Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Previously, all requests that contained in header field names characters other
than alphanumeric, or "-", or "_" were rejected with a 400 "Bad Request" error
response.
Now, the parser allows the same set of characters as specified in RFC 7230,
including: "!", "#", "$", "%", "&", "'", "*", "+", ".", "^", "`", "|", and "~".
Header field names that contain only these characters are considered valid.
Also, there's a new option introduced: "discard_unsafe_fields". It accepts
boolean value and it is set to "true" by default.
When this option is "true", all header field names that contain characters
in valid range, but other than alphanumeric or "-" are skipped during parsing.
When the option is "false", these header fields aren't skipped.
Requests with non-valid characters in header field names according to
RFC 7230 are rejected regardless of "discard_unsafe_fields" setting.
This closes #422 issue on GitHub.
|
|
Now users can disable the default procfs mount point
in the rootfs.
{
"isolation": {
"automount": {
"procfs": false
}
}
}
|
|
Now users can disable the default tmpfs mount point
in the rootfs.
{
"isolation": {
"automount": {
"tmpfs": false
}
}
}
|
|
Introducing manual protocol selection for 'universal' apps and frameworks.
|
|
This closes #486 issue on GitHub.
|
|
This closes #482 issue on GitHub.
|
|
This closes #458 issue on GitHub.
|
|
This closes #459 issue on GitHub.
|
|
|
|
|
|
|
|
Now it is possible to specify the name of the application callable using
optional parameter 'callable'. Default value is 'application'.
This closes #290 issue on GitHub.
|
|
Now it's possible to disable default bind mounts of
languages by setting:
{
"isolation": {
"automount": {
"language_deps": false
}
}
}
In this case, the user is responsible to provide a "rootfs"
containing the language libraries and required files for
the application.
|
|
It's not used since cbcd76704c90.
This option is a leftover from previous IPC between router and applications
processes. It was never documented, though.
Thanks to 洪志道 (Hong Zhi Dao).
|
|
Thanks to 洪志道 (Hong Zhi Dao).
This closes #466 issue on GitHub.
|
|
|
|
There was an undefined behavior in the validation function, caused by testing
one character after the string if a wildcard was at the end.
|
|
|
|
This fixes undefined behaviour due to array over-read if an unknown parameter
is specified in an uidmap, a gidmap, or a php target object.
|
|
Thanks to 洪志道 (Hong Zhi Dao).
|
|
|
|
|
|
|
|
This allows to specify multiple subsequent targets inside PHP applications.
For example:
{
"listeners": {
"*:80": {
"pass": "routes"
}
},
"routes": [
{
"match": {
"uri": "/info"
},
"action": {
"pass": "applications/my_app/phpinfo"
}
},
{
"match": {
"uri": "/hello"
},
"action": {
"pass": "applications/my_app/hello"
}
},
{
"action": {
"pass": "applications/my_app/rest"
}
}
],
"applications": {
"my_app": {
"type": "php",
"targets": {
"phpinfo": {
"script": "phpinfo.php",
"root": "/www/data/admin",
},
"hello": {
"script": "hello.php",
"root": "/www/data/test",
},
"rest": {
"root": "/www/data/example.com",
"index": "index.php"
},
}
}
}
}
|
|
This is useful to escape "/" in path fragments. For example, in order
to reference the application named "foo/bar":
{
"pass": "applications/foo%2Fbar"
}
|
|
|
|
|
|
This allows to specify redirects:
{
"action": {
"return": 301,
"location": "https://www.example.com/"
}
}
|
|
The "return" action can be used to immediately generate a simple HTTP response
with an arbitrary status:
{
"action": {
"return": 404
}
}
This is especially useful for denying access to specific resources.
|
|
This closes #386 on GitHub.
|
|
|
|
It allows proceeding to another action if a file isn't available.
An example:
{
"share": "/data/www/",
"fallback": {
"pass": "applications/php"
}
}
In the example above, an attempt is made first to serve a request with
a file from the "/data/www/" directory. If there's no such file, the
request is passed to the "php" application.
Fallback actions may be nested:
{
"share": "/data/www/",
"fallback": {
"share": "/data/cache/",
"fallback": {
"proxy": "http://127.0.0.1:9000"
}
}
}
|
|
Now it enforces the mutual exclusivity of "pass", "proxy", and "share" options.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Scheme matches exact string “http” or “https”.
|
|
|
|
|
|
|
|
This closes #233 issue on GitHub.
Thanks to 洪志道 (Hong Zhi Dao).
|
|
|
|
|