gin/deprecated.go

// Copyright 2014 Manu Martinez-Almeida.  All rights reserved.
// Use of this source code is governed by a MIT style
// license that can be found in the LICENSE file.

package gin

import (
	"log"
	"net"
	"net/http"
	"strings"

	"github.com/gin-gonic/gin/binding"
)

// DEPRECATED, use Bind() instead.
// Like ParseBody() but this method also writes a 400 error if the json is not valid.
func (c *Context) EnsureBody(item interface{}) bool {
	return c.Bind(item)
}

// DEPRECATED use bindings directly
// Parses the body content as a JSON input. It decodes the json payload into the struct specified as a pointer.
func (c *Context) ParseBody(item interface{}) error {
	return binding.JSON.Bind(c.Request, item)
}

// DEPRECATED use gin.Static() instead
// ServeFiles serves files from the given file system root.
// The path must end with "/*filepath", files are then served from the local
// path /defined/root/dir/*filepath.
// For example if root is "/etc" and *filepath is "passwd", the local file
// "/etc/passwd" would be served.
// Internally a http.FileServer is used, therefore http.NotFound is used instead
// of the Router's NotFound handler.
// To use the operating system's file system implementation,
// use http.Dir:
//     router.ServeFiles("/src/*filepath", http.Dir("/var/www"))
func (engine *Engine) ServeFiles(path string, root http.FileSystem) {
	engine.router.ServeFiles(path, root)
}

// DEPRECATED use gin.LoadHTMLGlob() or gin.LoadHTMLFiles() instead
func (engine *Engine) LoadHTMLTemplates(pattern string) {
	engine.LoadHTMLGlob(pattern)
}

// DEPRECATED. Use NoRoute() instead
func (engine *Engine) NotFound404(handlers ...HandlerFunc) {
	engine.NoRoute(handlers...)
}

// the ForwardedFor middleware unwraps the X-Forwarded-For headers, be careful to only use this
// middleware if you've got servers in front of this server. The list with (known) proxies and
// local ips are being filtered out of the forwarded for list, giving the last not local ip being
// the real client ip.
func ForwardedFor(proxies ...interface{}) HandlerFunc {
	if len(proxies) == 0 {
		// default to local ips
		var reservedLocalIps = []string{"10.0.0.0/8", "127.0.0.1/32", "172.16.0.0/12", "192.168.0.0/16"}

		proxies = make([]interface{}, len(reservedLocalIps))

		for i, v := range reservedLocalIps {
			proxies[i] = v
		}
	}

	return func(c *Context) {
		// the X-Forwarded-For header contains an array with left most the client ip, then
		// comma separated, all proxies the request passed. The last proxy appears
		// as the remote address of the request. Returning the client
		// ip to comply with default RemoteAddr response.

		// check if remoteaddr is local ip or in list of defined proxies
		remoteIp := net.ParseIP(strings.Split(c.Request.RemoteAddr, ":")[0])

		if !ipInMasks(remoteIp, proxies) {
			return
		}

		if forwardedFor := c.Request.Header.Get("X-Forwarded-For"); forwardedFor != "" {
			parts := strings.Split(forwardedFor, ",")

			for i := len(parts) - 1; i >= 0; i-- {
				part := parts[i]

				ip := net.ParseIP(strings.TrimSpace(part))

				if ipInMasks(ip, proxies) {
					continue
				}

				// returning remote addr conform the original remote addr format
				c.Request.RemoteAddr = ip.String() + ":0"

				// remove forwarded for address
				c.Request.Header.Set("X-Forwarded-For", "")
				return
			}
		}
	}
}

func ipInMasks(ip net.IP, masks []interface{}) bool {
	for _, proxy := range masks {
		var mask *net.IPNet
		var err error

		switch t := proxy.(type) {
		case string:
			if _, mask, err = net.ParseCIDR(t); err != nil {
				log.Panic(err)
			}
		case net.IP:
			mask = &net.IPNet{IP: t, Mask: net.CIDRMask(len(t)*8, len(t)*8)}
		case net.IPNet:
			mask = &t
		}

		if mask.Contains(ip) {
			return true
		}
	}

	return false
}
Adds in-code license 2014-08-29 21:49:50 +04:00			`// Copyright 2014 Manu Martinez-Almeida. All rights reserved.`
			`// Use of this source code is governed by a MIT style`
			`// license that can be found in the LICENSE file.`

New bindings for JSON, XML and form parsing and validation 2014-07-05 01:28:50 +04:00			`package gin`

			`import (`
ForwardedFor() is deprecated 2015-03-31 18:44:45 +03:00			`"log"`
			`"net"`
New static file serving 2014-07-08 03:09:48 +04:00			`"net/http"`
ForwardedFor() is deprecated 2015-03-31 18:44:45 +03:00			`"strings"`
Cosmetic changes 2015-03-23 08:03:12 +03:00
			`"github.com/gin-gonic/gin/binding"`
New bindings for JSON, XML and form parsing and validation 2014-07-05 01:28:50 +04:00			`)`

