prerouter

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 22, 2026 License: MIT Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetClientIP

func GetClientIP(r *http.Request) string

dummy TODO

func RemoteIP

func RemoteIP(r *http.Request) string

RemoteIP returns the normalized IP address from the request. It attempts to parse the IP from the host-port combination and falls back to the raw RemoteAddr if parsing fails at any stage.

Types

type BlockEndpointsMismatch added in v0.11.0

type BlockEndpointsMismatch struct {
	// contains filtered or unexported fields
}

BlockEndpointsMismatch blocks SDK requests with a stale endpoints hash.

func NewBlockEndpointsMismatch added in v0.11.0

func NewBlockEndpointsMismatch(app *core.App) *BlockEndpointsMismatch

NewBlockEndpointsMismatch creates a new endpoints hash mismatch middleware instance.

func (*BlockEndpointsMismatch) Execute added in v0.11.0

func (b *BlockEndpointsMismatch) Execute(next http.Handler) http.Handler

Execute wraps the next handler with endpoints hash mismatch detection. Rules:

  • If not activated, pass through.
  • If the request has no hash header, pass through (bootstrap case).
  • If the request targets the list-endpoints path, pass through (recovery path).
  • If the hash matches, pass through.
  • If the hash differs, return an error response.

type BlockHost

type BlockHost struct {
	// contains filtered or unexported fields
}

BlockHost blocks requests based on the Host header.

func NewBlockHost

func NewBlockHost(app *core.App) *BlockHost

NewBlockHost creates a new Host header blocking middleware instance.

func (*BlockHost) Execute

func (b *BlockHost) Execute(next http.Handler) http.Handler

Execute wraps the next handler with Host header blocking logic.

type BlockIp

type BlockIp struct {
	// contains filtered or unexported fields
}

The primary goal of this middleware is to act as a simple, robust circuit breaker to try to prevent server collapse, not to be a nuanced, application-aware rate-limiting system (quotas, etc)

func NewBlockIp

func NewBlockIp(app *core.App) *BlockIp

NewBlockIp creates a new BlockIp instance with the given cache and logger.

func (*BlockIp) Block

func (b *BlockIp) Block(ip string) error

Block adds the given IP to the block list.

func (*BlockIp) Execute

func (b *BlockIp) Execute(next http.Handler) http.Handler

func (*BlockIp) IsBlocked

func (b *BlockIp) IsBlocked(ip string) bool

IsBlocked checks if a given IP address is currently blocked by looking in the cache.

func (*BlockIp) IsEnabled

func (b *BlockIp) IsEnabled() bool

IsEnabled checks if the IP blocking feature is enabled based on configuration. Placeholder implementation: always returns true.

func (*BlockIp) Process

func (b *BlockIp) Process(ip string) error

Process passes the IP to the underlying TopK sketch for tracking and potential blocking. It processes the IP using the sketch and potentially triggers blocking. Returns an error if the processing itself fails (unlikely here).

type BlockOversizedRequest added in v0.13.0

type BlockOversizedRequest struct {
	// contains filtered or unexported fields
}

BlockOversizedRequest guards against request flooding and resource exhaustion attacks by enforcing configurable size limits across all major request dimensions:

  • URL path length
  • Query string length
  • Number of headers
  • Individual header value length
  • Request body size

Checks are applied cheapest-first: the inexpensive string-length and count comparisons run before the lazy body limit (which only triggers on read). A request is rejected as soon as any single limit is exceeded, so the remaining checks are skipped entirely.

All rejections return the appropriate HTTP status code:

  • 414 URI Too Long — URL path or query string exceeds limit
  • 431 Request Header Fields Too Large — header count or a single header value exceeds limit
  • 413 Content Too Large — body exceeds limit (handled by http.MaxBytesReader)

func NewBlockOversizedRequest added in v0.13.0

func NewBlockOversizedRequest(app *core.App) *BlockOversizedRequest

NewBlockOversizedRequest creates a new BlockOversizedRequest middleware instance.

func (*BlockOversizedRequest) Execute added in v0.13.0

func (b *BlockOversizedRequest) Execute(next http.Handler) http.Handler

Execute wraps the next handler with multi-dimensional request size limiting logic.

The check order is intentionally cheapest-first to fail fast with minimal work:

  1. URL path length — single len() call on a string already in memory
  2. Query string length — same cost as path check
  3. Header count — single len() call on the header map
  4. Header value lengths — O(n) over header map entries; slightly more work but still CPU-bound and done entirely in memory
  5. Body limit — delegated to http.MaxBytesReader, which is lazy: it only fires when the handler (or a decoder downstream) actually reads r.Body. This must be set before calling next.ServeHTTP so it is in place for whoever reads the body first.

type BlockUaList

type BlockUaList struct {
	// contains filtered or unexported fields
}

BlockUaList handles blocking requests based on User-Agent header matching a regex.

func NewBlockUaList

func NewBlockUaList(app *core.App) *BlockUaList

NewBlockUaList creates a new User-Agent block list middleware instance.

func (*BlockUaList) Execute

func (b *BlockUaList) Execute(next http.Handler) http.Handler

type Maintenance

type Maintenance struct {
	// contains filtered or unexported fields
}

Maintenance handles serving a maintenance page based on configuration.

func NewMaintenance

func NewMaintenance(app *core.App) *Maintenance

NewMaintenance creates a new maintenance middleware instance. It requires the core App instance to access configuration.

func (*Maintenance) Execute

func (m *Maintenance) Execute(next http.Handler) http.Handler

Execute wraps the next handler with maintenance mode logic.

type Metrics

type Metrics struct {
	// contains filtered or unexported fields
}

Metrics is a Go middleware for collecting HTTP request metrics.

func NewMetrics

func NewMetrics(app *core.App) *Metrics

NewMetrics creates a new Metrics instance. It registers a Prometheus counter vector for tracking requests by status code. This function will panic if metric registration fails (e.g., due to a name collision with an incompatible metric type or other registration errors).

func (*Metrics) Execute

func (m *Metrics) Execute(next http.Handler) http.Handler

Execute is the middleware handler function that wraps the next http.Handler to collect metrics.

type Recorder

type Recorder struct {
	// contains filtered or unexported fields
}

func NewRecorder

func NewRecorder(app *core.App) *Recorder

func (*Recorder) Execute

func (r *Recorder) Execute(next http.Handler) http.Handler

RecorderMiddleware initializes the shared recorder at the beginning of the chain

type RequestLog

type RequestLog struct {
	// contains filtered or unexported fields
}

RequestLog is middleware that logs HTTP request details

func NewRequestLog

func NewRequestLog(app *core.App) *RequestLog

NewRequestLog creates a new request logging middleware instance

func (*RequestLog) Execute

func (r *RequestLog) Execute(next http.Handler) http.Handler

Execute wraps the next handler with request logging

type TLSHeaderSTS

type TLSHeaderSTS struct{}

func NewTLSHeaderSTS

func NewTLSHeaderSTS() *TLSHeaderSTS

func (*TLSHeaderSTS) Execute

func (m *TLSHeaderSTS) Execute(next http.Handler) http.Handler

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL