Commit Graph

120 Commits

Author SHA1 Message Date
Umputun
92bd22877b refactor subtests 2024-11-27 03:36:27 -06:00
Umputun
3f5b6bdf5a max request size also checks the size of url
as go loads the request to memory, it is necessary to prevent huge urls to hit is hard. Checking RawQuery len to the same maxSize in practice may allow double-sized requests max, but will do for now
2024-11-26 16:22:44 -06:00
Umputun
1959706ab4 replace keep host with less verbose but more detailed dbg messages only if keep host is enabled 2024-07-23 11:27:58 -05:00
Umputun
85702e4de1 remove noisy keep host messages from logging 2024-07-23 11:25:40 -05:00
Dmitry Verkhoturov
899e101d7a add test to CI for example directory 2024-05-10 15:10:28 -05:00
Dmitry Verkhoturov
0a9e489743 update github.com/didip/tollbooth from v6 to v7 2024-05-09 13:16:40 -05:00
Umputun
e2ee5bab1b fix forwarded url, has to be earlier and constructed 2024-03-15 17:49:11 -05:00
Umputun
351de86a26 move setting X-Forward-URL after both scheme and host set 2024-03-15 17:32:33 -05:00
Umputun
d2a4f56833
Add 'X-Forwarded-URL' to request header (#176)
* Add 'X-Forwarded-URL' to request header

'X-Forwarded-URL' has been added to the request header in the proxy core to improve redirection handling.

* lint: address unused param warn, supress for tests
2024-03-15 16:53:10 -05:00
Umputun
616c1df314 don't add dbl headers for X-Forwarded-Proto and X-Forwarded-Proto #172 2024-02-05 23:29:35 -06:00
rashpile
631244671a send x-forwarded headers for ssl static mode as well 2024-02-01 14:42:18 -06:00
rashpile
f573cd9e86 add the X-Forwarded-Proto and X-Forwarded-Port headers for SSLAuto mode 2024-02-01 14:42:18 -06:00
Sergey Ninua
fe24cf99ef
Implement Host header bypassing (#155)
* Initial implementation of keep-host argument

* Add keep-host parsing to the consulcatalog provider

* Update docs

* update from the current master

---------
by @ffix
2024-01-25 03:28:54 -06:00
Eli
7d4394f1c8
Skip SSL check for the destination host (#170)
by @themagic314 

* skip ssl check on dest host
* nolint directive
* readme explanation
2024-01-07 12:19:50 -06:00
Umputun
fa23778d42 make LBSelector interface and implement all the current methods plus roundrobin 2023-11-27 12:08:28 -06:00
Umputun
8bde167226 change logger to lgr for only from msg 2023-11-26 18:49:02 -06:00
Umputun
5c07e82ac4 also add what url rejected for 2023-11-26 18:40:04 -06:00
Umputun
197c8d9db3 logging rejected IPs 2023-11-26 18:30:14 -06:00
Umputun
bddb144f60 fix order of middlewares to handle limiting by IP after match handler sets ctx 2023-11-26 17:10:16 -06:00
Umputun
a896f08eec add middleware to optionally allow requests from giving ips/ranges
add new remote param to docker and file providers

lint: http nil body

add support of remote ips to consul provider

local implementation of onlyfrom middleware

lint: missing comment

make proxy tests more readable

preffer public IP if any forwwarded
2023-11-26 16:17:04 -06:00
Umputun
f37072e649 lint: minor warns in tests 2023-09-20 11:16:24 -05:00
Umputun
ffd6b08257 increase timeout a little for a flaky test 2023-02-26 16:21:16 -06:00
Umputun
6695079c57 make sure two consecutive Server calls return the same list of servers 2022-02-23 18:07:38 -06:00
Umputun
e2a40bc7a6 update rest library for proper 404 content type 2022-01-06 01:07:50 -06:00
Umputun
a963516783 switch from legacy FS functions to new constructor 2022-01-06 00:16:18 -06:00
Umputun
64f57df860 add support of custom 404 page for assets server 2022-01-06 00:16:18 -06:00
Alexey Nesterov
2e8733b152 Correctly handle URL escaped paths
Consider proxy configuration `*,/test/(.*),https://dest/$1`.

