summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/server.go
AgeCommit message (Collapse)Author
2022-02-19caddyhttp: Always log handled errors at debug level (#4584)Francis Lavoie
2022-01-19caddyhttp: Reject absurd methods (#4538)Matt Holt
* caddyhttp: Reject absurdly long methods * Limit method to 32 chars and truncate * Just reject the request and debug-log it * Log remote address
2022-01-12caddyhttp: Return HTTP 421 for mismatched Host header (#4023)rayjlinden
Potential fix for #4017 although the consensus is unclear. Made change to return status code 421 instead of 403 when StrictSNIHost matching is on.
2021-12-02caddyhttp: Make logging of credential headers opt-in (#4438)Francis Lavoie
2021-11-29logging: Remove common_log field and single_field encoder (#4149) (#4282)Matt Holt
2021-11-22caddyhttp: Log non-500 handler errors at debug level (#4429)Francis Lavoie
Fixes #4428 It's best to still log handler errors at debug level so that they're hidden by default, but still accessible if additional details are necessary.
2021-07-14logging: Prep for `common_log` removal (#4149)Francis Lavoie
See https://github.com/caddyserver/caddy/issues/4148#issuecomment-833207811
2021-07-14caddyhttp: Fix edgecase with auto HTTP->HTTPS logic (#4243)Francis Lavoie
2021-04-19caddyhttp: Implement better logic for inserting the HTTP->HTTPS redirs (#4033)Francis Lavoie
* caddyhttp: Implement better logic for inserting the HTTP->HTTPS redirs * caddyhttp: Add integration test
2021-03-29caddyhttp: improve grammar of comment for AllowH2C (#4072)Simão Gomes Viana
2020-12-02Minor commentsMatthew Holt
2020-11-18caddyhttp: Return error if error handling errorMatthew Holt
Before, if there was an error in the error handler, we would not write a status code, which resulted in Go writing a 200 for us by default, which does not make sense when there's an error. Now we write the second error's status if available, otherwise 500.
2020-11-18caddyhttp: New idle_timeout default of 5mMatthew Holt
2020-10-13caddyhttp: Restore original request params before error handlers (#3781)Matt Holt
* caddyhttp: Restore original request params before error handlers Fixes #3717 * Add comment
2020-09-17metrics: Fix hidden panic while observing with bad exemplars (#3733)Dave Henderson
* metrics: Fixing panic while observing with bad exemplars Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Minor cleanup The server is already added to the context. So, we can simply use that to get the server name, which is a field on the server. * Add integration test for auto HTTP->HTTPS redirects A test like this would have caught the problem in the first place Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2020-06-26caddyhttp: Better host matching for logger names (fix #3488) (#3522)Matt Holt
First try an exact lookup like before, but if it fails, strip the port and try again. example.com:1234 should still use a logger keyed for example.com if there is no key example.com:1234.
2020-05-11caddyhttp: Match hostnames with wildcards to loggers (#3378)Gregory Dosh
* adding wildcard matching of logger names * reordering precedence for more specific loggers to match first * removing dependence on certmagic and extra loop Co-authored-by: GregoryDosh <GregoryDosh@users.noreply.github.com>
2020-05-11caddyhttp: Minor refactoring for preparing requestsMatthew Holt
While building a layer4 app for Caddy, I discovered that we need the ability to fill a request's context just like the HTTP server does, hence this exported function PrepareRequest().
