summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
AgeCommit message (Collapse)Author
2022-03-07fastcgi: Protect against requests with null bytes in the path (#4614)Francis Lavoie
2022-03-02fastcgi: Set SERVER_PORT to 80 or 443 depending on scheme (#4572)ttys3
2021-12-02fastcgi: Fix a TODO, prevent zap using reflection for logging env (#4437)Francis Lavoie
* fastcgi: Fix a TODO, prevent zap using reflection for logging env * Update modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2021-11-24reverseproxy: Adjust defaults, document defaults (#4436)Francis Lavoie
* reverseproxy: Adjust defaults, document defaults Related to some of the issues in https://github.com/caddyserver/caddy/issues/4245, a complaint about the proxy transport defaults not being properly documented in https://caddy.community/t/default-values-for-directives/14254/6. - Dug into the stdlib to find the actual defaults for some of the timeouts and buffer limits, documenting them in godoc so the JSON docs get them next release. - Moved the keep-alive and dial-timeout defaults from `reverseproxy.go` to `httptransport.go`. It doesn't make sense to set defaults in the proxy, because then any time the transport is configured with non-defaults, the keep-alive and dial-timeout defaults are lost! - Sped up the dial timeout from 10s to 3s, in practice it rarely makes sense to wait a whole 10s for dialing. A shorter timeout helps a lot with the load balancer retries, so using something lower helps with user experience. * reverseproxy: Make keepalive interval configurable via Caddyfile * fastcgi: DialTimeout default for fastcgi transport too
2021-06-17caddyhttp: Refactor and export SanitizedPathJoin for use in fastcgi (#4207)Matt Holt
2021-06-16Some misc. cleanupMatthew Holt
The fastcgi changes came from v1 which don't make sense in v2. Fix comment about default value in reverse proxy keep alive.
2020-12-04fastcgi: Set PATH_INFO to file matcher remainder as fallback (#3739)Francis Lavoie
* fastcgi: Set PATH_INFO to file matcher remainder as fallback * fastcgi: Avoid changing scriptName when not necessary * Stylistic tweaks Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2020-07-20fastcgi: Add resolve_root_symlink (#3587)Manuel Dalla Lana
2020-07-17fastcgi: Ensure leading slash, omit SERVER_PORT if empty for compliance (#3570)Francis Lavoie
See https://tools.ietf.org/html/rfc3875#section-4.1.13 for SCRIPT_NAME requiring leading slash See https://tools.ietf.org/html/rfc3875#section-4.1.15 for SERVER_PORT requiring omission if empty
2020-07-17fastcgi: Fill REMOTE_USER with http.auth.user.id placeholder (#3577)Francis Lavoie
Completing a TODO!
2020-06-12fastcgi: Make sure splitPos handles empty SplitPath correctly (#3491)Wynn Wolf Arbor
In commit f2ce81c, support for multiple path splitters was added. The type of SplitPath changed from string to []string, and splitPos was changed to loop through all values in SplitPath. Before that commit, if SplitPath was empty, strings.Index returned 0 and PATH_INFO was set correctly in buildEnv. Currently, however, splitPos returns -1 for empty values of SplitPath, behaving as if a split position could not be found at all. PATH_INFO is then never set in buildEnv and remains empty. Restore the old behaviour by explicitly checking whether SplitPath is empty and returning 0 in splitPos. Closes #3490
2020-04-03fastcgi: Account for lack of split path configuration (fix #3221)Matthew Holt
2020-04-01caddytls: Update cipher suite names and curve namesMatthew Holt
Now using IANA-compliant names and Go 1.14's CipherSuites() function so we don't have to maintain our own mapping of currently-secure cipher suites.
