From 16cd8cdd4ef9257b1e86b5119df1536de71c6a87 Mon Sep 17 00:00:00 2001 From: thinkerou Date: Sun, 25 Oct 2020 17:08:30 +0800 Subject: [PATCH 01/28] ci: romove go1.11 for gin1.7 (#2540) --- .travis.yml | 2 -- README.md | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index d7086b38..0795665d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,8 +3,6 @@ language: go matrix: fast_finish: true include: - - go: 1.11.x - env: GO111MODULE=on - go: 1.12.x env: GO111MODULE=on - go: 1.13.x diff --git a/README.md b/README.md index 7e8359ee..18b19430 100644 --- a/README.md +++ b/README.md @@ -84,7 +84,7 @@ Gin is a web framework written in Go (Golang). It features a martini-like API wi To install Gin package, you need to install Go and set your Go workspace first. -1. The first need [Go](https://golang.org/) installed (**version 1.11+ is required**), then you can use the below Go command to install Gin. +1. The first need [Go](https://golang.org/) installed (**version 1.12+ is required**), then you can use the below Go command to install Gin. ```sh $ go get -u github.com/gin-gonic/gin From 65ed60ed1334140d8583a3d0533cea76c66b69fe Mon Sep 17 00:00:00 2001 From: "Alessandro (Ale) Segala" <43508+ItalyPaleAle@users.noreply.github.com> Date: Fri, 30 Oct 2020 23:20:47 +0000 Subject: [PATCH 02/28] Allow bind with a map[string]string (#2484) Co-authored-by: thinkerou --- binding/binding_test.go | 93 +++++++++++++++++++++++++++++++++++++++++ binding/form_mapping.go | 41 ++++++++++++++++++ binding/json_test.go | 9 ++++ 3 files changed, 143 insertions(+) diff --git a/binding/binding_test.go b/binding/binding_test.go index 4424bab9..c354be94 100644 --- a/binding/binding_test.go +++ b/binding/binding_test.go @@ -13,6 +13,7 @@ import ( "mime/multipart" "net/http" "os" + "reflect" "strconv" "strings" "testing" @@ -200,6 +201,12 @@ func TestBindingJSONDisallowUnknownFields(t *testing.T) { `{"foo": "bar"}`, `{"foo": "bar", "what": "this"}`) } +func TestBindingJSONStringMap(t *testing.T) { + testBodyBindingStringMap(t, JSON, + "/", "/", + `{"foo": "bar", "hello": "world"}`, `{"num": 2}`) +} + func TestBindingForm(t *testing.T) { testFormBinding(t, "POST", "/", "/", @@ -336,6 +343,37 @@ func TestBindingFormForType(t *testing.T) { "", "", "StructPointer") } +func TestBindingFormStringMap(t *testing.T) { + testBodyBindingStringMap(t, Form, + "/", "", + `foo=bar&hello=world`, "") + // Should pick the last value + testBodyBindingStringMap(t, Form, + "/", "", + `foo=something&foo=bar&hello=world`, "") +} + +func TestBindingFormStringSliceMap(t *testing.T) { + obj := make(map[string][]string) + req := requestWithBody("POST", "/", "foo=something&foo=bar&hello=world") + req.Header.Add("Content-Type", MIMEPOSTForm) + err := Form.Bind(req, &obj) + assert.NoError(t, err) + assert.NotNil(t, obj) + assert.Len(t, obj, 2) + target := map[string][]string{ + "foo": {"something", "bar"}, + "hello": {"world"}, + } + assert.True(t, reflect.DeepEqual(obj, target)) + + objInvalid := make(map[string][]int) + req = requestWithBody("POST", "/", "foo=something&foo=bar&hello=world") + req.Header.Add("Content-Type", MIMEPOSTForm) + err = Form.Bind(req, &objInvalid) + assert.Error(t, err) +} + func TestBindingQuery(t *testing.T) { testQueryBinding(t, "POST", "/?foo=bar&bar=foo", "/", @@ -366,6 +404,28 @@ func TestBindingQueryBoolFail(t *testing.T) { "bool_foo=unused", "") } +func TestBindingQueryStringMap(t *testing.T) { + b := Query + + obj := make(map[string]string) + req := requestWithBody("GET", "/?foo=bar&hello=world", "") + err := b.Bind(req, &obj) + assert.NoError(t, err) + assert.NotNil(t, obj) + assert.Len(t, obj, 2) + assert.Equal(t, "bar", obj["foo"]) + assert.Equal(t, "world", obj["hello"]) + + obj = make(map[string]string) + req = requestWithBody("GET", "/?foo=bar&foo=2&hello=world", "") // should pick last + err = b.Bind(req, &obj) + assert.NoError(t, err) + assert.NotNil(t, obj) + assert.Len(t, obj, 2) + assert.Equal(t, "2", obj["foo"]) + assert.Equal(t, "world", obj["hello"]) +} + func TestBindingXML(t *testing.T) { testBodyBinding(t, XML, "xml", @@ -387,6 +447,13 @@ func TestBindingYAML(t *testing.T) { `foo: bar`, `bar: foo`) } +func TestBindingYAMLStringMap(t *testing.T) { + // YAML is a superset of JSON, so the test below is JSON (to avoid newlines) + testBodyBindingStringMap(t, YAML, + "/", "/", + `{"foo": "bar", "hello": "world"}`, `{"nested": {"foo": "bar"}}`) +} + func TestBindingYAMLFail(t *testing.T) { testBodyBindingFail(t, YAML, "yaml", @@ -1114,6 +1181,32 @@ func testBodyBinding(t *testing.T, b Binding, name, path, badPath, body, badBody assert.Error(t, err) } +func testBodyBindingStringMap(t *testing.T, b Binding, path, badPath, body, badBody string) { + obj := make(map[string]string) + req := requestWithBody("POST", path, body) + if b.Name() == "form" { + req.Header.Add("Content-Type", MIMEPOSTForm) + } + err := b.Bind(req, &obj) + assert.NoError(t, err) + assert.NotNil(t, obj) + assert.Len(t, obj, 2) + assert.Equal(t, "bar", obj["foo"]) + assert.Equal(t, "world", obj["hello"]) + + if badPath != "" && badBody != "" { + obj = make(map[string]string) + req = requestWithBody("POST", badPath, badBody) + err = b.Bind(req, &obj) + assert.Error(t, err) + } + + objInt := make(map[string]int) + req = requestWithBody("POST", path, body) + err = b.Bind(req, &objInt) + assert.Error(t, err) +} + func