* feat: Optimize ShutdownWithContext method in app.go
- Reorder mutex lock acquisition to the start of the function
- Early return if server is not running
- Use defer for executing shutdown hooks
- Simplify nil check for hooks
- Remove TODO comment
This commit improves the readability, robustness, and execution order
of the shutdown process. It ensures consistent state throughout the
shutdown and guarantees hook execution even in error cases.
* feat: Enhance ShutdownWithContext test for improved reliability
- Add shutdown hook verification
- Implement better synchronization with channels
- Improve error handling and assertions
- Adjust timeouts for more consistent results
- Add server state check after shutdown attempt
- Include comments explaining expected behavior
This commit improves the comprehensiveness and reliability of the
ShutdownWithContext test, ensuring proper verification of shutdown
hooks, timeout behavior, and server state during long-running requests.
* 📚 Doc: update the docs to explain shutdown & hook execution order
* 🩹 Fix: Possible Data Race on shutdownHookCalled Variable
* 🩹 Fix: Remove the default Case
* 🩹 Fix: Import sync/atomic
* 🩹 Fix: golangci-lint problem
* 🎨 Style: add block in api.md
* 🩹 Fix: go mod tidy
* feat: Optimize ShutdownWithContext method in app.go
- Reorder mutex lock acquisition to the start of the function
- Early return if server is not running
- Use defer for executing shutdown hooks
- Simplify nil check for hooks
- Remove TODO comment
This commit improves the readability, robustness, and execution order
of the shutdown process. It ensures consistent state throughout the
shutdown and guarantees hook execution even in error cases.
* feat: Enhance ShutdownWithContext test for improved reliability
- Add shutdown hook verification
- Implement better synchronization with channels
- Improve error handling and assertions
- Adjust timeouts for more consistent results
- Add server state check after shutdown attempt
- Include comments explaining expected behavior
This commit improves the comprehensiveness and reliability of the
ShutdownWithContext test, ensuring proper verification of shutdown
hooks, timeout behavior, and server state during long-running requests.
* 📚 Doc: update the docs to explain shutdown & hook execution order
* 🩹 Fix: Possible Data Race on shutdownHookCalled Variable
* 🩹 Fix: Remove the default Case
* 🩹 Fix: Import sync/atomic
* 🩹 Fix: golangci-lint problem
* 🎨 Style: add block in api.md
* 🩹 Fix: go mod tidy
* ♻️ Refactor: replaced OnShutdown by OnPreShutdown and OnPostShutdown
* ♻️ Refactor: streamline post-shutdown hook execution in graceful shutdown process
* 🚨 Test: add test for gracefulShutdown
* 🔥 Feature: Using executeOnPreShutdownHooks and executeOnPostShutdownHooks Instead of OnShutdownSuccess and OnShutdownError
* 🩹 Fix: deal Listener err
* 🩹 Fix: go lint error
* 🩹 Fix: reduced memory alignment
* 🩹 Fix: reduced memory alignment
* 🩹 Fix: context should be created inside the concatenation.
* 📚 Doc: update what_new.md and hooks.md
* ♻️ Refactor: use blocking channel instead of time.Sleep
* 🩹 Fix: Improve synchronization in error propagation test.
* 🩹 Fix: Replace sleep with proper synchronization.
* 🩹 Fix: Server but not shut down properly
* 🩹 Fix: Using channels to synchronize and pass results
* 🩹 Fix: timeout with long running request
* 📚 Doc: remove OnShutdownError and OnShutdownSuccess from fiber.md
* Update hooks.md
* 🚨 Test: Add graceful shutdown timeout error test case
* 📝 Doc: Restructure hooks documentation for OnPreShutdown and OnPostShutdown
* 📝 Doc: Remove extra whitespace in hooks documentation
---------
Co-authored-by: yingjie.huang <yingjie.huang@fosunhn.net>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
* Add Drop method to DefaultCtx and remove redundant checks
Introduced a Drop method in DefaultCtx for closing connections, enabling easier resource management. Removed unnecessary nil-checks for headers in manager_msgp to simplify code logic. Added a unit test to ensure the new Drop method behaves as expected.
