mirror/caddy-waf
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/caddy-waf.git synced 2026-02-23 17:56:55 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirror:main
Branches Tags
mirror:main mirror:dependabot/go_modules/go_modules-6d0b433f6b mirror:copilot/fix-50
mirror:v0.3.0 mirror:v0.2.0 mirror:v0.1.6 mirror:v0.1.5 mirror:v0.1.4 mirror:v0.1.3 mirror:v0.1.2 mirror:v0.1.0 mirror:v0.0.9 mirror:v0.0.8 mirror:v0.0.7 mirror:v0.0.6 mirror:v0.0.5 mirror:v0.0.4 mirror:v0.0.3
..
compare: mirror:dependabot/go_modules/go_modules-6d0b433f6b
Branches Tags
mirror:main mirror:dependabot/go_modules/go_modules-6d0b433f6b mirror:copilot/fix-50
mirror:v0.3.0 mirror:v0.2.0 mirror:v0.1.6 mirror:v0.1.5 mirror:v0.1.4 mirror:v0.1.3 mirror:v0.1.2 mirror:v0.1.0 mirror:v0.0.9 mirror:v0.0.8 mirror:v0.0.7 mirror:v0.0.6 mirror:v0.0.5 mirror:v0.0.4 mirror:v0.0.3

1 Commits
main ... dependabot

Author SHA1 Message Date
dependabot[bot]
b3a18594f7 build(deps): bump github.com/slackhq/nebula 
Bumps the go_modules group with 1 update in the / directory: [github.com/slackhq/nebula](https://github.com/slackhq/nebula).


Updates `github.com/slackhq/nebula` from 1.9.7 to 1.10.3
- [Release notes](https://github.com/slackhq/nebula/releases)
- [Changelog](https://github.com/slackhq/nebula/blob/master/CHANGELOG.md)
- [Commits](https://github.com/slackhq/nebula/compare/v1.9.7...v1.10.3)

---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
  dependency-version: 1.10.3
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 20:06:49 +00:00
5 changed files with 23 additions and 23 deletions
Expand all files Collapse all files

12
caddywaf.go
View File

@@ -49,7 +49,7 @@ var (
)
// Add or update the version constant as needed
const wafVersion = "v0.3.0" // update this value to the new release version when tagging
const wafVersion = "v0.2.0" // update this value to the new release version when tagging
// ==================== Initialization and Setup ====================
@@ -498,15 +498,7 @@ func (m *Middleware) loadIPBlacklist(path string, blacklistMap iptrie.Trie) erro
// Convert the map to CIDRTrie
for ip := range blacklist {
var prefix netip.Prefix
var err error
if strings.Contains(ip, "/") {
prefix, err = netip.ParsePrefix(ip)
} else {
prefix, err = netip.ParsePrefix(appendCIDR(ip))
}
prefix, err := netip.ParsePrefix(appendCIDR(ip))
if err != nil {
m.logger.Warn("Skipping invalid IP in blacklist", zap.String("ip", ip), zap.Error(err))
continue

5
go.mod
View File

@@ -18,6 +18,7 @@ require (
cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
cloud.google.com/go/compute/metadata v0.9.0 // indirect
dario.cat/mergo v1.0.2 // indirect
filippo.io/bigmod v0.1.0 // indirect
filippo.io/edwards25519 v1.1.0 // indirect
github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96 // indirect
github.com/BurntSushi/toml v1.5.0 // indirect
@@ -97,8 +98,8 @@ require (
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/shopspring/decimal v1.4.0 // indirect
github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/slackhq/nebula v1.9.7 // indirect
github.com/sirupsen/logrus v1.9.4 // indirect
github.com/slackhq/nebula v1.10.3 // indirect
github.com/smallstep/certificates v0.29.0 // indirect
github.com/smallstep/cli-utils v0.12.2 // indirect
github.com/smallstep/go-attestation v0.4.4-0.20241119153605-2306d5b464ca // indirect

