3ab3d151c7
refresh docs for
...
🔥 Add support for application/problem+json #2704
2023-11-15 09:23:08 +01:00
239e36e0f6
Update sync_docs.sh
2023-11-15 08:50:26 +01:00
dceb0b4c45
Update app.go
...
prepare release v2.51.0
2023-11-14 08:18:46 +01:00
9f082af045
🔥 Add support for application/problem+json ( #2704 )
...
🔥 Add support for custom JSON content headers
2023-11-13 15:18:05 +01:00
1e55045a30
test(limiter): fix intermittent failures ( #2716 )
...
The limiter middleware unit tests are failing due to a race between the
storage garbage collector and the unit test itself. The sliding window
limiter tracks requests using memory storage. In several of the unit
tests, this storage expiry ends up being 4 seconds. The test waits for 4
seconds, then sends a request, expecting it to succeed. However, the
unit test occasionally wakes up before the storage GC kicks in. As an
effect of the very coarse timer (using seconds as units), the middleware
correctly rejects the request, causing the test to fail.
Update the sleep to 4.5 seconds. This will not slow down the execution
of the test suite, as these tests run in parallel with a separate 9
second long test.
I'm not 100% sure this solves the issue, and ideally we'd be able to
run tests without time.Sleep.
2023-11-10 11:33:10 +01:00
5d888cee3d
⚡ ️ perf(ctx.Range): reduce allocations ( #2705 )
...
* perf(ctx.Range): reduce allocations
strings.Split was causing extra allocations where using
strings.IndexByte can suffice. ALso switch from strconv.Atoi because it
causes an allocation when parsing a non-integer, which is common for
Ranges.
* chore: fix lint
2023-11-10 11:32:25 +01:00
b99712f13e
⚡ middleware/pprof: improve performance ( #2709 )
...
* ⚡ middleware/pprof: improve performance
Concatenate the custom and fixed prefixes beforehand, so the trimmed path can be switched on against constant strings.
goos: linux
goarch: amd64
pkg: github.com/gofiber/fiber/v2/middleware/pprof
cpu: 13th Gen Intel(R) Core(TM) i9-13900K
BenchmarkPprof/Slow-32 4912642 246.3 ns/op 480 B/op 10 allocs/op
BenchmarkPprof/Fast-32 411908472 2.913 ns/op 0 B/op 0 allocs/op
PASS
* 🌂 middleware/pprof: disable nonamedreturns linter on cutPrefix
2023-11-09 08:05:54 +01:00
862ea7dbf6
add v3 pr templates info
2023-11-08 13:23:46 +01:00
efdd0093b3
add v3 issue/pr templates
2023-11-07 19:09:23 +01:00
781f71a0d1
add v3 issue/pr templates
2023-11-07 19:04:00 +01:00
f37238e494
v3: fix CSRF tests and linter warnings
2023-11-07 20:37:57 +03:00
6ea4d81331
Merge branch 'master' into v3-beta
2023-11-07 20:22:31 +03:00
cbcb1aec0a
✨ feat: add support for parameters in content negotiation ( #2678 )
...
* ✨ feat: add support for parameters in content negotiation
Attempts to approach the level of support offered by express,
but behavior may differ in unusual corner cases.
Some key behaviors from Express that are implemented:
- If an offer does not have every parameter listed in the given Accept,
it is rejected.
- Parameters do not affect specificity.
- In a given specificity, more parameters gives greater precedence
- Parameters are unordered
- Matching is case-insensitive
- Surrounding quotes for parameter values are stripped
- If an Accept type specifies a parameter more than once, the last
value provided is taken.
- Parameters after q are not processed.
https://www.rfc-editor.org/rfc/rfc9110#name-parameters
* doc: properly attribute reader.go for validHeaderFieldByte
* fix: remove underscores from fuzz test name
* test(forEachParameter): improve coverage
* doc: add comment clarifying RFC 9110 non-compliance for corner case
2023-11-07 08:25:23 +01:00
426dd3aff9
build(deps): bump golang.org/x/sys from 0.13.0 to 0.14.0 ( #2707 )
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/sys/compare/v0.13.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-06 16:27:04 +03:00
fe395b9850
📚 Doc: Add additional information as to why GetReqHeaders returns a map where the values are slices of strings ( #2698 )
...
* Update ctx.md
Added additional information to why GetReqHeaders returns a map where the values are slices of strings (instead of a single string as one might expect)
* Update ctx.md
added the same explanation to GetRespHeaders too
2023-11-01 21:42:57 +01:00
0104e59e9f
fix: changed "Twitter" to "X (Twitter)" in README.md Contribute Section ( #2696 )
...