* Add `Drop` method to Fiber context API documentation
The `Drop` method allows silently terminating client connections without sending HTTP headers or a response body. This is useful for scenarios like mitigating DDoS attacks or blocking unauthorized access to sensitive endpoints. Example usage and function signature are included in the updated documentation.
* Remove extraneous blank line in documentation.
Eliminated an unnecessary blank line in the API context documentation for improved readability and formatting consistency. No functional changes were made to the content.
* Update API documentation example to return "Hello World!"
Revised the example code in the API documentation to return a generic "Hello World!" string instead of a dynamic response. This improves consistency and simplifies the example for easier understanding.
* Refactor Drop method and extend test coverage.
Simplified the Drop method by inlining the connection close call. Added new test cases to ensure proper handling of no-response scenarios and improved overall test coverage.
* fix golangci-lint issue
* Add test for Ctx.Drop with middleware interaction
This test ensures the correct behavior of the Ctx.Drop method when used with middleware, including response handling and error scenarios. It verifies that the middleware and handler properly handle the Drop call and its resulting effects.
* Add Drop method to DefaultCtx for closing connections
The Drop method allows closing connections without sending a response, improving control over connection handling. Also updated a test assertion to use StatusOK for improved readability and consistency.
* Refine Drop method comments to clarify error handling.
Explain the rationale for not wrapping errors in the Drop method. Emphasize that the returned error is solely for logging and not for further propagation or processing.
* Update Drop method documentation for clarity
Clarified the `Drop` method's behavior, specifying that it closes the connection without sending headers or a body. Added examples of use cases, such as DDoS mitigation and blocking sensitive endpoints.
* Refactor response header setting in middleware.
Replaced the direct header setting with the `Set` method for consistency and improved clarity. Removed a test case checking for a panic on closed response body as it is no longer applicable.
* Make tls.Config MinVersion configurable
This commit will resolve#3239
For more info: https://github.com/gofiber/fiber/issues/3239
* Add documents about tls minimum version configurable
* Add if statement for don't allow to use TLS1.0 and TLS1.1
* Fix lint issues, add test for panic()
* Update docs
* Add test with valid TLS version
---------
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
* feat: add a simple support for app.Listen
* fix: fix the nil access error
* chore: add test case for simple tls
* fix: align the struct
* chore: change the test case
can't passed and not chack the file yet
* fix: use TLS1.2 min
* Fix lint issues
* Fix call to os.MkdirTemp
* Fix test check order
* Update unit-tests for ACME
* Update docs
* Fix identation of whats_new examples
* More updates to docs
* Remove ACME tests. Add check for tlsConfig
* Add ACME section to whats_new docs
* Update docs/whats_new.md
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Update fiber.md
* Update whats_new.md
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* 🔥 feat: Add support for graceful shutdown timeout in Listen
* 📚 doc: update the description of GracefulShutdownTimeout
* ♻️refact: use require.ErrorIs instead of require.Equal
* fix: Target error should be in err chain by using fasthttputil.ErrInmemoryListenerClosed
* ♻️refact: use require.ErrorIs instead of require.Equal
* 📚doc: update the description of GracefulShutdownTimeout
* ♻️refact: rename GracefulShutdownTimeout to ShutdownTimeout
* 🩹fix: set default ShutdownTimeout to 10s
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
* 🔥 Feature: Add SendStreamWriter to Ctx
Create a new `*DefaultCtx` method called `SendStreamWriter()`
that maps to fasthttp's `Response.SetBodyStreamWriter()`
* 🚨 Test: Validate regular use of c.SendStreamWriter()
- Adds Test_Ctx_SendStreamWriter to ctx_test.go
* 🚨 Test: (WIP) Validate interrupted use of c.SendStreamWriter()
- Adds Test_Ctx_SendStreamWriter_Interrupted to ctx_test.go
- (Work-In-Progress) This test verifies that some data is
still sent before a client disconnects when using the method
`c.SendStreamWriter()`.
**Note:** Running this test reports a race condition when using
the `-race` flag or running `make test`. The test uses a channel
and mutex to prevent race conditions, but still triggers a warning.
