summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-10-26reverseproxy: Sanitize scheme and host on incoming requests (#4237)Francis Lavoie
* caddyhttp: Sanitize scheme and host on incoming requests * reverseproxy: Sanitize the URL scheme and host before proxying * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2021-10-26httpcaddyfile: Empty tls policy for internal http localhost (#4398)Marc Easen
* test: replicated empty tls automation policy issue * fix: empty tls policy for an http:// endpoint running on a non-standard http port
2021-10-21go.mod: Replace promptui with Apache-compatible fork (fix #4394)Matthew Holt
Ideally this needs to be fixed upstream in github.com/manifoldco/promptui, but it appears unmaintained. Our dependency is extremely indirect: $ go mod why github.com/juju/ansiterm # github.com/juju/ansiterm github.com/caddyserver/caddy/v2/modules/caddypki github.com/smallstep/certificates/authority go.step.sm/cli-utils/ui github.com/manifoldco/promptui github.com/juju/ansiterm And it appears that all dependencies in this chain are in conflict with the LGPL license. Ref: - https://github.com/manifoldco/promptui/issues/173 - https://github.com/manifoldco/promptui/pull/181 /cc @maraino
2021-10-20httpcaddyfile: Preserve IPv6 addresses through normalization (fix #4381)Matthew Holt
Remove unnecessary Key() method and improve related tests
2021-10-20fileserver: Prevent focusing filter from scrolling on page load (#4393)Klaus Helenius
2021-10-19map: Fix 95c03506 (avoid repeated expansions)Matthew Holt
2021-10-18caddycmd: Add `--skip-standard` to `list-modules` command, quieter output ↵Francis Lavoie
(#4386) * caddycmd: Add --skip-standard to list-modules command, quieter output * caddycmd: Also quiet `caddy upgrade` output, redundant information
2021-10-18reverseproxy: Prevent copying the response if a response handler ran (#4388)Francis Lavoie
2021-10-16fileserver: Fix compression breaks using httpInclude (#4352) (#4358)Y.Horie
2021-10-13map: Fix regex mappingsMatthew Holt
It didn't really make sense how we were doing them before. See https://caddy.community/t/map-directive-and-regular-expressions/13866/6?u=matt
2021-10-12go.mod: Carefully upgrade some dependencies (fix #4251)Matthew Holt
The upgrade of smallstep/certificates fixes #4251. The upgrade of CertMagic fixes an issue reported in the forum that a longer timeout was confirmed to resolve (without any particular explanation, but oh well). Other upgrades have minor improvements and seem safe.
2021-10-11caddyhttp: reverseproxy: clarify warning for -insecure (#4379)Simão Gomes Viana
The question would only receive bad answers so it's better to just say what the option actually does.
2021-10-11caddycmd: fix caddy validate/fmt help message (#4377)M. Ángel Jimeno
* caddycmd: fix caddy validate help message Fixes #4376 * caddycmd: fix caddy fmt help message
2021-10-01caddyhttp: Placeholder for client cert in DER + base64 format (#4241)Oleg
* client.certificate_pem_encoded in base64 format * base64-encoding without pem encoding;naming change * fix cert.Raw instead of block.bytes
2021-09-29Move from deprecated ioutil to os and io packages (#4364)KallyDev
2021-09-27Revert 3336faf2 (close #4360)Matthew Holt
Debug log is correct level for this
2021-09-27Add explanation for project name to readmeMatthew Holt
2021-09-24General minor improvements to docsMatthew Holt
2021-09-24reverseproxy: Log error at error level (fix #4360)Matthew Holt
2021-09-20templates: Add tests for funcInclude and funcImport (#4357)Tim Culverhouse
* Update tplcontext.go Add {{ render "/path/to/file.ext" $data }} via funcRender * Update tplcontext.go * Refactor funcInclude, add funcImport to enable {{block}} and {{template}} * Fix funcImport return of nil showing up in html * Update godocs for and * Add tests for funcInclude * Add tests for funcImport * os.RemoveAll -> os.Remove for TestFuncInclude and TestFuncImport
2021-09-19fileserver: Make file listing links purple once visited (#4356)Slavik
2021-09-18fileserver: Fix displayed file size if it is symlink (#4354)HayatoShiba
* Fix file size if it is symlink * change the variable name for readability
2021-09-17templates: Add 'import' action (#4321)Tim Culverhouse
Related to (closed) Issue #2094 on template inheritance. This PR adds a new function called "import" which works like "include", except it only takes one argument and passes it to the referenced file to be used as "." in that file. * Update tplcontext.go Add {{ render "/path/to/file.ext" $data }} via funcRender * Update tplcontext.go * Refactor funcInclude, add funcImport to enable {{block}} and {{template}} * Fix funcImport return of nil showing up in html * Update godocs for and
2021-09-17fastcgi: Implement `try_files` override in Caddyfile directive (#4347)Francis Lavoie
2021-09-17caddyhttp: Add support for triggering errors from `try_files` (#4346)Francis Lavoie
* caddyhttp: Add support for triggering errors from `try_files` * caddyhttp: Use vars instead of placeholders/replacer for matcher errors * caddyhttp: Add comment for matcher error var key
2021-09-16fileserver: properly handle escaped/non-ascii paths (#4332)Mohammed Al Sahaf
* fileserver: properly handle escaped/non-ascii paths * fileserver: tests: accommodate Windows hate of colons in files names
2021-09-16Make copyright notice more consistentMatthew Holt
Some files had the old copyright or were missing the license comment entirely. Also change Light Code Labs to Dyanim in security contact and releases.
