssut
c62b6b9f1a fastcgi: Fix for missing content-length header when using QUIC (#1501)
* Fix for missing content-length header when using QUIC

If request.ContentLength is set then it will be used instead of getting
it from request.Header map since quic-go(lucas-clemente/quic-go@bb24be8)
will not store (and pass) the Content-Length header using its header
map.

This fixes a potential issue where FastCGI POST requests body empty when
QUIC is enabled. (#1370)

* Change the data type for fastcgi contentLength to int64

quic-go uses int64 for contentLength

* Fix an error for undeclared variable

* Fix test for fcgiclient

the data type for contentLength
2017-03-09 19:36:04 -07:00
Matt Holt
2be0dc40f0 templates: Merge pull request #1482 from crvv/master
templates: Set MIME type
2017-03-09 17:26:08 -07:00
Kurt Jung
e3e62a952d basicauth: Ability to customize realm (#1491)
* Support realms with basic authentication

* Add test for default basicauth directive in which realm is not specified

* Correct typo: missing space

* Remove 'path' subdirective
2017-03-09 13:20:14 -07:00
Matt Holt
df9d062a8f Merge pull request #1500 from mholt/customports
httpserver: Flags to customize HTTP and HTTPS ports (including for ACME challenges)
2017-03-07 11:31:47 -07:00
Jiri Tyr
73d52490d0 Adding support for ServerIP context 2017-03-07 11:59:26 +00:00
crvv
4a095590b1 templates: Set right response Content-Type
If use gzip and templates at the same time, the response body will
be gzipped data. And in this case, the Content-Type header won't be
set by Caddy code. Then Go http package will set "Content-Type" to
wrong value "application/x-gzip" which is determined by response body.
So the header Contenty-Type should be set in templates middleware.
2017-03-07 11:11:52 +08:00
Matthew Holt
e3f2d96a5e
httpserver: Flags to customize HTTP and HTTPS ports (incl. for ACME)
This commit removes _almost_ all instances of hard-coded ports 80 and
443 strings, and now allows the user to define what the HTTP and HTTPS
ports are by the -http-port and -https-ports flags.

(One instance of "80" is still hard-coded in tls.go because it cannot
import httpserver to get access to the HTTP port variable. I don't
suspect this will be a problem in practice, but one workaround would be
to define an exported variable in the caddytls package and let the
httpserver package set it as well as its own HTTPPort variable.)

The port numbers required by the ACME challenges HTTP-01 and TLS-SNI-01
are hard-coded into the spec as ports 80 and 443 for good reasons,
but the big question is whether they necessarily need to be the HTTP
and HTTPS ports. Although the answer is probably no, they chose those
ports for convenience and widest compatibility/deployability. So this
commit also assumes that the "HTTP port" is necessarily the same port
on which to serve the HTTP-01 challenge, and the "HTTPS port" is
necessarily the same one on which to serve the TLS-SNI-01 challenge. In
other words, changing the HTTP and HTTPS ports also changes the ports
the challenges will be served on.

If you change the HTTP and HTTPS ports, you are responsible for
configuring your system to forward ports 80 and 443 properly.

Closes #918 and closes #1293. Also related: #468.
2017-03-06 18:18:49 -07:00
Samuel BERTHE
75ccc05d84 Request placeholders: extract query argument (#1478)
* feat(request placeholders): adds {?arg}

* test(request placeholders): test query argument extractor {?arg}
2017-03-02 23:25:28 -07:00
ericdreeves
0a0d2cc1cf Use RequestURI when redirecting to canonical path. (#1331)
* Use RequestURI when redirecting to canonical path.

Caddy may trim a request's URL path when it starts with the path that's
associated with the virtual host. This change uses the path from the request's
RequestURI when performing a redirect.

Fix issue #1327.

* Rename redirurl to redirURL.

* Redirect to the full URL.

The scheme and host from the virtual host's site configuration is used
in order to redirect to the full URL.

* Add comment and remove redundant check.

* Store the original URL path in request context.

By storing the original URL path as a value in the request context,
middlewares can access both it and the sanitized path. The default
default FileServer handler will use the original URL on redirects.

* Replace contextKey type with CtxKey.

In addition to moving the CtxKey definition to the caddy package, this
change updates the CtxKey references in the httpserver, fastcgi, and
basicauth packages.

* httpserver: Fix reference to CtxKey
2017-02-28 05:54:12 -07:00
Matthew Holt
50749b4e84
httpserver: Improve MITM tests for Chrome on iOS, BlueCoat connections 2017-02-27 18:40:40 -07:00
Matthew Holt
06873175bf
httpserver: Add user agent to test case (closes #1454) 2017-02-22 14:29:19 -07:00
Matthew Holt
f49e0c9b56
httpserver: Disable default timeouts (closes #1464)
Timeouts are important for mitigating slowloris, yes. But after a number
of complaints and seeing that default timeouts are a sore point of
confusion, we're disabling them now. However, the code that sets
default timeouts remains intact; the defaults are just the zero value.

While Caddy aims to be secure by default, Caddy also aims to serve a
worldwide audience. Even my own internet here in Utah is poor at times,
with bad WiFi signal, causing some connections to take over 10s to
be established. Many use the Internet while commuting on slower
connection speeds. Latency across country borders is another concern.

As such, disabling default timeouts will serve a greater population of
users than enabling them, as slowloris is easy to mitigate and does
not seem to be reported often (I've only seen it once). It's also very
difficult sometimes to distinguish slowloris from genuine slow networks.
That decision is best left to the site owner for now.
2017-02-22 08:52:08 -07:00
Matthew Holt
ccdc28631a
httpserver: Remove unused ReadTimeout from tlsHelloListener 2017-02-21 21:51:07 -07:00
Matthew Holt
a2c410b8e1
Add some MITM test cases 2017-02-21 10:07:12 -07:00
Matt Holt
73794f2a2c tls: Refactor internals related to TLS configurations (#1466)
* tls: Refactor TLS config innards with a few minor syntax changes

muststaple -> must_staple
"http2 off" -> "alpn" with list of ALPN values

* Fix typo

* Fix QUIC handler

* Inline struct field assignments
2017-02-21 09:49:22 -07:00
Mateusz Gajewski
1262ae92e9 Disable TLS completely if there is no listener with tls enabled (#1456)
* Disable TLS completely if there is no listener with tls enabled

* Format code
2017-02-19 08:09:35 -07:00
Rick Beton
6083871088 Revised fileserver Accept-Encoding and ETag (#1435)
* Revised fileserver Accept-Encoding and ETag

* calculateEtag improved following microbenchmarking
2017-02-18 15:52:50 -07:00
Mateusz Gajewski
ce3580bf91 Push down headers from client (#1453)
* Push down headers from client

* Push first, serve later

* After review fixes
2017-02-18 15:50:36 -07:00
Matthew Holt
9720da5bc8
proxy: Fix race in test 2017-02-18 15:42:11 -07:00
Mateusz Gajewski
286d8d1e89 tls: Per-site TLS configs using GetClientConfig, including http2 switch (#1389)
* Remove manual TLS clone method

* WiP tls

* Use GetClientConfig for tls.Config

* gofmt -s -w

* GetConfig

* Handshake

* Removed comment

* Disable HTTP2 on demand

* Remove junk

* Remove http2 enable (no-op)
2017-02-18 15:26:23 -07:00
Kurt Jung
977a3c3226 basicauth: Store name of authenticated user (#1426)
* Store name of authenticated user in basicauth for use by upstream middleware such as fastcgi and cgi.