* 📚 Doc: Add `SendStreamWriter` to docs/api/ctx.md
* 🩹 Fix: Remove race condition in Test_Ctx_SendStreamWriter_Interrupted
* 🎨 Styles: Update ctx_test.go to respect golangci-lint
* 📚 Doc: Update /docs/api/ctx.md to show proper `w.Flush()` error handling
* 📚 Doc: Add SendStreamWriter details to docs/whats_new.md
* 🎨 Styles: Update /docs/whats_new.md to respect markdownlint-cli2
* 🩹 Fix: Fix Fprintf syntax error in docs/whats_new.md
---------
Co-authored-by: M. Efe Çetin <efectn@protonmail.com>
* Fix nil pointer dereference with Must Bind binding error
if err is nil err.Error() panics
(eg. c.Bind().Must().JSON(...) successfully binds but panics
* Added returnErr test
make sure returnErr works with nil error
* Reordered returnErr nil check
as in majority of cases we expect err to be nil, this should provide better short-cutting
* Use require.NoError
* Update bind_test.go
* Renamed Must to WithAutoHandling
* Update bind.md
Added a requested clarification
* renamed Should to WithoutAutoHandling and Bind.should to Bind.dontHandle
* renamed dontHandle to dontHandleErrs
* fixed formatting
* fixed a typo
* Update binder documentation
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
* 🔥 Feature: Add thread-safe reading from a closed testConn
* 🔥 Feature: Add TestConfig to app.Test()
This commit is summarized as:
- Add the struct `TestConfig` as a parameter for `app.Test()` instead of `timeout`
- Add documentation of `TestConfig` to docs/api/app.md and in-line
- Modify middleware to use `TestConfig` instead of the previous implementation
Fixes#3149
* 📚 Doc: Add more details about TestConfig in docs
* 🩹 Fix: Correct testConn tests
- Fixes Test_Utils_TestConn_Closed_Write
- Fixes missing regular write test
* 🎨 Style: Respect linter in Add App Test Config
* 🎨 Styles: Update app.go to respect linter
* ♻️ Refactor: Rename TestConfig's ErrOnTimeout to FailOnTimeout
- Rename TestConfig.ErrOnTimeout to TestConfig.FailOnTimeout
- Update documentation to use changed name
- Also fix stale documentation about passing Timeout as a
single argument
* 🩹 Fix: Fix typo in TestConfig struct comment in app.go
* ♻️ Refactor: Change app.Test() fail on timeouterror to os.ErrDeadlineExceeded
* ♻️ Refactor:Update middleware that use the same TestConfig to use a global variable
* 🩹 Fix: Update error from FailOnTimeout to os.ErrDeadlineExceeded in tests
* 🩹 Fix: Remove errors import from middlware/proxy/proxy_test.go
* 📚 Doc: Add `app.Test()` config changes to docs/whats_new.md
* ♻ Refactor: Change app.Test() and all uses to accept 0 as no timeout instead of -1
* 📚 Doc: Add TestConfig option details to docs/whats_new.md
* 🎨 Styles: Update docs/whats_new.md to respect markdown-lint
* 🎨 Styles: Update docs/whats_new.md to use consistent style for TestConfig options description
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
* Rename UserContext() to Context(). Rename Context() to RequestCtx()
* Update Ctxt docs and What's new
* Remove extra blank lines
---------
Co-authored-by: M. Efe Çetin <efectn@protonmail.com>
* feat: add rebuild tree method
* docs: add newline at the end of app.md
* docs: add an example of dynamic defined routes
* docs: remove tabs from example code on app.md
* Update docs/api/app.md
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Update app.md
* docs: add RebuildTree to what's new documentation
* fix: markdown errors in documentation
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* refactor: add mutex lock to the addRoute function
* refactor: remove mutex lock from addRoute
* refactor: fix mutex deadlock in addRoute
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Add support for consistent documentation using markdownlint
* Only run workflow during changes to markdown files
* Fix more inconsistencies
* Fixes to markdown under .github/
* More fixes
* Apply suggestions from code review
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Fix typo in limiter docs
* Add missing space before code-block
* Add check for dead-links
* Add write-good
* Remove legacy README files
* Fix glob for skipping .md files
* Use paths-ignore instead
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* docs: Improve ctx.Locals method description, godoc and example
* docs: Update ctx.md to use value receiver for fiber.Ctx in app.Use and app.Get
* chore: Update userKey type in ctx.md
* docs: Update ctx.md
* chore: Add description for Locals method in Ctx interface
* docs: add docs for new client
* Add docs for client hooks
* Add docs for client examples
* Some fixes.
