summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/matchers.go
AgeCommit message (Collapse)Author
2023-03-27caddyhttp: Determine real client IP if trusted proxies configured (#5104)Francis Lavoie
* caddyhttp: Determine real client IP if trusted proxies configured * Support customizing client IP header * Implement client_ip matcher, deprecate remote_ip's forwarded option
2023-01-10caddyhttp: Add server-level `trusted_proxies` config (#5103)Francis Lavoie
2022-12-08go.mod: Update quic-go to v0.31.0Matthew Holt
And fix a comment typo
2022-11-30Clarify some docsMatthew Holt
2022-09-28core: Refactor and improve listener logic (#5089)Matt Holt
* core: Refactor, improve listener logic Deprecate: - caddy.Listen - caddy.ListenTimeout - caddy.ListenPacket Prefer caddy.NetworkAddress.Listen() instead. Change: - caddy.ListenQUIC (hopefully to remove later) - caddy.ListenerFunc signature (add context and ListenConfig) - Don't emit Alt-Svc header advertising h3 over HTTP/3 - Use quic.ListenEarly instead of quic.ListenEarlyAddr; this gives us more flexibility (e.g. possibility of HTTP/3 over UDS) but also introduces a new issue: https://github.com/lucas-clemente/quic-go/issues/3560#issuecomment-1258959608 - Unlink unix socket before and after use * Appease the linter * Keep ListenAll
2022-09-16core: Variadic Context.Logger(); soft deprecationMatthew Holt
Ideally I'd just remove the parameter to caddy.Context.Logger(), but this would break most Caddy plugins. Instead, I'm making it variadic and marking it as partially deprecated. In the future, I might completely remove the parameter once most plugins have updated.
2022-09-13caddyhttp: Very minor optimization to path matcherMatthew Holt
If * is in the matcher it will always match so we can just put it first.
2022-09-13caddyhttp: Explicitly disallow multiple regexp matchers (#5030)Francis Lavoie
* caddyhttp: Explicitly disallow multiple regexp matchers Fix #5028 Since the matchers would overwrite eachother, we should error out to tell the user their config doesn't make sense. * Update modules/caddyhttp/matchers.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2022-09-05caddyhttp: Support `respond` with HTTP 103 Early Hints (#5006)Matt Holt
* caddyhttp: Support sending HTTP 103 Early Hints This adds support for early hints in the static_response handler. * caddyhttp: Don't record 1xx responses
2022-08-17core: Change net.IP to netip.Addr; use netip.Prefix (#4966)WilczyńskiT
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2022-08-16caddyhttp: Smarter path matching and rewriting (#4948)Matt Holt
Co-authored-by: RussellLuo <luopeng.he@gmail.com>
2022-08-04Replace strings.Index usages with strings.Cut (#4930)WilczyńskiT
2022-08-02chore: Bump up to Go 1.19, minimum 1.18 (#4925)Francis Lavoie
2022-07-28caddyhttp: Use new CEL APIs (fix #4915)Matthew Holt
Hahaha this is the ultimate "I have no idea what I'm doing" commit but it compiles and the tests pass and I declare victory! ... probably broke something, should be tested more. It is nice that the protobuf dependency becomes indirect now.
2022-07-16caddyhttp: Enhance commentMatthew Holt
2022-07-13reverseproxy: Implement retry count, alternative to try_duration (#4756)Francis Lavoie
* reverseproxy: Implement retry count, alternative to try_duration * Add Caddyfile support for `retry_match` * Refactor to deduplicate matcher parsing logic * Fix lint
2022-07-13caddyhttp: Make query matcher more efficientMatthew Holt
Only parse query string once
2022-06-22Expose several Caddy HTTP Matchers to the CEL Matcher (#4715)Tristan Swadell
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2022-05-04caddyfile: Shortcut for `remote_ip` for private IP ranges (#4753)Francis Lavoie
2022-03-01caddyhttp: Support zone identifiers in remote_ip matcher (#4597)BitWuehler
* Update matchers.go * Update matchers.go * implementation of zone_id handling * last changes in zone handling * give return true values instead of bool * Apply suggestions from code review Co-authored-by: Francis Lavoie <lavofr@gmail.com> * changes as suggested * Apply suggestions from code review Co-authored-by: Francis Lavoie <lavofr@gmail.com> * Update matchers.go * shortened the Match function * changed mazcher handling * Update matchers.go * delete space Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2021-12-30caddyhttp: Fix `MatchPath` sanitizing (#4499)Francis Lavoie
This is a followup to #4407, in response to a report on the forums: https://caddy.community/t/php-fastcgi-phishing-redirection/14542 Turns out that doing `TrimRight` to remove trailing dots, _before_ cleaning the path, will cause double-dots at the end of the path to not be cleaned away as they should. We should instead remove the dots _after_ cleaning.