testBodyBindingUseNumber(t *testing.T, b Binding, name, path, badPath, body, badBody string) { assert.Equal(t, name, b.Name()) diff --git a/binding/form_mapping.go b/binding/form_mapping.go index f0913ea5..2f4e45b4 100644 --- a/binding/form_mapping.go +++ b/binding/form_mapping.go @@ -29,6 +29,21 @@ func mapForm(ptr interface{}, form map[string][]string) error { var emptyField = reflect.StructField{} func mapFormByTag(ptr interface{}, form map[string][]string, tag string) error { + // Check if ptr is a map + ptrVal := reflect.ValueOf(ptr) + var pointed interface{} + if ptrVal.Kind() == reflect.Ptr { + ptrVal = ptrVal.Elem() + pointed = ptrVal.Interface() + } + if ptrVal.Kind() == reflect.Map && + ptrVal.Type().Key().Kind() == reflect.String { + if pointed != nil { + ptr = pointed + } + return setFormMap(ptr, form) + } + return mappingByPtr(ptr, formSource(form), tag) } @@ -349,3 +364,29 @@ func head(str, sep string) (head string, tail string) { } return str[:idx], str[idx+len(sep):] } + +func setFormMap(ptr interface{}, form map[string][]string) error { + el := reflect.TypeOf(ptr).Elem() + + if el.Kind() == reflect.Slice { + ptrMap, ok := ptr.(map[string][]string) + if !ok { + return errors.New("cannot convert to map slices of strings") + } + for k, v := range form { + ptrMap[k] = v + } + + return nil + } + + ptrMap, ok := ptr.(map[string]string) + if !ok { + return errors.New("cannot convert to map of strings") + } + for k, v := range form { + ptrMap[k] = v[len(v)-1] // pick last + } + + return nil +} diff --git a/binding/json_test.go b/binding/json_test.go index cae4cccc..fbd5c527 100644 --- a/binding/json_test.go +++ b/binding/json_test.go @@ -19,3 +19,12 @@ func TestJSONBindingBindBody(t *testing.T) { require.NoError(t, err) assert.Equal(t, "FOO", s.Foo) } + +func TestJSONBindingBindBodyMap(t *testing.T) { + s := make(map[string]string) + err := jsonBinding{}.BindBody([]byte(`{"foo": "FOO","hello":"world"}`), &s) + require.NoError(t, err) + assert.Len(t, s, 2) + assert.Equal(t, "FOO", s["foo"]) + assert.Equal(t, "world", s["hello"]) +} From 7742ff50e0a05d079a0c468ccfbf7c6ecfe2414b Mon Sep 17 00:00:00 2001 From: "An Xiao (Luffy)" Date: Wed, 11 Nov 2020 09:41:35 +0800 Subject: [PATCH 03/28] Fix typos in context.go (#2551) --- context.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/context.go b/context.go index 71fb5937..3d6b56d6 100644 --- a/context.go +++ b/context.go @@ -891,7 +891,7 @@ func (c *Context) SecureJSON(code int, obj interface{}) { } // JSONP serializes the given struct as JSON into the response body. -// It add padding to response body to request data from a server residing in a different domain than the client. +// It adds padding to response body to request data from a server residing in a different domain than the client. // It also sets the Content-Type as "application/javascript". func (c *Context) JSONP(code int, obj interface{}) { callback := c.DefaultQuery("callback", "") @@ -968,7 +968,7 @@ func (c *Context) DataFromReader(code int, contentLength int64, contentType stri }) } -// File writes the specified file into the body stream in a efficient way. +// File writes the specified file into the body stream in an efficient way. func (c *Context) File(filepath string) { http.ServeFile(c.Writer, c.Request, filepath) } From 3b5e861bb1c7f93424ab861dd779de168cb4c624 Mon Sep 17 00:00:00 2001 From: thinkerou Date: Sun, 3 Jan 2021 21:14:56 +0800 Subject: [PATCH 04/28] fix compile error from #2572 (#2600) --- internal/bytesconv/bytesconv.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/internal/bytesconv/bytesconv.go b/internal/bytesconv/bytesconv.go index 7b80e335..fdad2015 100644 --- a/internal/bytesconv/bytesconv.go +++ b/internal/bytesconv/bytesconv.go @@ -5,16 +5,17 @@ package bytesconv import ( - "reflect" "unsafe" ) // StringToBytes converts string to byte slice without a memory allocation. func StringToBytes(s string) (b []byte) { - sh := *(*reflect.StringHeader)(unsafe.Pointer(&s)) - bh := (*reflect.SliceHeader)(unsafe.Pointer(&b)) - bh.Data, bh.Len, bh.Cap = sh.Data, sh.Len, sh.Len - return b + return *(*[]byte)(unsafe.Pointer( + &struct { + string + Cap int + }{s, len(s)}, + )) } // BytesToString converts byte slice to string without a memory allocation. From a573ec6a37f37f421a5fa696264e6a2a67af0944 Mon Sep 17 00:00:00 2001 From: thinkerou Date: Sun, 3 Jan 2021 21:34:11 +0800 Subject: [PATCH 05/28] chore: update tree (#2371) Co-authored-by: Bo-Yi Wu --- tree.go | 277 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 138 insertions(+), 139 deletions(-) diff --git a/tree.go b/tree.go index 7a80af9e..74e07e84 100644 --- a/tree.go +++ b/tree.go @@ -119,7 +119,6 @@ func (n *node) incrementChildPrio(pos int) int { for ; newPos > 0 && cs[newPos-1].priority < prio; newPos-- { // Swap node positions cs[newPos-1], cs[newPos] = cs[newPos], cs[newPos-1] - } // Build new index char string @@ -559,8 +558,8 @@ func (n *node) findCaseInsensitivePath(path string, fixTrailingSlash bool) ([]by // Use a static sized buffer on the stack in the common case. // If the path is too long, allocate a buffer on the heap instead. buf := make([]byte, 0, stackBufSize) - if l := len(path) + 1; l > stackBufSize { - buf = make([]byte, 0, l) + if length := len(path) + 1; length > stackBufSize { + buf = make([]byte, 