799 Commits

Author	SHA1	Message	Date
Muhammed Efe Cetin	f37238e494	v3: fix CSRF tests and linter warnings	2023-11-07 20:37:57 +03:00
Muhammed Efe Cetin	6ea4d81331	Merge branch 'master' into v3-beta	2023-11-07 20:22:31 +03:00
Jason McNeil	8c3916dbf4	Merge pull request from GHSA-94w9-97p3-p368 ... * feat: improved csrf with session support * fix: double submit cookie * feat: add warning cookie extractor without session * feat: add warning CsrfFromCookie SameSite * fix: use byes.Equal instead * fix: Overriden CookieName KeyLookup cookie:<name> * feat: Create helpers.go * feat: use compareTokens (constant time compare) * feat: validate cookie to prevent token injection * refactor: clean up csrf.go * docs: update comment about Double Submit Cookie * docs: update docs for CSRF changes * feat: add DeleteToken * refactor: no else * test: add more tests * refactor: re-order tests * docs: update safe methods RCF add note * test: add CSRF_Cookie_Injection_Exploit * feat: add SingleUseToken config * test: check for new token * docs: use warning * fix: always register type Token * feat: use UUIDv4 * test: swap in UUIDv4 here too * fix: raw token injection * fix: merege error * feat: Sentinel errors * chore: rename test * fix: url parse * test: add path to referer * test: add expiration tests * docs: add cookie prefix note * docs: fix typo * docs: add warning for refer checks * test: add referer edge cases And call ctx.Request.Reset() and ctx.Response.Reset() before re-using ctx.	2023-10-16 09:06:30 +02:00
René Werner	bb90fc1187	fix lint errors	2023-10-11 15:16:35 +02:00
Jason McNeil	b50d91d58e	Merge pull request from GHSA-94w9-97p3-p368 ... * feat: improved csrf with session support * fix: double submit cookie * feat: add warning cookie extractor without session * feat: add warning CsrfFromCookie SameSite * fix: use byes.Equal instead * fix: Overriden CookieName KeyLookup cookie:<name> * feat: Create helpers.go * feat: use compareTokens (constant time compare) * feat: validate cookie to prevent token injection * refactor: clean up csrf.go * docs: update comment about Double Submit Cookie * docs: update docs for CSRF changes * feat: add DeleteToken * refactor: no else * test: add more tests * refactor: re-order tests * docs: update safe methods RCF add note * test: add CSRF_Cookie_Injection_Exploit * feat: add SingleUseToken config * test: check for new token * docs: use warning * fix: always register type Token * feat: use UUIDv4 * test: swap in UUIDv4 here too	2023-10-11 14:41:42 +02:00
M. Efe Çetin	9292a36e28	🐛 bug: fix nil pointer dereference issue on idempotency middleware (#2668)	2023-10-10 08:23:23 +02:00
Michael Bell	8228da91fc	[filesystem middleware] improve status for SendFile (#2664) ... SendFile response code for success	2023-10-06 13:10:20 +02:00
René Werner	59409f3841	improve sendFile documentation	2023-10-06 11:43:10 +02:00
Tiago Peczenyj	0d3354675b	Fix loop variable captured by func literal (#2660) ... * fix loop variable xxx captured by func literal * fix middleware/pprof tests	2023-10-05 13:49:57 +02:00
Tiago Peczenyj	ab4e731607	Run gofumpt and goimports (#2662) ... * run goimports -w -local github.com/gofiber/fiber . * run gofumpt -w -extra .	2023-10-05 13:14:30 +02:00
KaptinLin	d00f0b8348	✨ feat: add Reset method to Session struct in session middleware (#2654)	2023-10-02 15:19:35 +02:00
KaptinLin	d86c257c89	✨ feat: add Delete method to Store struct in session middleware (#2655) ... * ✨ feat: add Delete method to Store struct in session middleware * ♻ refactor: enhance Delete method and test cases in session middleware	2023-10-02 15:19:18 +02:00
M. Efe Çetin	6e443f6026	refactor: use utils.AssertEqual instead of t.Fatal on some tests (#2653)	2023-09-28 14:40:42 +02:00
M. Efe Çetin	a9447a5b49	ctx: change signatures of GetReqHeaders and GetRespHeaders (#2650) ... * ctx: change signatures of GetReqHeaders and GetRespHeaders * fix middlewares	2023-09-28 08:31:31 +02:00
M. Efe Çetin	e6d6fbe5a8	✨ middleware: cors: allow disabling caching in preflight requests (#2649)	2023-09-27 15:06:24 +02:00