* docs: add docs for new client
* docs: add docs for new client
* Add more examples for methods
* Update docs/client/examples.md
Co-authored-by: Jason McNeil <sixcolors@mac.com>
* Add one more example for cookiejar
* apply review
* apply review
* apply review
* docs: add docs for new client
* docs: add docs for new client
---------
Co-authored-by: René <rene@gofiber.io>
Co-authored-by: Jason McNeil <sixcolors@mac.com>
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* [v3 Maintenance]: Consolidate and Document Core Changes in v3
* fix(middleware/cors): Config, lists as list types.
Improve insecure config error text.
* chore: Add tests for CORS preflight requests with Access-Control-Request-Headers
* test(middleware/cors): explicit wildcard in test
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
* Update pull_request_template.md
* Update v3-changes.md
* Update CONTRIBUTING.md (#2752)
Grammar correction.
* chore(encryptcookie)!: update default config (#2753)
* chore(encryptcookie)!: update default config
docs(encryptcookie): enhance documentation and examples
BREAKING CHANGE: removed the hardcoded "csrf_" from the Except.
* docs(encryptcookie): reads or modifies cookies
* chore(encryptcookie): csrf config example
* docs(encryptcookie): md table spacing
* build(deps): bump actions/setup-go from 4 to 5 (#2754)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* 🩹 middleware/logger/: log client IP address by default (#2755)
* middleware/logger: Log client IP address by default.
* Update doc.
* fix: don't constrain middlewares' context-keys to strings 🐛 (#2751)
* Revert "Revert "🐛 requestid.Config.ContextKey is interface{} (#2369)" (#2742)"
This reverts commit 28be17f929.
* fix: request ContextKey default value condition
Should check for `nil` since it is `any`.
* fix: don't constrain middlewares' context-keys to strings
`context` recommends using "unexported type" as context keys to avoid
collisions https://pkg.go.dev/github.com/gofiber/fiber/v2#Ctx.Locals.
The official go blog also recommends this https://go.dev/blog/context.
`fiber.Ctx.Locals(key any, value any)` correctly allows consumers to
use unexported types or e.g. strings.
But some fiber middlewares constrain their context-keys to `string` in
their "default config structs", making it impossible to use unexported
types.
This PR removes the `string` _constraint_ from all middlewares, allowing
to now use unexported types as per the official guidelines. However
the default value is still a string, so it's not a breaking change, and
anyone still using strings as context keys is not affected.
* 📚 Update app.md for indentation (#2761)
Update app.md for indentation
* build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2762)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump github/codeql-action from 2 to 3 (#2763)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Changing default log output (#2730)
changing default log output
Closes#2729
* Update hooks.md
fix wrong hooks signature
* 🩹 Fix: CORS middleware should use the defined AllowedOriginsFunc config when AllowedOrigins is empty (#2771)
* 🐛 [Bug]: Adaptator + otelfiber issue #2641 (#2772)
* 🩹🚨 - fix for redirect with query params (#2748)
* redirect with query params did not work, fix it and add test for it
* redirect middleware - fix test typo
* ♻️ logger/middleware colorize logger error message #2593 (#2773)
* ✨ feat: add liveness and readiness checks (#2509)
* ✨ feat: add liveness and readiness checkers
* 📝 docs: add docs for liveness and readiness
* ✨ feat: add options method for probe checkers
* ✅ tests: add tests for liveness and readiness
* ♻️ refactor: change default endpoint values
* ♻️ refactor: change default value for liveness endpoint
* 📝 docs: add return status for liveness and readiness probes
* ♻️ refactor: change probechecker to middleware
* 📝 docs: move docs to middleware session
* ♻️ refactor: apply gofumpt formatting
* ♻️ refactor: remove unused parameter
* split config and apply a review
* apply reviews and add testcases
* add benchmark