* Use request context to transfer name of authorized user from basicauth to upstream middleware. Test retrieval of name from context.

* Remove development code that was inadvertently left in place

* Use keys of type httpserver.CtxKey to access Context values
2017-02-17 15:37:58 -07:00
Matt Holt
82cbd7a96b Detect HTTPS interception (#1430)
* WIP: Implement HTTPS interception detection by Durumeric, et. al.

Special thanks to @FiloSottile for guidance with the custom listener.

* Add {{.IsMITM}} context action and {mitm} placeholder

* Improve MITM detection heuristics for Firefox and Edge

* Add tests for MITM detection heuristics

* Improve Safari heuristics for interception detection

* Read ClientHello during first Read() instead of during Accept()

As far as I can tell, reading the ClientHello during Accept() prevents
new connections from being accepted during the read. Since Read() should
be called in its own goroutine, this keeps Accept() non-blocking.

* Clean up MITM detection handler; make possible to close connection

* Use standard lib cipher suite values when possible

* Improve Edge heuristics and test cases

* Refactor MITM checking logic; add some debug statements for now

* Fix bug in MITM heuristic tests and actual heuristic code

* Fix gofmt

* Remove debug statements; preparing for merge
2017-02-17 14:07:57 -07:00
Mateusz Gajewski
cdf7cf5c3f HTTP/2 push support (golang 1.8) (#1215)
* WIP

* HTTP2/Push for golang 1.8

* Push plugin completed for review

* Correct build tag

* Move push plugin position

* Add build tags to tests

* Gofmt that code

* Add header/method validations

* Load push plugin

* Fixes for wrapping writers

* Push after delivering file

* Fixes, review changes

* Remove build tags, support new syntax

* Fix spelling

* gofmt -s -w .

* Gogland time

* Add interface guards

* gofmt

* After review fixes
2017-02-17 09:25:22 -07:00
Tw
c37481cc7b proxy: handle encoded path in URL
fix issue #1362

Signed-off-by: Tw <tw19881113@gmail.com>
2017-02-17 09:41:00 +08:00
Matt Holt
0cc48e849c Merge pull request #1374 from mholt/go18timeouts
Set Go 1.8's ReadHeaderTimeout and IdleTimeout
2017-02-16 16:51:00 -07:00
Toby Allen
58053fce48 Merge branch 'master' into go18shutdown 2017-02-16 22:46:11 +00:00
Alex Harrington
55bded68c2 fixing panic when root is symlink (#1429)
* fixing panic when root is symlink
checking root path is a symlink before os.Stat which panics

* fixing formatting

* adding test to verify symlink root path check

* fixing typo
2017-02-15 22:02:51 -07:00
Augusto Roman
dc3efc939c Add request placeholder support for querying request cookies. (#1392)
* Add request placeholder support for querying request cookies.

This adds the ability to query the request cookies for placeholders
using the syntax "@cookiename".

For example, this would allow rewriting based on a cookie:
  rewrite {
    if @version is 'dev'
    to /dev/index.html
  }

* Switch cookie special char from @ to :

* Switch special char for cookies from : to ~
2017-02-15 21:59:24 -07:00
Matt Holt
bdb61f4a1d Merge pull request #1409 from mastercactapus/not_a_directory
return 404 for "not a directory" errors
2017-02-15 18:34:01 -07:00
Matt Holt
1183d91c7b Merge pull request #1365 from tw4452852/1297
redirect: determine the FromScheme at runtime (#1297)
2017-02-15 17:59:29 -07:00
Augusto Roman
463c9d9dd2 Fix data race for max connection limiting in proxy directive. (#1438)
* Fix data race for max connection limiting in proxy directive.

The Conns and Unhealthy fields are updated concurrently across all active
requests.  Because of this, they must use atomic operations for reads and
writes.

Prior to this change, Conns was incremented atomically, but read unsafely.
Unhealthly was updated & read unsafely.  The new test
TestReverseProxyMaxConnLimit exposes this race when run with -race.

Switching to atomic operations makes the race detector happy.

* oops, remove leftover dead code.
2017-02-15 08:09:42 -07:00
Matt Holt
943ed931db Merge pull request #1425 from jung-kurt/cgi
httpserver: Register cgi plugin
2017-02-14 06:59:32 -07:00
Toby Allen
1a7612071a remove whitespace 2017-02-13 21:28:19 +00:00
Toby Allen
5072d70f38 Fix for #1388 dont attempt to hide Caddyfile if non existant 2017-02-13 21:22:19 +00:00
Kurt
b210101f45 Register cgi plugin 2017-02-11 09:38:25 -05:00
Nathan Caza
18edf5864e add fix from golang/go 2017-02-10 21:02:00 -06:00
Julian V. Modesto
ce7d3db1be Roll all logs by default (#1379)
* Use new subdirectives and flatten rolling config

* Set default rotate config

* Set default rolling config (hopefully) errwhere

* Make private

* Flatten errors directive and remove c.IncrNest()

* Don't skip first error log roller subdirective we see

* Remove hadBlock

* Try lumberjack import

* Unname import
2017-02-08 09:23:33 -07:00
Mateusz Gajewski
f32eed1912 Feature #1246 - Remote syslog (#1301)
* Remote syslog

* golint

* Initialize mutex
2017-02-08 08:02:09 -07:00
James Raspass
7419573266 Replace magic number 308 with http.StatusPermanentRedirect 2017-02-07 23:55:36 +00:00
Matt Holt
d8f92baee2 Merge pull request #1404 from mholt/combinedrollers
Create only one log roller per file across whole process (fixes #1363)
2017-02-06 20:08:50 -07:00
Toby Allen
9e9298ee5d Added additional - to common log file format (#1399) 2017-02-04 15:29:29 -07:00
Tw
65cb966d38 httpserver: support QUIC reload
fix issue #958

