Merge branch 'main' into jiejaitt-feature/CSRF-using-Proxy-Middleware

2025-04-04 00:11:03 -04:00 · 2025-04-04 00:11:03 -04:00 · 0fa9a3195d
parent d304c36533 551570326c
commit 0fa9a3195d
3 changed files with 58 additions and 67 deletions
--- a/go.mod
+++ b/go.mod
@ -11,7 +11,7 @@ require (
 	github.com/stretchr/testify v1.10.0
 	github.com/tinylib/msgp v1.2.5
 	github.com/valyala/bytebufferpool v1.0.0
-	github.com/valyala/fasthttp v1.59.0
+	github.com/valyala/fasthttp v1.60.0
 	golang.org/x/crypto v0.36.0
 )
@ -19,11 +19,11 @@ require (
 	github.com/andybalholm/brotli v1.1.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/fxamacker/cbor/v2 v2.8.0 // direct
-	github.com/klauspost/compress v1.17.11 // indirect
+	github.com/klauspost/compress v1.18.0 // indirect
 	github.com/philhofer/fwd v1.1.3-0.20240916144458-20a13a1f6b7c // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
-	golang.org/x/net v0.37.0 // indirect
+	golang.org/x/net v0.38.0 // indirect
 	golang.org/x/sys v0.31.0 // indirect
 	golang.org/x/text v0.23.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
--- a/go.sum
+++ b/go.sum
@ -10,8 +10,8 @@ github.com/gofiber/utils/v2 v2.0.0-beta.8 h1:ZifwbHZqZO3YJsx1ZhDsWnPjaQ7C0YD20LH
 github.com/gofiber/utils/v2 v2.0.0-beta.8/go.mod h1:1lCBo9vEF4RFEtTgWntipnaScJZQiM8rrsYycLZ4n9c=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
+github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
-github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
+github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
 github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE=
 github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
@ -26,16 +26,16 @@ github.com/tinylib/msgp v1.2.5 h1:WeQg1whrXRFiZusidTQqzETkRpGjFjcIhW6uqWH09po=
 github.com/tinylib/msgp v1.2.5/go.mod h1:ykjzy2wzgrlvpDCRc4LA8UXy6D8bzMSuAF3WD57Gok0=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
-github.com/valyala/fasthttp v1.59.0 h1:Qu0qYHfXvPk1mSLNqcFtEk6DpxgA26hy6bmydotDpRI=
+github.com/valyala/fasthttp v1.60.0 h1:kBRYS0lOhVJ6V+bYN8PqAHELKHtXqwq9zNMLKx1MBsw=
-github.com/valyala/fasthttp v1.59.0/go.mod h1:GTxNb9Bc6r2a9D0TWNSPwDz78UxnTGBViY3xZNEqyYU=
+github.com/valyala/fasthttp v1.60.0/go.mod h1:iY4kDgV3Gc6EqhRZ8icqcmlG6bqhcDXfuHgTO4FXCvc=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/xyproto/randomstring v1.0.5 h1:YtlWPoRdgMu3NZtP45drfy1GKoojuR7hmRcnhZqKjWU=
 github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3iGxZ18UQApw/E=
 golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34=
 golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc=
-golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c=
+golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8=
-golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
+golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
 golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
--- a/middleware/logger/logger_test.go
+++ b/middleware/logger/logger_test.go
@ -11,6 +11,7 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"os"
 	"regexp"
 	"runtime"
 	"strconv"
 	"sync"
@ -25,6 +26,11 @@ import (