* cleanup
* rename middleware
* fix linter
* Update docs and config values
* Revert change to IsReady
* Updates based on code review
* Update docs to match other middlewares
---------
Co-authored-by: Muhammed Efe Cetin <efectn@protonmail.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
* prepare release v2.52.0
- add more Parser tests
* fix healthcheck.md
* configure workflows for V2 branch
* configure workflows for V2 branch
* Fix default value to false in docs of QueryBool (#2811)
fix default value to false in docs of QueryBool
* update queryParser config
* Update ctx.md
* Update routing.md
* 📚 Doc: Fix code snippet indentation in /docs/api/middleware/keyauth.md
Removes an an extra level of indentation in line 51 of
`keyauth.md` [here](https://github.com/gofiber/fiber/blob/v2/docs/api/middleware/keyauth.md?plain=1#L51)
* fix: healthcheck middleware not working with route group (#2863)
* fix: healthcheck middleware not working with route group
* perf: change verification method to improve perf
* Update healthcheck_test.go
* test: add not matching route test for strict routing
* add more test cases
* correct tests
* correct test helpers
* correct tests
* correct tests
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: René Werner <rene@gofiber.io>
* Merge pull request from GHSA-fmg4-x8pw-hjhg
* Enforce Wildcard Origins with AllowCredentials check
* Expand unit-tests, fix issues with subdomains logic, update docs
* Update cors.md
* Added test using localhost, ipv4, and ipv6 address
* improve documentation markdown
---------
Co-authored-by: René Werner <rene@gofiber.io>
* Update app.go
prepare release v2.52.1
* fix cors domain normalize
* fix sync-docs workflow
* fix sync-docs workflow
* fix(middleware/cors): Validation of multiple Origins (#2883)
* fix: allow origins check
Refactor CORS origin validation and normalization to trim leading or trailing whitespace in the cfg.AllowOrigins string [list]. URLs with whitespace inside the URL are invalid, so the normalizeOrigin will return false because url.Parse will fail, and the middleware will panic.
fixes#2882
* test: AllowOrigins with whitespace
* test(middleware/cors): add benchmarks
* chore: fix linter errors
* test(middleware/cors): use h() instead of app.Test()
* test(middleware/cors): add miltiple origins in Test_CORS_AllowOriginScheme
* chore: refactor validate and normalize
* test(cors/middleware): add more benchmarks
* prepare release v2.52.2
* refactor(docs): deactivate docs sync for v2
* refactor(docs): deactivate docs sync for v2
* fix(middleware/cors): Handling and wildcard subdomain matching (#2915)
* fix: allow origins check
Refactor CORS origin validation and normalization to trim leading or trailing whitespace in the cfg.AllowOrigins string [list]. URLs with whitespace inside the URL are invalid, so the normalizeOrigin will return false because url.Parse will fail, and the middleware will panic.
fixes#2882
* test: AllowOrigins with whitespace
* test(middleware/cors): add benchmarks
* chore: fix linter errors
* test(middleware/cors): use h() instead of app.Test()
* test(middleware/cors): add miltiple origins in Test_CORS_AllowOriginScheme
* chore: refactor validate and normalize
* test(cors/middleware): add more benchmarks
* fix(middleware/cors): handling and wildcard subdomain matching
docs(middleware/cors): add How it works and Security Considerations
* chore: grammar
* Apply suggestions from code review
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* chore: fix misspelling
* test(middleware/cors): combine Invalid_Origins tests
* refactor(middleware/cors): headers handling
* docs(middleware/cors): Update AllowOrigins description
* chore: merge
* perf(middleware/cors): optimize handler
* perf(middleware/cors): optimize handler
* chore(middleware/cors): ipdate origin handling logic
* chore(middleware/cors): fix header capitalization
* docs(middleware/cors): improve sercuity notes
* docs(middleware/cors): Improve security notes
* docs(middleware/cors): improve CORS overview
* docs(middleware/cors): fix ordering of how it works