When reproxy accepts a request with URL encoded path, i.e.
'/test/a%205%25%20b/' which the encoded form of '/test/a 5% b',
it is using request.URL.Path which is already URL decoded by Golang.

This causes an error in proxy.go while it is trying to validate the
destination with `url.Parse(match.Destination)` as, strictly speaking,
destination URL is not a valid URL anymore, it is `https://target-dest/a 5% b`.

With this fix, the original escaped URL stays as is, correctly passes
the validation and then it is up to destination server to URL decode and
correctly handle the URL.
2021-12-06 11:00:07 -06:00
Umputun
075f66825a update linter and address all lint warns 2021-11-09 12:47:41 -06:00
Umputun
8c59be3612 implement simple on/off basic-auth for all resources
lint: err shadowing

extract htpasswd file load and add tests
2021-11-09 12:47:41 -06:00
Umputun
76fa56777f add ability to drop incoming headers #108
In some cases proxy should sanitize incoming headers. --drop-header and $DROP_HEADERS set list of headers (keys) and those headers removed from the request.
2021-09-11 14:38:56 -05:00
Umputun
d364904dd8 fix flaky tests 2021-08-12 22:31:15 -05:00
Umputun
56e040b80b allow longer time to start proxy in limiter test 2021-07-08 16:32:24 -05:00
Umputun
71039681e2
Merge pull request #97
* revendor with latest rest lib

* simplify with passThroughHandler

* add deps for throttling
2021-07-03 01:23:50 -05:00
Umputun
13c70eb8e8 add health integration test 2021-06-12 13:26:42 -05:00
Umputun
e44ca79f23 add support of spa to common assets 2021-06-07 19:16:18 -05:00
Umputun
f0049ef7ac add support of spa-like assets handling 2021-06-07 19:16:18 -05:00
Umputun
687e78e87b drop attempt to parse form in limiter, conflicts with form body 2021-06-07 16:20:23 -05:00
Umputun
15616dfa57 longer sleep for flaky test 2021-06-06 18:20:38 -05:00
Umputun
aea74d717f
Redirect (#87)
* add @code redirect prefix

* add proxy handling for redirects #86

* add info about redirects
2021-06-06 18:13:59 -05:00
Umputun
680d988d42 change url value in final proxy to const usage 2021-06-01 04:00:38 -05:00
Umputun
56cd1205a1 clean usage of plugin context in proxy 2021-06-01 03:59:23 -05:00
Umputun
b3d222a60a quick and dirty fix for assets rules regression 2021-06-01 03:50:20 -05:00
Umputun
0b3e1d9062 warn logging on destination parser 2021-06-01 03:34:50 -05:00
Umputun
3efcd15747 add warns on static path issues 2021-06-01 03:25:35 -05:00
Umputun
7139c57766
RPC plugins support (#85)
* wip

* resolve merge artifacts

* full coverage for conductor

* wire plugin conductor to main and proxy

* wip, with separate match handler

* split matching logic with another handler, add initial docs

* move parts of proxy to handlers, add tests

* add headers in to be sent to proxied url

* merged from master

* add example with docker compose

* supress excesive debug reporting 0-9 disabled in docker

* add plugin tests

* randomize test port

* lint: minor warns

* lint: err shadow
2021-06-01 02:56:39 -05:00
Umputun
282b4b268c add lb selector 2021-05-28 16:11:16 -05:00
Umputun
971e77b5d3 eliminate metrics middleware hit if mgmt disabled 2021-05-22 10:44:21 -05:00
Umputun
095f4d7102
Multi match (#74)
* discovery support for multiple matches

* switch proxy matcher usage, add random selection

* fix multi-match logic

* pass match picker func

* simplify rand picker

* update health params and docs

* fix early termination on discovery multi-match

* add grouping of sorted matches in sorted result

* add mention of live check to readme
2021-05-16 18:34:51 -05:00
nikolay.bystritskiy
bfe5f3fdbf fix ticker, variable names and unnecessary if in Service.Match 2021-05-16 14:17:50 -05:00
nikolay.bystritskiy
49515e307c update health state not sorting or reordering mappers 2021-05-16 14:17:50 -05:00