mirror of
https://github.com/labstack/echo.git
synced 2025-01-07 23:01:56 +02:00
6ef5f77bf2
WIP: make default logger implemented custom writer for jsonlike logs WIP: improve examples WIP: defaultErrorHandler use errors.As to unwrap errors. Update readme WIP: default logger logs json, restore e.Start method WIP: clean router.Match a bit WIP: func types/fields have echo.Context has first element WIP: remove yaml tags as functions etc can not be serialized anyway WIP: change BindPathParams,BindQueryParams,BindHeaders from methods to functions and reverse arguments to be like DefaultBinder.Bind is WIP: improved comments, logger now extracts status from error WIP: go mod tidy WIP: rebase with 4.5.0 WIP: * removed todos. * removed StartAutoTLS and StartH2CServer methods from `StartConfig` * KeyAuth middleware errorhandler can swallow the error and resume next middleware WIP: add RouterConfig.UseEscapedPathForMatching to use escaped path for matching request against routes WIP: FIXMEs WIP: upgrade golang-jwt/jwt to `v4` WIP: refactor http methods to return RouteInfo WIP: refactor static not creating multiple routes WIP: refactor route and middleware adding functions not to return error directly WIP: Use 401 for problematic/missing headers for key auth and JWT middleware (#1552, #1402). > In summary, a 401 Unauthorized response should be used for missing or bad authentication WIP: replace `HTTPError.SetInternal` with `HTTPError.WithInternal` so we could not mutate global error variables WIP: add RouteInfo and RouteMatchType into Context what we could know from in middleware what route was matched and/or type of that match (200/404/405) WIP: make notFoundHandler and methodNotAllowedHandler private. encourage that all errors be handled in Echo.HTTPErrorHandler WIP: server cleanup ideas WIP: routable.ForGroup WIP: note about logger middleware WIP: bind should not default values on second try. use crypto rand for better randomness WIP: router add route as interface and returns info as interface WIP: improve flaky test (remains still flaky) WIP: add notes about bind default values WIP: every route can have their own path params names WIP: routerCreator and different tests WIP: different things WIP: remove route implementation WIP: support custom method types WIP: extractor tests WIP: v5.0.x proposal over v4.4.0
94 lines
2.1 KiB
Go
94 lines
2.1 KiB
Go
package middleware
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"fmt"
|
|
"strings"
|
|
)
|
|
|
|
const (
|
|
_ = int64(1 << (10 * iota)) // ignore first value by assigning to blank identifier
|
|
// KB is 1 KiloByte = 1024 bytes
|
|
KB
|
|
// MB is 1 Megabyte = 1_048_576 bytes
|
|
MB
|
|
// GB is 1 Gigabyte = 1_073_741_824 bytes
|
|
GB
|
|
// TB is 1 Terabyte = 1_099_511_627_776 bytes
|
|
TB
|
|
// PB is 1 Petabyte = 1_125_899_906_842_624 bytes
|
|
PB
|
|
// EB is 1 Exabyte = 1_152_921_504_606_847_000 bytes
|
|
EB
|
|
)
|
|
|
|
func matchScheme(domain, pattern string) bool {
|
|
didx := strings.Index(domain, ":")
|
|
pidx := strings.Index(pattern, ":")
|
|
return didx != -1 && pidx != -1 && domain[:didx] == pattern[:pidx]
|
|
}
|
|
|
|
// matchSubdomain compares authority with wildcard
|
|
func matchSubdomain(domain, pattern string) bool {
|
|
if !matchScheme(domain, pattern) {
|
|
return false
|
|
}
|
|
didx := strings.Index(domain, "://")
|
|
pidx := strings.Index(pattern, "://")
|
|
if didx == -1 || pidx == -1 {
|
|
return false
|
|
}
|
|
domAuth := domain[didx+3:]
|
|
// to avoid long loop by invalid long domain
|
|
if len(domAuth) > 253 {
|
|
return false
|
|
}
|
|
patAuth := pattern[pidx+3:]
|
|
|
|
domComp := strings.Split(domAuth, ".")
|
|
patComp := strings.Split(patAuth, ".")
|
|
for i := len(domComp)/2 - 1; i >= 0; i-- {
|
|
opp := len(domComp) - 1 - i
|
|
domComp[i], domComp[opp] = domComp[opp], domComp[i]
|
|
}
|
|
for i := len(patComp)/2 - 1; i >= 0; i-- {
|
|
opp := len(patComp) - 1 - i
|
|
patComp[i], patComp[opp] = patComp[opp], patComp[i]
|
|
}
|
|
|
|
for i, v := range domComp {
|
|
if len(patComp) <= i {
|
|
return false
|
|
}
|
|
p := patComp[i]
|
|
if p == "*" {
|
|
return true
|
|
}
|
|
if p != v {
|
|
return false
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
func createRandomStringGenerator(length uint8) func() string {
|
|
return func() string {
|
|
return randomString(length)
|
|
}
|
|
}
|
|
|
|
func randomString(length uint8) string {
|
|
charset := "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
|
|
|
|
bytes := make([]byte, length)
|
|
_, err := rand.Read(bytes)
|
|
if err != nil {
|
|
// we are out of random. let the request fail
|
|
panic(fmt.Errorf("echo randomString failed to read random bytes: %w", err))
|
|
}
|
|
for i, b := range bytes {
|
|
bytes[i] = charset[b%byte(len(charset))]
|
|
}
|
|
return string(bytes)
|
|
}
|