* Update README.md
in README.md contribute section the name of twitter was old i changed it to 𝕏
* Update README.md
updated domain as per suggested
* Update CONTRIBUTING.md
* Update README_az.md
* Update README_ckb.md
in this i changed domain only.
* Update README_de.md
* Update README_eg.md
in this i changed domain
* Update README_es.md
* Update README_fa.md
* Update README_fr.md
* Update README_he.md
* Update README_id.md
* Update README_it.md
* Update README_ja.md
* Update README_ko.md
* Update README_nl.md
* Update README_pl.md
* Update README_pt.md
* Update README_ru.md
* Update README_sa.md
* Update README_tr.md
* Update README_uk.md
* Update README_zh-CN.md
* Update README_zh-TW.md
2023-11-01 09:24:14 +01:00
4099ef87bb
Update routing.md
...
fix invalid regex constraint
2023-11-01 08:22:10 +01:00
7bbffab19f
build(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 ( #2693 )
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-29 20:36:01 +03:00
4bf3695125
📄 docs: enhance csrf.md ( #2692 )
...
* docs: enhance csrf.md
* docs: simplify language
* docs: update csrf.md
* docs: delete token/session reminders
* docs: and ! or
2023-10-27 13:45:30 +02:00
7eadeb8ed3
build(deps): bump actions/setup-node from 3 to 4 ( #2690 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-24 23:10:00 +02:00
9347a86cdb
📗 Add example for response handling with fiber client
2023-10-24 08:35:50 +02:00
db62f9c218
🐛 [Bug]: Naming of routes works wrong after mount #2688 ( #2689 )
2023-10-23 13:58:00 +02:00
94acde8fe5
🐛 bug: fix method validation on route naming ( #2686 )
...
* 🐛 bug: fix route naming issue when using same path for different methods
* fix linter
* add new testcase for HEAD route
* add comments to tests
* fix tests
2023-10-23 09:12:52 +02:00
37ad7c7990
build(deps): bump github.com/mattn/go-isatty from 0.0.19 to 0.0.20 ( #2679 )
...
Bumps [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty ) from 0.0.19 to 0.0.20.
- [Commits](https://github.com/mattn/go-isatty/compare/v0.0.19...v0.0.20 )
---
updated-dependencies:
- dependency-name: github.com/mattn/go-isatty
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-18 15:53:32 +02:00
6f0d34d39e
Update csrf.md
2023-10-16 14:31:28 +02:00
af3999835f
Add more description to GetClientInfo
2023-10-16 10:35:42 +02:00
c864da091d
prepare release v2.50.0
...
prepare release v2.50.0
2023-10-16 09:59:55 +02:00
8c3916dbf4
Merge pull request from GHSA-94w9-97p3-p368
...
* feat: improved csrf with session support
* fix: double submit cookie
* feat: add warning cookie extractor without session
* feat: add warning CsrfFromCookie SameSite
* fix: use byes.Equal instead
* fix: Overriden CookieName KeyLookup cookie:<name>
* feat: Create helpers.go
* feat: use compareTokens (constant time compare)
* feat: validate cookie to prevent token injection
* refactor: clean up csrf.go
* docs: update comment about Double Submit Cookie
* docs: update docs for CSRF changes
* feat: add DeleteToken
* refactor: no else
* test: add more tests
* refactor: re-order tests
* docs: update safe methods RCF add note
* test: add CSRF_Cookie_Injection_Exploit
* feat: add SingleUseToken config
* test: check for new token
* docs: use warning
* fix: always register type Token
* feat: use UUIDv4
* test: swap in UUIDv4 here too
* fix: raw token injection
* fix: merege error
* feat: Sentinel errors
* chore: rename test
* fix: url parse
* test: add path to referer
* test: add expiration tests
* docs: add cookie prefix note
* docs: fix typo
* docs: add warning for refer checks
* test: add referer edge cases
And call ctx.Request.Reset() and
ctx.Response.Reset() before re-using ctx.
2023-10-16 09:06:30 +02:00
d736d3a644
🐛 bug: fix path checking on route naming ( #2676 )
...
* 🐛 bug: fix path checking on route naming
* fix several tests
* fix several tests
2023-10-16 09:02:53 +02:00
cb89cce4ca
Merge pull request #2675 from jscappini/patch-1
...
🩹 Fix: Typo in requestid.md
2023-10-13 11:55:19 -03:00
d974cf3c99
Fix typo in requestid.md
...