0, length) } ciPath := n.findCaseInsensitivePathRec( @@ -600,142 +599,7 @@ walk: // Outer loop for walking the tree path = path[npLen:] ciPath = append(ciPath, n.path...) - if len(path) > 0 { - // If this node does not have a wildcard (param or catchAll) child, - // we can just look up the next child node and continue to walk down - // the tree - if !n.wildChild { - // Skip rune bytes already processed - rb = shiftNRuneBytes(rb, npLen) - - if rb[0] != 0 { - // Old rune not finished - idxc := rb[0] - for i, c := range []byte(n.indices) { - if c == idxc { - // continue with child node - n = n.children[i] - npLen = len(n.path) - continue walk - } - } - } else { - // Process a new rune - var rv rune - - // Find rune start. - // Runes are up to 4 byte long, - // -4 would definitely be another rune. - var off int - for max := min(npLen, 3); off < max; off++ { - if i := npLen - off; utf8.RuneStart(oldPath[i]) { - // read rune from cached path - rv, _ = utf8.DecodeRuneInString(oldPath[i:]) - break - } - } - - // Calculate lowercase bytes of current rune - lo := unicode.ToLower(rv) - utf8.EncodeRune(rb[:], lo) - - // Skip already processed bytes - rb = shiftNRuneBytes(rb, off) - - idxc := rb[0] - for i, c := range []byte(n.indices) { - // Lowercase matches - if c == idxc { - // must use a recursive approach since both the - // uppercase byte and the lowercase byte might exist - // as an index - if out := n.children[i].findCaseInsensitivePathRec( - path, ciPath, rb, fixTrailingSlash, - ); out != nil { - return out - } - break - } - } - - // If we found no match, the same for the uppercase rune, - // if it differs - if up := unicode.ToUpper(rv); up != lo { - utf8.EncodeRune(rb[:], up) - rb = shiftNRuneBytes(rb, off) - - idxc := rb[0] - for i, c := range []byte(n.indices) { - // Uppercase matches - if c == idxc { - // Continue with child node - n = n.children[i] - npLen = len(n.path) - continue walk - } - } - } - } - - // Nothing found. We can recommend to redirect to the same URL - // without a trailing slash if a leaf exists for that path - if fixTrailingSlash && path == "/" && n.handlers != nil { - return ciPath - } - return nil - } - - n = n.children[0] - switch n.nType { - case param: - // Find param end (either '/' or path end) - end := 0 - for end < len(path) && path[end] != '/' { - end++ - } - - // Add param value to case insensitive path - ciPath = append(ciPath, path[:end]...) - - // We need to go deeper! - if end < len(path) { - if len(n.children) > 0 { - // Continue with child node - n = n.children[0] - npLen = len(n.path) - path = path[end:] - continue - } - - // ... but we can't - if fixTrailingSlash && len(path) == end+1 { - return ciPath - } - return nil - } - - if n.handlers != nil { - return ciPath - } - - if fixTrailingSlash && len(n.children) == 1 { - // No handle found. Check if a handle for this path + a - // trailing slash exists - n = n.children[0] - if n.path == "/" && n.handlers != nil { - return append(ciPath, '/') - } - } - - return nil - - case catchAll: - return append(ciPath, path...) - - default: - panic("invalid node type") - } - } else { + if len(path) == 0 { // We should have reached the node containing the handle. // Check if this node has a handle registered. if n.handlers != nil { @@ -758,6 +622,141 @@ walk: // Outer loop for walking the tree } return nil } + + // If this node does not have a wildcard (param or catchAll) child, + // we can just look up the next child node and continue to walk down + // the tree + if !n.wildChild { + // Skip rune bytes already processed + rb = shiftNRuneBytes(rb, npLen) + + if rb[0] != 0 { + // Old rune not finished + idxc := rb[0] + for i, c := range []byte(n.indices) { + if c == idxc { + // continue with child node + n = n.children[i] + npLen = len(n.path) + continue walk + } + } + } else { + // Process a new rune + var rv rune + + // Find rune start. + // Runes are up to 4 byte long, + // -4 would definitely be another rune. + var off int + for max := min(npLen, 3); off < max; off++ { + if i := npLen - off; utf8.RuneStart(oldPath[i]) { + // read rune from cached path + rv, _ = utf8.DecodeRuneInString(oldPath[i:]) + break + } + } + + // Calculate lowercase bytes of current rune + lo := unicode.ToLower(rv) + utf8.EncodeRune(rb[:], lo) + + // Skip already processed bytes + rb = shiftNRuneBytes(rb, off) + + idxc := rb[0] + for i, c := range []byte(n.indices) { + // Lowercase matches + if c == idxc { + // must use a recursive approach since both the + // uppercase byte and the lowercase byte might exist + // as an index + if out := n.children[i].findCaseInsensitivePathRec( + path, ciPath, rb, fixTrailingSlash, + ); out != nil { + return out + } + break + } + } + + // If we found no match, the same for the uppercase rune, + // if it differs + if up := unicode.ToUpper(rv); up != lo { + utf8.EncodeRune(rb[:], up) + rb = shiftNRuneBytes(rb, off) + + idxc := rb[0] + for i, c := range []byte(n.indices) { + // Uppercase matches + if c == idxc { + // Continue with child node + n = n.children[i] + npLen = len(n.path) + continue walk + } + } + } + } + + // Nothing found. We can recommend to redirect to the same URL + // without a trailing slash if a leaf exists for that path + if fixTrailingSlash && path == "/" && n.handlers != nil { + return ciPath + } + return nil + } + + n = n.children[0] + switch