1
0
mirror of https://github.com/labstack/echo.git synced 2024-12-22 20:06:21 +02:00
Commit Graph

495 Commits

Author SHA1 Message Date
Steven-Whitehead
fe26277781 remove jwt middleware 2024-11-25 22:21:56 +02:00
toimtoimtoim
118c1632f2 CORS middleware should compile allowOrigin regexp at creation. 2024-11-22 11:59:58 +02:00
eolson
5a0b4dd806 clean up field assignments with default values to make test configuration more concise/readable 2024-10-26 15:44:47 +03:00
eolson
03c0236fb3 refactor basic_auth_test to utilize table driven tests 2024-10-26 15:44:47 +03:00
toimtoimtoim
d20a6257aa Remove pre Go1.20 support 2024-08-16 09:16:52 +03:00
Martti T
e0f2a02e4c
proxy middleware should use http proxy for SSE requests (#2624) 2024-04-15 21:12:26 +03:00
Martti T
3598f295f9
Change type definition blocks to single declarations. This helps copy/pasting Echo code in examples. (#2606) 2024-03-09 07:53:07 -08:00
Martti T
a842444e8f
Add SPDX licence comments to files. See https://spdx.dev/learn/handling-license-info/ (#2604) 2024-03-09 11:21:24 +02:00
Martti T
bc1e1904f1
Allow ResponseWriters to unwrap writers when flushing/hijacking (#2595)
* Allow ResponseWriters to unwrap writers when flushing/hijacking
2024-03-09 10:50:47 +02:00
teslaedison
34717b717d
fix some typos (#2603)
Signed-off-by: teslaedison <qingchengqiushuang@gmail.com>
2024-03-06 21:43:59 +02:00
Ryo Kusnadi
fa70db801e
Add Skipper Unit Test In BasicBasicAuthConfig and Add More Detail Explanation regarding BasicAuthValidator (#2461)
* Add Skipper Unit Test In BasicBasicAuthConfig and Add More detail explanation regarding BasicAuthValidator

* Simplify Skipper Unit Test
2024-02-18 15:47:13 +02:00
Suwon Chae
76994d17d5
Remove default charset from 'application/json' Content-Type header (#2568)
Fixes #2567
2024-02-06 07:41:33 +02:00
Martti T
584cb85a6b
request logger: add example for Slog https://pkg.go.dev/log/slog (#2543) 2023-11-07 15:09:43 +02:00
Kai Ratzeburg
c7d6d4373f
proxy middleware: reuse echo request context (#2537) 2023-11-05 18:01:01 +02:00
Martti T
69a0de8415
Mark unmarshallable yaml struct tags as ignored (#2536) 2023-10-24 21:12:13 +03:00
Martti T
4bc3e475e3
cors middleware: allow sending Access-Control-Max-Age: 0 value with config.MaxAge being negative number. (#2518) 2023-09-19 08:24:47 +03:00
eiei114
3950c444b7
fix some typos (#2511) 2023-09-13 22:41:58 +03:00
Trim21
e6b96f8873
docs: add comments to util.go randomString (#2494)
* Update util.go
2023-07-22 23:47:35 +03:00
Trim21
b3ec8e0fdd
fix(sec): randomString bias (#2492)
* fix(sec): `randomString` bias when using bytes vs int64
* use pooled buffed random reader
2023-07-22 07:08:34 +03:00
toimtoimtoim
626f13e338 CSRF/RequestID mw: switch math/random usage to crypto/random 2023-07-21 13:10:56 +03:00
Mobina Noori
3f8ae15b57
delete unused context in body_limit.go (#2483)
* delete unused context in body_limit.go

---------

Co-authored-by: mobinanoori018 <mobinanoori21@gmail.com>
2023-07-21 11:07:25 +03:00
toimtoimtoim
130be07425 fix gzip not sending response code for no content responses (404, 301/302 redirects etc) 2023-07-16 20:35:09 +03:00
Martti T
1ee8e22faa
do not use global timeNow variables (#2477) 2023-07-11 23:36:05 +03:00
Ingo Oppermann
42f07ed880
gzip response only if it exceeds a minimal length (#2267)
* gzip response only if it exceeds a minimal length

If the response is too short, e.g. a few bytes, compressing the
response makes it even larger. The new parameter MinLength to the
GzipConfig struct allows to set a threshold (in bytes) as of which
response size the compression should be applied. If the response
is shorter, no compression will be applied.
2023-05-31 08:53:33 +03:00
toimtoimtoim
8e425c0431 gofmt fixes to comments 2023-05-12 22:14:29 +03:00
mikemherron
0ae74648b9
Support retries of failed proxy requests (#2414)
Support retries of failed proxy requests
2023-05-12 20:36:24 +03:00
Simba Peng
de1c798143 Check whether is nil before invoking centralized error handling. 2023-04-15 21:48:33 +03:00
imxyb
c0bc886b78 refactor: use strings.ReplaceAll directly 2023-03-31 20:59:08 +03:00
Becir Basic
5b36ce3612
Fixes the concurrency issue of calling the Next() proxy target on RRB (#2409)
* Fixes the concurrency issue of calling the `Next()` proxy target on round robin balancer

