go/echo
go/echo
1
0
Fork 0
mirror of https://github.com/labstack/echo.git synced 2024-11-24 08:22:21 +02:00
Code Issues Releases Activity
1,717 Commits 6 Branches 121 Tags 12 MiB
d262120690
Commit Graph

483 Commits

Author SHA1 Message Date
Martti T
584cb85a6b
request logger: add example for Slog https://pkg.go.dev/log/slog (#2543) 2023-11-07 15:09:43 +02:00
Kai Ratzeburg
c7d6d4373f
proxy middleware: reuse echo request context (#2537) 2023-11-05 18:01:01 +02:00
Martti T
69a0de8415
Mark unmarshallable yaml struct tags as ignored (#2536) 2023-10-24 21:12:13 +03:00
Martti T
4bc3e475e3
cors middleware: allow sending Access-Control-Max-Age: 0 value with config.MaxAge being negative number. (#2518) 2023-09-19 08:24:47 +03:00
eiei114
3950c444b7
fix some typos (#2511) 2023-09-13 22:41:58 +03:00
Trim21
e6b96f8873
docs: add comments to util.go randomString (#2494) 
* Update util.go
 2023-07-22 23:47:35 +03:00
Trim21
b3ec8e0fdd
fix(sec): randomString bias (#2492) 
* fix(sec): `randomString` bias when using bytes vs int64
* use pooled buffed random reader
 2023-07-22 07:08:34 +03:00
toimtoimtoim
626f13e338 CSRF/RequestID mw: switch math/random usage to crypto/random 2023-07-21 13:10:56 +03:00
Mobina Noori
3f8ae15b57
delete unused context in body_limit.go (#2483) 
* delete unused context in body_limit.go

---------

Co-authored-by: mobinanoori018 <mobinanoori21@gmail.com>
 2023-07-21 11:07:25 +03:00
toimtoimtoim
130be07425 fix gzip not sending response code for no content responses (404, 301/302 redirects etc) 2023-07-16 20:35:09 +03:00
Martti T
1ee8e22faa
do not use global timeNow variables (#2477) 2023-07-11 23:36:05 +03:00
Ingo Oppermann
42f07ed880
gzip response only if it exceeds a minimal length (#2267) 
* gzip response only if it exceeds a minimal length

If the response is too short, e.g. a few bytes, compressing the
response makes it even larger. The new parameter MinLength to the
GzipConfig struct allows to set a threshold (in bytes) as of which
response size the compression should be applied. If the response
is shorter, no compression will be applied.
 2023-05-31 08:53:33 +03:00
toimtoimtoim
8e425c0431 gofmt fixes to comments 2023-05-12 22:14:29 +03:00
mikemherron
0ae74648b9
Support retries of failed proxy requests (#2414) 
Support retries of failed proxy requests
 2023-05-12 20:36:24 +03:00
Simba Peng
de1c798143 Check whether is nil before invoking centralized error handling. 2023-04-15 21:48:33 +03:00
imxyb
c0bc886b78 refactor: use strings.ReplaceAll directly 2023-03-31 20:59:08 +03:00
Becir Basic
5b36ce3612
Fixes the concurrency issue of calling the Next() proxy target on RRB (#2409) 
* Fixes the concurrency issue of calling the `Next()` proxy target on round robin balancer

- fixed concurrency issue in `AddTarget()`
- moved `rand.New()` to the random balancer initializer func.
- internal code reorganized eliminating unnecessary pointer redirection
- employing `sync.Mutex` instead of `RWMutex` which brings additional overhead of tracking readers and writers. No need for that since the guarded code has no long-running operations, hence no realistic congestion.
- added additional guards without which the code would otherwise panic (e.g., the case where a random value is calculation when targets list is empty)
- added descriptions for func return values, what to expect in which case.
- Improve code test coverage

---------

Co-authored-by: Becir Basic <bb@neotel.at>
 2023-02-24 20:32:41 +02:00
Omkar
1e575b7b56
Added a optional config variable to disable centralized error handler in recovery middleware (#2410) 
Added a config variable to disable centralized error handler in recovery middleware
 2023-02-24 13:09:40 +02:00
toimtoimtoim
f909660bb9 Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UNSAFE usages of wildcard origin + allow cretentials less likely. 2023-02-22 00:05:31 +02:00
toimtoimtoim
ef4aea97ef use different variable name so returned function would not accidentally be able to use it in future and cause data race 2023-02-22 00:05:31 +02:00
Martti T
7c7531002d
Clean on go1.20 (#2406) 
* Fix tests failing on Go 1.20 on Windows. Clean works differently on 1.20. Use path.Clean instead with some workaround related to errors.
 2023-02-22 00:00:52 +02:00
toimtoimtoim
2c25767e45 remediate flaky timeout tests 2023-02-19 20:26:17 +02:00
Hakan Kutluay
82a964c657
Add context timeout middleware (#2380) 
Add context timeout middleware


