Minor enhancements/fixes to rewrite directive and template virt req's

This commit is contained in:
Matthew Holt 2019-10-16 15:18:02 -06:00
parent 2f91b44587
commit a458544d9f
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
3 changed files with 27 additions and 7 deletions

View file

@ -25,7 +25,7 @@ Please file issues to propose new features and report bugs, and after the bug or
Requirements: Requirements:
- [Go 1.13 or newer](https://golang.org/dl/) - [Go 1.13 or newer](https://golang.org/dl/)
- Make sure you do not disable [Go modules](https://github.com/golang/go/wiki/Modules) (`export GO111MODULE=auto`) - Do NOT disable [Go modules](https://github.com/golang/go/wiki/Modules) (`export GO111MODULE=auto`)
Download the `v2` source code: Download the `v2` source code:
@ -120,10 +120,10 @@ Caddy 2 can be configured with a Caddyfile, much like in v1, for example:
```plain ```plain
example.com example.com
templates
encode gzip zstd
try_files {path}.html {path} try_files {path}.html {path}
encode gzip zstd
reverse_proxy /api localhost:9005 reverse_proxy /api localhost:9005
php_fastcgi /blog unix//path/to/socket
file_server file_server
``` ```
@ -199,6 +199,7 @@ The following is a non-comprehensive list of significant improvements over Caddy
- TLS Session Ticket Ephemeral Keys (STEKs) can be rotated in a cluster for increased performance (no other web server does this either!) - TLS Session Ticket Ephemeral Keys (STEKs) can be rotated in a cluster for increased performance (no other web server does this either!)
- Ability to select a specific certificate per ClientHello given multiple qualifying certificates - Ability to select a specific certificate per ClientHello given multiple qualifying certificates
- Provide TLS certificates without persisting them to disk; keep private keys entirely in memory - Provide TLS certificates without persisting them to disk; keep private keys entirely in memory
- Certificate management at startup is now asynchronous and much easier to use through machine reboots and in unsupervised settings
- All-new HTTP server core - All-new HTTP server core
- Listeners can be configured for any network type, address, and port range - Listeners can be configured for any network type, address, and port range
- Customizable TLS connection policies - Customizable TLS connection policies
@ -218,6 +219,8 @@ The following is a non-comprehensive list of significant improvements over Caddy
- Done away with URL-rewriting hacks often needed in Caddy 1 - Done away with URL-rewriting hacks often needed in Caddy 1
- Highly descriptive/traceable errors - Highly descriptive/traceable errors
- Very flexible error handling, with the ability to specify a whole list of routes just for error cases - Very flexible error handling, with the ability to specify a whole list of routes just for error cases
- The proxy has numerous improvements, including dynamic backends and more configurable health checks
- FastCGI support integrated with the reverse proxy
- More control over automatic HTTPS: disable entirely, disable only HTTP->HTTPS redirects, disable only cert management, and for certain names, etc. - More control over automatic HTTPS: disable entirely, disable only HTTP->HTTPS redirects, disable only cert management, and for certain names, etc.
- Use Starlark to build custom, dynamic HTTP handlers at request-time - Use Starlark to build custom, dynamic HTTP handlers at request-time
- We are finding that -- on average -- Caddy 2's Starlark handlers are ~1.25-2x faster than NGINX+Lua. - We are finding that -- on average -- Caddy 2's Starlark handlers are ~1.25-2x faster than NGINX+Lua.

View file

@ -31,6 +31,9 @@ func init() {
func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) { func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) {
var rewr Rewrite var rewr Rewrite
for h.Next() { for h.Next() {
if !h.NextArg() {
return nil, h.ArgErr()
}
rewr.URI = h.Val() rewr.URI = h.Val()
if h.NextArg() { if h.NextArg() {
return nil, h.ArgErr() return nil, h.ArgErr()

View file

@ -22,6 +22,7 @@ import (
"net" "net"
"net/http" "net/http"
"path" "path"
"strconv"
"strings" "strings"
"sync" "sync"
@ -79,9 +80,19 @@ func (c templateContext) Include(filename string, args ...interface{}) (template
// are NOT escaped, so you should only include trusted resources. // are NOT escaped, so you should only include trusted resources.
// If it is not trusted, be sure to use escaping functions yourself. // If it is not trusted, be sure to use escaping functions yourself.
func (c templateContext) HTTPInclude(uri string) (template.HTML, error) { func (c templateContext) HTTPInclude(uri string) (template.HTML, error) {
if c.Req.Header.Get(recursionPreventionHeader) == "1" { // prevent virtual request loops by counting how many levels
// deep we are; and if we get too deep, return an error
recursionCount := 1
if numStr := c.Req.Header.Get(recursionPreventionHeader); numStr != "" {
num, err := strconv.Atoi(numStr)
if err != nil {
return "", fmt.Errorf("parsing %s: %v", recursionPreventionHeader, err)
}
if num >= 3 {
return "", fmt.Errorf("virtual request cycle") return "", fmt.Errorf("virtual request cycle")
} }
recursionCount = num + 1
}
buf := bufPool.Get().(*bytes.Buffer) buf := bufPool.Get().(*bytes.Buffer)
buf.Reset() buf.Reset()
@ -91,7 +102,10 @@ func (c templateContext) HTTPInclude(uri string) (template.HTML, error) {
if err != nil { if err != nil {
return "", err return "", err
} }
virtReq.Header.Set(recursionPreventionHeader, "1") virtReq.Host = c.Req.Host
virtReq.Header = c.Req.Header.Clone()
virtReq.Trailer = c.Req.Trailer.Clone()
virtReq.Header.Set(recursionPreventionHeader, strconv.Itoa(recursionCount))
vrw := &virtualResponseWriter{body: buf, header: make(http.Header)} vrw := &virtualResponseWriter{body: buf, header: make(http.Header)}
server := c.Req.Context().Value(caddyhttp.ServerCtxKey).(http.Handler) server := c.Req.Context().Value(caddyhttp.ServerCtxKey).(http.Handler)