n.nType { + case param: + // Find param end (either '/' or path end) + end := 0 + for end < len(path) && path[end] != '/' { + end++ + } + + // Add param value to case insensitive path + ciPath = append(ciPath, path[:end]...) + + // We need to go deeper! + if end < len(path) { + if len(n.children) > 0 { + // Continue with child node + n = n.children[0] + npLen = len(n.path) + path = path[end:] + continue + } + + // ... but we can't + if fixTrailingSlash && len(path) == end+1 { + return ciPath + } + return nil + } + + if n.handlers != nil { + return ciPath + } + + if fixTrailingSlash && len(n.children) == 1 { + // No handle found. Check if a handle for this path + a + // trailing slash exists + n = n.children[0] + if n.path == "/" && n.handlers != nil { + return append(ciPath, '/') + } + } + + return nil + + case catchAll: + return append(ciPath, path...) + + default: + panic("invalid node type") + } } // Nothing found. From 4bfae4c8c8f7764cc587022ba6d9d2fd18e6c47d Mon Sep 17 00:00:00 2001 From: wuhuizuo Date: Sun, 3 Jan 2021 21:43:34 +0800 Subject: [PATCH 06/28] Support binding for slice/array obj [Rewrite] (#2302) Co-authored-by: thinkerou Co-authored-by: Bo-Yi Wu --- binding/binding.go | 3 +- binding/binding_test.go | 30 +++++++++++++- binding/default_validator.go | 52 +++++++++++++++++++---- binding/default_validator_test.go | 68 +++++++++++++++++++++++++++++++ 4 files changed, 142 insertions(+), 11 deletions(-) create mode 100644 binding/default_validator_test.go diff --git a/binding/binding.go b/binding/binding.go index 57562845..5c8e235b 100644 --- a/binding/binding.go +++ b/binding/binding.go @@ -51,7 +51,8 @@ type BindingUri interface { // https://github.com/go-playground/validator/tree/v8.18.2. type StructValidator interface { // ValidateStruct can receive any kind of type and it should never panic, even if the configuration is not right. - // If the received type is not a struct, any validation should be skipped and nil must be returned. + // If the received type is a slice|array, the validation should be performed travel on every element. + // If the received type is not a struct or slice|array, any validation should be skipped and nil must be returned. // If the received type is a struct or pointer to a struct, the validation should be performed. // If the struct is not valid or the validation itself fails, a descriptive error should be returned. // Otherwise nil must be returned. diff --git a/binding/binding_test.go b/binding/binding_test.go index c354be94..17336177 100644 --- a/binding/binding_test.go +++ b/binding/binding_test.go @@ -35,7 +35,7 @@ type QueryTest struct { } type FooStruct struct { - Foo string `msgpack:"foo" json:"foo" form:"foo" xml:"foo" binding:"required"` + Foo string `msgpack:"foo" json:"foo" form:"foo" xml:"foo" binding:"required,max=32"` } type FooBarStruct struct { @@ -181,6 +181,20 @@ func TestBindingJSON(t *testing.T) { `{"foo": "bar"}`, `{"bar": "foo"}`) } +func TestBindingJSONSlice(t *testing.T) { + EnableDecoderDisallowUnknownFields = true + defer func() { + EnableDecoderDisallowUnknownFields = false + }() + + testBodyBindingSlice(t, JSON, "json", "/", "/", `[]`, ``) + testBodyBindingSlice(t, JSON, "json", "/", "/", `[{"foo": "123"}]`, `[{}]`) + testBodyBindingSlice(t, JSON, "json", "/", "/", `[{"foo": "123"}]`, `[{"foo": ""}]`) + testBodyBindingSlice(t, JSON, "json", "/", "/", `[{"foo": "123"}]`, `[{"foo": 123}]`) + testBodyBindingSlice(t, JSON, "json", "/", "/", `[{"foo": "123"}]`, `[{"bar": 123}]`) + testBodyBindingSlice(t, JSON, "json", "/", "/", `[{"foo": "123"}]`, `[{"foo": "123456789012345678901234567890123"}]`) +} + func TestBindingJSONUseNumber(t *testing.T) { testBodyBindingUseNumber(t, JSON, "json", @@ -1181,6 +1195,20 @@ func testBodyBinding(t *testing.T, b Binding, name, path, badPath, body, badBody assert.Error(t, err) } +func testBodyBindingSlice(t *testing.T, b Binding, name, path, badPath, body, badBody string) { + assert.Equal(t, name, b.Name()) + + var obj1 []FooStruct + req := requestWithBody("POST", path, body) + err := b.Bind(req, &obj1) + assert.NoError(t, err) + + var obj2 []FooStruct + req = requestWithBody("POST", badPath, badBody) + err = JSON.Bind(req, &obj2) + assert.Error(t, err) +} + func testBodyBindingStringMap(t *testing.T, b Binding, path, badPath, body, badBody string) { obj := make(map[string]string) req := requestWithBody("POST", path, body) diff --git a/binding/default_validator.go b/binding/default_validator.go index a4c1a7f6..c57a120f 100644 --- a/binding/default_validator.go +++ b/binding/default_validator.go @@ -5,7 +5,9 @@ package binding import ( + "fmt" "reflect" + "strings" "sync" "github.com/go-playground/validator/v10" @@ -16,22 +18,54 @@ type defaultValidator struct { validate *validator.Validate } +type sliceValidateError []error + +func (err sliceValidateError) Error() string { + var errMsgs []string + for i, e := range err { + if e == nil { + continue + } + errMsgs = append(errMsgs, fmt.Sprintf("[%d]: %s", i, e.Error())) + } + return strings.Join(errMsgs, "\n") +} + var _ StructValidator = &defaultValidator{} // ValidateStruct receives any kind of type, but only performed struct or pointer to struct type. func (v *defaultValidator) ValidateStruct(obj interface{}) error { + if obj == nil { + return nil + } + value := reflect.ValueOf(obj) - valueType := value.Kind() - if valueType == reflect.Ptr { - valueType = value.Elem().Kind() - } - if valueType == reflect.Struct { - v.lazyinit() - if err := v.validate.Struct(obj); err != nil { - return err + switch value.Kind() { + case reflect.Ptr: + return v.ValidateStruct(value.Elem().Interface()) + case reflect.Struct: + return v.validateStruct(obj) + case reflect.Slice, reflect.Array: + count := value.Len() + validateRet := make(sliceValidateError, 0) + for i := 0; i < count; i++ { + if err := v.ValidateStruct(value.Index(i).Interface()); err != nil { + validateRet = append(validateRet, err) + } } + if len(validateRet) == 0 { + return nil + } + return validateRet + default: + return nil } - return nil +} + +// validateStruct receives struct type +func (v *defaultValidator) validateStruct(obj interface{}) error { + v.lazyinit() + return v.validate.Struct(obj) } // Engine returns the underlying validator engine which powers the default diff --git a/binding/default_validator_test.go b/binding/default_validator_test.go new file mode 100644 index 00000000..e9c6de44 --- /dev/null +++ b/binding/default_validator_test.go @@ -0,0 +1,68 @@ +// Copyright 2020 Gin Core Team. All rights reserved. +// Use of this source code is governed by a MIT style +// license that can be found in the LICENSE file. + +package binding + +import ( + "errors" + "testing" +) + +func TestSliceValidateError(t *testing.T) { + tests := []struct { + name string + err sliceValidateError + want string + }{ + {"has nil elements", sliceValidateError{errors.New("test error"), nil}, "[0]: test error"}, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if got := tt.err.Error(); got != tt.want { + t.Errorf("sliceValidateError.Error() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestDefaultValidator(t *testing.T) { + type exampleStruct struct { + A string `binding:"max=8"` + B int `binding:"gt=0"` + } + tests := []struct { + name string + v *defaultValidator + obj interface{} + wantErr bool + }{ + {"validate nil obj", &defaultValidator{}, nil, false}, + {"validate int obj", &defaultValidator{}, 3, false}, + {"validate struct failed-1", &defaultValidator{}, exampleStruct{A: "123456789", B: 1}, true}, + {"validate struct failed-2", &defaultValidator{}, exampleStruct{A: "12345678", B: 0}, true}, + {"validate struct passed", &defaultValidator{}, exampleStruct{A: "12345678", B: 1}, false}, + {"validate *struct failed-1", &defaultValidator{}, &exampleStruct{A: "123456789", B: 1}, true}, + {"validate *struct failed-2", &defaultValidator{}, &exampleStruct{A: "12345678", B: 0}, true}, + {"validate *struct passed", &defaultValidator{}, &exampleStruct{A: "12345678", B: 1}, false}, + {"validate []struct failed-1", &defaultValidator{}, []exampleStruct{{A: "123456789", B: 1}}, true}, + {"validate []struct failed-2", &defaultValidator{}, []exampleStruct{{A: "12345678", B: 0}}, true}, + {"validate []struct passed", &defaultValidator{}, []exampleStruct{{A: "12345678", B: 1}}, false}, + {"validate []*struct failed-1", &defaultValidator{}, []*exampleStruct{{A: "123456789", B: 1}}, true}, + {"validate []*struct failed-2", &defaultValidator{}, []*exampleStruct{{A: "12345678", B: 0}}, true}, + {"validate []*struct passed", &defaultValidator{}, []*exampleStruct{{A: "12345678", B: 1}}, false}, + {"validate *[]struct failed-1", &defaultValidator{}, &[]exampleStruct{{A: "123456789", B: 1}}, true}, + {"validate *[]struct failed-2", &defaultValidator{}, &[]exampleStruct{{A: "12345678", B: 0}}, true}, + {"validate *[]struct passed", &defaultValidator{}, &[]exampleStruct{{A: "12345678", B: 1}}, false}, + {"validate *[]*struct failed-1", &defaultValidator{}, &[]*exampleStruct{{A: "123456789", B: 1}}, true}, + {"validate *[]*struct failed-2", &defaultValidator{}, &[]*exampleStruct{{A: "12345678", B: 0}}, true}, + {"validate *[]*struct passed", &defaultValidator{}, &[]*exampleStruct{{A: "12345678", B: 1}}, false}, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if err := tt.v.ValidateStruct(tt.obj); (err != nil) != tt.wantErr { + t.Errorf("defaultValidator.Validate() error = %v, wantErr %v", err, tt.wantErr) + } + }) + } +} From fca3f95d7cdfdef203c78f220b84118f44590512 Mon Sep 17 00:00:00 2001 From: kishor kunal raj <68464660+kishorkunal-raj@users.noreply.github.com> Date: Sun, 3 Jan 2021 20:00:22 +0530 Subject: [PATCH 07/28] Adding ppc64le architecture support on travis-ci (#2538) Co-authored-by: Bo-Yi Wu --- .travis.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/.travis.yml b/.travis.yml index 0795665d..91129313 100644 --- a/.travis.yml +++ b/.travis.yml @@ -18,6 +18,34 @@ matrix: env: - TESTTAGS=nomsgpack - go: master + # Adding ppc64le jobs + - go: 1.11.x + arch: ppc64le + env: GO111MODULE=on + - go: 1.12.x + arch: ppc64le + env: GO111MODULE=on + - go: 1.13.x + arch: ppc64le + - go: 1.13.x + arch: ppc64le + env: + - TESTTAGS=nomsgpack + - go: 1.14.x + arch: ppc64le + - go: 1.14.x + arch: ppc64le + env: + - TESTTAGS=nomsgpack + - go: 1.15.x + arch: ppc64le + - go: 1.15.x + arch: ppc64le + env: + - TESTTAGS=nomsgpack + - go: master + arch: ppc64le + git: depth: 10 From a28cc088b5e84cb00430f4b32f2b016725a9035a Mon Sep 17 00:00:00 2001 From: thinkerou Date: Sun, 10 Jan 2021 23:51:02 +0800 Subject: [PATCH 08/28] Revert "Adding ppc64le architecture support on travis-ci (#2538)" (#2602) --- .travis.yml | 