contrib/fasthttp
1
0
Fork 0
mirror of https://github.com/valyala/fasthttp.git synced 2026-06-14 15:56:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,698 Commits 3 Branches 81 Tags
a032ec91b1cc69839547d74c95117ecbbb3f736f
Commit Graph

1698 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot] a032ec91b1 chore(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 (#1801) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/net/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-08 08:31:03 +02:00
dependabot[bot] 48359c7be3 chore(deps): bump golang.org/x/crypto from 0.24.0 to 0.25.0 (#1802) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.24.0 to 0.25.0.
- [Commits](https://github.com/golang/crypto/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-08 07:44:40 +02:00
dependabot[bot] 3e028c69cc chore(deps): bump golang.org/x/sys from 0.21.0 to 0.22.0 (#1800) 
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.21.0 to 0.22.0.
- [Commits](https://github.com/golang/sys/compare/v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-05 17:07:12 +02:00
Erik Dubbelboer b4c0b2b47d Validate header values (#1796) 
* Validate header values

Fixes https://github.com/valyala/fasthttp/issues/1794

* Don't allow empty header keys

And improve error handling for bad headers.
 2024-07-03 10:04:04 +02:00
Sniper91 21b235d033 add timeout to proxy connection reading and writing (#1791) 
Co-authored-by: kalmanzhao <kalmanzhao@tencent.com>
 2024-06-19 11:19:46 +02:00
dependabot[bot] b06f4e21d9 chore(deps): bump securego/gosec from 2.19.0 to 2.20.0 (#1776) 
Bumps [securego/gosec](https://github.com/securego/gosec) from 2.19.0 to 2.20.0.
- [Release notes](https://github.com/securego/gosec/releases)
- [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml)
- [Commits](https://github.com/securego/gosec/compare/v2.19.0...v2.20.0)

---
updated-dependencies:
- dependency-name: securego/gosec
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
v1.55.0 		2024-06-14 09:39:33 +02:00
dependabot[bot] 6a7f259017 chore(deps): bump golang.org/x/net from 0.23.0 to 0.26.0 (#1788) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.23.0 to 0.26.0.
- [Commits](https://github.com/golang/net/compare/v0.23.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-14 09:39:01 +02:00
dependabot[bot] 7de6a26de7 chore(deps): bump golang.org/x/crypto from 0.21.0 to 0.24.0 (#1787) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.21.0 to 0.24.0.
- [Commits](https://github.com/golang/crypto/compare/v0.21.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-14 09:28:08 +02:00
dependabot[bot] ea3b903178 chore(deps): bump github.com/klauspost/compress from 1.17.7 to 1.17.9 (#1792) 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.7 to 1.17.9.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.17.7...v1.17.9)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-13 20:31:00 +02:00
Erik Dubbelboer f56f9e4d38 Fix linting issues 2024-06-11 08:42:27 +02:00
Erik Dubbelboer 7b273dc590 Don't allow \r in header names (#1789) 
* Don't allow \r in header names

From RFC 9112:

  A sender MUST NOT generate a bare CR (a CR character not immediately
  followed by LF) within any protocol elements other than the content.
  A recipient of such a bare CR MUST consider that element to be invalid
  or replace each bare CR with SP before processing the element or forwarding
  the message.

net/http seems to completely error on this, so let's do the same.

Fixes https://github.com/valyala/fasthttp/issues/1785

* Validate the full header field
 2024-06-11 08:41:16 +02:00
Oleksandr Redko 9ffdf086e7 test: fix typo (#1790) 2024-06-10 19:08:51 +02:00
Erik Dubbelboer 2909827c57 Fix another flaky test 2024-06-02 12:29:30 +02:00
Erik Dubbelboer e6d9374bea Fix common recurring CI issues (#1784) 2024-06-02 12:08:27 +02:00
Erik Dubbelboer b001a40bea Use FASTHTTP_PREFORK_CHILD env variable to detect child (#1783) 
It's better to use an environment variable as they are more standard.
They way flags are parsed isn't standardized within the Go ecosystem.