			`// DEPRECATED, use Bind() instead.`
			`// Like ParseBody() but this method also writes a 400 error if the json is not valid.`
			`func (c *Context) EnsureBody(item interface{}) bool {`
			`return c.Bind(item)`
			`}`

			`// DEPRECATED use bindings directly`
			`// Parses the body content as a JSON input. It decodes the json payload into the struct specified as a pointer.`
			`func (c *Context) ParseBody(item interface{}) error {`
Renaming Context.Req to Context.Request 2014-07-08 18:57:04 +04:00			`return binding.JSON.Bind(c.Request, item)`
New bindings for JSON, XML and form parsing and validation 2014-07-05 01:28:50 +04:00			`}`
New static file serving 2014-07-08 03:09:48 +04:00
			`// DEPRECATED use gin.Static() instead`
			`// ServeFiles serves files from the given file system root.`
			`// The path must end with "/*filepath", files are then served from the local`
			`// path /defined/root/dir/*filepath.`
			`// For example if root is "/etc" and *filepath is "passwd", the local file`
			`// "/etc/passwd" would be served.`
			`// Internally a http.FileServer is used, therefore http.NotFound is used instead`
			`// of the Router's NotFound handler.`
			`// To use the operating system's file system implementation,`
			`// use http.Dir:`
			`// router.ServeFiles("/src/*filepath", http.Dir("/var/www"))`
			`func (engine *Engine) ServeFiles(path string, root http.FileSystem) {`
			`engine.router.ServeFiles(path, root)`
			`}`
Adds flexible render system 2014-07-15 19:41:56 +04:00
			`// DEPRECATED use gin.LoadHTMLGlob() or gin.LoadHTMLFiles() instead`
			`func (engine *Engine) LoadHTMLTemplates(pattern string) {`
			`engine.LoadHTMLGlob(pattern)`
			`}`
Renames NotFound404 to NotFound 2014-07-17 22:18:50 +04:00
fix typo in comment 2014-10-31 07:30:20 +03:00			`// DEPRECATED. Use NoRoute() instead`
Renames NotFound404 to NotFound 2014-07-17 22:18:50 +04:00			`func (engine *Engine) NotFound404(handlers ...HandlerFunc) {`
Renames NotFound() to NoRoute() 2014-07-18 01:42:23 +04:00			`engine.NoRoute(handlers...)`
Renames NotFound404 to NotFound 2014-07-17 22:18:50 +04:00			`}`
ForwardedFor() is deprecated 2015-03-31 18:44:45 +03:00
			`// the ForwardedFor middleware unwraps the X-Forwarded-For headers, be careful to only use this`
			`// middleware if you've got servers in front of this server. The list with (known) proxies and`
			`// local ips are being filtered out of the forwarded for list, giving the last not local ip being`
			`// the real client ip.`
			`func ForwardedFor(proxies ...interface{}) HandlerFunc {`
			`if len(proxies) == 0 {`
			`// default to local ips`
			`var reservedLocalIps = []string{"10.0.0.0/8", "127.0.0.1/32", "172.16.0.0/12", "192.168.0.0/16"}`

			`proxies = make([]interface{}, len(reservedLocalIps))`

			`for i, v := range reservedLocalIps {`
			`proxies[i] = v`
			`}`
			`}`

			`return func(c *Context) {`
			`// the X-Forwarded-For header contains an array with left most the client ip, then`
			`// comma separated, all proxies the request passed. The last proxy appears`
			`// as the remote address of the request. Returning the client`
			`// ip to comply with default RemoteAddr response.`

			`// check if remoteaddr is local ip or in list of defined proxies`
			`remoteIp := net.ParseIP(strings.Split(c.Request.RemoteAddr, ":")[0])`

			`if !ipInMasks(remoteIp, proxies) {`
			`return`
			`}`

			`if forwardedFor := c.Request.Header.Get("X-Forwarded-For"); forwardedFor != "" {`
			`parts := strings.Split(forwardedFor, ",")`

			`for i := len(parts) - 1; i >= 0; i-- {`
			`part := parts[i]`

			`ip := net.ParseIP(strings.TrimSpace(part))`

			`if ipInMasks(ip, proxies) {`
			`continue`
			`}`

			`// returning remote addr conform the original remote addr format`
			`c.Request.RemoteAddr = ip.String() + ":0"`

			`// remove forwarded for address`
			`c.Request.Header.Set("X-Forwarded-For", "")`
			`return`
			`}`
			`}`
			`}`
			`}`

			`func ipInMasks(ip net.IP, masks []interface{}) bool {`
			`for _, proxy := range masks {`
			`var mask *net.IPNet`
			`var err error`

			`switch t := proxy.(type) {`
			`case string:`
			`if _, mask, err = net.ParseCIDR(t); err != nil {`
			`log.Panic(err)`
			`}`
			`case net.IP:`
			`mask = &net.IPNet{IP: t, Mask: net.CIDRMask(len(t)8, len(t)8)}`
			`case net.IPNet:`
			`mask = &t`
			`}`

			`if mask.Contains(ip) {`
			`return true`
			`}`
			`}`

			`return false`
			`}`