Juan Calderon-Perez	5d6552e42d	🐛 fix(middleware/adaptor): Reduce memory usage by replacing io.ReadAll() with io.Copy() (#2637) ... * Replace io.ReadAll with io.Copy for Adaptor Middleware * Add nolint to Close() during benchmark	2023-09-19 08:08:51 +02:00
CuiPeiyu	d0d5e9ee99	[middleware/filesystem]: Set response code (#2632) ... Specified response code	2023-09-14 14:46:34 +02:00
Akarshit Joshi	6d34e23815	[Bug]: Logger Middleware: Enabling color changes padding for some fields #2604 (#2616) ... 🐛 Removes extra padding for response code, method	2023-09-11 08:45:00 +02:00
Eng Zer Jun	242ff94505	♻️ Refactor: Remove redundant nil check (#2584) ... From the Go docs: "If the map is nil, the number of iterations is 0." [1] Therefore, an additional nil check for before the loop is unnecessary. [1]: https://go.dev/ref/spec#For_range Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>	2023-08-17 20:49:53 +02:00
Jacob	892b23bd46	✨ Add custom data property to favicon middleware config (#2579) ... * Add custom data property to favicon middleware * Update favicon middleware docs * Fix formatting	2023-08-17 15:04:53 +02:00
Jason McNeil	c3ae06608b	🐛 fix(middleware/logger): default latency output format (#2580) ... * fix: default logger formater latency * test: add Test_Logger_WithLatency_DefaultFormat * test: rm t.Parallel() from Latency tests Trying to make windows CI pass.... * test: fix windows sleep issue	2023-08-17 14:33:59 +02:00
0bl	a50df4fcdd	🩹 Fix: rename WithTlsConfig method to WithTLSConfig (#2570) ... * 🩹 Fix: rename WithTlsConfig method to WithTLSConfig * 🎨 Style: remove stylecheck and revive lint	2023-08-11 07:57:49 +02:00
Jason McNeil	35da4c6a75	test: fix text	2023-08-10 16:04:29 -03:00
Jason McNeil	7b1aa8a612	chore: rm debug	2023-08-10 15:35:16 -03:00
Jason McNeil	acf427c4bb	chore: TagLatency match gin-gonic/gin format	2023-08-10 15:27:25 -03:00
M. Efe Çetin	9fbb961adb	filesystem: refactor: use errors.Is instead of os.IsNotExist (#2558)	2023-08-06 18:10:44 +02:00
João Victor Oliveira Couto	f29f39b1b3	fix: Decompress request body when multi Content-Encoding sent on request headers (#2555) ... * 🔧 feat: Decode body in order when sent a list on content-encoding * 🚀 perf: Change `getSplicedStrList` to have 0 allocations * 🍵 test: Add tests for the new features * 🍵 test: Ensure session test will not raise an error unexpectedly * 🐗 feat: Replace strings.TrimLeft by utils.TrimLeft Add docs to functions to inform correctly what the change is * 🌷 refactor: Apply linter rules * 🍵 test: Add test cases to the new body method change * 🔧 feat: Remove return problems to be able to reach original body * 🌷 refactor: Split Body method into two to make it more maintainable Also, with the previous fix to problems detected by tests, it becomes really hard to make the linter happy, so this change also helps in it * 🚀 perf: Came back with Header.VisitAll, to improve speed * 📃 docs: Update Context docs	2023-08-06 17:23:37 +02:00
Muhammed Efe Cetin	44acb06c02	🧹 v3 (chore): fix linter warnings	2023-08-05 22:25:21 +03:00
Muhammed Efe Cetin	75bb02b87e	Merge remote-tracking branch 'origin/master' into v3-beta	2023-08-05 22:02:01 +03:00
RW	51ea636b60	improved the config section of the middleware readme´s (#2552)	2023-07-24 16:46:50 +02:00
Jiun Lee	fefc533834	🚀 Add Logger interface and fiberlog (#2499) ... * add log for fiber * replace log in fiber * add Log use to adapt for log libraries * Update app.go Co-authored-by: Tomás Warynyca <41587659+tomaswarynyca@users.noreply.github.com> * wip: add log docs * add WithLogger use to print key and value * remove CtxLogger and add WithContext use to bind Context * fix errcheck * fix errcheck * update log.md --------- Co-authored-by: Tomás Warynyca <41587659+tomaswarynyca@users.noreply.github.com>	2023-06-26 08:16:57 +02:00
Moein Halvaei	5967d36bc0	✏️ Fix typo (#2518) ... * Fix: typo in client.go * Fix: typo in ctx.go * Fix: typo in path.go * Fix: typo in router.go * Fix: typo in adaptor.go	2023-06-23 16:15:38 +02:00