Signed-off-by: Tw <tw19881113@gmail.com>
2017-01-28 19:41:24 +08:00
Matthew Holt
d264a2cf0a
Set Go 1.8's ReadHeaderTimeout and IdleTimeout 2017-01-24 20:09:03 -07:00
Matthew Holt
139a3cfb13
Replace our old faithful gracefulListener with Go 1.8's Shutdown() 2017-01-24 20:05:53 -07:00
Matthew Holt
04da9c7374
Create only one log roller per file across whole process (fixes #1363) 2017-01-24 19:16:54 -07:00
Matthew Holt
16250da3f0
errors: Fix low risk race condition at server close
See issue #1371 for more information.
2017-01-24 19:09:44 -07:00
Matthew Holt
45a0e4cf49
log: Fix race when stopping server
High improbability of being an actual problem. Logs are safe for
concurrent use, but os.Files are apparently not... Fixes #1371.
2017-01-24 18:48:19 -07:00
Matthew Holt
e14a62f188
pprof: Set proper Content-Type header
The standard lib pprof library doesn't set its own Content-Type header
properly. If pprof is used with gzip, the index endpoint will be
interpreted as a .gz file; so we force its hand and set the header.
2017-01-24 16:55:43 -07:00
Matt Holt
d8d339740b New 'timeouts' directive to configure timeouts; default timeouts enabled (#1368) 2017-01-24 08:15:25 -07:00
Matthew Holt
62fea30e87
browse: Sanitize file names and links in default template
Thanks to Kevin Froman (@beardog108) for the responsible heads up.
2017-01-23 22:37:46 -07:00
Toby Allen
bbee961415 Introduce new Replacer fields {rewrite_path}, {rewrite_path_escaped}; issue #1185 (#1364)
* Fix #1185

* Return normal path if no rewrite has happened

* Revert change, not required

* Updated tests
2017-01-23 22:15:27 -07:00
Matthew Holt
82929b122a
Ensure active Caddyfile, if in site, is hidden no matter the cwd 2017-01-23 22:06:29 -07:00
Tw
38c76647c9 proxy: use a new context for the outgoing request (#1358)
* proxy: use a new context for the outgoing request

fix issue #1345

Signed-off-by: Tw <tw19881113@gmail.com>

* proxy: add test for canceling the request

Signed-off-by: Tw <tw19881113@gmail.com>
2017-01-23 18:03:42 -07:00
Matt Holt
696b46f075 Merge pull request #1356 from mholt/fix_hijack
proxy: Fixed #1352: invalid use of the HTTP hijacker
2017-01-23 09:40:47 -07:00
Peer Beckmann
e5ef285e59 Generate meta elements from prelude items description and keywords (#1335)
* Generate meta elements from useful front matters.
Limited to the default template and specific elements.

* Rerun gofmt

* Add "keywords" and remove "language" to/from the list of meta tags.

* Add a simple positive list test for the meta tag generation.

* Move the meta tag list to a var at the begin of the file.
Seperate the Meta tags from the other front matters:
	- Don't override user settings with name `meta`
	- Cleaner Code.

* Remove the uneccessary `[:]` in the []Bytes to String casting.
@mholt was right ;)

* One minor refinement. Combining two statements.
2017-01-22 19:16:38 -07:00
Tw
eeb23a2469 redirect: determine the FromScheme at runtime (#1297)
Signed-off-by: Tw <tw19881113@gmail.com>
2017-01-21 09:53:44 +08:00
Tw
ecf852ea43 proxy: fix TestReverseProxy failure on go tip (#1360)
Because of this commit(6e36811c37399d60cbce587b7c48e611009c5aec) on go tip,
it will probe the request's body to determine whether to use chunked transfer
encoding which trailers depend on it.
So we just offer a non empty body to make trailers work.

fix issue #1359

Signed-off-by: Tw <tw19881113@gmail.com>
2017-01-18 15:34:25 -07:00
Mike Pastore
6bac558c98 Add root option to fastcgi directive (#1337) 2017-01-17 10:34:17 -07:00
Leonard Hecker
ae10122f7e proxy: Fixed #1352: invalid use of the HTTP hijacker 2017-01-17 15:55:11 +01:00
M-A
8464020f7c Add {whenISO} to record timestamp in ISO 8601 format in UTC. (#1353)
* Add {whenISO} to record timestamp in ISO 8601 format in UTC.

ISO 8601 is the standard time format and is easy to parse.

This change assumes users desiring ISO 8016 generally prefer UTC for simplicity.
This results in {whenISO} to be significantly shorter than {when}:
{when}    = "02/Jan/2006:15:04:05 +0000"
{whenISO} = "2006-01-02T15:04:12Z"

Add unit test to verify both, as there was no unit test for {when}.

* Rename {whenISO} to {when_iso}
2017-01-14 15:54:27 -07:00
Leonard Hecker
601838ac96 proxy: Added TestReverseProxyLargeBody test case
This test ensures that the optimizations in 8048e9c are actually effective.
2017-01-11 19:38:52 +01:00
Leonard Hecker
8048e9c3bc proxy: Added unbuffered request optimization
If only one upstream is defined we don't need to buffer the body.
Instead we directly stream the body to the upstream host,
which reduces memory usage as well as latency.
Furthermore this enables different kinds of HTTP streaming
applications like gRPC for instance.
2017-01-11 19:38:14 +01:00
Ben Gadbois
c7c34266da Add misspell to travis build
Replace test text with real words so misspell doesn't throw errors
2017-01-10 15:39:00 -08:00
Ben Gadbois
eee9d00255 Fix small misspellings 2017-01-10 13:09:24 -08:00
Tw
633567744d proxy: refactor TestUpstreamHeadersUpdate and TestDownstreamHeadersUpdate
Signed-off-by: Tw <tw19881113@gmail.com>
2017-01-09 09:07:04 +08:00
Matt Holt
c3523305f0 Merge pull request #1325 from mholt/authheader
basicauth: Remove Authorization header on successful authz (issue #1324)
2017-01-07 19:41:55 -07:00
Matthew Holt
3f770603bc
browse: Simple filter textbox for default template
Typing in this box will filter the list of items by name.
2017-01-03 23:59:04 -07:00
Matthew Holt
54acb9b2de
basicauth: Remove Authorization header on successful authz (issue #1324)
If a site owner protects a path with basicauth, no need
to use the Authorization header elsewhere upstream, especially since it
contains credentials.

If this breaks anyone, it means they're double-dipping. It's usually
good practice to clear out credentials as soon as they're not needed
anymore. (Note that we only clear credentials after they're used,
they stay for any other reason.)
2017-01-03 17:47:27 -07:00
Gregor Noczinski
8b9c9efdba Fix position of "filter" in directives (#1323)
* Fix #2 (Replacement doesn't happen - https://github.com/echocat/caddy-filter/issues/2) bug of caddy-filter

* Fixed gofmt issue.

