6ea4d81331
Merge branch 'master' into v3-beta
2023-11-07 20:22:31 +03:00
cbcb1aec0a
✨ feat: add support for parameters in content negotiation ( #2678 )
...
* ✨ feat: add support for parameters in content negotiation
Attempts to approach the level of support offered by express,
but behavior may differ in unusual corner cases.
Some key behaviors from Express that are implemented:
- If an offer does not have every parameter listed in the given Accept,
it is rejected.
- Parameters do not affect specificity.
- In a given specificity, more parameters gives greater precedence
- Parameters are unordered
- Matching is case-insensitive
- Surrounding quotes for parameter values are stripped
- If an Accept type specifies a parameter more than once, the last
value provided is taken.
- Parameters after q are not processed.
https://www.rfc-editor.org/rfc/rfc9110#name-parameters
* doc: properly attribute reader.go for validHeaderFieldByte
* fix: remove underscores from fuzz test name
* test(forEachParameter): improve coverage
* doc: add comment clarifying RFC 9110 non-compliance for corner case
2023-11-07 08:25:23 +01:00
426dd3aff9
build(deps): bump golang.org/x/sys from 0.13.0 to 0.14.0 ( #2707 )
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/sys/compare/v0.13.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-06 16:27:04 +03:00
fe395b9850
📚 Doc: Add additional information as to why GetReqHeaders returns a map where the values are slices of strings ( #2698 )
...
* Update ctx.md
Added additional information to why GetReqHeaders returns a map where the values are slices of strings (instead of a single string as one might expect)
* Update ctx.md
added the same explanation to GetRespHeaders too
2023-11-01 21:42:57 +01:00
0104e59e9f
fix: changed "Twitter" to "X (Twitter)" in README.md Contribute Section ( #2696 )
...
* Update README.md
in README.md contribute section the name of twitter was old i changed it to 𝕏
* Update README.md
updated domain as per suggested
* Update CONTRIBUTING.md
* Update README_az.md
* Update README_ckb.md
in this i changed domain only.
* Update README_de.md
* Update README_eg.md
in this i changed domain
* Update README_es.md
* Update README_fa.md
* Update README_fr.md
* Update README_he.md
* Update README_id.md
* Update README_it.md
* Update README_ja.md
* Update README_ko.md
* Update README_nl.md
* Update README_pl.md
* Update README_pt.md
* Update README_ru.md
* Update README_sa.md
* Update README_tr.md
* Update README_uk.md
* Update README_zh-CN.md
* Update README_zh-TW.md
2023-11-01 09:24:14 +01:00
4099ef87bb
Update routing.md
...
fix invalid regex constraint
2023-11-01 08:22:10 +01:00
7bbffab19f
build(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 ( #2693 )
...
Bumps [github.com/google/uuid](https://github.com/google/uuid ) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/google/uuid/releases )
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-29 20:36:01 +03:00
4bf3695125
📄 docs: enhance csrf.md ( #2692 )
...
* docs: enhance csrf.md
* docs: simplify language
* docs: update csrf.md
* docs: delete token/session reminders
* docs: and ! or
2023-10-27 13:45:30 +02:00
7eadeb8ed3
build(deps): bump actions/setup-node from 3 to 4 ( #2690 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-24 23:10:00 +02:00
9347a86cdb
📗 Add example for response handling with fiber client
2023-10-24 08:35:50 +02:00
db62f9c218
🐛 [Bug]: Naming of routes works wrong after mount #2688 ( #2689 )
2023-10-23 13:58:00 +02:00
94acde8fe5
🐛 bug: fix method validation on route naming ( #2686 )
...
* 🐛 bug: fix route naming issue when using same path for different methods
* fix linter
* add new testcase for HEAD route
* add comments to tests
* fix tests
2023-10-23 09:12:52 +02:00
37ad7c7990
build(deps): bump github.com/mattn/go-isatty from 0.0.19 to 0.0.20 ( #2679 )
...
Bumps [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty ) from 0.0.19 to 0.0.20.
- [Commits](https://github.com/mattn/go-isatty/compare/v0.0.19...v0.0.20 )
---
updated-dependencies:
- dependency-name: github.com/mattn/go-isatty
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-18 15:53:32 +02:00
6f0d34d39e
Update csrf.md
2023-10-16 14:31:28 +02:00
af3999835f
Add more description to GetClientInfo
2023-10-16 10:35:42 +02:00
c864da091d
prepare release v2.50.0
...
prepare release v2.50.0
2023-10-16 09:59:55 +02:00
8c3916dbf4
Merge pull request from GHSA-94w9-97p3-p368
...