2020-05-05httpserver: Add experimental H2C support (#3289)Matt Holt
* reverse_proxy: Initial attempt at H2C transport/client support (#3218) I have not tested this yet * Experimentally enabling H2C server support (closes #3227) See also #3218 I have not tested this * reverseproxy: Clean up H2C transport a bit * caddyhttp: Update godoc for h2c server; clarify experimental status * caddyhttp: Fix trailers when recording responses (fixes #3236) * caddyhttp: Tweak h2c config settings and docs
2020-04-28caddyhttp: Better duration loggingMatthew Holt
Also un-nest all the error handling, that was unnecessary indentation
2020-04-28caddyhttp: General improvements to access logging (#3301)Matt Holt
* httpcaddyfile: Exclude access logs written to files from default log Even though any logs can just be ignored, most users don't seem to like configuring an access log to go to a file only to have it doubly appear in the default log. Related to: - #3294 - https://caddy.community/t/v2-logging-format/7642/4?u=matt - https://caddy.community/t/caddyfile-questions/7651/3?u=matt * caddyhttp: General improvements to access log controls (fixes #3310) * caddyhttp: Move log config nil check higher * Rename LoggerName -> DefaultLoggerName
2020-04-26caddyhttp: Fix listener overlap detection on LinuxMatthew Holt
Sigh, apparently Linux is incapable of distinguishing host interfaces in socket addresses, even though it works fine on Mac. I suppose we just have to assume that any listeners with the same port are the same address, completely ignoring the host interface on Linux... oh well.
2020-04-22caddyhttp: Fix common_log format's user ID placeholder (#3300)Francis Lavoie
2020-04-21docs: Minor improvementsMatthew Holt
2020-04-10caddyhttp: Add nil check (fixes #3248 and fixes #3250)Matthew Holt
2020-04-08caddyhttp: Fix logging name associations by adding a defaultMatthew Holt
2020-03-30Keep type information with placeholders until replacements happenMatthew Holt
2020-03-24caddyhttp: Specify default access log for a server (fix #3185)Matthew Holt
2020-03-15caddyhttp: Add support for listener wrapper modulesMatthew Holt
Wrapping listeners is useful for composing custom behavior related to accepting, closing, reading/writing connections (etc) below the application layer; for example, the PROXY protocol.
2020-02-27Couple of minor docs tweaksMatthew Holt
2020-02-25Expose TLS placeholders (#2982)Cameron Moore
* caddytls: Add CipherSuiteName and ProtocolName functions The cipher_suites.go file is derived from a commit to the Go master branch that's slated for Go 1.14. Once Go 1.14 is released, this file can be removed. * caddyhttp: Use commonLogEmptyValue in common_log replacer * caddyhttp: Add TLS placeholders * caddytls: update unsupportedProtocols Don't export unsupportedProtocols and update its godoc to mention that it's used for logging only. * caddyhttp: simplify getRegTLSReplacement signature getRegTLSReplacement should receive a string instead of a pointer. * caddyhttp: Remove http.request.tls.client.cert replacer The previous behavior of printing the raw certificate bytes was ported from Caddy 1, but the usefulness of that approach is suspect. Remove the client cert replacer from v2 until a use case is presented. * caddyhttp: Use tls.CipherSuiteName from Go 1.14 Remove ported version of CipherSuiteName in the process.
2020-02-14Minor tweaks to docs/commentsMatthew Holt
2020-01-13http: Refactor automatic HTTPS (fixes #2972)Matthew Holt
This splits automatic HTTPS into two phases. The first provisions the route matchers and uses them to build the domain set and configure auto HTTP->HTTPS redirects. This happens before the rest of the provisioning does. The second phase takes place at the beginning of the app start. It attaches pointers to the tls app to each server, and begins certificate management for the domains that were found in the first phase.
2020-01-09http: Change routes to sequential matcher evaluation (#2967)Matt Holt
Previously, all matchers in a route would be evaluated before any handlers were executed, and a composite route of the matching routes would be created. This made rewrites especially tricky, since the only way to defer later matchers' evaluation was to wrap them in a subroute, or to invoke a "rehandle" which often caused bugs. Instead, this new sequential design evaluates each route's matchers then its handlers in lock-step; matcher-handlers-matcher-handlers... If the first matching route consists of a rewrite, then the second route will be evaluated against the rewritten request, rather than the original one, and so on. This should do away with any need for rehandling. I've also taken this opportunity to avoid adding new values to the request context in the handler chain, as this creates a copy of the Request struct, which may possibly lead to bugs like it has in the past (see PR #1542, PR #1481, and maybe issue #2463). We now add all the expected context values in the top-level handler at the server, then any new values can be added to the variable table via the VarsCtxKey context key, or just the GetVar/SetVar functions. In particular, we are using this facility to convey dial information in the reverse proxy. Had to be careful in one place as the middleware compilation logic has changed, and moved a bit. We no longer compile a middleware chain per- request; instead, we can compile it at provision-time, and defer only the evaluation of matchers to request-time, which should slightly improve performance. Doing this, however, we take advantage of multiple function closures, and we also changed the use of HandlerFunc (function pointer) to Handler (interface)... this led to a situation where, if we aren't careful, allows one request routed a certain way to permanently change the "next" handler for all/most other requests! We avoid this by making a copy of the interface value (which is a lightweight pointer copy) and using exclusively that within our wrapped handlers. This way, the original stack frame is preserved in a "read-only" fashion. The comments in the code describe this phenomenon. This may very well be a breaking change for some configurations, however I do not expect it to impact many people. I will make it clear in the release notes that this change has occurred.