cmd777	1b060cb150	🩹 Fix: default logger color behaviour (#2513) ... * Fix logger colors * Fix tests Basically add ˙enableColors: true˙ back to default config	2023-06-22 13:06:37 +02:00
Anzhi	06ef450a8a	🚀 Add DisableColors to set the default output format (#2493) ... Add DisableColor for default logger format	2023-06-05 13:20:45 +02:00
Oleg	b9e93ccd4a	Fix Sliding Window limiter when SkipSuccessfulRequests/SkipFailedRequests is used. (#2484) ... * Fix Sliding Window limiter when SkipSuccessfulRequests/SkipFailedRequests is used. * Add tests. * Fix linter. --------- Co-authored-by: Oleg Bakumenko <Bakumenko.Oleg@wb.ru>	2023-06-01 08:00:31 +02:00
leonklingele	c56b4e66a0	middleware/adaptor: allow to convert fiber.Ctx to (net/http).Request (#2461)	2023-05-15 13:04:58 +02:00
M. Efe Çetin	c7c37d9b50	♻️ refactor: merge some external middlewares to core (#2453) ... * ♻️ refactor: merge adaptor, helmet, keyauth, redirect, rewrite middlewares to core * fix linting issues * fix linting issues * fix linting issues * update	2023-05-10 08:01:49 +02:00
bcd	3c3f12b76c	[Feature]: Add filesystem config contentTypeCharset support (#2438) ... * Update filesystem.go * Update filesystem_test.go * Update filesystem.md * fmt	2023-05-02 08:40:20 +02:00
RW	3a7dbd0b48	🚀 Consistent way of logging and fix middleware log format #2432 (#2444) ... - change log patter	2023-05-01 18:52:30 +02:00
Kousik Mitra	a59d9bac59	🚀 Consistent way of logging and fix middleware log format (#2432) ... * 🚀 Replace fmt.Print* with log.Print* (#2402) * 🚀 Fix middleware logging format (#2402)	2023-05-01 10:01:27 +02:00
James Lucas	c4d2876d64	🐛 fix(cors): Changed condition for 'AllowOriginsFunc' (#2423) ... 🐛 fix(cors): Changed condition for 'AllowOriginsFunc' to check against default config value of 'AllowOrigins'	2023-04-21 13:37:53 +02:00
James Lucas	866d5b7628	✨ feat(cors): Added new 'AllowOriginsFunc' function. (#2394) ... * ✨ feat(cors): Added new 'AllowOriginsFunc' function. * feat(cors): Added warning log for when both 'AllowOrigins' and 'AllowOriginsFunc' are set. * feat(docs): Updated docs to include note about discouraging the use of this function in production workloads. --------- Co-authored-by: RW <rene@gofiber.io>	2023-04-11 10:24:29 +02:00
Hakan Kutluay	22b407e2e7	🐛 [Bug-Fix] add original timeout middleware (#2367) ... * add original timeout middleware * fix linter issues * deprecate original timeout middleware * update timeout middleware documentation	2023-04-09 16:05:51 +02:00
René Werner	035e7d4f43	Fix #2396, data race logger middleware	2023-04-02 14:36:00 +02:00
René Werner	243f393434	Fix #2396, data race logger middleware	2023-04-02 14:08:20 +02:00
Rorke76753	56839b433e	🚀 [Feature]: middleware/requestid: don't call "Generator" func on existing request ID header (#2371) ... call uuid generator only if rid is empty	2023-03-15 09:45:42 +01:00
Benjamin Grosse	d7b36cde54	🐛 requestid.Config.ContextKey is interface{} (#2369) ... requestid.Config.ContextKey is interface{} Consistent with c.Locals(key inteface{}, ...). Fixes #2356	2023-03-14 19:37:10 +01:00
Tumushimire Yves	634f163e3f	🚀 [Feature]: SessionOnly when cookie.Expires is 0 (#2152) ... * feature: session only for zero expire cookie #2145 * refactor condition to set MaxAge and Expire on cookie * move checking zero maxage and expire in session middleware Signed-off-by: Yves Tumushimire <yvestumushimire@gmail.com> * feature: session only for zero expire cookie #2145 * refactor condition to set MaxAge and Expire on cookie * move checking zero maxage and expire in session middleware Signed-off-by: Yves Tumushimire <yvestumushimire@gmail.com> * CR changes * some updates --------- Signed-off-by: Yves Tumushimire <yvestumushimire@gmail.com> Co-authored-by: Muhammed Efe Çetin <efectn@protonmail.com> Co-authored-by: René Werner <rene.werner@verivox.com>	2023-03-12 19:14:22 +01:00
Muhammed Efe Çetin	41866cd3dd	👷 v3 (ci): fix some linter warnings	2023-03-06 17:35:39 +03:00
Muhammed Efe Çetin	15e9235383	📝 docs: remove README.mds from middleware dirs	2023-03-06 16:42:35 +03:00