Documentation
¶
Overview ¶
Package pprof provides a middleware that exposes Go runtime profiling data via the standard net/http/pprof handlers.
The middleware intercepts requests under a configurable prefix (default "/debug/pprof") and dispatches to the matching pprof handler. Non-matching requests pass through to the next handler with zero overhead.
Security ¶
By default, access is restricted to loopback addresses (127.0.0.1, ::1) via Config.AuthFunc. This uses the raw TCP peer address, NOT X-Forwarded-For. Behind a reverse proxy, set AuthFunc to a scheme that does not rely on RemoteAddr (e.g., shared secret header).
Profiling endpoints expose sensitive runtime internals. Never expose them publicly in production without proper authentication.
Endpoints ¶
All endpoints are relative to the configured prefix:
{prefix}/ — index page listing available profiles
{prefix}/cmdline — command-line arguments
{prefix}/profile — CPU profile (accepts ?seconds=N)
{prefix}/symbol — symbol lookup
{prefix}/trace — execution trace (accepts ?seconds=N)
{prefix}/allocs — allocation profile
{prefix}/block — block profile
{prefix}/goroutine — goroutine stacks
{prefix}/heap — heap profile
{prefix}/mutex — mutex contention profile
{prefix}/threadcreate — thread creation profile
Ordering ¶
Place pprof after the debug middleware in the middleware chain. Since pprof intercepts by path prefix, it can be installed at any position, but placing it after debug avoids shadowing debug endpoints when both share the /debug/ prefix namespace.
Basic usage ¶
server.Use(pprof.New())
Custom AuthFunc ¶
server.Use(pprof.New(pprof.Config{
AuthFunc: func(c *celeris.Context) bool {
return c.Header("x-pprof-token") == os.Getenv("PPROF_TOKEN")
},
}))
Skipping ¶
Use Config.Skip for dynamic skip logic or Config.SkipPaths for exact-match path exclusions. Skipped requests call c.Next() without invoking the auth check or serving profiles.
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func New ¶
func New(config ...Config) celeris.HandlerFunc
New creates a pprof middleware with the given config.
Example ¶
package main
import (
"github.com/goceleris/celeris"
"github.com/goceleris/celeris/middleware/pprof"
)
func main() {
server := celeris.New(celeris.Config{})
// Default config: loopback-only access at /debug/pprof.
server.Use(pprof.New())
}
Output:
Example (CustomPrefix) ¶
package main
import (
"github.com/goceleris/celeris"
"github.com/goceleris/celeris/middleware/pprof"
)
func main() {
server := celeris.New(celeris.Config{})
server.Use(pprof.New(pprof.Config{
Prefix: "/profiling",
}))
}
Output:
Example (PublicAccess) ¶
package main
import (
"github.com/goceleris/celeris"
"github.com/goceleris/celeris/middleware/pprof"
)
func main() {
server := celeris.New(celeris.Config{})
// Allow all clients (disable loopback-only restriction).
server.Use(pprof.New(pprof.Config{
AuthFunc: func(_ *celeris.Context) bool { return true },
}))
}
Output:
Example (TokenAuth) ¶
package main
import (
"os"
"github.com/goceleris/celeris"
"github.com/goceleris/celeris/middleware/pprof"
)
func main() {
server := celeris.New(celeris.Config{})
// Token-based authentication via environment variable.
server.Use(pprof.New(pprof.Config{
AuthFunc: func(c *celeris.Context) bool {
return c.Header("x-pprof-token") == os.Getenv("PPROF_TOKEN")
},
}))
}
Output:
Types ¶
type Config ¶
type Config struct {
// Skip defines a function to skip this middleware for certain requests.
Skip func(c *celeris.Context) bool
// SkipPaths lists full paths to bypass entirely (exact match).
// Only consulted for requests that match the prefix. Checked before
// authentication and handler dispatch.
SkipPaths []string
// Prefix is the URL path prefix for pprof endpoints.
// Default: "/debug/pprof".
Prefix string
// AuthFunc is an authentication check executed before any pprof endpoint.
// If it returns false, the middleware responds with 403 Forbidden.
// Default: allows only loopback IPs (127.0.0.1 and ::1).
// Set to func(*celeris.Context) bool { return true } to allow public access.
AuthFunc func(c *celeris.Context) bool
}
Config defines the pprof middleware configuration.
Source Files