Co-authored-by: Erhan Akpınar <erhan.akpinar@yemeksepeti.com>
Co-authored-by: @erhanakp
 2023-02-01 22:38:20 +02:00
toimtoimtoim
a69727e2b9 Mark JWT middleware deprecated 2022-12-27 21:59:53 +02:00
yagikota
895121d178
Fix rate limiter docs (#2366) 
* Improve wording for the comment of Burst
* Improve rate limiter docs
 2022-12-17 11:16:00 +02:00
Kanji Yomoda
135c511f5d
Add request route with "route" tag to logger middleware (#2162) 2022-12-04 19:38:45 +01:00
Martti T
8d4ac4c907
Additional configuration options for RequestLogger and Logger middleware (#2341) 
* Add `middleware.RequestLoggerConfig.HandleError` configuration option to handle error within middleware with global error handler thus setting response status code decided by error handler and not derived from error itself.
* Add `middleware.LoggerConfig.CustomTagFunc` so Logger middleware can add custom text to logged row.
 2022-11-30 15:47:23 +02:00
Martti T
466bf80e41
Add testcases for some BodyLimit middleware configuration options (#2350) 
* Add testcases for some BodyLimit middleware configuration options
 2022-11-25 13:27:52 +02:00
toimtoimtoim
a0c211542c Add staticcheck to CI flow 2022-11-21 16:26:13 +02:00
zeek
3c4d3b3083 Replace "io/ioutil" 
"io/ioutil" pakcage has been deprecated since Go 1.16.
 2022-11-21 15:59:14 +02:00
wanghaha-dev
fd2b102d3e Modify comment syntax error 2022-11-12 23:56:47 +02:00
toimtoimtoim
35184a893b Expose middleware.CreateExtractors function so we can use it from echo-contrib repository 2022-11-12 23:34:04 +02:00
Hristo Hristov
0ce73028d0
[suggestion] Add helper interface for ProxyBalancer interface (#2316) 
* [suggestion] Add helper interface for ProxyBalancer interface

* Update proxy_test.go

* addressed code review comments

* address pr comments

* clean up

* return error
 2022-10-29 21:54:23 +03:00
Martti T
1d5f335f40
refactor assertions (#2301) 2022-10-12 21:47:21 +03:00
Daniel Price
50e7e569f0 Improve CORS documentation 
* Provide links to further reading
* Provide security warnings
* Document undocumented wildcard feature
* Update to go-1.19 style links
 2022-09-12 22:46:13 +03:00
toimtoimtoim
0ac4d74402 Fix #2259 open redirect vulnerability in echo.StaticDirectoryHandler (used by e.Static, e.StaticFs etc) 
remove pre Go1.16 and after differences
 2022-09-04 22:50:54 +03:00
Mojtaba Arezoumand
d77e8c09b2
Added ErrorHandler and ErrorHandlerWithContext in CSRF middleware (#2257) 
* feat: add error handler to csrf middleware

Co-authored-by: Mojtaba Arezoomand <mojtaba.arezoomand@snapp.cab>
 2022-09-01 10:51:55 +03:00
Daniel Price
a9879ffa6b Middlewares should use errors.As() instead of type assertion on HTTPError 
- Helps consumers who want to wrap HTTPError, and other use cases
 2022-07-21 21:24:18 +03:00
moznion
ddb66e1ba2
Add logger middleware template variables: ${time_unix_milli} and ${time_unix_micro} (#2206) 
This patch introduces two template variables `${time_unix_milli}` and
`${time_unix_micro}` into the logger middleware.
Currently, there is no way to interpolate that UNIX milli and micro
seconds timestamp in a log entry, and go 1.17 or later runtime supports
the utility functions `time#UnixMilli()` and `time#UnixMicro()`
so this patch adds them as well.

see also: https://github.com/golang/go/issues/44196

Signed-off-by: moznion <moznion@mail.moznion.net>
 2022-07-05 07:57:39 +03:00
welling guzmán
b0453b98e0
fix: basic auth invalid base64 string (#2191) 
* fix: basic auth returns 400 on invalid base64 string
 2022-05-27 19:44:51 +03:00
Martti T
d5f883707b
Timeout mw: rework how test waits for timeout. Using sleep as delay i… (#2187) 
* Timeout mw: rework how test waits for timeout. Using sleep as delay is problematic when CI worker is slower than usual.
 2022-05-22 00:21:50 +03:00
toimtoimtoim
28797c761d Timeout mw: fix datarace in tests when we are getting data from buffer (in test) and writing to logger at the same time. 2022-05-21 22:26:56 +03:00
toimtoimtoim
2e02ce3dd8 Timeout mw: fix datarace in tests when we are getting data from buffer. Run each test in their own server so multiple tests cases will not cause datarace getting data out of logger buffer. 2022-05-21 20:12:32 +03:00
gemaizi
572466d928 Fix body_limit middleware unit test 2022-04-05 20:34:49 +03:00
toimtoimtoim
1919cf4491 Timeout middleware write race 2022-03-16 08:09:29 +02:00
Martti T
01d7d01bbc
Fix CSRF middleware not being able to extract token from multipart/form-data form (#2136, fixes #2135) 2022-03-16 00:43:20 +01:00
Becir Basic
5c38c3b770
Recover middleware should not log panic for aborted handler (#2134, fixes #2133) 
Co-authored-by: Becir Basic <bb@neotel.at>
 2022-03-16 00:29:42 +01:00
Martti T
4a1ccdfdc5
JWT, KeyAuth, CSRF multivalue extractors (#2060) 
* CSRF, JWT, KeyAuth middleware support for multivalue value extractors
* Add flag to JWT and KeyAuth middleware to allow continuing execution `next(c)` when error handler decides to swallow the error (returns nil).
 2022-01-24 22:03:45 +02:00
ant1k9
7c41b93f0c
Add LogErrorFunc to recover middleware (#2072) 
LogErrorFunc provides more general interface to handle errors in the recover middleware.
 2022-01-24 11:23:41 +01:00
toimtoimtoim
6f6befe555 improve docs 2022-01-03 21:04:17 +02:00