* feat: improved csrf with session support
* fix: double submit cookie
* feat: add warning cookie extractor without session
* feat: add warning CsrfFromCookie SameSite
* fix: use byes.Equal instead
* fix: Overriden CookieName KeyLookup cookie:<name>
* feat: Create helpers.go
* feat: use compareTokens (constant time compare)
* feat: validate cookie to prevent token injection
* refactor: clean up csrf.go
* docs: update comment about Double Submit Cookie
* docs: update docs for CSRF changes
* feat: add DeleteToken
* refactor: no else
* test: add more tests
* refactor: re-order tests
* docs: update safe methods RCF add note
* test: add CSRF_Cookie_Injection_Exploit
* feat: add SingleUseToken config
* test: check for new token
* docs: use warning
* fix: always register type Token
* feat: use UUIDv4
* test: swap in UUIDv4 here too
* fix: raw token injection
* fix: merege error
* feat: Sentinel errors
* chore: rename test
* fix: url parse
* test: add path to referer
* test: add expiration tests
* docs: add cookie prefix note
* docs: fix typo
* docs: add warning for refer checks
* test: add referer edge cases
And call ctx.Request.Reset() and
ctx.Response.Reset() before re-using ctx.
2023-10-16 09:06:30 +02:00
d736d3a644
🐛 bug: fix path checking on route naming ( #2676 )
...
* 🐛 bug: fix path checking on route naming
* fix several tests
* fix several tests
2023-10-16 09:02:53 +02:00
cb89cce4ca
Merge pull request #2675 from jscappini/patch-1
...
🩹 Fix: Typo in requestid.md
2023-10-13 11:55:19 -03:00
d974cf3c99
Fix typo in requestid.md
...
Minor typo fix in requestid.md.
2023-10-13 11:37:06 +00:00
e70b2e28d6
Cookie parser ( #2656 )
...
* prep for branching
* feature: added a cookie parser and tests appropriate tests
* ✨ feature: added a cookie parser and appropriate tests
* made correction to docs
* linted using gofumpt
* ctx_test linted, cookieParser schema added
* fix lint errors (Cookie parser #2656 )
* removed extra lines, tested return values
---------
Co-authored-by: René Werner <rene.werner@verivox.com>
2023-10-12 10:44:15 +02:00
bb90fc1187
fix lint errors
2023-10-11 15:16:35 +02:00
b50d91d58e
Merge pull request from GHSA-94w9-97p3-p368
...
* feat: improved csrf with session support
* fix: double submit cookie
* feat: add warning cookie extractor without session
* feat: add warning CsrfFromCookie SameSite
* fix: use byes.Equal instead
* fix: Overriden CookieName KeyLookup cookie:<name>
* feat: Create helpers.go
* feat: use compareTokens (constant time compare)
* feat: validate cookie to prevent token injection
* refactor: clean up csrf.go
* docs: update comment about Double Submit Cookie
* docs: update docs for CSRF changes
* feat: add DeleteToken
* refactor: no else
* test: add more tests
* refactor: re-order tests
* docs: update safe methods RCF add note
* test: add CSRF_Cookie_Injection_Exploit
* feat: add SingleUseToken config
* test: check for new token
* docs: use warning
* fix: always register type Token
* feat: use UUIDv4
* test: swap in UUIDv4 here too
2023-10-11 14:41:42 +02:00
9292a36e28
🐛 bug: fix nil pointer dereference issue on idempotency middleware ( #2668 )
2023-10-10 08:23:23 +02:00
8c69065e83
📚 [Doc] fix incorrect status code source ( #2667 )
...
* fix incorrect status code source
* fix typo
2023-10-10 08:11:18 +02:00
ada2d4affd
Update hooks.md
2023-10-09 08:58:49 +02:00
fc2ab3387a
🩹 Fix incorrect log depth when use log.WithContext ( #2666 )
...
fix withContext caller
2023-10-08 13:45:11 +02:00
6ecd607d97
build(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0 ( #2665 )
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/sys/compare/v0.12.0...v0.13.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-06 20:08:01 +03:00
8228da91fc
[filesystem middleware] improve status for SendFile ( #2664 )
...
SendFile response code for success
2023-10-06 13:10:20 +02:00
59409f3841
improve sendFile documentation
2023-10-06 11:43:10 +02:00
0d3354675b
Fix loop variable captured by func literal ( #2660 )
...