11
go.sum
View File

@@ -16,6 +16,8 @@ cloud.google.com/go/longrunning v0.7.0 h1:FV0+SYF1RIj59gyoWDRi45GiYUMM3K1qO51qob
cloud.google.com/go/longrunning v0.7.0/go.mod h1:ySn2yXmjbK9Ba0zsQqunhDkYi0+9rlXIwnoAf+h+TPY=
dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
filippo.io/bigmod v0.1.0 h1:UNzDk7y9ADKST+axd9skUpBQeW7fG2KrTZyOE4uGQy8=
filippo.io/bigmod v0.1.0/go.mod h1:OjOXDNlClLblvXdwgFFOQFJEocLhhtai8vGLy0JCZlI=
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96 h1:cTp8I5+VIoKjsnZuH8vjyaysT/ses3EvZeaV/1UkF2M=
@@ -288,10 +290,10 @@ github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp
github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME=
github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
github.com/slackhq/nebula v1.9.7 h1:v5u46efIyYHGdfjFnozQbRRhMdaB9Ma1SSTcUcE2lfE=
github.com/slackhq/nebula v1.9.7/go.mod h1:1+4q4wd3dDAjO8rKCttSb9JIVbklQhuJiBp5I0lbIsQ=
github.com/sirupsen/logrus v1.9.4 h1:TsZE7l11zFCLZnZ+teH4Umoq5BhEIfIzfRDZ1Uzql2w=
github.com/sirupsen/logrus v1.9.4/go.mod h1:ftWc9WdOfJ0a92nsE2jF5u5ZwH8Bv2zdeOC42RjbV2g=
github.com/slackhq/nebula v1.10.3 h1:EstYj8ODEcv6T0R9X5BVq1zgWZnyU5gtPzk99QF1PMU=
github.com/slackhq/nebula v1.10.3/go.mod h1:IL5TUQm4x9IFx2kCKPYm1gP47pwd5b8QGnnBH2RHnvs=
github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262 h1:unQFBIznI+VYD1/1fApl1A+9VcBk+9dcqGfnePY87LY=
github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262/go.mod h1:MyOHs9Po2fbM1LHej6sBUT8ozbxmMOFG+E+rx/GSGuc=
github.com/smallstep/certificates v0.29.0 h1:f90szTKYTW62bmCc+qE5doGqIGPVxTQb8Ba37e/K8Zs=
@@ -466,7 +468,6 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220310020820-b874c991c1a5/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

16
handler.go
View File

@@ -231,15 +231,21 @@ func (m *Middleware) logRequestCompletion(logID string, state *WAFState) {
)
}
// copyResponse copies the captured response body from the recorder to the original writer.
// Headers and status code are already on w because the recorder delegates Header() and
// WriteHeader() directly to the underlying ResponseWriter, so only the body needs copying.
// copyResponse copies the captured response from the recorder to the original writer
func (m *Middleware) copyResponse(w http.ResponseWriter, recorder *responseRecorder, r *http.Request) {
header := w.Header()
for key, values := range recorder.Header() {
for _, value := range values {
header.Add(key, value)
}
}
w.WriteHeader(recorder.StatusCode())
logID := getLogID(r.Context())
if logID == "unknown" {
m.logger.Error("Log ID not found in context during response copy")
m.logger.Error("Log ID not found in context during response copy") // added error log for clarity
}
_, err := w.Write(recorder.body.Bytes())
_, err := w.Write(recorder.body.Bytes()) // Copy body from recorder to original writer
if err != nil {
m.logger.Error("Failed to write recorded response body to client", zap.Error(err), zap.String("log_id", logID))
}

2
helpers.go
View File

@@ -33,7 +33,7 @@ func appendCIDR(ip string) string {
ip += "/32"
// IPv6
} else {
ip += "/128"
ip += "/64"
}
return ip
}