 	"github.com/valyala/fasthttp"
 )
 const (
 	pathFooBar = "/?foo=bar"
 	httpProto  = "HTTP/1.1"
 )
 func benchmarkSetup(b *testing.B, app *fiber.App, uri string) {
 	b.Helper()
@ -459,7 +465,7 @@ func Test_Logger_All(t *testing.T) {
 	// Alias colors
 	colors := app.Config().ColorScheme
-	resp, err := app.Test(httptest.NewRequest(fiber.MethodGet, "/?foo=bar", nil))
+	resp, err := app.Test(httptest.NewRequest(fiber.MethodGet, pathFooBar, nil))
 	require.NoError(t, err)
 	require.Equal(t, fiber.StatusNotFound, resp.StatusCode)
@ -473,23 +479,21 @@ func Test_Logger_CLF_Format(t *testing.T) {
 	defer bytebufferpool.Put(buf)
 	app := fiber.New()
 	app.Use(New(Config{
 		Format: CommonFormat,
 		Stream: buf,
 	}))
-	resp, err := app.Test(httptest.NewRequest(fiber.MethodGet, "/?foo=bar", nil))
+	method := fiber.MethodGet
-	require.NoError(t, err)
+	status := fiber.StatusNotFound
-	require.Equal(t, fiber.StatusNotFound, resp.StatusCode)
+	bytesSent := 0
-	expected := fmt.Sprintf("0.0.0.0 - - [%s] \"%s %s %s\" %d %d\n",
+	resp, err := app.Test(httptest.NewRequest(method, pathFooBar, nil))
-		time.Now().Format("15:04:05"),
+	require.NoError(t, err)
-		fiber.MethodGet, "/?foo=bar", "HTTP/1.1",
+	require.Equal(t, status, resp.StatusCode)
-		fiber.StatusNotFound,
+
-		0)
+	pattern := fmt.Sprintf(`0\.0\.0\.0 - - \[\d{2}:\d{2}:\d{2}\] "%s %s %s" %d %d`, method, regexp.QuoteMeta(pathFooBar), httpProto, status, bytesSent)
-	logResponse := buf.String()
+	require.Regexp(t, pattern, buf.String())
 	require.Equal(t, expected, logResponse)
 }
 func Test_Logger_Combined_CLF_Format(t *testing.T) {
@ -498,29 +502,27 @@ func Test_Logger_Combined_CLF_Format(t *testing.T) {
 	defer bytebufferpool.Put(buf)
 	app := fiber.New()
 	app.Use(New(Config{
 		Format: CombinedFormat,
 		Stream: buf,
 	}))
-	const expectedUA = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
+
-	const expectedReferer = "http://example.com"
+	method := fiber.MethodGet
-	req := httptest.NewRequest(fiber.MethodGet, "/?foo=bar", nil)
+	status := fiber.StatusNotFound
-	req.Header.Set("Referer", expectedReferer)
+	bytesSent := 0
-	req.Header.Set("User-Agent", expectedUA)
+	referer := "http://example.com"
 	ua := "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
 	req := httptest.NewRequest(method, pathFooBar, nil)
 	req.Header.Set("Referer", referer)
 	req.Header.Set("User-Agent", ua)
 	resp, err := app.Test(req)
 	require.NoError(t, err)
-	require.Equal(t, fiber.StatusNotFound, resp.StatusCode)
+	require.Equal(t, status, resp.StatusCode)
-	expected := fmt.Sprintf("0.0.0.0 - - [%s] %q %d %d %q %q\n",
+	pattern := fmt.Sprintf(`0\.0\.0\.0 - - \[\d{2}:\d{2}:\d{2}\] "%s %s %s" %d %d "%s" "%s"`, method, regexp.QuoteMeta(pathFooBar), httpProto, status, bytesSent, regexp.QuoteMeta(referer), regexp.QuoteMeta(ua)) //nolint:gocritic // double quoting for regex and string is not needed
-		time.Now().Format("15:04:05"),
+	require.Regexp(t, pattern, buf.String())
 		fmt.Sprintf("%s %s %s", fiber.MethodGet, "/?foo=bar", "HTTP/1.1"),
 		fiber.StatusNotFound,
 		0,
 		expectedReferer,
 		expectedUA)
 	logResponse := buf.String()