* fix loop variable xxx captured by func literal
* fix middleware/pprof tests
2023-10-05 13:49:57 +02:00
ab4e731607
Run gofumpt and goimports ( #2662 )
...
* run goimports -w -local github.com/gofiber/fiber .
* run gofumpt -w -extra .
2023-10-05 13:14:30 +02:00
d25dfa4ce7
apply go fix ./... with latest version of go in repository ( #2661 )
...
apply go fix ./...
2023-10-05 12:24:59 +02:00
9230be3649
Fix jsonp ignoring custom json encoder ( #2658 )
...
* add unit test to trigger the bug #2675
* implement solution
2023-10-05 10:09:29 +02:00
5171f6b505
improve compress middleware documentation
2023-10-05 09:00:11 +02:00
d00f0b8348
✨ feat: add Reset method to Session struct in session middleware ( #2654 )
2023-10-02 15:19:35 +02:00
d86c257c89
✨ feat: add Delete method to Store struct in session middleware ( #2655 )
...
* ✨ feat: add Delete method to Store struct in session middleware
* ♻ refactor: enhance Delete method and test cases in session middleware
2023-10-02 15:19:18 +02:00
fa88733218
🐛 bug: fix PassLocalsToView when bind parameter is nil ( #2651 )
...
* 🐛 bug: fix PassLocalsToView when bind parameter is nil
* fix linter
2023-09-28 14:40:59 +02:00
6e443f6026
refactor: use utils.AssertEqual instead of t.Fatal on some tests ( #2653 )
2023-09-28 14:40:42 +02:00
a9447a5b49
ctx: change signatures of GetReqHeaders and GetRespHeaders ( #2650 )
...
* ctx: change signatures of GetReqHeaders and GetRespHeaders
* fix middlewares
2023-09-28 08:31:31 +02:00
c0988de91e
📝 middleware: cors: update docs to better explain AllowOriginsFunc ( #2652 )
2023-09-28 08:28:35 +02:00
e6d6fbe5a8
✨ middleware: cors: allow disabling caching in preflight requests ( #2649 )
2023-09-27 15:06:24 +02:00
c89184c155
♻️ Refactor Ctx.Method func to improve code readability ( #2647 )
...
* Refactor Ctx.Method func to improve code readability
* Fix the lint issue with extra tab on blank line
2023-09-26 08:15:33 +02:00
640fd1f7c7
🐛 fix parse ips return invalid in abnormal case ( #2642 )
...
* 🐛 fix parse ips return invalid in abnormal case
* ♻️ change benchmark to test cases
---------
Co-authored-by: Khúc Ngọc Huy <huykn0710@gmail.com>
2023-09-21 11:06:02 +02:00
e547bea49e
Update cache.md
2023-09-20 09:14:58 +02:00
59d3eb0762
🐛 fix bug parse custom header ( #2638 )
...
* 🐛 fix bug parse custom header
* 🚨 fix lint when request merge https://github.com/gofiber/fiber/pull/2638
---------
Co-authored-by: Khúc Ngọc Huy <huykn0710@gmail.com>
2023-09-19 18:00:26 +02:00
5d6552e42d
🐛 fix(middleware/adaptor): Reduce memory usage by replacing io.ReadAll() with io.Copy() ( #2637 )
...
* Replace io.ReadAll with io.Copy for Adaptor Middleware
* Add nolint to Close() during benchmark
2023-09-19 08:08:51 +02:00
52f1eb9ddf
build(deps): bump github.com/valyala/fasthttp from 1.49.0 to 1.50.0 ( #2634 )
...
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp ) from 1.49.0 to 1.50.0.
- [Release notes](https://github.com/valyala/fasthttp/releases )
- [Commits](https://github.com/valyala/fasthttp/compare/v1.49.0...v1.50.0 )
---
updated-dependencies:
- dependency-name: github.com/valyala/fasthttp
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-14 14:53:16 +02:00
d0d5e9ee99
[middleware/filesystem]: Set response code ( #2632 )
...
Specified response code
2023-09-14 14:46:34 +02:00
2af907d98d
Update app.go
...
prepare release v2.49.2
2023-09-14 08:00:10 +02:00
Muhammed Efe Cetin
nickajacks1
dependabot[bot]
Moritz
HardikBandhiya
RW
Jason McNeil
Javier Scappini
joey1123455
Josh Larsen
Jiun Lee
Michael Bell
Tiago Peczenyj
Tiago Peczenyj
KaptinLin
Jimmy Li
dairlair
huykn
Juan Calderon-Perez
CuiPeiyu