* Remove comment of reason why we do a reorder
2017-01-03 09:03:13 -07:00
Matthew Holt
a1a8d0f655 Merge branch 'master' of github.com:mholt/caddy 2017-01-01 10:27:58 -07:00
Matthew Holt
5d813a1b58
Close connection on automatic HTTP->HTTPS redirects 2017-01-01 10:27:53 -07:00
Sawood Alam
04bee0f36d Implementing custom PathClean function to allow masking, closes #1298 (#1317)
* Added path cleanup functions with masking to preserve certain patterns + unit tests, #1298

* Use custom PathClean function instead of path.Clean to apply masks to preserve protocol separator in the path

* Indentation corrected in the test data map to pass the lint

* Fixing ineffassign of a temporary string variable

* Improved variable naming and documentation

* Improved variable naming

* Added benchmarks and improved variable naming in tests

* Removed unnecessary value capture when iterating over a map for keys

* A typo correction
2016-12-31 20:29:14 -07:00
Matt Holt
7cbbb01f94 Merge pull request #1309 from lhecker/master
Fixed #1292 and resulting issues from #1300
2016-12-31 19:51:29 -07:00
Leonard Hecker
4babe4b201 proxy: Added support for HTTP trailers 2016-12-30 18:34:26 +01:00
Leonard Hecker
533039e6d8 proxy: Removed leftover restriction to HTTP/1.1 2016-12-29 16:07:22 +01:00
Leonard Hecker
b857265f9c proxy: Fixed support for TLS verification of WebSocket connections 2016-12-28 17:38:54 +01:00
Leonard Hecker
153d4a5ac6 proxy: Improved handling of bufferPool 2016-12-28 17:17:52 +01:00
Mateusz Gajewski
d5fe4928f2 Remove pre 0.9 code (#1304)
* Remove pre 0.9 code

* Unused import

* gofmtw
2016-12-27 15:53:16 -07:00
Leonard Hecker
20483c23f8 Added end-to-end test case for #1292 2016-12-26 20:53:18 +01:00
Leonard Hecker
9f9ad21aaa Fixed #1292: Failure to proxy WebSockets over HTTPS
This issue was caused by connHijackerTransport trying to record HTTP
response headers by "hijacking" the Read() method of the plain net.Conn.
This does not simply work over TLS though since this will record the TLS
handshake and encrypted data instead of the actual content.
This commit fixes the problem by providing an alternative transport.DialTLS
which correctly hijacks the overlying tls.Conn instead.
2016-12-26 20:52:36 +01:00
Leonard Hecker
53635ba538 Fixed panic due to 0-length buffers being passed to io.CopyBuffer 2016-12-26 20:42:00 +01:00
Leonard Hecker
6352c9054a Fixed proxy not respecting the -http2 flag 2016-12-26 20:40:44 +01:00
Matthew Holt
1da70d3ba1
ACME challenge proxy now accounts for ListenHost (bind); fixes #1296 2016-12-23 09:40:03 -07:00
Matthew Holt
3198200479
Re-align atomic struct field (fixes #1306) 2016-12-22 15:02:33 -07:00
Leonard Hecker
a3aa414ff3 Fixed HTTP/2 support for the proxy middleware (#1300)
* Fixed HTTP/2 support for the proxy middleware

http.Transport instances whose TLSClientConfig, Dial, or DialTLS field
is non-nil will be configured without HTTP/2 support by default.

This commit adds the proper calls to http2.ConfigureTransport()
everywhere a http.Transport is created and thus fixes HTTP/2 in the
proxy middleware whenever insecure_skip_verify or keepalive is provided.

* Added HTTP/2 support check to TestReverseProxyInsecureSkipVerify
2016-12-21 12:44:07 -07:00
Mateusz Gajewski
54c63002cc Feature #1282 - Support serving statically compressed .gz and .br files (#1289)
* Feature #1282 - Support pre-gzipped files

* Fix broken test cases

* Support brotli encoding as well

* Fix for #1276 - support integers and floats as metadata in markdown (#1278)

* Fix for #1276

* Use strconv.Format

* Use map[string]interface{} as variables

* One more file

* Always run all tests before commit

* Get rid of DocFlags

* Fix syntax in caddy.conf

* Update to Go 1.7.4

* Add send_timeout property to fastcgi directive.

* Convert rwc field on FCGIClient from type io.ReadWriteCloser to net.Conn.
* Return HTTP 504 to the client when a timeout occurs.
* In Handler.ServeHTTP(), close the connection before returning an HTTP
502/504.
* Refactor tests and add coverage.

* Return HTTP 504 when FastCGI connect times out.

* test: add unit test for #1283 (#1288)

* After review fixes

* Limit the number of restarts with systemd

* Prevent fd leak

* Prevent fd leak

* Refactor loops

* gofmt
2016-12-19 09:51:09 -07:00
Mateusz Gajewski
c555e95366 Fix for issue #1287 - don't list hidden files in directory listing (#1290)
* Fix for issue #1287 - hide hidden files

* Reuse IsHidden

* Fix failing tests
2016-12-17 11:30:08 -07:00
Guiheux Steven
8653b70c32 test: add unit test for #1283 (#1288) 2016-12-07 18:59:02 -07:00
ericdreeves
9f16ac84a0 Return HTTP 504 when FastCGI connect times out. 2016-12-03 16:31:29 -06:00
ericdreeves
5874fbeb7e Add send_timeout property to fastcgi directive.
* Convert rwc field on FCGIClient from type io.ReadWriteCloser to net.Conn.
* Return HTTP 504 to the client when a timeout occurs.
* In Handler.ServeHTTP(), close the connection before returning an HTTP
502/504.
* Refactor tests and add coverage.
2016-12-03 16:15:41 -06:00
Mateusz Gajewski
17e7e6076a Fix for #1276 - support integers and floats as metadata in markdown (#1278)
* Fix for #1276

* Use strconv.Format

* Use map[string]interface{} as variables

* One more file

* Always run all tests before commit

* Get rid of DocFlags
2016-12-02 23:35:33 -07:00
Mateusz Gajewski
9e98d6cd52 Fix for #1164 - allow only one header per line (#1280)
* Fix for #1164 - allow only one header per line

* Include original reporter case
2016-11-29 21:24:12 -07:00
Mateusz Gajewski
32fa0ce6a0 Merge branch 'master' into fastcgi-timeout-defaults 2016-11-29 19:06:43 +01:00
Matthew Holt
36f8759a7b
Ensure some tests remove temporary directories they created 2016-11-28 22:26:54 -07:00
ericdreeves
b8722d9af3 Fix read timeout and add default timeout values.
By setting the read deadline in streamReader.Read(), the deadline was
extended by the read timeout on each subsequent call. To avoid this, the
deadline is set in FCGIClient.Request(), before the first read occurs.

