Age | Commit message (Collapse) | Author |
|
|
|
x/net 0.7.0 contains a security patch apparently.
|
|
* reverseproxy: Don't buffer chunked requests (fix #5366)
Mostly reverts 845bc4d50b437995d574819850206e4b3db4040d (#5289)
Adds warning for unsafe config.
Deprecates unsafe properties in favor of simpler, safer designed ones.
* Update modules/caddyhttp/reverseproxy/caddyfile.go
Co-authored-by: Y.Horie <u5.horie@gmail.com>
* Update modules/caddyhttp/reverseproxy/reverseproxy.go
Co-authored-by: Y.Horie <u5.horie@gmail.com>
* Update modules/caddyhttp/reverseproxy/reverseproxy.go
Co-authored-by: Y.Horie <u5.horie@gmail.com>
* Remove unused code
---------
Co-authored-by: Y.Horie <u5.horie@gmail.com>
|
|
* chore: Upgrade various dependencies
* Support CEL file matcher with no args
* Document `http.request.orig_uri.path.*`, reorder placeholders in docs
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
* added some tests for parseUpstreamDialAddress
Test 4 fails because it produces "[[::1]]:80" instead of "[::1]:80"
* support absolute windows path in unix reverse proxy address
* make IsUnixNetwork public, support +h2c and reuse it
* add new tests
|
|
* log response size for websocket request
* record size when using hijack bufio.Writer
|
|
* caddyhttp: Pluggable trusted proxy IP range sources
* Add request to the IPRangeSource interface
|
|
|
|
* caddyauth: Add singleflight for basic auth
* Fixes #5338
* it occurred the thunder herd problem like this https://medium.com/@mhrlife/avoid-duplicate-requests-while-filling-cache-98c687879f59
* Update modules/caddyhttp/caddyauth/basicauth.go
Fix comment
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
|
|
|
|
|
|
Fixes https://github.com/caddyserver/caddy/issues/5346
|
|
Fixes https://github.com/caddyserver/caddy/issues/5349
|
|
|
|
|
|
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
|
|
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Fixes undefined
|
|
Fixes https://github.com/caddyserver/caddy/issues/5171
|
|
As of Tailscale 1.34.0 on Windows, Tailscale now uses a named pipe to
connect to the local tailscale service.
This pulls in tailscale/tscert#5 as reported in tailscale/tscert#4.
(Sorry, we should've noticed this earlier!)
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
* cmd: Fix caddy fmt if input isn't formatted
* Fixes #5294
* return exit 1 with an error message
* cmd: Use formattingDifference for caddy fmt
* #5294
* expose caddyfile.formattingDifference
|
|
* httpcaddyfile: Change the parse rules when empty file or dotfile with a glob.
* Fixes #5295
* Empty file should just log a warning, and result in no tokens.
* The last segment of the path is '*', it should skip any dotfiles.
* The last segment of the path is '.*', it should read all dotfiles in a dir.
* httpcaddyfile: Regard empty files as import files which include only white space.
|
|
|
|
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
|
|
|
|
|
|
|
|
|
|
* Fixes #5236
* enable request body buffering in reverse proxy
when the request header has Transfer-Encoding: chunked
|
|
|
|
* reverseproxy: Set origreq in active health check
Fix #5281
* Oops; dereference Request
|
|
|
|
With placeholders
|
|
Attempt to fix logo that was appearing black in some browsers (perhaps due to CSP?).
Thanks to @IndeedNotJames for investigating! Hopefully this works.
|
|
Update logo and fix test result badge
|
|
|
|
|
|
|
|
* encode: respect Cache-Control HTTP header no-transform
* encode: switch to strings.Contains
|
|
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
* version: don't panic if read build info doesn't work
If `debug.ReadBuildInfo()` doesn't return the build information we
should not try to access it. Especially if users only want to build with
the `CustomVersion` we should not assume access to
`debug.ReadBuildInfo()`.
The build environment where this isn't available for me is when building
with bazel.
* exit early
|
|
* readme: white ZeroSSL text color in dark mode
* fix: keep `valign` for GitHub mobile app
|
|
|
|
And fix a comment typo
|
|
* acme_server: add certificate lifetime configuration option
Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
* pki: allow intermediate cert lifetime to be configured
Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
|
|
|