go/echo
go/echo
1
0
Fork 0
mirror of https://github.com/labstack/echo.git synced 2024-12-18 16:20:53 +02:00
Code Issues Releases Activity
1,425 Commits 6 Branches 124 Tags 12 MiB
dc147d9b97
Commit Graph

377 Commits

Author SHA1 Message Date
Vadim Sabirov
dc147d9b97 Fix #1523 by adding secure cookie if SameSite mode is None 2020-12-03 10:21:31 +03:00
Vadim Sabirov
cb15226984 Merge branch 'master' of https://github.com/labstack/echo 2020-12-03 09:43:47 +03:00
Nenad Lukic
571661692f Uses filepath.Join instead of hardcoded separator for static middleware test 2020-12-01 09:03:00 +01:00
Nenad Lukic
3206527cfe Adds IgnoreBase parameter to static middleware 
Adds IgnoreBase parameter to static middleware to support the use case of nested route groups
 2020-11-30 19:06:00 +01:00
Pierre Rousset
e6f24aa8b1 Addressed PR feedback 2020-11-24 16:25:49 +09:00
Pierre Rousset
26ab188922 CORS: add an optional custom function to validate the origin 2020-11-24 16:24:17 +09:00
Roland Lammel
90bef88e1a
Merge pull request #1669 from ulasakdeniz/fix-incorrect-cors-headers 
Fix empty/incorrect CORS headers
 2020-11-20 11:54:01 +01:00
Arun Gopalpuri
b47042f385 adding decompress gzipped request middleware 2020-11-20 00:51:24 -08:00
Pablo Andres Fuente
ac54e132e4 Adding sync.Pool to Compress Middleware 
Adding a sync.Pool for the *gzip.Writer reduces the allocations of the
Compress middleware in 50% and gives an increase on execution speed of
a 85%
This fix #1643
 2020-11-07 03:52:35 +00:00
Ulas Akdeniz
871ed9c68d Fix incorrect CORS headers 
- Fix empty Access-Control-Allow-Origin
- Set CORS headers only if request Origin is existing and allowed
- Increase middleware test coverage
 2020-11-06 03:10:16 +01:00
Arun Gopalpuri
f6dfcbe774 bugfix proxy and rewrite, updated test with actual call settings 2020-09-16 19:29:22 -07:00
yonbiaoxiao
5c5c83d290 change the hardcode for http constant 2020-09-14 10:23:54 +08:00
Roland Lammel
28ec3f7bdb
Merge pull request #1627 from juanbelieni/master 
Create ErrJWTInvalid to allow modify error when JWT is invalid
 2020-09-01 16:10:16 +02:00
Roland Lammel
2d79ff3d6c
Merge pull request #1628 from arun0009/master 
set raw path and path in proxy, so url.EscapePath uses raw path
 2020-09-01 16:03:30 +02:00
Roland Lammel
cf2fcad01b
Merge pull request #1588 from choyri/bugfix/rewrite 
Fixes the uses of caret(^) in rewrite regex
 2020-09-01 13:22:01 +02:00
Roland Lammel
bcb316500e
Merge pull request #1623 from KlotzAndrew/cors_regex 
cors allow regex pattern
 2020-09-01 13:20:23 +02:00
Arun Gopalpuri
1a6ec73e57 using url.EscapedPath instead of custom GetPath, rewritePath func added to middleware - used by proxy and rewrite 2020-08-31 13:09:24 -07:00
Peter C
6463bcb190
added ModifyResponse option to ProxyConfig (#1622) 
Co-authored-by: Peter C <petoc@users.noreply.github.com>
 2020-08-27 17:51:27 -07:00
Juan Belieni
09f36b585d Create ErrJWTInvalid variable 2020-08-27 19:35:45 -03:00
Andrew Klotz
9a28fb8608
cors allow regex pattern 
enable cors to use regex pattern for allowed origins

implementation is similar to another popular cors
middleware: https://github.com/astaxie/beego/blob/master/plugins/cors/cors.go#L196-L201
 2020-08-19 03:17:12 +00:00
Shinnosuke Sawada
8dd25c39ce
make gzipResponseWriter implement http.Pusher (#1615) 2020-08-03 17:58:08 -07:00
chotow
3dbd5dcf6e
Fixes the uses of caret(^) at the beginning of the rewrite regex 2020-07-24 23:37:01 +08:00
chotow
68e8bce645
Revert "Fixes the uses of caret(^) in rewrite regex" 
This reverts commit 1f51469436e3612e8e121413df905dc9f4ffed0b.
 2020-07-24 23:37:01 +08:00
chotow
84da507a2e
Fixes the uses of caret(^) in rewrite regex 2020-07-24 23:37:01 +08:00
Masahiro Furudate
e125b2cf84
Fix recover print stack trace log level (#1604) 
* Fix recover print stack trace log level

* Add recover log level test

* Add default LogLevel to DefaultRecoverConfig
 2020-07-06 07:59:42 -07:00
Arun Gopalpuri
2207c37bf8
use echo.GetPath for rewrite in proxy (#1548) 
Co-authored-by: Arun Gopalpuri <arun@gopalpuri.com>
 2020-04-08 08:19:22 -07:00
178inaba
269dfcc9dd
Set maxParam with SetParamNames (#1535) 
* Set maxParam with SetParamNames

Fixes #1492

* Revert go.mod
 2020-03-30 12:28:07 -07:00
Leaf
542835808e
Quote regex meta characters in Rewrite (#1541) 
Currently there is a half and half situation where the user can't use regex (fully) because * will be replaced with (.*), yet they also can't just enter any old string, because meta chars like . would need escaping.

e.g. currently *.html wouldn't work as intended, and instead *\.html should be used.