2020-03-24fastcgi: Add debug log (#3178)Matthew Holt
2020-03-23fastcgi: Ensure root is always absolute (issue #3178) (#3182)Matt Holt
2020-03-23fastcgi: Fix PATH_INFO (issue #3178)Matthew Holt
2020-03-22fastcgi: Support multiple path splitters (close #1564)Matthew Holt
2020-01-09http: Change routes to sequential matcher evaluation (#2967)Matt Holt
Previously, all matchers in a route would be evaluated before any handlers were executed, and a composite route of the matching routes would be created. This made rewrites especially tricky, since the only way to defer later matchers' evaluation was to wrap them in a subroute, or to invoke a "rehandle" which often caused bugs. Instead, this new sequential design evaluates each route's matchers then its handlers in lock-step; matcher-handlers-matcher-handlers... If the first matching route consists of a rewrite, then the second route will be evaluated against the rewritten request, rather than the original one, and so on. This should do away with any need for rehandling. I've also taken this opportunity to avoid adding new values to the request context in the handler chain, as this creates a copy of the Request struct, which may possibly lead to bugs like it has in the past (see PR #1542, PR #1481, and maybe issue #2463). We now add all the expected context values in the top-level handler at the server, then any new values can be added to the variable table via the VarsCtxKey context key, or just the GetVar/SetVar functions. In particular, we are using this facility to convey dial information in the reverse proxy. Had to be careful in one place as the middleware compilation logic has changed, and moved a bit. We no longer compile a middleware chain per- request; instead, we can compile it at provision-time, and defer only the evaluation of matchers to request-time, which should slightly improve performance. Doing this, however, we take advantage of multiple function closures, and we also changed the use of HandlerFunc (function pointer) to Handler (interface)... this led to a situation where, if we aren't careful, allows one request routed a certain way to permanently change the "next" handler for all/most other requests! We avoid this by making a copy of the interface value (which is a lightweight pointer copy) and using exclusively that within our wrapped handlers. This way, the original stack frame is preserved in a "read-only" fashion. The comments in the code describe this phenomenon. This may very well be a breaking change for some configurations, however I do not expect it to impact many people. I will make it clear in the release notes that this change has occurred.
2019-12-29Export Replacer and use concrete type instead of interfaceMatthew Holt
The interface was only making things difficult; a concrete pointer is probably best.
2019-12-28fastcgi: Set SERVER_SOFTWARE, _NAME, and _PORT properly (fixes #2952)Matthew Holt
2019-12-23Improve godocs all aroundMatthew Holt
These will be used in the new automated documentation system
2019-12-10v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924)Matt Holt
This commit goes a long way toward making automated documentation of Caddy config and Caddy modules possible. It's a broad, sweeping change, but mostly internal. It allows us to automatically generate docs for all Caddy modules (including future third-party ones) and make them viewable on a web page; it also doubles as godoc comments. As such, this commit makes significant progress in migrating the docs from our temporary wiki page toward our new website which is still under construction. With this change, all host modules will use ctx.LoadModule() and pass in both the struct pointer and the field name as a string. This allows the reflect package to read the struct tag from that field so that it can get the necessary information like the module namespace and the inline key. This has the nice side-effect of unifying the code and documentation. It also simplifies module loading, and handles several variations on field types for raw module fields (i.e. variations on json.RawMessage, such as arrays and maps). I also renamed ModuleInfo.Name -> ModuleInfo.ID, to make it clear that the ID is the "full name" which includes both the module namespace and the name. This clarity is helpful when describing module hierarchy. As of this change, Caddy modules are no longer an experimental design. I think the architecture is good enough to go forward.
2019-10-28v2: Logging! (#2831)Matt Holt
* logging: Initial implementation * logging: More encoder formats, better defaults * logging: Fix repetition bug with FilterEncoder; add more presets * logging: DiscardWriter; delete or no-op logs that discard their output * logging: Add http.handlers.log module; enhance Replacer methods The Replacer interface has new methods to customize how to handle empty or unrecognized placeholders. Closes #2815. * logging: Overhaul HTTP logging, fix bugs, improve filtering, etc. * logging: General cleanup, begin transitioning to using new loggers * Fixes after merge conflict
2019-10-10Miscellaneous cleanups / commentsMatthew Holt
2019-09-10fastcgi: Make EnvVars a map instead of a sliceMatthew Holt
2019-09-09Migrate some selection policy tests over to v2Matthew Holt
2019-09-06Various fixes/tweaks to HTTP placeholder variables and file matchingMatthew Holt
- Rename http.var.* -> http.vars.* to be more consistent - Prefixing a path matcher with * now invokes simple suffix matching - Handlers and matchers that need a root path default to {http.vars.root} - Clean replacer output on the file matcher's file selection suffix
2019-09-06fastcgi: Use request context as base, not a new oneMatthew Holt
2019-09-05fastcgi: Set default root path; add interface guardsMatthew Holt
2019-09-05Add original URI to request context; implement into fastcgi envMatthew Holt
2019-09-05Reconcile upstream dial addresses and request host/URL informationMatthew Holt
My goodness that was complicated Blessed be request.Context Sort of
2019-09-02reverse_proxy: WIP refactor and support for FastCGIMatthew Holt