28 ---------------------------- 1 file changed, 28 deletions(-) diff --git a/.travis.yml b/.travis.yml index 91129313..0795665d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -18,34 +18,6 @@ matrix: env: - TESTTAGS=nomsgpack - go: master - # Adding ppc64le jobs - - go: 1.11.x - arch: ppc64le - env: GO111MODULE=on - - go: 1.12.x - arch: ppc64le - env: GO111MODULE=on - - go: 1.13.x - arch: ppc64le - - go: 1.13.x - arch: ppc64le - env: - - TESTTAGS=nomsgpack - - go: 1.14.x - arch: ppc64le - - go: 1.14.x - arch: ppc64le - env: - - TESTTAGS=nomsgpack - - go: 1.15.x - arch: ppc64le - - go: 1.15.x - arch: ppc64le - env: - - TESTTAGS=nomsgpack - - go: master - arch: ppc64le - git: depth: 10 From 4d2dad596140fa729fb5e67aed2ad9787d3a1901 Mon Sep 17 00:00:00 2001 From: Jeff Date: Mon, 11 Jan 2021 09:07:45 +0800 Subject: [PATCH 09/28] test: fixed the TestUnixSocket test on windows (#2595) Co-authored-by: thinkerou --- gin_integration_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gin_integration_test.go b/gin_integration_test.go index 5f508c70..41ad9874 100644 --- a/gin_integration_test.go +++ b/gin_integration_test.go @@ -14,6 +14,7 @@ import ( "net/http" "net/http/httptest" "os" + "path/filepath" "sync" "testing" "time" @@ -146,7 +147,7 @@ func TestRunWithPort(t *testing.T) { func TestUnixSocket(t *testing.T) { router := New() - unixTestSocket := "/tmp/unix_unit_test" + unixTestSocket := filepath.Join(os.TempDir(), "unix_unit_test") defer os.Remove(unixTestSocket) From e753c502dcbbab6769305871d700c770e68d1b0f Mon Sep 17 00:00:00 2001 From: Rubi <14269809+codenoid@users.noreply.github.com> Date: Mon, 11 Jan 2021 23:03:31 +0700 Subject: [PATCH 10/28] gin mode unknown: show available mode (#2567) Co-authored-by: thinkerou --- mode.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mode.go b/mode.go index 11f833e9..c8813aff 100644 --- a/mode.go +++ b/mode.go @@ -63,7 +63,7 @@ func SetMode(value string) { case TestMode: ginMode = testCode default: - panic("gin mode unknown: " + value) + panic("gin mode unknown: " + value + " (available mode: debug release test)") } modeName = value From f4bc259de33c561fd3b0ae3e7aaa849c1d251c0b Mon Sep 17 00:00:00 2001 From: Qt Date: Tue, 12 Jan 2021 08:32:04 +0800 Subject: [PATCH 11/28] fix error gin support min Go version (#2584) Co-authored-by: thinkerou --- debug.go | 4 ++-- debug_test.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/debug.go b/debug.go index c66ca440..4c7cd0c3 100644 --- a/debug.go +++ b/debug.go @@ -12,7 +12,7 @@ import ( "strings" ) -const ginSupportMinGoVer = 10 +const ginSupportMinGoVer = 12 // IsDebugging returns true if the framework is running in debug mode. // Use SetMode(gin.ReleaseMode) to disable debug mode. @@ -67,7 +67,7 @@ func getMinVer(v string) (uint64, error) { func debugPrintWARNINGDefault() { if v, e := getMinVer(runtime.Version()); e == nil && v <= ginSupportMinGoVer { - debugPrint(`[WARNING] Now Gin requires Go 1.11 or later and Go 1.12 will be required soon. + debugPrint(`[WARNING] Now Gin requires Go 1.12+. `) } diff --git a/debug_test.go b/debug_test.go index d8cd5d1a..c2272d0f 100644 --- a/debug_test.go +++ b/debug_test.go @@ -104,7 +104,7 @@ func TestDebugPrintWARNINGDefault(t *testing.T) { }) m, e := getMinVer(runtime.Version()) if e == nil && m <= ginSupportMinGoVer { - assert.Equal(t, "[GIN-debug] [WARNING] Now Gin requires Go 1.11 or later and Go 1.12 will be required soon.\n\n[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.\n\n", re) + assert.Equal(t, "[GIN-debug] [WARNING] Now Gin requires Go 1.12+.\n\n[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.\n\n", re) } else { assert.Equal(t, "[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.\n\n", re) } From 46ddd4259cac975be1eb11b4f1192264f582db16 Mon Sep 17 00:00:00 2001 From: Josep Jesus Bigorra Algaba <42377845+averageflow@users.noreply.github.com> Date: Wed, 13 Jan 2021 02:06:12 +0100 Subject: [PATCH 12/28] Fixes to the graceful shutdown example (#2552) * Change error comparison to use errors.Is() and add a line of whitespace before the if statement on graceful shutdown * Change from log.Fatalf to log.Printf to ensure the graceful shutdown actually works Co-authored-by: J. J. Bigorra Co-authored-by: thinkerou --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 18b19430..0c263244 100644 --- a/README.md +++ b/README.md @@ -1793,8 +1793,8 @@ func main() { // Initializing the server in a goroutine so that // it won't block the graceful shutdown handling below go func() { - if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed { - log.Fatalf("listen: %s\n", err) + if err := srv.ListenAndServe(); err != nil && errors.Is(err, http.ErrServerClosed) { + log.Printf("listen: %s\n", err) } }() @@ -1812,6 +1812,7 @@ func main() { // the request it is currently handling ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() + if err := srv.Shutdown(ctx); err != nil { log.Fatal("Server forced to shutdown:", err) } From b01605bb5b43dbf33781970af5ad6633e5549fd1 Mon Sep 17 00:00:00 2001 From: Snawoot Date: Wed, 13 Jan 2021 03:40:37 +0200 Subject: [PATCH 13/28] basic auth: fix timing oracle (#2609) Co-authored-by: thinkerou --- auth.