* docs(middleware/cors): add additional info to How to works
* docs(middleware/cors): rm space
* docs(middleware/cors): add validation for AllowOrigins origins to overview
* docs(middleware/cors): update ExposeHeaders and MaxAge descriptions
* docs(middleware/cors): Add dynamic origin validation example
* docs(middleware/cors): Improve security notes and fix header capitalization
* docs(middleware/cors): configuration examples
* docs(middleware/cors): `"*"`
---------
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* fix(middleware/cors): Categorize requests correctly (#2921)
* fix(middleware/cors): categorise requests correctly
* test(middleware/cors): improve test coverage for request types
* test(middleware/cors): Add subdomain matching tests
* test(middleware/cors): parallel tests for CORS headers based on request type
* test(middleware/cors): Add benchmark for CORS subdomain matching
* test(middleware/cors): cover additiona test cases
* refactor(middleware/cors): origin validation and normalization
* test(middleware/csrf): Fix Benchmark Tests (#2932)
* test(middleware/csrf): fix Benchmark_Middleware_CSRF_*
* fix(middleware/csrf): update refererMatchesHost()
* Prepare release v2.52.3
* fix(middleware/cors): CORS handling (#2937)
* fix(middleware/cors): CORS handling
* fix(middleware/cors): Vary header handling
* test(middleware/cors): Ensure Vary Headers checked
* fix(middleware/cors): Vary header handling non-cors OPTIONS requests (#2939)
* fix(middleware/cors): Vary header handling non-cors OPTIONS requests
* chore(middleware/cors): Add Vary header for non-CORS OPTIONS requests comment
* prepare release v2.52.4
* merge v2 in main(v3)
* merge v2 in main(v3)
* merge v2 in main(v3)
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: tokelo-12 <113810058+tokelo-12@users.noreply.github.com>
Co-authored-by: Jason McNeil <sixcolors@mac.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: iRedMail <2048991+iredmail@users.noreply.github.com>
Co-authored-by: Benjamin Grosse <ste3ls@gmail.com>
Co-authored-by: Mehmet Firat KOMURCU <mehmetfiratkomurcu@hotmail.com>
Co-authored-by: Bruno <bdm2943@icloud.com>
Co-authored-by: Muhammad Kholid B <muhammadkholidb@gmail.com>
Co-authored-by: gilwo <gilwo@users.noreply.github.com>
Co-authored-by: Lucas Lemos <lucashenriqueblemos@gmail.com>
Co-authored-by: Muhammed Efe Cetin <efectn@protonmail.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
Co-authored-by: Jongmin Kim <kjongmin26@gmail.com>
Co-authored-by: Giovanni Rivera <rivera.giovanni271@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Add support for Access-Control-Allow-Private-Network in CORS middleware
* Access-Control-Allow-Private-Network in CORS middleware documentation update
* Access-Control-Allow-Private-Network in CORS middleware tests
* Fix lint issues
* Fix formatting
* Rename config option, add more unit-tests
* Fix syntax issue
* Fix conditional
* Fix formatting, add more unit-tests
* chore(middleware/cors): Update middleware/cors/cors.go
* chore(middleware/cors): add HeaderAccessControlRequestPrivateNetowkr
* test(middleware/cors): fix CORS headers
* docs(middleware/cors): table order and alignment
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
Co-authored-by: Jason McNeil <sixcolors@mac.com>
* feature: implement generic params function
* update: add ctx generic params benchmark function
* fix: fix linter errors on boolean types
* fix: fix linter errors on float variable types
* tests: add Test_Params_TypeAssertFail
Co-authored-by: Jason McNeil <sixcolors@mac.com>
* Update ctx_test.go
* typo: change genericType typo to GenericType in documents
* remove ParamsInt method and rewrite Params method
* add genericParseType tests and benchmarks and simplify genericQuery and genericParams tests and benchmarks
* added GetReqHeader generic function
* added tests for params generic function
* add tests for GetReqHeader generic function
* added GetReqHeader generic function
* Revert "added GetReqHeader generic function"
This reverts commit a63cebb712.