2019-12-29Improve docs, especially w.r.t. placeholders and template actionsMatthew Holt
2019-12-29Export Replacer and use concrete type instead of interfaceMatthew Holt
The interface was only making things difficult; a concrete pointer is probably best.
2019-12-23Improve godocs all aroundMatthew Holt
These will be used in the new automated documentation system
2019-12-12Minor improvements; comments and shorter placeholders & module IDsMatthew Holt
2019-12-10v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924)Matt Holt
This commit goes a long way toward making automated documentation of Caddy config and Caddy modules possible. It's a broad, sweeping change, but mostly internal. It allows us to automatically generate docs for all Caddy modules (including future third-party ones) and make them viewable on a web page; it also doubles as godoc comments. As such, this commit makes significant progress in migrating the docs from our temporary wiki page toward our new website which is still under construction. With this change, all host modules will use ctx.LoadModule() and pass in both the struct pointer and the field name as a string. This allows the reflect package to read the struct tag from that field so that it can get the necessary information like the module namespace and the inline key. This has the nice side-effect of unifying the code and documentation. It also simplifies module loading, and handles several variations on field types for raw module fields (i.e. variations on json.RawMessage, such as arrays and maps). I also renamed ModuleInfo.Name -> ModuleInfo.ID, to make it clear that the ID is the "full name" which includes both the module namespace and the name. This clarity is helpful when describing module hierarchy. As of this change, Caddy modules are no longer an experimental design. I think the architecture is good enough to go forward.
2019-12-04Fix misspellings (#2908)lu4p
2019-11-11core: Use port ranges to avoid OOM with bad inputs (#2859)Mohammed Al Sahaf
* fix OOM issue caught by fuzzing * use ParsedAddress as the struct name for the result of ParseNetworkAddress * simplify code using the ParsedAddress type * minor cleanups
2019-11-11http: Add response headers to access logsMatthew Holt
2019-11-05http: Eliminate allocation in cloneURL; add RemoteAddr to origRequestMatthew Holt
2019-11-04Prepare for beta 9 tagMatthew Holt
2019-11-04http: Only log handler errors >= 500Matthew Holt
Errors in the 4xx range are client errors, and they don't need to be entered into the server's error logs. 4xx errors are still recorded in the access logs at the error level.
2019-10-31http: Ensure server loggers are not nil (fixes #2849)Matthew Holt
2019-10-30http: Avoid panic if handler errors lack underlying error valueMatthew Holt
Fixes #2845
2019-10-29Remove unused fields from HandlerErrorMatthew Holt
2019-10-29caddyhttp: Fix nil pointer dereferenceMatthew Holt
2019-10-28v2: Logging! (#2831)Matt Holt
* logging: Initial implementation * logging: More encoder formats, better defaults * logging: Fix repetition bug with FilterEncoder; add more presets * logging: DiscardWriter; delete or no-op logs that discard their output * logging: Add http.handlers.log module; enhance Replacer methods The Replacer interface has new methods to customize how to handle empty or unrecognized placeholders. Closes #2815. * logging: Overhaul HTTP logging, fix bugs, improve filtering, etc. * logging: General cleanup, begin transitioning to using new loggers * Fixes after merge conflict