2021-11-08caddyhttp: Sanitize the path before evaluating path matchers (#4407)Francis Lavoie
2021-09-24General minor improvements to docsMatthew Holt
2021-09-17caddyhttp: Add support for triggering errors from `try_files` (#4346)Francis Lavoie
* caddyhttp: Add support for triggering errors from `try_files` * caddyhttp: Use vars instead of placeholders/replacer for matcher errors * caddyhttp: Add comment for matcher error var key
2021-08-19caddyhttp: Updated the documentation for MatchQuery (#4295)Scott Mebberson
2021-07-06caddyhttp: Fix incorrect determination of gRPC protocol (#4236)hmol233
2021-05-02reverseproxy: Add `handle_response` blocks to `reverse_proxy` (#3710) (#4021)Francis Lavoie
* reverseproxy: Add `handle_response` blocks to `reverse_proxy` (#3710) * reverseproxy: complete handle_response test * reverseproxy: Change handle_response matchers to use named matchers reverseproxy: Add support for changing status code * fastcgi: Remove obsolete TODO We already have d.Err("transport already specified") in the reverse_proxy parsing code which covers this case * reverseproxy: Fix support for "4xx" type status codes * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * caddyhttp: Reorganize response matchers * reverseproxy: Reintroduce caddyfile.Unmarshaler * reverseproxy: Add comment mentioning Finalize should be called Co-authored-by: Maxime Soulé <btik-git@scoubidou.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2021-05-02caddyhttp: performance improvement in HeaderRE Matcher (#4143)Calvin Xiao
Below is the report using `benchstat` and cmd: `go test -run=BenchmarkHeaderREMatcher -bench=BenchmarkHeaderREMatcher -benchmem -count=10` ``` name old time/op new time/op delta HeaderREMatcher-16 869ns ± 1% 658ns ± 0% -24.29% (p=0.000 n=10+10) name old alloc/op new alloc/op delta HeaderREMatcher-16 144B ± 0% 112B ± 0% -22.22% (p=0.000 n=10+10) name old allocs/op new allocs/op delta HeaderREMatcher-16 7.00 ± 0% 5.00 ± 0% -28.57% (p=0.000 n=10+10) ```
2021-02-11caddyhttp: Support placeholders in header matcher values (close #3916)Matthew Holt
2020-12-10caddyhttp: Optionally use forwarded IP for remote_ip matcherMatthew Holt
The remote_ip matcher was reading the X-Forwarded-For header by default, but this behavior was not documented in anything that was released. This is also a less secure default, as it is trivially easy to spoof request headers. Reading IPs from that header should be optional, and it should not be the default. This is technically a breaking change, but anyone relying on the undocumented behavior was just doing so by coincidence/luck up to this point since it was never in any released documentation. We'll still add a mention in the release notes about this.
2020-12-09caddyhttp: Document that remote_ip reads X-Forwarded-For headerMatthew Holt
https://caddy.community/t/remote-ip-behaviour/10762?u=matt
2020-12-09httpcaddyfile: support matching headers that do not exist (#3909)Jack Baron
* add integration test for null header matcher * implement null header matcher syntax * avoid repeating magic ! * check for field following ! character
2020-12-02caddyhttp: Optimize large host matchersMatthew Holt
2020-11-17caddyhttp: Fix header matcher when using nilMatthew Holt
Uncovered in #3807
2020-11-02caddyhttp: Merge query matchers in Caddyfile (#3839)Francis Lavoie
Also, turns out that `Add` on headers will work even if there's nothing there yet, so we can remove the condition I introduced in #3832
2020-10-31caddyhttp: Merge header matchers in Caddyfile (#3832)Francis Lavoie
2020-09-25caddyfile: Add support for `vars` and `vars_regexp` matchers (#3730)Mohammed Al Sahaf
* caddyfile: support vars and vars_regexp matchers in the caddyfile * caddyfile: matchers: Brian Kernighan said printf is good debugging tool but didn't say keep them around
2020-06-26caddyhttp: Support placeholders in query matcher (#3521)James Birtles
2020-06-16caddyhttp: Empty, not nil, query matcher matches empty query stringMatthew Holt
2020-06-16caddyhttp: Enable matching empty query stringMatthew Holt
Caddyfile syntax: query "" Or a nil matcher in the JSON should also match an empty query string. See https://caddy.community/t/v2-match-empty-query/8708?u=matt
2020-05-26caddyhttp: Refactor header matchingMatthew Holt
This allows response matchers to benefit from the same matching logic as the request header matchers (mainly prefix/suffix wildcards).
2020-05-11caddyhttp: Fix merging of Caddyfile matchers in not blocks (#3379)Francis Lavoie
2020-04-06docs: Clarify "not" matcher structure (see #3233)Matthew Holt
2020-04-06caddyhttp: Strictly forbid unnecessary blocks on matchers (#3229)Francis Lavoie
2020-04-06caddyhttp: Support single-line not matcher (#3228)Francis Lavoie
* caddyhttp: Support single-line not matcher shortcut * caddyhttp: Some tests, I guess
2020-04-01caddyhttp: Update host matcher docs about wildcardsMatthew Holt
2020-04-01caddyhttp: 'not' matcher now accepts multiple matcher sets and OR's them (#3208)Matt Holt
See https://caddy.community/t/v2-matcher-or-in-not/7355/
2020-03-30caddyhttp: Rename MatchNegate type to MatchNot typeMatthew Holt
This is more congruent with its module name. A change that affects only code, not configurations.
2020-03-24reverse_proxy: Add support for SRV backends (#3180)Matt Holt
* reverse_proxy: Begin SRV lookup support (WIP) * reverse_proxy: Finish adding support for SRV-based backends (#3179)
2020-03-19caddyhttp: Implement CEL matcher (see #3051) (#3155)Matt Holt
* caddyhttp: Implement CEL matcher (see #3051) CEL (Common Expression Language) is a very fast, flexible way to express complex logic, useful for matching requests when the conditions are not easy to express with JSON. This matcher may be considered experimental even after the 2.0 release. * Improve CEL module docs