* fix tests and benchamarks of generic tests
* added default value to array test genericParse
* fix Params generic function on default value and fixes some tests and typos
* remove Test_Params_TypeAssertFail function(it didn't panic anyway)
* fix bad usage on parallel tests
* add convert function
* fix generic tests
* fix fail tests on use parallel multiple time
* fix typo on params comment section
* remove pointer refer on Convert
* update generic benchmarks
* reslove conflicts1
* add specific tests to integer and unsigned integer
generic parser
* fix typo on Convert document
* change uint tests of Test_genericParseTypeInts
* move generic types to utils.go file and change
bitsize of int value type to 0
* update genericParseInt unit tests
* update generic uint tests and pass value type in
check functions
* reverse dependency of Params and genericParams
* update convert docs
---------
Co-authored-by: Jason McNeil <sixcolors@mac.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: RW <rene@gofiber.io>
* 🧹 [v3 Maintenance]: Update docs to reflect fiber.Ctx struct to interface change
Summary:
- Update `Static.Next()` in `/docs/api/app.md` to use the `Ctx` interface
- Update `/docs/api/ctx.md` to use the `Ctx` interface
Related Issues:
#2879
* 🧹 [v3 Maintenance]: Update Ctx struct description to interface
Related Issues:
#2879
* Update pull_request_template.md
* Update v3-changes.md
* Update CONTRIBUTING.md (#2752)
Grammar correction.
* chore(encryptcookie)!: update default config (#2753)
* chore(encryptcookie)!: update default config
docs(encryptcookie): enhance documentation and examples
BREAKING CHANGE: removed the hardcoded "csrf_" from the Except.
* docs(encryptcookie): reads or modifies cookies
* chore(encryptcookie): csrf config example
* docs(encryptcookie): md table spacing
* build(deps): bump actions/setup-go from 4 to 5 (#2754)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* 🩹 middleware/logger/: log client IP address by default (#2755)
* middleware/logger: Log client IP address by default.
* Update doc.
* fix: don't constrain middlewares' context-keys to strings 🐛 (#2751)
* Revert "Revert "🐛 requestid.Config.ContextKey is interface{} (#2369)" (#2742)"
This reverts commit 28be17f929.
* fix: request ContextKey default value condition
Should check for `nil` since it is `any`.
* fix: don't constrain middlewares' context-keys to strings
`context` recommends using "unexported type" as context keys to avoid
collisions https://pkg.go.dev/github.com/gofiber/fiber/v2#Ctx.Locals.
The official go blog also recommends this https://go.dev/blog/context.
`fiber.Ctx.Locals(key any, value any)` correctly allows consumers to
use unexported types or e.g. strings.
But some fiber middlewares constrain their context-keys to `string` in
their "default config structs", making it impossible to use unexported
types.
This PR removes the `string` _constraint_ from all middlewares, allowing
to now use unexported types as per the official guidelines. However
the default value is still a string, so it's not a breaking change, and
anyone still using strings as context keys is not affected.
* 📚 Update app.md for indentation (#2761)
Update app.md for indentation
* build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2762)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump github/codeql-action from 2 to 3 (#2763)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Changing default log output (#2730)
changing default log output
Closes#2729
* Update hooks.md
fix wrong hooks signature
* 🩹 Fix: CORS middleware should use the defined AllowedOriginsFunc config when AllowedOrigins is empty (#2771)
* 🐛 [Bug]: Adaptator + otelfiber issue #2641 (#2772)
* 🩹🚨 - fix for redirect with query params (#2748)
* redirect with query params did not work, fix it and add test for it
* redirect middleware - fix test typo
* ♻️ logger/middleware colorize logger error message #2593 (#2773)
* ✨ feat: add liveness and readiness checks (#2509)
* ✨ feat: add liveness and readiness checkers
* 📝 docs: add docs for liveness and readiness
* ✨ feat: add options method for probe checkers
* ✅ tests: add tests for liveness and readiness