Minor typo fix in requestid.md.
2023-10-13 11:37:06 +00:00
e70b2e28d6
Cookie parser ( #2656 )
...
* prep for branching
* feature: added a cookie parser and tests appropriate tests
* ✨ feature: added a cookie parser and appropriate tests
* made correction to docs
* linted using gofumpt
* ctx_test linted, cookieParser schema added
* fix lint errors (Cookie parser #2656 )
* removed extra lines, tested return values
---------
Co-authored-by: René Werner <rene.werner@verivox.com>
2023-10-12 10:44:15 +02:00
bb90fc1187
fix lint errors
2023-10-11 15:16:35 +02:00
b50d91d58e
Merge pull request from GHSA-94w9-97p3-p368
...
* feat: improved csrf with session support
* fix: double submit cookie
* feat: add warning cookie extractor without session
* feat: add warning CsrfFromCookie SameSite
* fix: use byes.Equal instead
* fix: Overriden CookieName KeyLookup cookie:<name>
* feat: Create helpers.go
* feat: use compareTokens (constant time compare)
* feat: validate cookie to prevent token injection
* refactor: clean up csrf.go
* docs: update comment about Double Submit Cookie
* docs: update docs for CSRF changes
* feat: add DeleteToken
* refactor: no else
* test: add more tests
* refactor: re-order tests
* docs: update safe methods RCF add note
* test: add CSRF_Cookie_Injection_Exploit
* feat: add SingleUseToken config
* test: check for new token
* docs: use warning
* fix: always register type Token
* feat: use UUIDv4
* test: swap in UUIDv4 here too
2023-10-11 14:41:42 +02:00
9292a36e28
🐛 bug: fix nil pointer dereference issue on idempotency middleware ( #2668 )
2023-10-10 08:23:23 +02:00
8c69065e83
📚 [Doc] fix incorrect status code source ( #2667 )
...
* fix incorrect status code source
* fix typo
2023-10-10 08:11:18 +02:00
ada2d4affd
Update hooks.md
2023-10-09 08:58:49 +02:00
fc2ab3387a
🩹 Fix incorrect log depth when use log.WithContext ( #2666 )
...
fix withContext caller
2023-10-08 13:45:11 +02:00
6ecd607d97
build(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0 ( #2665 )
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/sys/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-06 20:08:01 +03:00
8228da91fc
[filesystem middleware] improve status for SendFile ( #2664 )
...
SendFile response code for success
2023-10-06 13:10:20 +02:00
59409f3841
improve sendFile documentation
2023-10-06 11:43:10 +02:00
0d3354675b
Fix loop variable captured by func literal ( #2660 )
...
* fix loop variable xxx captured by func literal
* fix middleware/pprof tests
2023-10-05 13:49:57 +02:00
ab4e731607
Run gofumpt and goimports ( #2662 )
...
* run goimports -w -local github.com/gofiber/fiber .
* run gofumpt -w -extra .
2023-10-05 13:14:30 +02:00
d25dfa4ce7
apply go fix ./... with latest version of go in repository ( #2661 )
...
apply go fix ./...
2023-10-05 12:24:59 +02:00
9230be3649
Fix jsonp ignoring custom json encoder ( #2658 )
...
* add unit test to trigger the bug #2675
* implement solution
2023-10-05 10:09:29 +02:00
5171f6b505
improve compress middleware documentation
2023-10-05 09:00:11 +02:00
d00f0b8348
✨ feat: add Reset method to Session struct in session middleware ( #2654 )
2023-10-02 15:19:35 +02:00
d86c257c89
✨ feat: add Delete method to Store struct in session middleware ( #2655 )
...
* ✨ feat: add Delete method to Store struct in session middleware
* ♻ refactor: enhance Delete method and test cases in session middleware
2023-10-02 15:19:18 +02:00
fa88733218
🐛 bug: fix PassLocalsToView when bind parameter is nil ( #2651 )
...
* 🐛 bug: fix PassLocalsToView when bind parameter is nil
* fix linter
2023-09-28 14:40:59 +02:00
6e443f6026
refactor: use utils.AssertEqual instead of t.Fatal on some tests ( #2653 )
2023-09-28 14:40:42 +02:00
René Werner
Reid Hurlburt
nickajacks1
database64128
Muhammed Efe Cetin
dependabot[bot]
Moritz
HardikBandhiya
Jason McNeil
Javier Scappini
joey1123455
Josh Larsen
Jiun Lee
Michael Bell
Tiago Peczenyj
Tiago Peczenyj
KaptinLin