Fixes: https://github.com/valyala/fasthttp/issues/1782
 2024-06-02 10:33:50 +02:00
Meng Zhuo 3edfab8225 all: add riscv64 support (#1781) 2024-05-25 17:15:52 +02:00
M. Efe Çetin ee34656bec fs: fix openIndexFile when dirPath is empty string (#1779) 1.54.0 v1.54.0 2024-05-19 15:11:58 +02:00
Erik Dubbelboer f9f213efa6 Prevent OOM when fuzzing 2024-05-18 10:30:23 +02:00
M. Efe Çetin aadadb913a fs: fix GenerateIndexPages when DirFS or embed.FS is used (#1778) 2024-05-18 10:30:01 +02:00
Erik Dubbelboer 8f5b927447 Try to fix oss-fuzz low memory limit again v1.53.0 2024-05-08 09:57:57 +02:00
dependabot[bot] 96b2369966 chore(deps): bump golangci/golangci-lint-action from 5 to 6 (#1774) 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 5 to 6.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v5...v6)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-07 20:23:29 +02:00
Max Denushev 97d456870a feat: add address to tryDial errors (#1763) 
* fix: propagate body stream error to close function (#1743)

* feat: add address in ErrDialTimeout

* feat: add address in any `tryDial` error

* feat: use struct to wrap error with upstream info

* fix: lint

* fix: wrapped Error() method

* docs: add example to ErrDialWithUpstream

* feat: add address in ErrDialTimeout

* feat: add address in any `tryDial` error

* feat: use struct to wrap error with upstream info

* fix: lint

* fix: wrapped Error() method

* docs: add example to ErrDialWithUpstream

* docs: fix example for ErrDialWithUpstream

---------

Co-authored-by: Max Denushev <denushev@tochka.com>
 2024-05-02 08:49:19 +02:00
Limux 091733b08e Implemented what was described by me in #1766. (#1767) 
* Implemented what was described by me in issue#1766.

* fixed linting isssues in fs.go with gofmt -e -d -s

---------

Co-authored-by: Raphael Habichler <raphael.habichler@bmd.at>
 2024-04-29 21:37:39 +02:00
Erik Dubbelboer 105eb3bcd9 Add perIPTLSConn to support MaxConnsPerIP with tls connections 
Otherwise calling RequestCtx.TLSConnectionState() will fail.

Fixes #1770
 2024-04-29 15:17:14 +02:00
Erik Dubbelboer a8fa9c04b4 Don't allow , in host when using Client (#1761) 
When using a url like http://example.com,/ URI will parse "example.com,"
as host. HostClient then splits this by "," into multiple addresses and
will connect to example.com. HostClient splitting the address by "," is
only for direct use, not for use with Client.
 2024-04-29 10:48:09 +02:00
dependabot[bot] 30adc7d046 chore(deps): bump golangci/golangci-lint-action from 4 to 5 (#1769) 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 4 to 5.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-25 18:51:36 +02:00
Max Denushev 57b9352ad1 fix: propagate body stream error to close function (#1743) (#1757) 
* fix: propagate body stream error to close function (#1743)

* fix: http test

* fix: close body stream with error in encoding functions

* fix: lint

---------

Co-authored-by: Max Denushev <denushev@tochka.com>
 2024-04-22 08:45:33 +02:00
Oleksandr Redko e88bd48f45 refactor: do not return error as it is always nil (#1759) 2024-04-21 19:57:04 +02:00
Juan Calderon-Perez d3aa5a15bb Add macos-14 platform, enable shuffle of tests (#1746) 2024-04-10 20:50:02 +02:00
Gürkan Yeşilyurt a77e9c6b79 add support for CHIPS (Cookies Having Independent Partitioned State) (#1752) 
* add support for CHIPS (Cookies Having Independent Partitioned State)