- fixed concurrency issue in `AddTarget()`
- moved `rand.New()` to the random balancer initializer func.
- internal code reorganized eliminating unnecessary pointer redirection
- employing `sync.Mutex` instead of `RWMutex` which brings additional overhead of tracking readers and writers. No need for that since the guarded code has no long-running operations, hence no realistic congestion.
- added additional guards without which the code would otherwise panic (e.g., the case where a random value is calculation when targets list is empty)
- added descriptions for func return values, what to expect in which case.
- Improve code test coverage

---------

Co-authored-by: Becir Basic <bb@neotel.at>
2023-02-24 20:32:41 +02:00
Omkar
1e575b7b56
Added a optional config variable to disable centralized error handler in recovery middleware (#2410)
Added a config variable to disable centralized error handler in recovery middleware
2023-02-24 13:09:40 +02:00
toimtoimtoim
f909660bb9 Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UNSAFE usages of wildcard origin + allow cretentials less likely. 2023-02-22 00:05:31 +02:00
toimtoimtoim
ef4aea97ef use different variable name so returned function would not accidentally be able to use it in future and cause data race 2023-02-22 00:05:31 +02:00
Martti T
7c7531002d
Clean on go1.20 (#2406)
* Fix tests failing on Go 1.20 on Windows. Clean works differently on 1.20. Use path.Clean instead with some workaround related to errors.
2023-02-22 00:00:52 +02:00
toimtoimtoim
2c25767e45 remediate flaky timeout tests 2023-02-19 20:26:17 +02:00
Hakan Kutluay
82a964c657
Add context timeout middleware (#2380)
Add context timeout middleware


Co-authored-by: Erhan Akpınar <erhan.akpinar@yemeksepeti.com>
Co-authored-by: @erhanakp
2023-02-01 22:38:20 +02:00
toimtoimtoim
a69727e2b9 Mark JWT middleware deprecated 2022-12-27 21:59:53 +02:00
yagikota
895121d178
Fix rate limiter docs (#2366)
* Improve wording for the comment of Burst
* Improve rate limiter docs
2022-12-17 11:16:00 +02:00
Kanji Yomoda
135c511f5d
Add request route with "route" tag to logger middleware (#2162) 2022-12-04 19:38:45 +01:00
Martti T
8d4ac4c907
Additional configuration options for RequestLogger and Logger middleware (#2341)
* Add `middleware.RequestLoggerConfig.HandleError` configuration option to handle error within middleware with global error handler thus setting response status code decided by error handler and not derived from error itself.
* Add `middleware.LoggerConfig.CustomTagFunc` so Logger middleware can add custom text to logged row.
2022-11-30 15:47:23 +02:00
Martti T
466bf80e41
Add testcases for some BodyLimit middleware configuration options (#2350)
* Add testcases for some BodyLimit middleware configuration options
2022-11-25 13:27:52 +02:00
toimtoimtoim
a0c211542c Add staticcheck to CI flow 2022-11-21 16:26:13 +02:00
zeek
3c4d3b3083 Replace "io/ioutil"
"io/ioutil" pakcage has been deprecated since Go 1.16.
2022-11-21 15:59:14 +02:00
wanghaha-dev
fd2b102d3e Modify comment syntax error 2022-11-12 23:56:47 +02:00
toimtoimtoim
35184a893b Expose middleware.CreateExtractors function so we can use it from echo-contrib repository 2022-11-12 23:34:04 +02:00
Hristo Hristov
0ce73028d0
[suggestion] Add helper interface for ProxyBalancer interface (#2316)
* [suggestion] Add helper interface for ProxyBalancer interface

* Update proxy_test.go

* addressed code review comments

* address pr comments

* clean up

* return error
2022-10-29 21:54:23 +03:00
Martti T
1d5f335f40
refactor assertions (#2301) 2022-10-12 21:47:21 +03:00
Daniel Price
50e7e569f0 Improve CORS documentation
* Provide links to further reading
* Provide security warnings
* Document undocumented wildcard feature
* Update to go-1.19 style links
2022-09-12 22:46:13 +03:00
toimtoimtoim
0ac4d74402 Fix #2259 open redirect vulnerability in echo.StaticDirectoryHandler (used by e.Static, e.StaticFs etc)
remove pre Go1.16 and after differences
2022-09-04 22:50:54 +03:00
Mojtaba Arezoumand
d77e8c09b2
Added ErrorHandler and ErrorHandlerWithContext in CSRF middleware (#2257)
* feat: add error handler to csrf middleware

Co-authored-by: Mojtaba Arezoomand <mojtaba.arezoomand@snapp.cab>
2022-09-01 10:51:55 +03:00
Daniel Price
a9879ffa6b Middlewares should use errors.As() instead of type assertion on HTTPError
- Helps consumers who want to wrap HTTPError, and other use cases
2022-07-21 21:24:18 +03:00