* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* fix(middleware/cors): Config, lists as list types.
Improve insecure config error text.
* chore: Add tests for CORS preflight requests with Access-Control-Request-Headers
* test(middleware/cors): explicit wildcard in test
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
* performance optimizations
* add a new benchmark that tests the simple flow
this will be used to make differences between version 2 and 3 directly visible
* remove redundant ctx.Reset call
* Add a new benchmark that tests the ctx acquire and release flow
this will be used to show differences between version 2 and 3 directly
* Add a new benchmark that tests the ctx acquire and release flow
this will be used to show differences between version 2 and 3 directly
* Update pull_request_template.md
* Update v3-changes.md
* Update CONTRIBUTING.md (#2752)
Grammar correction.
* chore(encryptcookie)!: update default config (#2753)
* chore(encryptcookie)!: update default config
docs(encryptcookie): enhance documentation and examples
BREAKING CHANGE: removed the hardcoded "csrf_" from the Except.
* docs(encryptcookie): reads or modifies cookies
* chore(encryptcookie): csrf config example
* docs(encryptcookie): md table spacing
* build(deps): bump actions/setup-go from 4 to 5 (#2754)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* 🩹 middleware/logger/: log client IP address by default (#2755)
* middleware/logger: Log client IP address by default.
* Update doc.
* fix: don't constrain middlewares' context-keys to strings 🐛 (#2751)
* Revert "Revert "🐛 requestid.Config.ContextKey is interface{} (#2369)" (#2742)"
This reverts commit 28be17f929.
* fix: request ContextKey default value condition
Should check for `nil` since it is `any`.
* fix: don't constrain middlewares' context-keys to strings
`context` recommends using "unexported type" as context keys to avoid
collisions https://pkg.go.dev/github.com/gofiber/fiber/v2#Ctx.Locals.
The official go blog also recommends this https://go.dev/blog/context.
`fiber.Ctx.Locals(key any, value any)` correctly allows consumers to
use unexported types or e.g. strings.
But some fiber middlewares constrain their context-keys to `string` in
their "default config structs", making it impossible to use unexported
types.
This PR removes the `string` _constraint_ from all middlewares, allowing
to now use unexported types as per the official guidelines. However
the default value is still a string, so it's not a breaking change, and
anyone still using strings as context keys is not affected.
* 📚 Update app.md for indentation (#2761)
Update app.md for indentation
* build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2762)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump github/codeql-action from 2 to 3 (#2763)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Changing default log output (#2730)
changing default log output
Closes#2729
* Update hooks.md
fix wrong hooks signature
* 🩹 Fix: CORS middleware should use the defined AllowedOriginsFunc config when AllowedOrigins is empty (#2771)
* 🐛 [Bug]: Adaptator + otelfiber issue #2641 (#2772)
* 🩹🚨 - fix for redirect with query params (#2748)
* redirect with query params did not work, fix it and add test for it
* redirect middleware - fix test typo
* ♻️ logger/middleware colorize logger error message #2593 (#2773)
* ✨ feat: add liveness and readiness checks (#2509)
* ✨ feat: add liveness and readiness checkers
* 📝 docs: add docs for liveness and readiness
* ✨ feat: add options method for probe checkers
* ✅ tests: add tests for liveness and readiness
* ♻️ refactor: change default endpoint values
* ♻️ refactor: change default value for liveness endpoint
* 📝 docs: add return status for liveness and readiness probes
* ♻️ refactor: change probechecker to middleware
* 📝 docs: move docs to middleware session
* ♻️ refactor: apply gofumpt formatting
* ♻️ refactor: remove unused parameter
* split config and apply a review
* apply reviews and add testcases
* add benchmark
* cleanup
* rename middleware
* fix linter
* Update docs and config values
* Revert change to IsReady
* Updates based on code review
* Update docs to match other middlewares
---------
Co-authored-by: Muhammed Efe Cetin <efectn@protonmail.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
* prepare release v2.52.0
- add more Parser tests
* fix healthcheck.md
* configure workflows for V2 branch
* configure workflows for V2 branch
* Fix default value to false in docs of QueryBool (#2811)
fix default value to false in docs of QueryBool
* update queryParser config
* Update ctx.md
* Update routing.md
* 📚 Doc: Fix code snippet indentation in /docs/api/middleware/keyauth.md
Removes an an extra level of indentation in line 51 of
`keyauth.md` [here](https://github.com/gofiber/fiber/blob/v2/docs/api/middleware/keyauth.md?plain=1#L51)
* fix: healthcheck middleware not working with route group (#2863)
* fix: healthcheck middleware not working with route group
* perf: change verification method to improve perf
* Update healthcheck_test.go
* test: add not matching route test for strict routing
* add more test cases
* correct tests
* correct test helpers
* correct tests
* correct tests
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: René Werner <rene@gofiber.io>
* Merge pull request from GHSA-fmg4-x8pw-hjhg
* Enforce Wildcard Origins with AllowCredentials check
* Expand unit-tests, fix issues with subdomains logic, update docs
* Update cors.md
* Added test using localhost, ipv4, and ipv6 address
* improve documentation markdown
---------
Co-authored-by: René Werner <rene@gofiber.io>
* Update app.go
prepare release v2.52.1
* fix cors domain normalize
* fix sync-docs workflow
* fix sync-docs workflow
* fix(middleware/cors): Validation of multiple Origins (#2883)
* fix: allow origins check
Refactor CORS origin validation and normalization to trim leading or trailing whitespace in the cfg.AllowOrigins string [list]. URLs with whitespace inside the URL are invalid, so the normalizeOrigin will return false because url.Parse will fail, and the middleware will panic.
