Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
* Prevent request smuggling
Prevent request smuggling when fasthttp is behind a reverse proxy that
might interprets headers differently by being stricter. Should also
prevent request smuggling when fasthttp is used as the reverse proxy.
* Make header value comparison case-insensitive
|
|
Require that HTTP versions match the following pattern: HTTP/[0-9]\.[0-9]
|
|
|
|
* feat: add function to parse HTTP header parameters
The implementation is based on RFC-9110 5.6.6.
* test: add fuzz for VisitHeaderParams
|
|
|
|
|
|
|
|
* Auto add 'Vary' header after compression
Add config `SetAddVaryHeaderForCompression` to enable
'Vary: Accept-Encoding' header when compression is used.
* feat: always set the Vary header
* create and use `ResponseHeader.AddVaryBytes`
* not export 'AddVaryBytes'
|
|
* add DisableSpecialHeaders option
* polishing up disableSpecialHeader option
* forgot to uncomment
* fix silly mistakes
* dont parse special headers
|
|
|
|
Signed-off-by: cui fliter <imcusg@gmail.com>
|
|
|
|
* Refactor golangci-lint config
- Use golangci-lint-action for GitHub workflow.
- Add additional golangci-lint run options.
- Remove unused nolint directives.
* Revert exclude-use-default option
|
|
|
|
This reverts commit a468a7dd3734d9866ef6ab8ee1e36695f5c3b09c.
|
|
|
|
* feat: support mulit/range
* fix:
1. lint code
2. add SetByteRanges method
* fix: reduce the test number of testFSSingleByteRange
|
|
* feat: add PeekKeys and PeekTrailerKeys
* Improve warning
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
|
|
1. the length of trailer key should > 0
2. fix http_test words typo
|
|
|
|
|
|
* Update Go Version to Go1.19.x And add cache
* Fix CI Line endings
* Update test CI Go Version to Go1.19.x And add cache
* Update Gosec Security Scanner CI to securego/gosec@v2.12.0
* Format comment
Go 1.19 adds support for links, lists, and clearer headings in doc comments. As part of this change, gofmt now reformats doc comments to make their rendered meaning clearer. See “Go Doc Comments” for syntax details and descriptions of common mistakes now highlighted by gofmt. As another part of this change, the new package go/doc/comment provides parsing and reformatting of doc comments as well as support for rendering them to HTML, Markdown, and text.
ref: https://tip.golang.org/doc/go1.19
ref: https://tip.golang.org/doc/comment
* Fix doc structure
|
|
Don't run requests in a separate Goroutine anymore. Instead use proper
conn deadlines to enforce timeouts.
- Also contains some linting fixes.
|
|
* header.go ContentEncoding() getter and setters
For Response the CE header is stored into a separate field because compressed responses are often used.
But for the Request let's just peek and store it from headers map
* http.go: New BodyUncompressed() method for request and responses
The new method returns a body and uncompress if it's gzipped
|
|
* args.go GetBool(): use switch with string casting
This should be optimized by Go compiler itself so the b2s() call is not needed.
It was previously done by this but changed in
1e7885eb56cdf4c6f550e143b0dbd3acc82a4137
* header.go Referer() optimize
Use direct peekArgBytes() instead of PeekBytes() that will check for special headers
* header_timing_test.go BenchmarkRequestHeaderPeekBytesSpecialHeader
The old BenchmarkRequestHeaderPeekBytesCanonical and BenchmarkRequestHeaderPeekBytesNonCanonical are in fact just measured the header normalization.
But it's anyway is benchmarked separately.
Results was almost the same: 1.5 ns/op.
Instead, let's reuse the benches to find a difference between peeking of special (Host, CT) and custom headers.
|
|
Header.SetCanonical() (#1311)
* Response.ContentEncoding(): store as field
The CE is not so often used for plain APIs responses and even not so often used for static files and on the fly compression.
But still it should be checked each time.
Also having a dedicated field getter and setter simplifies code
* header.go Use shorter Response.setNonSpecial() and Request.setNonSpecial() methods instead of SetCanonical()
The change should improve performance because the setSpecialHeader() call is omitted.
As a downside on adding a new basic header field all putHeader() must be replaced with a direct getter and setter.
|
|
Mostly in tests.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Add trailer support
* fix issue and add documentation
* remove redundant code
* add error return for add/set trailer method
* fix lint error
* fix bad trailer error return issue and update bad content-length error
* update errNonNumericChars
* update errNonNumericChars
* fix issue about error and fix typo
|
|
* Adding zero-allocation uint64 to byte slice conversion and fixing the ResponseHeader.SetStatusLine function call signature
* Removing unnecessary i2b function
* Fixing various bugs
* Adding test cases
* Commenting AppendStatusLine
* Update status.go
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
* Update header.go
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
* Cleaning up references to strHTTP11, using formatStatusLine for invalidStatusLine, and making `appendStatusLine` an unexported function
Issue: https://github.com/valyala/fasthttp/issues/1132
* Fixing merge conflicts
Issue: https://github.com/valyala/fasthttp/issues/1132
* Replacing []byte{} with nil in some test cases
Issue: https://github.com/valyala/fasthttp/issues/1132
* Cleaning up parsing first line, and improving StatusMessage function
Issue: https://github.com/valyala/fasthttp/issues/1132
* Fixing as per PR
* Update header.go
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
* Update header.go
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
* Fixing as per requested changes
* Update header_test.go
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
|
|
|
|
* SetStatusMessage
* Docstring
* statusLine in header
* Use statusLine as []byte + ResponseHeader parsing
* status line getter
|
|
|
|
|
|
|
|
* Adding "image/svg" as compressible prefix
* Adding additional compressible prefixes from https://support.cloudflare.com/hc/en-us/articles/200168396-What-will-Cloudflare-compress-
|
|
* feat: improve bytesEqual
* benchmark
* nolint:unused
* remove unused code
* Update client.go
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
|
|
* Flush buffered responses if we have to wait for the next request
Don't wait for the next request as this can take some time, instead
flush the outstanding responses already.
Fixes #1043
* Only peek 1 byte
Make sure old clients that send bogus \r\n still work.
See: https://github.com/golang/go/commit/bf5e19fbaf02b1b25fbe50c27ec301fe830a28d0
|
|
These functions should take the headers that are handled differently
into account.
|
|
|
|
Co-authored-by: liuchenxing <liuchenxing@bytedance.com>
|
|
Co-authored-by: Daniel Firsht <firsht@amazon.com>
|
|
* Added Protocol() as a replacement of hardcoded strHTTP11
* Applied review changes
* Modify h.proto in parseFirstLine
|