* ♻️ refactor: change default endpoint values
* ♻️ refactor: change default value for liveness endpoint
* 📝 docs: add return status for liveness and readiness probes
* ♻️ refactor: change probechecker to middleware
* 📝 docs: move docs to middleware session
* ♻️ refactor: apply gofumpt formatting
* ♻️ refactor: remove unused parameter
* split config and apply a review
* apply reviews and add testcases
* add benchmark
* cleanup
* rename middleware
* fix linter
* Update docs and config values
* Revert change to IsReady
* Updates based on code review
* Update docs to match other middlewares
---------
Co-authored-by: Muhammed Efe Cetin <efectn@protonmail.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
* prepare release v2.52.0
- add more Parser tests
* fix healthcheck.md
* configure workflows for V2 branch
* configure workflows for V2 branch
* Fix default value to false in docs of QueryBool (#2811)
fix default value to false in docs of QueryBool
* update queryParser config
* Update ctx.md
* Update routing.md
* merge v2 in v3
* merge v2 in v3
* lint fixes
* 📚 Doc: Fix code snippet indentation in /docs/api/middleware/keyauth.md
Removes an an extra level of indentation in line 51 of
`keyauth.md` [here](https://github.com/gofiber/fiber/blob/v2/docs/api/middleware/keyauth.md?plain=1#L51)
* fix: healthcheck middleware not working with route group (#2863)
* fix: healthcheck middleware not working with route group
* perf: change verification method to improve perf
* Update healthcheck_test.go
* test: add not matching route test for strict routing
* add more test cases
* correct tests
* correct test helpers
* correct tests
* correct tests
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: René Werner <rene@gofiber.io>
* merge v2 in v3
* Merge pull request from GHSA-fmg4-x8pw-hjhg
* Enforce Wildcard Origins with AllowCredentials check
* Expand unit-tests, fix issues with subdomains logic, update docs
* Update cors.md
* Added test using localhost, ipv4, and ipv6 address
* improve documentation markdown
---------
Co-authored-by: René Werner <rene@gofiber.io>
* Update app.go
prepare release v2.52.1
* fix cors domain normalize
* fix sync-docs workflow
* test: fix failing tests
* fix sync-docs workflow
* test: cors middleware use testify require
* chore: fix lint warnings
* chore: revert test isolation.
* feat: migrate healthchecker to v3
* fix: use Get instead of Use for better router matching
* docs: update docs to v3 info
* fixed the fasthttp ctx race condition problem
* Update middleware/cors/utils.go
Co-authored-by: Renan Bastos <renanbastos.tec@gmail.com>
* fix sync_docs.sh
* fix review comments/hints
* fix review comments/hints
* stabilize Test_Proxy_Timeout_Slow_Server test
* stabilize Test_Proxy_.* tests
* ignore bodyclose linter for tests
use http.NoBody instead of nil
* Add parallel benchmark
* Update healthcheck_test.go
* docs: add comments for next behavior when there are no other handlers defined
* revert(tests): undo http.NoBody usage
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: RW <rene@gofiber.io>
Co-authored-by: tokelo-12 <113810058+tokelo-12@users.noreply.github.com>
Co-authored-by: Jason McNeil <sixcolors@mac.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: iRedMail <2048991+iredmail@users.noreply.github.com>
Co-authored-by: Benjamin Grosse <ste3ls@gmail.com>
Co-authored-by: Mehmet Firat KOMURCU <mehmetfiratkomurcu@hotmail.com>
Co-authored-by: Bruno <bdm2943@icloud.com>
Co-authored-by: Muhammad Kholid B <muhammadkholidb@gmail.com>
Co-authored-by: gilwo <gilwo@users.noreply.github.com>
Co-authored-by: Muhammed Efe Cetin <efectn@protonmail.com>
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: Juan Calderon-Perez <jgcalderonperez@protonmail.com>
Co-authored-by: Jongmin Kim <kjongmin26@gmail.com>
Co-authored-by: Giovanni Rivera <rivera.giovanni271@gmail.com>
Co-authored-by: Renan Bastos <renanbastos.tec@gmail.com>
JIeJaitt
Giovanni Rivera
M. Efe Çetin
ACHMAD IRIANTO EKA PUTRA
Iliya
Jinquan Wang
Kashiwa
Hao Chun Chang
René
Sumit Kumar
ItsMeSamey
Juan Calderon-Perez
xEricL
Santiago Diaz
nexovec
Lucas Lemos
Jason McNeil
Behzad Khokher
Alexandre Negrel
racerole
Serban Marin-Eusebiu
Herman S