Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type BlockEndpointsMismatch ¶ added in v0.11.0
type BlockEndpointsMismatch struct {
// contains filtered or unexported fields
}
BlockEndpointsMismatch blocks SDK requests with a stale endpoints hash.
func NewBlockEndpointsMismatch ¶ added in v0.11.0
func NewBlockEndpointsMismatch(app *core.App) *BlockEndpointsMismatch
NewBlockEndpointsMismatch creates a new endpoints hash mismatch middleware instance.
func (*BlockEndpointsMismatch) Execute ¶ added in v0.11.0
func (b *BlockEndpointsMismatch) Execute(next http.Handler) http.Handler
Execute wraps the next handler with endpoints hash mismatch detection. Rules:
- If not activated, pass through.
- If the request has no hash header, pass through (bootstrap case).
- If the request targets the list-endpoints path, pass through (recovery path).
- If the hash matches, pass through.
- If the hash differs, return an error response.
type BlockHost ¶
type BlockHost struct {
// contains filtered or unexported fields
}
BlockHost blocks requests based on the Host header.
func NewBlockHost ¶
NewBlockHost creates a new Host header blocking middleware instance.
type BlockIp ¶
type BlockIp struct {
// contains filtered or unexported fields
}
The primary goal of this middleware is to act as a simple, robust circuit breaker to try to prevent server collapse, not to be a nuanced, application-aware rate-limiting system (quotas, etc)
func NewBlockIp ¶
NewBlockIp creates a new BlockIp instance with the given cache and logger.
func (*BlockIp) IsBlocked ¶
IsBlocked checks if a given IP address is currently blocked by looking in the cache.
type BlockOversizedRequest ¶ added in v0.13.0
type BlockOversizedRequest struct {
// contains filtered or unexported fields
}
BlockOversizedRequest guards against request flooding and resource exhaustion attacks by enforcing configurable size limits across all major request dimensions:
- URL path length
- Query string length
- Number of headers
- Individual header value length
- Request body size
Checks are applied cheapest-first: the inexpensive string-length and count comparisons run before the lazy body limit (which only triggers on read). A request is rejected as soon as any single limit is exceeded, so the remaining checks are skipped entirely.
All rejections return the appropriate HTTP status code:
- 414 URI Too Long — URL path or query string exceeds limit
- 431 Request Header Fields Too Large — header count or a single header value exceeds limit
- 413 Content Too Large — body exceeds limit (handled by http.MaxBytesReader)
func NewBlockOversizedRequest ¶ added in v0.13.0
func NewBlockOversizedRequest(app *core.App) *BlockOversizedRequest
NewBlockOversizedRequest creates a new BlockOversizedRequest middleware instance.
func (*BlockOversizedRequest) Execute ¶ added in v0.13.0
func (b *BlockOversizedRequest) Execute(next http.Handler) http.Handler
Execute wraps the next handler with multi-dimensional request size limiting logic.
The check order is intentionally cheapest-first to fail fast with minimal work:
- URL path length — single len() call on a string already in memory
- Query string length — same cost as path check
- Header count — single len() call on the header map
- Header value lengths — O(n) over header map entries; slightly more work but still CPU-bound and done entirely in memory
- Body limit — delegated to http.MaxBytesReader, which is lazy: it only fires when the handler (or a decoder downstream) actually reads r.Body. This must be set before calling next.ServeHTTP so it is in place for whoever reads the body first.
type BlockUaList ¶
type BlockUaList struct {
// contains filtered or unexported fields
}
BlockUaList handles blocking requests based on User-Agent header matching a regex.
func NewBlockUaList ¶
func NewBlockUaList(app *core.App) *BlockUaList
NewBlockUaList creates a new User-Agent block list middleware instance.
type Maintenance ¶
type Maintenance struct {
// contains filtered or unexported fields
}
Maintenance handles serving a maintenance page based on configuration.
func NewMaintenance ¶
func NewMaintenance(app *core.App) *Maintenance
NewMaintenance creates a new maintenance middleware instance. It requires the core App instance to access configuration.
type Metrics ¶
type Metrics struct {
// contains filtered or unexported fields
}
Metrics is a Go middleware for collecting HTTP request metrics.
func NewMetrics ¶
NewMetrics creates a new Metrics instance. It registers a Prometheus counter vector for tracking requests by status code. This function will panic if metric registration fails (e.g., due to a name collision with an incompatible metric type or other registration errors).
type Recorder ¶
type Recorder struct {
// contains filtered or unexported fields
}
func NewRecorder ¶
type RequestLog ¶
type RequestLog struct {
// contains filtered or unexported fields
}
RequestLog is middleware that logs HTTP request details
func NewRequestLog ¶
func NewRequestLog(app *core.App) *RequestLog
NewRequestLog creates a new request logging middleware instance
type TLSHeaderSTS ¶
type TLSHeaderSTS struct{}
func NewTLSHeaderSTS ¶
func NewTLSHeaderSTS() *TLSHeaderSTS