fixes#2882
* test: AllowOrigins with whitespace
* test(middleware/cors): add benchmarks
* chore: fix linter errors
* test(middleware/cors): use h() instead of app.Test()
* test(middleware/cors): add miltiple origins in Test_CORS_AllowOriginScheme
* chore: refactor validate and normalize
* test(cors/middleware): add more benchmarks
* prepare release v2.52.2
* refactor(docs): deactivate docs sync for v2
* refactor(docs): deactivate docs sync for v2
* fix(middleware/cors): Handling and wildcard subdomain matching (#2915)
* fix: allow origins check
Refactor CORS origin validation and normalization to trim leading or trailing whitespace in the cfg.AllowOrigins string [list]. URLs with whitespace inside the URL are invalid, so the normalizeOrigin will return false because url.Parse will fail, and the middleware will panic.
fixes#2882
* test: AllowOrigins with whitespace
* test(middleware/cors): add benchmarks
* chore: fix linter errors
* test(middleware/cors): use h() instead of app.Test()
* test(middleware/cors): add miltiple origins in Test_CORS_AllowOriginScheme
* chore: refactor validate and normalize
* test(cors/middleware): add more benchmarks
* fix(middleware/cors): handling and wildcard subdomain matching
docs(middleware/cors): add How it works and Security Considerations
* chore: grammar
* Apply suggestions from code review
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* chore: fix misspelling
* test(middleware/cors): combine Invalid_Origins tests
* refactor(middleware/cors): headers handling
* docs(middleware/cors): Update AllowOrigins description
* chore: merge
* perf(middleware/cors): optimize handler
* perf(middleware/cors): optimize handler
* chore(middleware/cors): ipdate origin handling logic
* chore(middleware/cors): fix header capitalization
* docs(middleware/cors): improve sercuity notes
* docs(middleware/cors): Improve security notes
* docs(middleware/cors): improve CORS overview
* docs(middleware/cors): fix ordering of how it works
* docs(middleware/cors): add additional info to How to works
* docs(middleware/cors): rm space
* docs(middleware/cors): add validation for AllowOrigins origins to overview
* docs(middleware/cors): update ExposeHeaders and MaxAge descriptions
* docs(middleware/cors): Add dynamic origin validation example
* docs(middleware/cors): Improve security notes and fix header capitalization
* docs(middleware/cors): configuration examples
* docs(middleware/cors): `"*"`
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* fix(middleware/cors): Categorize requests correctly (#2921)
* fix(middleware/cors): categorise requests correctly
* test(middleware/cors): improve test coverage for request types
* test(middleware/cors): Add subdomain matching tests
* test(middleware/cors): parallel tests for CORS headers based on request type
* test(middleware/cors): Add benchmark for CORS subdomain matching
* test(middleware/cors): cover additiona test cases
* refactor(middleware/cors): origin validation and normalization
* test(middleware/csrf): Fix Benchmark Tests (#2932)
* test(middleware/csrf): fix Benchmark_Middleware_CSRF_*
* fix(middleware/csrf): update refererMatchesHost()
* Prepare release v2.52.3
* fix(middleware/cors): CORS handling (#2937)
* fix(middleware/cors): CORS handling
* fix(middleware/cors): Vary header handling
* test(middleware/cors): Ensure Vary Headers checked
* fix(middleware/cors): Vary header handling non-cors OPTIONS requests (#2939)
* fix(middleware/cors): Vary header handling non-cors OPTIONS requests
* chore(middleware/cors): Add Vary header for non-CORS OPTIONS requests comment
* prepare release v2.52.4
* merge v2 in main(v3)
* merge v2 in main(v3)
* merge v2 in main(v3)
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: tokelo-12 <113810058+tokelo-12@users.noreply.github.com>
Co-authored-by: Jason McNeil <sixcolors@mac.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: iRedMail <2048991+iredmail@users.noreply.github.com>
Co-authored-by: Benjamin Grosse <ste3ls@gmail.com>
Co-authored-by: Mehmet Firat KOMURCU <mehmetfiratkomurcu@hotmail.com>
Co-authored-by: Bruno <bdm2943@icloud.com>
Co-authored-by: Muhammad Kholid B <muhammadkholidb@gmail.com>
Co-authored-by: gilwo <gilwo@users.noreply.github.com>
Co-authored-by: Lucas Lemos <lucashenriqueblemos@gmail.com>
Co-authored-by: Muhammed Efe Cetin <efectn@protonmail.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
Co-authored-by: Jongmin Kim <kjongmin26@gmail.com>
Co-authored-by: Giovanni Rivera <rivera.giovanni271@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Add support for Access-Control-Allow-Private-Network in CORS middleware
* Access-Control-Allow-Private-Network in CORS middleware documentation update
* Access-Control-Allow-Private-Network in CORS middleware tests
* Fix lint issues
* Fix formatting
* Rename config option, add more unit-tests
* Fix syntax issue
* Fix conditional
* Fix formatting, add more unit-tests
* chore(middleware/cors): Update middleware/cors/cors.go
* chore(middleware/cors): add HeaderAccessControlRequestPrivateNetowkr
* test(middleware/cors): fix CORS headers
* docs(middleware/cors): table order and alignment
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
Co-authored-by: Jason McNeil <sixcolors@mac.com>
* feature: implement generic params function
* update: add ctx generic params benchmark function
* fix: fix linter errors on boolean types
* fix: fix linter errors on float variable types
* tests: add Test_Params_TypeAssertFail
Co-authored-by: Jason McNeil <sixcolors@mac.com>
* Update ctx_test.go
* typo: change genericType typo to GenericType in documents
* remove ParamsInt method and rewrite Params method
* add genericParseType tests and benchmarks and simplify genericQuery and genericParams tests and benchmarks
* added GetReqHeader generic function
* added tests for params generic function
* add tests for GetReqHeader generic function
* added GetReqHeader generic function
* Revert "added GetReqHeader generic function"
This reverts commit a63cebb712.
* fix tests and benchamarks of generic tests
* added default value to array test genericParse
* fix Params generic function on default value and fixes some tests and typos
* remove Test_Params_TypeAssertFail function(it didn't panic anyway)
* fix bad usage on parallel tests
* add convert function
* fix generic tests
* fix fail tests on use parallel multiple time
* fix typo on params comment section
* remove pointer refer on Convert
* update generic benchmarks
* reslove conflicts1
* add specific tests to integer and unsigned integer
generic parser
* fix typo on Convert document
* change uint tests of Test_genericParseTypeInts
* move generic types to utils.go file and change
bitsize of int value type to 0
* update genericParseInt unit tests
* update generic uint tests and pass value type in
check functions
* reverse dependency of Params and genericParams
* update convert docs
---------
Co-authored-by: Jason McNeil <sixcolors@mac.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: RW <rene@gofiber.io>
* added fix for embedded struct field query parsing
* updated ctx parser tests to test embedded struct field parsing
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
* Fixes for some of the failing tests
* Add readiness check to serverStart()
* Use net/http client for tests listen test
* Use different key for this test
* Run Proxy Middleware tests in parallel. Add nil checks for potential issues pointed by nilaway
* Enable parallel client tests
* Do not run timing sensitive tests in parallel
* Remove TODO
* Revert Test_Proxy_DoTimeout_Timeout, and remove t.Parallel() for it
* Do not calculate favicon len on each handler call
* Revert logic change
* Increase timeout of SaveFile tests
* Do not run time sensitive tests in parallel
* The Agent can't be run in parallel
* Do not run time sensitive tests in parallel
* Fixes based on uber/nilaway
* Revert change to Client test
* Run parallel
* Update client_test.go
* Update client_test.go
* Update cache_test.go
* Update cookiejar_test.go
* Remove parallel for test using timeouts
* Remove t.Parallel() from logger middleware tests
* Do not use testify.require in a goroutine
* Fix import, and update golangci-lint
* Remove changes to template_chain.go
* Run more tests in parallel
* Add more parallel tests
* Add more parallel tests
* SetLogger can't run in parallel
* Run more tests in parallel, fix issue with goroutine in limiter middleware
* Update internal/storage/memory, add more benchmarks
* Increase sleep for csrf test by 100 milliseconds. Implement asserted and parallel benchmarks for Session middleware
* Add 100 milliseconds to sleep during test
* Revert name change
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
* fix: Inconsistent and flaky unit-tests
---------
Co-authored-by: M. Efe Çetin <efectn@protonmail.com>
Co-authored-by: René <rene@gofiber.io>
* Make the sentence more understandable
* Add the English version of the words as the Turkish version is difficult to understand.
* Improve translation
* Correct the meaningless sentence
* Convert first letter to uppercase
* Delete repeated word
dependabot[bot]
René
Juan Calderon-Perez
Jason McNeil
dockercui
deferdeter
Behzad Khokher
Iliya
nickajacks1
leonklingele
Joshua Benfield
Alexandre Negrel
racerole
Erfan Derakhshani
Serban Marin-Eusebiu
Emir