 	require.Equal(t, expected, logResponse)
 }
 func Test_Logger_Json_Format(t *testing.T) {
@ -529,28 +531,23 @@ func Test_Logger_Json_Format(t *testing.T) {
 	defer bytebufferpool.Put(buf)
 	app := fiber.New()
 	app.Use(New(Config{
 		Format: JSONFormat,
 		Stream: buf,
 	}))
-	req := httptest.NewRequest(fiber.MethodGet, "/?foo=bar", nil)
+	method := fiber.MethodGet
 	status := fiber.StatusNotFound
 	ip := "0.0.0.0"
 	bytesSent := 0
 	req := httptest.NewRequest(method, pathFooBar, nil)
 	resp, err := app.Test(req)
 	require.NoError(t, err)
-	require.Equal(t, fiber.StatusNotFound, resp.StatusCode)
+	require.Equal(t, status, resp.StatusCode)
-	expected := fmt.Sprintf(
+	pattern := fmt.Sprintf(`\{"time":"\d{2}:\d{2}:\d{2}","ip":"%s","method":%q,"url":"%s","status":%d,"bytesSent":%d\}`, regexp.QuoteMeta(ip), method, regexp.QuoteMeta(pathFooBar), status, bytesSent) //nolint:gocritic // double quoting for regex and string is not needed
-		"{\"time\":%q,\"ip\":%q,\"method\":%q,\"url\":%q,\"status\":%d,\"bytesSent\":%d}\n",
+	require.Regexp(t, pattern, buf.String())
 		time.Now().Format("15:04:05"),
 		"0.0.0.0",
 		fiber.MethodGet,
 		"/?foo=bar",
 		fiber.StatusNotFound,
 		0,
 	)
 	logResponse := buf.String()
 	require.Equal(t, expected, logResponse)
 }
 func Test_Logger_ECS_Format(t *testing.T) {
@ -559,30 +556,24 @@ func Test_Logger_ECS_Format(t *testing.T) {
 	defer bytebufferpool.Put(buf)
 	app := fiber.New()
 	app.Use(New(Config{
 		Format: ECSFormat,
 		Stream: buf,
 	}))
-	req := httptest.NewRequest(fiber.MethodGet, "/?foo=bar", nil)
+	method := fiber.MethodGet
 	status := fiber.StatusNotFound
 	ip := "0.0.0.0"
 	bytesSent := 0
 	msg := fmt.Sprintf("%s %s responded with %d", method, pathFooBar, status)
 	req := httptest.NewRequest(method, pathFooBar, nil)
 	resp, err := app.Test(req)
 	require.NoError(t, err)
-	require.Equal(t, fiber.StatusNotFound, resp.StatusCode)
+	require.Equal(t, status, resp.StatusCode)
-	expected := fmt.Sprintf(
+	pattern := fmt.Sprintf(`\{"@timestamp":"\d{2}:\d{2}:\d{2}","ecs":\{"version":"1.6.0"\},"client":\{"ip":"%s"\},"http":\{"request":\{"method":%q,"url":"%s","protocol":%q\},"response":\{"status_code":%d,"body":\{"bytes":%d\}\}\},"log":\{"level":"INFO","logger":"fiber"\},"message":"%s"\}`, regexp.QuoteMeta(ip), method, regexp.QuoteMeta(pathFooBar), httpProto, status, bytesSent, regexp.QuoteMeta(msg)) //nolint:gocritic // double quoting for regex and string is not needed
-		"{\"@timestamp\":%q,\"ecs\":{\"version\":\"1.6.0\"},\"client\":{\"ip\":%q},\"http\":{\"request\":{\"method\":%q,\"url\":%q,\"protocol\":%q},\"response\":{\"status_code\":%d,\"body\":{\"bytes\":%d}}},\"log\":{\"level\":\"INFO\",\"logger\":\"fiber\"},\"message\":%q}\n",
+	require.Regexp(t, pattern, buf.String())
 		time.Now().Format("15:04:05"),
 		"0.0.0.0",
 		fiber.MethodGet,
 		"/?foo=bar",
 		"HTTP/1.1",
 		fiber.StatusNotFound,
 		0,
 		fmt.Sprintf("%s %s responded with %d", fiber.MethodGet, "/?foo=bar", fiber.StatusNotFound),
 	)
 	logResponse := buf.String()
 	require.Equal(t, expected, logResponse)
 }
 func getLatencyTimeUnits() []struct {