See #1094.
2016-11-25 10:30:51 -06:00
Matthew Holt
22a266a259 templates: Add arguments to .Include 2016-11-20 21:40:06 -07:00
ericdreeves
5a6b765673 Add connect_timeout and read_timeout to fastcgi. (#1257) 2016-11-19 09:05:29 -07:00
ericdreeves
98c17bcdf2 Sort the resulting slice before the comparison. 2016-11-19 08:37:36 -06:00
Gyula Voros
b783caaaed Filter empty headers (#1239)
* Filter empty headers

Some web servers (e.g. Jetty 9.3) don’t like HTTP headers with empty values. This commit filters header replacements with zero length.

* Extend tests to verify removal of empty headers

* Handle add-header case

* Change - Use short variable assignment
2016-11-16 21:41:53 -07:00
Mateusz Gajewski
c972ea39c8 Fastcgi upstreams (#1264)
* Make fastcgi load balanceable too

* Address one more corner case - invalid configuration fastcgi /

* After review fixes

* Simplify conditions

* Error message

* New fastcgi syntax

* golint will be happy

* Change syntax
2016-11-16 21:29:43 -07:00
Benny Ng
dd4c4d7eb6 proxy: record request Body for retry (fixes #1229) 2016-11-04 19:15:36 +08:00
Ngo The Trung
0cdaaba4b8 Add maxrequestbody directive (#1163) 2016-11-04 08:25:49 +08:00
Mateusz Gajewski
63f749112b Use http.Header instead of custom type (#1214)
* Use http.Header

* This initialization was just stupid
2016-11-03 12:24:26 -06:00
Tw
e85ba0d4db proxy: make value is optional when removing a header
fix issue #1234

Signed-off-by: Tw <tw19881113@gmail.com>
2016-11-03 22:50:51 +00:00
Matthew Holt
b89cbe18e2 Move header up above errors in directive order (fix #1183) 2016-11-02 08:13:58 -06:00
Matthew Holt
14500d8204 header: Implement Flusher and CloseNotifier 2016-11-02 08:13:58 -06:00
Tw
a2900e46f4 header: only register deletion operation (#1212)
fix issue #1183

Signed-off-by: Tw <tw19881113@gmail.com>
2016-11-01 22:08:02 -06:00
ericdreeves
08c17c7c31 Add Files action to template context. (closes #1198) (#1226)
* Add Files action to template context. (#1198)

* Fixes to testFiles().

- Set os.ModePerm on directories created during test.
- Use filepath.Join() to create directory path.
- Use Fatalf, not Fatal.

* Make additional fixes to test cases.

* Fix test cases to use correct path format.

Dir.Open() in net/http requires '/'-separated paths while
filepath.Join() may produce paths with different separator.

* Remove directory created by test at end of loop.

* Close the FileSystem before returning.

* Initialize names slice to the number of entries.

Also, do not call os.RemoveAll() unless the path to the directory
is a valid one.
2016-11-01 22:04:53 -06:00
Mateusz Gajewski
8cc3416bbc
Remove dead code, do struct alignment, simplify code 2016-10-25 19:19:54 +02:00
Toby Allen
c4d64a418b Log site info output at start. Fix for #1205 (#1210)
* Log Site start to -log. Fix for #1205

* Removed Comment
2016-10-25 09:31:21 -06:00
Matt Holt
f3108bb7bf Merge pull request #1207 from tw4452852/1206
proxy: set request's body to nil explicitly
2016-10-25 09:30:10 -06:00
Mateusz Gajewski
c2853ea64b Use proper Request (#1197)
* Use proper Request

* Fixes
2016-10-25 09:28:53 -06:00
Tw
a1dd6f0b34 proxy: set request's body to nil explicitly
fix issue #1206

Signed-off-by: Tw <tw19881113@gmail.com>
2016-10-24 11:10:12 +08:00
Henrique Dias
2b9bbc5236 Moving File Manager higher in the directive list (#1199)
* Moving File Manager higher in the directive list

See hacdias/caddy-filemanager#35.

* gofmt
2016-10-20 14:52:43 -06:00
Tw
2bd6fd0aea errors: don't join the absolute file path
fix issue #1188

Signed-off-by: Tw <tw19881113@gmail.com>
2016-10-18 09:55:50 +08:00
Toby Allen
94af37087b Fix for fastcgi deletion of Caddy-Rewrite-Original-URI header #1153 (#1184)
* Very simple fix for #1153

* Prevent  Caddy-Rewrite-Original-URI being added as  an HTTP ENV variable passed to FastCGI

part of fix for #1153

* Changes to Markdown to fix travis CI build.

#1955.2

* Revert "Changes to Markdown to fix travis CI build."

This reverts commit 4a01888839.

* fail fast and fmt changes

* Create test for existance of Caddy-Rewrite-Original-URI header value #1153

* updated test comment

* const moved outside function so available to tests
2016-10-16 12:11:52 -06:00
Matthew Holt
5fcfdab6c7
Reorder basicauth directive; it should also protect redirects 2016-10-15 09:41:03 -06:00
Gregor Noczinski
016384abef * Added directive "filter" to whitelist for support of github.com/echocat/caddy-filter (#1167) 2016-10-15 09:31:22 -06:00
Matt Holt
550b1170bd Merge branch 'master' into 1173 2016-10-13 22:56:19 -06:00
Tw
4baca884c5 proxy: preserve path trailing slash if it was there
fix issue #1177

Signed-off-by: Tw <tw19881113@gmail.com>
2016-10-11 17:06:59 +08:00
Tw
d0455c7b9c add more descriptive errors
Signed-off-by: Tw <tw19881113@gmail.com>
2016-10-11 10:34:51 +08:00
Tw
e5d33e73f3 header: implement http.Hijacker for responseWriterWrapper
fix issue #1173

Signed-off-by: Tw <tw19881113@gmail.com>
2016-10-11 08:53:47 +08:00
Aish Raj Dahal
733f622f7a
Add new placeholder for latency in milliseconds 2016-10-05 21:06:15 -07:00
Tw
cc638c7faa proxy: handle 'without' option in encoded form of URL path
fix issue #1154

Signed-off-by: Tw <tw19881113@gmail.com>
2016-10-02 19:32:14 +00:00
Peer Beckmann
bb7787d2ee Remove the eager check in the browse middleware (#1144)
* Remove the eager check in the browse middleware, whether the root directory exists.
Caddy will start and throw a 404-error until the directory will be created.

* Add the complimentary test.
 - Tests the startup of the browse middleware if the site root is inexistent and browse is pointing to the site root.