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/auth.go b/auth.go index 43ad36f5..4d8a6ce4 100644 --- a/auth.go +++ b/auth.go @@ -5,6 +5,7 @@ package gin import ( + "crypto/subtle" "encoding/base64" "net/http" "strconv" @@ -30,7 +31,7 @@ func (a authPairs) searchCredential(authValue string) (string, bool) { return "", false } for _, pair := range a { - if pair.value == authValue { + if subtle.ConstantTimeCompare([]byte(pair.value), []byte(authValue)) == 1 { return pair.user, true } } From e899771392ecf35de8ce10a030ed8fed2207e9cb Mon Sep 17 00:00:00 2001 From: Alexander Melentyev <55826637+alexander-melentyev@users.noreply.github.com> Date: Wed, 27 Jan 2021 04:58:21 +0300 Subject: [PATCH 14/28] chore: Deleted spaces (#2622) --- .travis.yml | 2 +- AUTHORS.md | 2 +- BENCHMARKS.md | 8 ++++---- CHANGELOG.md | 10 +++++----- CONTRIBUTING.md | 2 +- README.md | 52 ++++++++++++++++++++++++------------------------- 6 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0795665d..8ebae712 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,7 +7,7 @@ matrix: env: GO111MODULE=on - go: 1.13.x - go: 1.13.x - env: + env: - TESTTAGS=nomsgpack - go: 1.14.x - go: 1.14.x diff --git a/AUTHORS.md b/AUTHORS.md index dda19bcf..a477611b 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -156,7 +156,7 @@ People and companies, who have contributed, in alphabetical order. - Fix variadic parameter in the flexible render API - Fix Corrupted plain render - Add Pluggable View Renderer Example - + **@msemenistyi (Mykyta Semenistyi)** - update Readme.md. Add code to String method diff --git a/BENCHMARKS.md b/BENCHMARKS.md index 0f59b509..c11ee99a 100644 --- a/BENCHMARKS.md +++ b/BENCHMARKS.md @@ -1,11 +1,11 @@ # Benchmark System -**VM HOST:** Travis -**Machine:** Ubuntu 16.04.6 LTS x64 -**Date:** May 04th, 2020 +**VM HOST:** Travis +**Machine:** Ubuntu 16.04.6 LTS x64 +**Date:** May 04th, 2020 **Version:** Gin v1.6.3 -**Go Version:** 1.14.2 linux/amd64 +**Go Version:** 1.14.2 linux/amd64 **Source:** [Go HTTP Router Benchmark](https://github.com/gin-gonic/go-http-routing-benchmark) **Result:** [See the gist](https://gist.github.com/appleboy/b5f2ecfaf50824ae9c64dcfb9165ae5e) or [Travis result](https://travis-ci.org/github/gin-gonic/go-http-routing-benchmark/jobs/682947061) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ac51ad3..ddf30e18 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -215,12 +215,12 @@ ## Gin 1.1 -- [NEW] Implement QueryArray and PostArray methods -- [NEW] Refactor GetQuery and GetPostForm -- [NEW] Add contribution guide +- [NEW] Implement QueryArray and PostArray methods +- [NEW] Refactor GetQuery and GetPostForm +- [NEW] Add contribution guide - [FIX] Corrected typos in README -- [FIX] Removed additional Iota -- [FIX] Changed imports to gopkg instead of github in README (#733) +- [FIX] Removed additional Iota +- [FIX] Changed imports to gopkg instead of github in README (#733) - [FIX] Logger: skip ANSI color commands if output is not a tty ## Gin 1.0rc2 (...) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 98d758ef..97daa808 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,4 +1,4 @@ -## Contributing +## Contributing - With issues: - Use the search tool before opening a new issue. diff --git a/README.md b/README.md index 0c263244..119f9452 100644 --- a/README.md +++ b/README.md @@ -103,7 +103,7 @@ import "net/http" ``` ## Quick start - + ```sh # assume the following codes in example.go file $ cat example.go @@ -588,44 +588,44 @@ func main() { ::1 - [Fri, 07 Dec 2018 17:04:38 JST] "GET /ping HTTP/1.1 200 122.767µs "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.80 Safari/537.36" " ``` -### Controlling Log output coloring +### Controlling Log output coloring By default, logs output on console should be colorized depending on the detected TTY. -Never colorize logs: +Never colorize logs: ```go func main() { // Disable log's color gin.DisableConsoleColor() - + // Creates a gin router with default middleware: // logger and recovery (crash-free) middleware router := gin.Default() - + router.GET("/ping", func(c *gin.Context) { c.String(200, "pong") }) - + router.Run(":8080") } ``` -Always colorize logs: +Always colorize logs: ```go func main() { // Force log's color gin.ForceConsoleColor() - + // Creates a gin router with default middleware: // logger and recovery (crash-free) middleware router := gin.Default() - + router.GET("/ping", func(c *gin.Context) { c.String(200, "pong") }) - + router.Run(":8080") } ``` @@ -667,12 +667,12 @@ func main() { c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return } - + if json.User != "manu" || json.Password != "123" { c.JSON(http.StatusUnauthorized, gin.H{"status": "unauthorized"}) return - } - + } + c.JSON(http.StatusOK, gin.H{"status": "you are logged in"}) }) @@ -688,12 +688,12 @@ func main() { c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return } - + if xml.User != "manu" || xml.Password != "123" { c.JSON(http.StatusUnauthorized, gin.H{"status": "unauthorized"}) return - } - + } + c.JSON(http.StatusOK, gin.H{"status": "you are logged in"}) }) @@ -705,12 +705,12 @@ func main() { c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()}) return } - + if form.User != "manu" || form.Password != "123" { c.JSON(http.StatusUnauthorized, gin.H{"status": "unauthorized"}) return - } - + } + c.JSON(http.StatusOK, gin.H{"status": "you are logged in"}) }) @@ -807,7 +807,7 @@ $ curl "localhost:8085/bookable?check_in=2030-03-10&check_out=2030-03-09" {"error":"Key: 