Fixes#1961
According to RFC 7231 and RFC 7230, there's
no reason a GET-Request can't have a body
(other than it possibly not being supported
by existing software). It's use is simply not
defined, and is left to the application.
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
* Fixed issue with {path} actually {uri}
* Test added for path rewrite
* add in uri_escaped
* added rewrite_uri and test
* fix broken test. Just checks for existance of rewrite header
* gitignore
* Use context to store uri value
* ignore .vscode
* tidy up, removal of comments and invalidated tests
* Remove commented out code.
* added comment as requested by lint
* fixed spelling mistake
* clarified code with variable name
* added context for uri and test
* added TODO comment to move consts
* Fix for missing content-length header when using QUIC
If request.ContentLength is set then it will be used instead of getting
it from request.Header map since quic-go(lucas-clemente/quic-go@bb24be8)
will not store (and pass) the Content-Length header using its header
map.
This fixes a potential issue where FastCGI POST requests body empty when
QUIC is enabled. (#1370)
* Change the data type for fastcgi contentLength to int64
quic-go uses int64 for contentLength
* Fix an error for undeclared variable
* Fix test for fcgiclient
the data type for contentLength
* Use RequestURI when redirecting to canonical path.
Caddy may trim a request's URL path when it starts with the path that's
associated with the virtual host. This change uses the path from the request's
RequestURI when performing a redirect.
Fix issue #1327.
* Rename redirurl to redirURL.
* Redirect to the full URL.
The scheme and host from the virtual host's site configuration is used
in order to redirect to the full URL.
* Add comment and remove redundant check.
* Store the original URL path in request context.
By storing the original URL path as a value in the request context,
middlewares can access both it and the sanitized path. The default
default FileServer handler will use the original URL on redirects.
* Replace contextKey type with CtxKey.
In addition to moving the CtxKey definition to the caddy package, this
change updates the CtxKey references in the httpserver, fastcgi, and
basicauth packages.
* httpserver: Fix reference to CtxKey
* Store name of authenticated user in basicauth for use by upstream middleware such as fastcgi and cgi.
* Use request context to transfer name of authorized user from basicauth to upstream middleware. Test retrieval of name from context.
* Remove development code that was inadvertently left in place
* Use keys of type httpserver.CtxKey to access Context values
* Convert rwc field on FCGIClient from type io.ReadWriteCloser to net.Conn.
* Return HTTP 504 to the client when a timeout occurs.
* In Handler.ServeHTTP(), close the connection before returning an HTTP
502/504.
* Refactor tests and add coverage.
By setting the read deadline in streamReader.Read(), the deadline was
extended by the read timeout on each subsequent call. To avoid this, the
deadline is set in FCGIClient.Request(), before the first read occurs.
See #1094.
* Make fastcgi load balanceable too
* Address one more corner case - invalid configuration fastcgi /
* After review fixes
* Simplify conditions
* Error message
* New fastcgi syntax
* golint will be happy
* Change syntax
* Very simple fix for #1153
* Prevent Caddy-Rewrite-Original-URI being added as an HTTP ENV variable passed to FastCGI
part of fix for #1153
* Changes to Markdown to fix travis CI build.
#1955.2
* Revert "Changes to Markdown to fix travis CI build."
This reverts commit 4a01888839.
* fail fast and fmt changes
* Create test for existance of Caddy-Rewrite-Original-URI header value #1153
* updated test comment
* const moved outside function so available to tests
* keep fastcgi connection open
* poor mans serialisation to make up for the lack of demuxing
* pointing includes to echse's repo
* Revert "pointing includes to echse's repo"
This reverts commit 281daad8d4.
* switch for persistent fcgi connections on/off added
* fixing ineffectual assignments
* camel case instead of _
* only activate persistent sockets on windows (and some naming conventions/cleanup)
* gitfm import sorting
* Revert "fixing ineffectual assignments"
This reverts commit 79760344e7.
# Conflicts:
# caddyhttp/staticfiles/fileserver.go
* added another mutex and deleting map entries. thx to mholts QA comments!
* thinking about it, this RW lock was not a good idea here
* thread safety
* I keep learning about mutexs in go
* some cosmetics
* adding persistant fastcgi connections switch to directive
* Support for configurable connection pool.
* ensure positive integer pool size config
* abisofts pool fix + nicer logging for the fastcgi_test
* abisoft wants to have dialer comparison in _test instead of next to struct
* Do not put dead connections back into pool
* Fix fastcgi header error
* Do not put dead connections back into pool
* some code style improvements from the discussion in https://github.com/mholt/caddy/pull/1134
* abisofts naming convention
* keep fastcgi connection open
* poor mans serialisation to make up for the lack of demuxing
* pointing includes to echse's repo
* Revert "pointing includes to echse's repo"
This reverts commit 281daad8d4.
* switch for persistent fcgi connections on/off added
* fixing ineffectual assignments
* camel case instead of _
* only activate persistent sockets on windows (and some naming conventions/cleanup)
* gitfm import sorting
* Revert "fixing ineffectual assignments"
This reverts commit 79760344e7.
# Conflicts:
# caddyhttp/staticfiles/fileserver.go
* added another mutex and deleting map entries. thx to mholts QA comments!
* thinking about it, this RW lock was not a good idea here
* thread safety
* I keep learning about mutexs in go
* some cosmetics
- Server types no longer need to store their own contexts; they are
stored on the caddy.Instance, which means each context will be
properly GC'ed when the instance is stopped. Server types should use
type assertions to convert from caddy.Context to their concrete
context type when they need to use it.
- Pass the entire context into httpserver.GetConfig instead of only the
Key field.
- caddy.NewTestController now requires a server type string so it can
create a controller with the proper concrete context associated with
that server type.
Tests still need more attention so that we can test the proper creation
of startup functions, etc.