* Some minor stylistic tweaks.
2016-09-28 12:23:44 -06:00
Matt Holt
8620581f95 Merge pull request #1145 from tw4452852/header_placeholder
replacer: evaluate header placeholder when replacing
2016-09-28 10:42:41 -06:00
Tw
99a6b2db67 replacer: evaluate header placeholder when replacing
fix issue #1137

Signed-off-by: Tw <tw19881113@gmail.com>
2016-09-28 19:32:16 +00:00
Matt Holt
8944332e13 Merge pull request #1143 from mholt/1136-fix
Fix #1136 - IP hash policy no longer changes host pool
2016-09-28 08:07:58 -06:00
Kris Hamoud
be1c57acfe 1136 fix
logic change
2016-09-28 04:09:46 -07:00
Matt Holt
b06b3981cf Merge pull request #1140 from tw4452852/defer_header
header: defer header operations
2016-09-27 19:02:28 -06:00
Sebastian Schmittner
8cb4e90852 Add fix and tests for FastCGI persistent connections (#1134)
* keep fastcgi connection open

* poor mans serialisation to make up for the lack of demuxing

* pointing includes to echse's repo

* Revert "pointing includes to echse's repo"

This reverts commit 281daad8d4.

* switch for persistent fcgi connections on/off added

* fixing ineffectual assignments

* camel case instead of _

* only activate persistent sockets on windows (and some naming conventions/cleanup)

* gitfm import sorting

* Revert "fixing ineffectual assignments"

This reverts commit 79760344e7.

# Conflicts:
#	caddyhttp/staticfiles/fileserver.go

* added another mutex and deleting map entries. thx to mholts QA comments!

* thinking about it, this RW lock was not a good idea here

* thread safety

* I keep learning about mutexs in go

* some cosmetics

* adding persistant fastcgi connections switch to directive

* Support for configurable connection pool.

* ensure positive integer pool size config

* abisofts pool fix + nicer logging for the fastcgi_test

* abisoft wants to have dialer comparison in _test instead of next to struct

* Do not put dead connections back into pool

* Fix fastcgi header error

* Do not put dead connections back into pool

* some code style improvements from the discussion in https://github.com/mholt/caddy/pull/1134

* abisofts naming convention
2016-09-27 18:12:22 -06:00
Matt Holt
871d11af00 Merge pull request #1135 from mholt/proxyerrs
proxy: Improve failover logic and retries
2016-09-27 17:53:44 -06:00
Matthew Holt
6397a85e50
proxy: Only wait 250ms between backend tries 2016-09-27 17:49:00 -06:00
Tw
d0ddfc849d header: defer header operations
fix issue #1131

Signed-off-by: Tw <tw19881113@gmail.com>
2016-09-27 15:35:13 +08:00
Matthew Holt
617012c3fb
Use time.Since() for readability 2016-09-24 21:27:57 -06:00
Matt Holt
4adbcd2565 Merge pull request #1125 from hlidotbe/master
Add expires directive
2016-09-24 21:11:30 -06:00
Matt Holt
d01bcd591c Merge pull request #1112 from tw4452852/proxy_header
proxy: don't append predefined headers
2016-09-24 21:02:19 -06:00
Tw
c9b022b5e0 proxy: don't append some predefined headers
fix issue #1086

Signed-off-by: Tw <tw19881113@gmail.com>
2016-09-25 09:24:27 +00:00
Matthew Holt
a661007a55
proxy: Fix retry logic for when no hosts are available 2016-09-24 16:30:40 -06:00
Matthew Holt
0c0142c8cc
Delete tryDuration, now unused 2016-09-24 16:05:33 -06:00
Matthew Holt
37f05e450f
proxy: Add try_duration and try_interval; by default don't retry 2016-09-24 16:03:22 -06:00
Matthew Holt
9b9a77a160
proxy: Improved error reporting
We now report the actual error message rather than a generic one
2016-09-24 14:22:13 -06:00
Tw
4670d13c8c proxy: fix checking error in TestDownstreamHeadersUpdate and TestUpstreamHeadersUpdate
Signed-off-by: Tw <tw19881113@gmail.com>
2016-09-24 19:28:42 +00:00
Matthew Holt
9077cce126
Add tests for case insensitivity of keys and saving contexts 2016-09-24 13:24:33 -06:00
Matthew Holt
76d9d695be
Remove use of proxy_header in test 2016-09-24 12:27:16 -06:00
Matthew Holt
a4d70262aa
Use strings.Contains instead of IndexOf for readability 2016-09-24 12:09:28 -06:00
Hugues Lismonde
79f2deee42 Add expires directive 2016-09-24 08:10:32 +02:00
Abiola Ibrahim
bac54de9eb Fastcgi persistent fix (#1129)
* Support for configurable connection pool.

* ensure positive integer pool size config
2016-09-23 23:29:23 -06:00
Matthew Holt
bbf954cbf2
Fix case sensitivity in site addresses 2016-09-20 22:44:05 -06:00
Matthew Holt
fcad474064 Move prometheus directive higher in list (closes #1119) 2016-09-20 14:29:32 -06:00
Lars Wiegman
4449d3dcd9 Add the multipass plugin to the directives (#1120)
* Add the multipass plugin to the directives

* Fix gofmt
2016-09-20 09:06:28 -06:00
Matthew Holt
bedad34b25
Clean up some significant portions of the TLS management code 2016-09-14 22:30:49 -06:00
James Cooper
40a3a6b24f Add awslambda to plugin.go 2016-09-10 07:52:04 -07:00
Sebastian Schmittner
09a1f02971 persistent fastcgi connections (#1087)
* keep fastcgi connection open

* poor mans serialisation to make up for the lack of demuxing

* pointing includes to echse's repo

* Revert "pointing includes to echse's repo"

This reverts commit 281daad8d4.

* switch for persistent fcgi connections on/off added

* fixing ineffectual assignments

* camel case instead of _

* only activate persistent sockets on windows (and some naming conventions/cleanup)

* gitfm import sorting

* Revert "fixing ineffectual assignments"

This reverts commit 79760344e7.

# Conflicts:
#	caddyhttp/staticfiles/fileserver.go

* added another mutex and deleting map entries. thx to mholts QA comments!