2021-09-15templates: Propagate httpError to HTTP responseMatthew Holt
Now possible with Go 1.17. See https://github.com/golang/go/issues/34201.
2021-09-13headers: Canonicalize case in replace (fix #4330)Matthew Holt
2021-09-11fastcgi: Fix Caddyfile parsing when `handle_response` is used (#4342)Francis Lavoie
2021-09-03go.mod: Update CertMagicMatthew Holt
Adds one more debug log
2021-09-03ci: revert workaround implemented in #4306 (#4328)Mohammed Al Sahaf
2021-09-01cmd: export CaddyVersion(), Commands() (#4316)peymaneh
* cmd: Export CaddyVersion() * cmd: Add getter Commands()
2021-08-31ci: Only test cross-build on latest Go version (#4319)Francis Lavoie
This generated way too many test jobs, which weren't really that useful. Cross-build is just to keep us posted on which architectures are building okay, so it's not necessary to do it twice. Only plan9 is not working at this point (see https://github.com/caddyserver/caddy/issues/3615)
2021-08-31encode: ignore flushing until after first write (#4318)Steffen Brüheim
* encode: ignore flushing until after first write (fix #4314) The first write will determine if encoding has to be done and will add an Content-Encoding. Until then Flushing has to be delayed so the Content-Encoding header can be added before headers and status code is written. (A passthrough flush would write header and status code) * Update modules/caddyhttp/encode/encode.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2021-08-30go.mod: Upgrade CertMagic to v0.14.4Matthew Holt
Adds more debug logging
2021-08-26go.mod: Upgrade some dependenciesMatthew Holt
2021-08-26httpcaddyfile: Reorder some directives (#4311)Francis Lavoie
We realized we made some mistakes with the directive ordering, so we're making some minor adjustments. `abort` and `error` don't really make sense to be after other handler directives, because you would expect to be able to "fail-fast" and throw an error before falling through to some `file_server` or `respond` typically. So we're moving them up to just before `respond`, i.e. before the common handler directives. This is also more consistent with our existing examples in the docs, which actually didn't work due to the directive ordering. See https://caddyserver.com/docs/caddyfile/directives/error#examples Also, `push` doesn't quite make sense to be after `handle`/`route`, since its job is to read from response headers to push additional resources if necessary, and `handle`/`route` may be terminal so push would not be reached if it was declared outside those. And also, it would make sense to be _before_ `templates` because a template _could_ add a `Link` header to the response dynamically.
2021-08-25chore: Upgrade smallstep libs (#4307)Francis Lavoie
See https://github.com/smallstep/nosql/issues/12 for context.
2021-08-25chore: promote creating 'caddy-build' to the release action (#4306)Mohammed Al Sahaf
The commit goreleaser/goreleaser@013bd69126459125694d7cb2c434dd9ba63e5a5b of GoReleaser is now checking the `go version` prior to executing any of the pre-hooks, which involves setting the current dir of the command to the `build.dir` of the build config. At the time of version check, the buil dir does not exist. It's created in the pre-hook. As a workaround, the build-dir is now created in the Github Action prior to executing goreleaser action.
2021-08-25httpcaddyfile: Improve unrecognized directive errorsMatthew Holt
2021-08-23reverseproxy: Remove redundant flushing (#4299)Francis Lavoie
From reading through the code, I think this code path is now obsoleted by the changes made in https://github.com/caddyserver/caddy/pull/4266. Basically, `h.flushInterval()` will set the flush interval to `-1` if we're in a bi-directional stream, and the recent PR ensured that `h.copyResponse()` properly flushes headers immediately when the flush interval is non-zero. So now there should be no need to call Flush before calling `h.copyResponse()`.
2021-08-23caddyfile: Better error message for missing site block braces (#4301)Francis Lavoie
Some new users mistakenly try to define two sites without braces around each. Doing this can yield a confusing error message saying that their site address is an "unknown directive". We can do better by keeping track of whether the current site block was parsed with or without a brace, then changing the error message later based on that. For example, now this invalid config: ``` foo.example.com respond "foo" bar.example.com respond "bar" ``` Will yield this error message: ``` $ caddy adapt 2021/08/22 19:21:31.028 INFO using adjacent Caddyfile adapt: Caddyfile:4: unrecognized directive: bar.example.com Did you mean to define a second site? If so, you must use curly braces around each site to separate their configurations. ```
2021-08-23caddyfile: Error on invalid site addresses containing comma (#4302)Francis Lavoie
Some users forget to use a comma between their site addresses. This is invalid (commas aren't a valid character in domains) and later parts of the code like certificate automation will try to use this otherwise, which doesn't make sense. Best to error as early as possible. Example thread on the forums where this happened: https://caddy.community/t/simplify-caddyfile/13281/9
2021-08-20cmd: Fix paths when using an env file (#4296)Pascal Zarrad
* core: Fix paths when using an env file * refactor: move path logic to loadFromEnv
2021-08-20chore: Update quic-go for go 1.17 support (#4297)Adam Weinberger
* Update quic-go for go 1.17 support * Complete quic-go update (go mod tidy)
2021-08-19caddyhttp: Updated the documentation for MatchQuery (#4295)Scott Mebberson
2021-08-19chore: Upgrade smallstep libs (#4291)Francis Lavoie
See https://github.com/smallstep/nosql/issues/12 for context.
2021-08-18cmd: use net.ErrClosed for matching returned error (#4289)M. Ángel Jimeno
Implements #3805
2021-08-17logging: Warn for deprecated single_field encoderMatthew Holt