Work around this by using regexp's QuoteMeta function to sanitise the input before handling it.
 2020-03-28 17:12:39 -07:00
Vadim Sabirov
8b2c77b107 Fix #1523 by adding SameSite mode for CSRF settings 2020-03-04 18:14:23 +03:00
Shinichi TAMURA
7c5af01350
Safer/trustable extraction of real ip from request (#1478) 
* Safer/trustable extraction of real ip from request

* Fix x-real-ip handling on proxy

* fix docs

* fix default check
 2020-02-24 08:29:34 -08:00
Dmitry Kutakov
712b5e46c5 format code (gofmt + trim trailing space) (#1452) 2020-01-25 09:48:53 -08:00
J. David Lowe
8d7f05e533 round-trip paramValues without exploding (#1463) 2020-01-23 18:32:17 -08:00
Shin Ohno
8b7220f97c Fixed comment typo in BodyDump (#1431) 2019-10-30 17:34:27 -07:00
Vishal Rana
d286e285dc Bumped v4.1.11 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2019-10-06 17:01:28 -07:00
Vishal Rana
05262e484a Capture proxy middleware error 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2019-10-06 16:56:21 -07:00
Hylke Visser
87da9a948b Add ReferrerPolicy to Secure middleware (#1363) 2019-08-01 15:27:09 -07:00
nattawitc
8cfaf50b8f fix #1260 change middleware.Logger's default output (#1336) 
* fix TestLoggerIPAddress reverse assertion

* change middleware.Logger default output

* remove nil field declaration
 2019-07-17 21:34:31 -07:00
Tom Scholz
31361576e8 feat: Add a new ErrorHandlerWithContext (#1328) 
* feat: Add a new ErrorHandlerWithContext

This commit adds a new error handler, which is passed the 
current context, so that you can add custom redirects or even
other kinds of responses. For example:

```go
	e.Use(middleware.JWTWithConfig(middleware.JWTConfig{
		SigningKey: []byte("secret"),
		TokenLookup: "query:token",
		ErrorHandlerWithContext: func(err error, c echo.Context) error {
			// do stuff with context and err
			switch err.(type) {
			case jwt.ValidationError:
				return c.Redirect(http.StatusSeeOther, "/login")
			}
			return err
		},
	}))
```

* chore: address golint issues
 2019-06-13 13:21:03 -07:00
ozburo
6b9408d1d1 Added param:<name> lookup option to JWT Middleware (#1296) 
* Added  lookup option to JWT Middleware

* Added param:<name> lookup option to JWT Middleware
 2019-06-09 09:49:52 -07:00
Vishal Rana
842fc8772f Fixed #1323 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2019-06-09 09:37:21 -07:00
Das Jott
e2671fe963 Provide possibility to use key ids (#1289) 
* provide possibility to use key ids
* kid tests
 2019-05-17 07:45:49 -07:00
Vishal Rana
4de244c072 Fixed invalid json value for error in logger middleware 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2019-04-29 13:21:11 -07:00
Vishal Rana
e53d9c516f Updated deps and fixed a typo 
Signed-off-by: Vishal Rana <vr@labstack.com>
 2019-04-27 22:32:29 -07:00
Hylke Visser
69bd47b35f Fix flushing in Gzip middleware (#1317) 
* Make Gzip response Writer also call Flush of underlying Writer
* Add unit test for chunked responses with Gzip
 2019-04-16 15:52:06 -05:00
atsushi-ishibashi
1f6cc362cc Set subdomains to AllowOrigins with wildcard (#1301) 
* Set subdomains to AllowOrigins with wildcard

* Create IsSubDomain

* Avoid panic when pattern length smaller than domain length

* Change names, improve formula
 2019-03-09 10:32:49 -08:00
Helen Hood
5434a5392f Enable adding preload tag to HSTS header (#1247) 2019-03-06 10:22:19 -08:00
Hemachandar
775b2eefec Refactor DefaultProxyConfig Skipper & WebSocket Check in Context (#1297) 
* refactor: default to DefaultProxyConfig.Skipper if not provided

* refactor: use strings library for websocket check
 2019-03-02 10:43:23 -08:00
Kumar Harsh
802fb5bba6 feat(secure): support Content-Security-Policy-Report-Only header (#1287) 
Closes #1283
 2019-02-26 22:32:07 -08:00
Ronald Bell
5aec1b234f www redirects are too broad (#1274) 2019-02-15 09:56:58 -08:00
Evgeniy Kulikov
88965757af Simplify code of Add/Remove trailing slash and fix bug (#1275) 
* Simplify code of Add/Remove trailing slash

- simplify code (more informative / understanding)
- assert collides with imported package name (in tests)
- fix unhandled errors

* add tests for https://github.com/labstack/echo/pull/1275#issuecomment-460467700
 2019-02-07 09:49:51 -08:00