* thinking about it, this RW lock was not a good idea here

* thread safety

* I keep learning about mutexs in go

* some cosmetics
2016-09-10 06:47:47 -06:00
Matthew Holt
5f135a27d5
Eliminate ineffectual assignments
Most of these were fixed by handling errors that were previously
unhandled (oops).
2016-09-05 10:30:46 -06:00
Matthew Holt
45a3d0b526
Fix misspellings 2016-09-05 10:20:34 -06:00
Matthew Holt
14a6e4b4ed
More minor text fixes 2016-08-30 13:37:35 -06:00
Issac Trotts
1991083322 Fix tests to not make long unix domain socketpaths
Some tests were running into this issue:
https://github.com/golang/go/issues/6895

Putting the sockets into temp dirs fixes the problem.
2016-08-29 18:09:46 -07:00
Issac Trotts
7ba804353c Use naoina/toml instead of BurntSushi/toml 2016-08-29 17:55:44 -07:00
Volodymyr Galkin
20ee457cae Add 'status' middleware instead of 'status' directive for 'rewrite' middleware 2016-08-29 17:17:23 +03:00
Matthew Holt
191ec27c26
Clarify godoc for HTTP handler signature 2016-08-25 17:13:49 -06:00
Matthew Holt
17709a7d3f
Defer loading directives until needed (fix for previous commit)
This change is still experimental.
2016-08-25 00:15:18 -06:00
Matthew Holt
5a691fbaf5
httpserver: Added function to register directive at runtime (dev only)
This function should not be used outside of development. It destroys the
absolute ordering and guarantees of correctness. Multiple uses of it
may work fine, but maybe not if they overlap, causing non-deterministic
builds which is bad. However, this can be convenient when developing
a plugin by calling it from an init() function, since you don't have
to modify the Caddy source code just to try your plugin.
2016-08-24 23:12:41 -06:00
Tw
e7af23e1e6 log: add multiple log entry test
Signed-off-by: Tw <tw19881113@gmail.com>
2016-08-25 11:21:08 +08:00
Tw
5e0f4083c4 log: support multiple log entries under one path scope
fix issue #1044

Signed-off-by: Tw <tw19881113@gmail.com>
2016-08-24 12:48:51 +08:00
Michael Grosser
3dc98c8ce3 Keep quic protocol headers only between one hop
Removing quic protocol headers from being persisted during proxy requests.
Not removing them could lead to the client attempting to connect to the wrong port.
This makes the quic headers consistent with other protocol headers.
2016-08-23 22:05:56 +00:00
Matthew Holt
151d0baa94
Minor text fixes ;) 2016-08-23 15:47:23 -06:00
Luna Duclos
1dfe1e5ada Add plugin capabilities for tls storage.
To use a plugged in storage, specify "storage storage_name" in the tls block of the Caddyfile, by default, file storage will be used
2016-08-23 23:00:20 +02:00
Nimi Wariboko Jr
2ef8905966 Proxy: Instead of setting DisableKeepAlives, set MaxIdleConnsPerHost to -1 to prevent net/http from pooling the connections. DisableKeepAlives causes net/http to send a Connection: Closed header which is bad. Fixes #1056 2016-08-22 18:00:37 -07:00
Tw
590862a962 replacer: capture request body normally
fix issue #1015

Signed-off-by: Tw <tw19881113@gmail.com>
2016-08-23 08:20:49 +08:00
Tw
40c09d6789 replacer: code refactor
Signed-off-by: Tw <tw19881113@gmail.com>
2016-08-23 08:20:49 +08:00
Tw
bba1059ef9 log: add log request body test
Signed-off-by: Tw <tw19881113@gmail.com>
2016-08-23 08:20:49 +08:00
Matthew Holt
fdc62d015f
log: Create log file directory before creating log file 2016-08-18 07:35:55 -06:00
Simon Lightfoot
f372f5fce7 Fix for invalid environment variable names used on windows that start with an equals symbol. Even though this contradicts the Microsoft docs. 2016-08-15 20:42:00 +01:00
Matthew Holt
454b1e3939
Honor bind directive for ACME challenges
Fixes https://forum.caddyserver.com/t/basic-caddy-installation-failing-on-automatic-https/472?u=matt
2016-08-15 12:08:51 -06:00
Simon Lightfoot
45ac11088e Added support for environment variables to 'templates' module. (#1035)
* * Added support for environment variables to 'templates' module.

* Fixed flaw in test caused by environment variable ordering during testing on CI.

* Updated some local variables to camel-case.

* Reverted changes to replacer as environment variables are processed elsewhere.

* Removed PrintEnv functionality in favour of documenting using template range.
2016-08-15 11:15:58 -06:00
Volodymyr Galkin
b830667a25 Fix error which lead to skipping tests in 'errors.TestErrorsParse' 2016-08-15 16:44:34 +03:00
Volodymyr Galkin
441a8f5eff Check for duplicate status code entries in 'errors' directive 2016-08-12 16:47:00 +03:00
Matt Holt
4f6500c95b Merge pull request #1028 from evvvvr/wildcard-error-page-752
Add support for default (wildcard) error page
2016-08-11 23:33:44 -06:00
Matt Holt
ac0dd303be Merge branch 'master' into log-request-body 2016-08-11 17:36:09 -06:00
Carter
676202a31e Fixed styling and byte count 2016-08-11 19:08:49 -04:00
Matthew Holt
c8a99d2f81
Don't use X-Forwarded-For for {remote} placeholder (closes #1025) 2016-08-11 16:54:17 -06:00
Carter
8e8e2f596d Merge branch 'master' into log-request-body 2016-08-11 18:08:19 -04:00
Volodymyr Galkin
f7003bee3f Add support for default (wildcard) error page 2016-08-11 15:51:15 +03:00
Carter
532ab661c7 Fully read and close the request body 2016-08-11 07:03:14 -04:00
Matthew Holt
68be4a9161
Don't prompt for email when user is not there to provide one
Also don't bother showing stdout output in same situation
2016-08-10 23:46:04 -06:00
Carter
d56ac28bec Using a LimitReader and fixed test and log format. 2016-08-10 22:43:26 -04:00
Carter
3fd8218f67 refactor and added test 2016-08-10 11:04:37 -04:00
Carter
d06c15cae6 Set the request body to a new ReadCloser 2016-08-10 10:36:16 -04:00
Carter
59b1e8b0bc Now logging the request body
Logging the request body if the Content-Type is application/json or
application/xml
2016-08-10 10:04:57 -04:00
Matthew Holt
ce8b1dfe94 Warn upon use of proxy_header 2016-08-08 13:48:13 -06:00
Carter
4d76ccb1c4 Rounding the latency in certain scenarios (#1005)
* Rounding the latency in certain scenarios

* run gofmt
2016-08-08 10:14:53 -06:00
Simon Lightfoot
de7bf4f241 Enable downloading of protected content. See issue #979 (#980)
* Fix for stripping of 'Content-Disposition' and other headers from 'X-Accel-Redirect' redirect scripts.