* fix comment lines

* Update cookie.go fix lint error: should omit comparison to bool constant
 2024-04-08 18:23:23 +02:00
dependabot[bot] d3a9c74c92 chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 (#1748) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-04 09:27:34 +01:00
Oleksandr Redko 1c3ba3b2f0 test: replace panic with returning error (#1747) 2024-04-02 17:00:44 +01:00
Oleksandr Redko e28be0c993 fix: panic in ParseIPv4 when len(dst) > 4 (#1742) 2024-03-29 14:11:50 +01:00
Oleksandr Redko 9c3915b1fc test: remove redundant error check (#1741) 2024-03-28 21:34:02 +01:00
Oleksandr Redko bbc7bd04e2 refactor: rename error local variables (#1738) 2024-03-25 14:30:27 +01:00
Erik Dubbelboer 222c0bf01b Update deps 2024-03-06 11:13:58 +01:00
Oleksandr Redko 7e1fb71854 Enable perfsprint linter; fix up lint issues (#1727) 2024-03-02 16:21:23 +01:00
Oleksandr Redko bdd459ab0e test: remove //nolint:govet comments (#1729) 2024-03-02 16:19:52 +01:00
Oleksandr Redko 3166afd835 Enable few gocritic checks; fix up issues (#1728) 2024-03-02 16:19:05 +01:00
dependabot[bot] 9c69feae53 chore(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 (#1725) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.19.0 to 0.20.0.
- [Commits](https://github.com/golang/crypto/compare/v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-27 11:05:12 +01:00
Co1a 5f81476d7c feat:support zstd compress and uncompressed (#1701) 
* feat:support zstd compress and uncompressed

* fix:real & stackless write using different pool to avoid get stackless.writer

* fix:zstd normalize compress level

* Change empty string checks to be more idiomatic (#1684)

* chore:lint fix and rebase with master

* chore:remove 1.18 test & upgrade compress version

* fix:error default compress level

* Fix lint

---------

Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
 2024-02-21 07:21:52 +01:00
Erik Dubbelboer 4c326e8f6c Limit memory for fuzz testing 
CIFuzz has low memory limits that we keep hitting without there being an
issue.
 2024-02-21 06:02:19 +01:00
Oleksandr Redko 190204cf1a Upgrade golangci-lint to v1.56.2; fix gocritic issues (#1722) 2024-02-21 05:51:28 +01:00
Oleksandr Redko a537e47bfb Remove unnecessary build tag go1.21 (#1721) 2024-02-21 05:49:39 +01:00
gilwo aefd080674 adaptor ResponseWriter - adding Hijack method and pass proper fields (#1525) 
* adding hijack method and pass proper fields

* adding hijack method and pass proper fields - adding tests

* improve hijack handling, use proper test for hijacking

* extend hijackhandler propogation to NewFastHTTPHandlerFunc

* align hijacking of fasthttp adaptor net request with fasthttp request, safe conn handling for proper release of resources and custom hijack handler for more controlled by hijacking implementation

* Implement actual behaviour of net/http Hijacker

---------

Co-authored-by: Erik Dubbelboer <erik@dubbelboer.com>
 2024-02-17 14:51:38 +08:00
dependabot[bot] 56cb753ff9 chore(deps): bump securego/gosec from 2.18.2 to 2.19.0 (#1720) 
Bumps [securego/gosec](https://github.com/securego/gosec) from 2.18.2 to 2.19.0.
- [Release notes](https://github.com/securego/gosec/releases)
- [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml)
- [Commits](https://github.com/securego/gosec/compare/v2.18.2...v2.19.0)

---
updated-dependencies:
- dependency-name: securego/gosec
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-13 14:22:22 +08:00
Erik Dubbelboer bce576699a Prevent request smuggling (#1719) 
* Prevent request smuggling

Prevent request smuggling when fasthttp is behind a reverse proxy that
might interprets headers differently by being stricter. Should also
prevent request smuggling when fasthttp is used as the reverse proxy.

* Make header value comparison case-insensitive
v1.52.0 		2024-02-11 08:08:56 +01:00
Erik Dubbelboer 3327266342 Follow RFCs 7230 and 9112 for HTTP versions (#1710) 
Require that HTTP versions match the following pattern: HTTP/[0-9]\.[0-9]
 2024-02-11 07:55:31 +01:00
Erik Dubbelboer a8cb5d535f Bump dependencies (#1718) 2024-02-10 11:04:07 +01:00
Erik Dubbelboer 82bc7c48bd bump securego/gosec from 2.17.0 to 2.18.2 2024-02-10 10:45:52 +01:00