* Added test case for header manipulation of redirect response.
2016-08-07 23:16:33 -06:00
Stavros Korokithakis
681c95a749 Add default "Restricted" realm to HTTP Basic auth (#1007)
* Add default "Restricted" realm to HTTP Basic auth

* Add tests for the Basic auth realm
2016-08-07 07:50:36 -06:00
Matthew Holt
2019eec5a5
Fix lint warnings; group methods for same type together 2016-08-06 14:46:52 -06:00
Matthew Holt
ee615371a8
Export staticfiles.Redirect for convenience in preserving query string 2016-08-06 14:40:58 -06:00
Nimi Wariboko Jr
8898066455 Merge branch 'master' into proxy/single-webconn 2016-08-05 16:57:54 -07:00
Nimi Wariboko Jr
824ec6cb95 Merge branch 'master' into proxy/keepalive-directive 2016-08-05 16:20:37 -07:00
Nimi Wariboko Jr
5b5e365295 Instead of treating 0 is a default value, use http.DefaultMaxIdleConnsPerHost 2016-08-05 15:41:32 -07:00
Tw
94c63e42d6 proxy: add Host header checking
fix issue #993

Signed-off-by: Tw <tw19881113@gmail.com>
2016-08-04 13:07:20 +08:00
Nimi Wariboko Jr
6e9439d22e Proxy: Fix data race in test. 2016-08-02 12:39:15 -07:00
Nimi Wariboko Jr
f4cdf53761 Proxy: Fix transport defn; cleanup connection. 2016-08-02 12:31:17 -07:00
Matt Holt
89f5b646c3 Merge pull request #978 from krishamoud/master
added ip_hash load balancing
2016-08-02 11:25:52 -06:00
Nimi Wariboko Jr
d534a2139f Proxy: When connecting to websocket backend, reuse the connection isntead of starting a new one. 2016-08-01 19:11:31 -07:00
Eric Drechsel
c4e65df262 Proxy: Add a failing test which replicates #763
2 websocket connections are made instead of one
2016-08-01 19:09:02 -07:00
Kris Hamoud
88d3dcae42 added ip_hash load balancing
updated tests

fixed comment format

fixed formatting, minor logic fix

added newline to EOF

updated logic, fixed tests

added comment

updated formatting

updated test output

fixed typo
2016-08-01 18:50:53 -07:00
Nimi Wariboko Jr
db4cd8ee2d Proxy: Add keepalive directive to proxy to set MaxIdleConnsPerHost on transport. Fixes #938 2016-08-01 15:54:07 -07:00
Matt Holt
da5b3cfc50 Merge pull request #976 from wjkohnen/h2
Re-enable HTTP/2 for Go 1.7.
2016-08-01 15:06:44 -06:00
Tw
b64894c31e redir: loading block arguments before parsing matcher
fix issue #977

Signed-off-by: Tw <tw19881113@gmail.com>
2016-08-01 14:38:18 +08:00
Wolfgang Johannes Kohnen
d88dd74dec Re-enable HTTP/2 for Go 1.7.
* Since Go 1.7 HTTP/2 support is enabled only if TLSConfig.NextProtos
   includes the string "h2".
 * see mholt/caddy#975
2016-07-30 18:18:53 +00:00
Matthew Holt
c8daaba4be
Update link to SA 1.1.1 (and other minor tweaks) 2016-07-28 11:11:14 -06:00
Philipp Brüll
1dd413bd69 Change position of locale directive
First, great job on the 0.9 release! It seems caddy's path lead into a bright future. Thanks also for including the locale plugin.

Trying it, I've figured out, that there might be a problem with the order of the directives. In the typical use case, the result of the locale detection might be used in the `rewrite` and `log` plugin. If I'm not mistaken, it makes sense to put the `locale` directive before those.
2016-07-24 11:55:25 +02:00
xuqingfeng
b2aed643f4 Register ratelimit 2016-07-23 10:50:07 +08:00
Viacheslav Chimishuk
62e8c4b76b Use authentification credentials from proxy's configuration as a default. (#951) 2016-07-22 11:33:50 -06:00
Matthew Holt
6490ff6224
Adjust proxy headers properly (fixes #916) 2016-07-21 18:18:01 -06:00
Matthew Holt
57710e8b0d Revert "Merge pull request #931 from pedronasser/master"
This reverts commit 9ea0591951, reversing
changes made to 2125ae5f99.
2016-07-21 13:31:43 -06:00
Matt Holt
4678471fe0 Merge pull request #952 from abiosoft/condition-patch
minor condition keyword check refactor
2016-07-21 12:03:33 -06:00
Matt Holt
d746b95906 Merge pull request #950 from tw4452852/proxy_parse
proxy: fix hyphen issue when parsing target
2016-07-21 12:01:10 -06:00
Abiola Ibrahim
3c8b2b5954 minor condition keyword check refactor 2016-07-21 15:42:38 +01:00
Tw
ca3d23bc70 proxy: fix hyphen issue when parsing target
fix issue #948

Signed-off-by: Tw <tw19881113@gmail.com>
2016-07-21 13:56:35 +08:00
Garrett Squire
e7c842215e Allow multiple values for an HTTP header and
add a test to ensure this works.
2016-07-20 22:17:13 -07:00
Tw
beae16f07c Proxy performance (#946)
* proxy: add benchmark

Signed-off-by: Tw <tw19881113@gmail.com>

* replacer: prepare lazily

update issue#939

benchmark            old ns/op     new ns/op     delta
BenchmarkProxy-4     83865         72544         -13.50%

Signed-off-by: Tw <tw19881113@gmail.com>

* proxy: use buffer pool to avoid temporary allocation

Signed-off-by: Tw <tw19881113@gmail.com>
2016-07-20 19:06:14 -06:00
Matthew Holt
df018ea64a
Properly handle path-only addresses (also fix godoc typos) 2016-07-18 18:45:20 -06:00
Matthew Holt
aede4ccbce Small changes; mostly comments 2016-07-18 14:32:28 -06:00
Miek Gieben
9315738dab Allow for UDP servers (#935)
* Allow for UDP servers

Extend the Server interface with ServePacket and ListenPacket - this is
in the same vein as the net package.

Plumb the packetconn through the start and restart phases.

Rename RestartPair to RestartTriple as it now also contains a Packet.
Not that these can now be nil, so we need to check for that when
restarting.

* Update the documentation
2016-07-18 14:24:09 -06:00
Pedro Nasser
6bb1e0c674 improve transparent mode 2016-07-14 18:16:58 -03:00
Pedro Nasser
b58872925a fixed transparent host and added test case 2016-07-14 15:43:06 -03:00
Pedro Nasser
8d7136fc06 fix transparent host header #916 2016-07-14 15:30:00 -03:00
Matthew Holt
3fd3feeffe
Add Ext action to template context (closes #844) 2016-07-11 08:37:19 -06:00
Matthew Holt
62622eb853 proxy: 'transparent' also sets X-Forwarded-For (closes #924) 2016-07-09 17:33:40 -06:00
Abiola Ibrahim
87c389f73d Proposal: Middleware Config (#908)
* Prototype middleware Config

* Refactors

* Minor refactors
2016-07-08 18:12:52 -06:00
Abiola Ibrahim
48abb41135 discard remaining args in if block 2016-07-08 19:39:31 +01:00
Pedro Nasser
39e55072d7 fix rewrite if problem (skip remaining args) 2016-07-08 14:11:15 -03:00
Matthew Holt
065eeb42c3 Move rewrite and ext middlewares to before gzip (fixes #914) 2016-07-06 00:04:53 -06:00