'Booking.CheckOut' Error:Field validation for 'CheckOut' failed on the 'gtfield' tag"} $ curl "localhost:8085/bookable?check_in=2000-03-09&check_out=2000-03-10" -{"error":"Key: 'Booking.CheckIn' Error:Field validation for 'CheckIn' failed on the 'bookabledate' tag"}% +{"error":"Key: 'Booking.CheckIn' Error:Field validation for 'CheckIn' failed on the 'bookabledate' tag"}% ``` [Struct level validations](https://github.com/go-playground/validator/releases/tag/v8.7) can also be registered this way. @@ -1145,7 +1145,7 @@ func main() { data := gin.H{ "foo": "bar", } - + //callback is x // Will output : x({\"foo\":\"bar\"}) c.JSONP(http.StatusOK, data) @@ -1190,21 +1190,21 @@ This feature is unavailable in Go 1.6 and lower. ```go func main() { r := gin.Default() - + // Serves unicode entities r.GET("/json", func(c *gin.Context) { c.JSON(200, gin.H{ "html": "Hello, world!", }) }) - + // Serves literal characters r.GET("/purejson", func(c *gin.Context) { c.PureJSON(200, gin.H{ "html": "Hello, world!", }) }) - + // listen and serve on 0.0.0.0:8080 r.Run(":8080") } @@ -1812,11 +1812,11 @@ func main() { // the request it is currently handling ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() - + if err := srv.Shutdown(ctx); err != nil { log.Fatal("Server forced to shutdown:", err) } - + log.Println("Server exiting") } ``` From 1bdf86b722026fd650fddfef7fe9bd8342b51b7a Mon Sep 17 00:00:00 2001 From: Andy Pan Date: Mon, 8 Feb 2021 23:24:22 +0800 Subject: [PATCH 15/28] Remove the tedious named return value (#2620) Co-authored-by: thinkerou --- internal/bytesconv/bytesconv.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/bytesconv/bytesconv.go b/internal/bytesconv/bytesconv.go index fdad2015..86e4c4d4 100644 --- a/internal/bytesconv/bytesconv.go +++ b/internal/bytesconv/bytesconv.go @@ -9,7 +9,7 @@ import ( ) // StringToBytes converts string to byte slice without a memory allocation. -func StringToBytes(s string) (b []byte) { +func StringToBytes(s string) []byte { return *(*[]byte)(unsafe.Pointer( &struct { string From ed6f85c478ba00e5168be1f29ffcdc9a983568b8 Mon Sep 17 00:00:00 2001 From: thinkerou Date: Sat, 27 Mar 2021 09:09:44 +0800 Subject: [PATCH 16/28] build: convert to go:build directives (#2664) --- binding/binding.go | 1 + binding/binding_msgpack_test.go | 1 + binding/binding_nomsgpack.go | 1 + binding/msgpack.go | 1 + binding/msgpack_test.go | 1 + context_appengine.go | 5 +++-- errors_1.13_test.go | 1 + internal/json/json.go | 1 + internal/json/jsoniter.go | 1 + render/msgpack.go | 1 + render/render_msgpack_test.go | 1 + 11 files changed, 13 insertions(+), 2 deletions(-) diff --git a/binding/binding.go b/binding/binding.go index 5c8e235b..5caeb581 100644 --- a/binding/binding.go +++ b/binding/binding.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build !nomsgpack // +build !nomsgpack package binding diff --git a/binding/binding_msgpack_test.go b/binding/binding_msgpack_test.go index 9791a607..04d94079 100644 --- a/binding/binding_msgpack_test.go +++ b/binding/binding_msgpack_test.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build !nomsgpack // +build !nomsgpack package binding diff --git a/binding/binding_nomsgpack.go b/binding/binding_nomsgpack.go index fd227b11..9afa3dcf 100644 --- a/binding/binding_nomsgpack.go +++ b/binding/binding_nomsgpack.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build nomsgpack // +build nomsgpack package binding diff --git a/binding/msgpack.go b/binding/msgpack.go index a5bc2ad2..2a442996 100644 --- a/binding/msgpack.go +++ b/binding/msgpack.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build !nomsgpack // +build !nomsgpack package binding diff --git a/binding/msgpack_test.go b/binding/msgpack_test.go index 296d3eb1..75600ba8 100644 --- a/binding/msgpack_test.go +++ b/binding/msgpack_test.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build !nomsgpack // +build !nomsgpack package binding diff --git a/context_appengine.go b/context_appengine.go index 38c189a0..d5658434 100644 --- a/context_appengine.go +++ b/context_appengine.go @@ -1,9 +1,10 @@ -// +build appengine - // Copyright 2017 Manu Martinez-Almeida. All rights reserved. // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build appengine +// +build appengine + package gin func init() { diff --git a/errors_1.13_test.go b/errors_1.13_test.go index a8f9a94e..5fb6057b 100644 --- a/errors_1.13_test.go +++ b/errors_1.13_test.go @@ -1,3 +1,4 @@ +//go:build go1.13 // +build go1.13 package gin diff --git a/internal/json/json.go b/internal/json/json.go index 480e8bff..172aeb24 100644 --- a/internal/json/json.go +++ b/internal/json/json.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build !jsoniter // +build !jsoniter package json diff --git a/internal/json/jsoniter.go b/internal/json/jsoniter.go index 649a3cdb..232f8dca 100644 --- a/internal/json/jsoniter.go +++ b/internal/json/jsoniter.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build jsoniter // +build jsoniter package json diff --git a/render/msgpack.go b/render/msgpack.go index be2d45c5..6ef5b6e5 100644 --- a/render/msgpack.go +++ b/render/msgpack.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build !nomsgpack // +build !nomsgpack package render diff --git a/render/render_msgpack_test.go b/render/render_msgpack_test.go index e439ac48..8170fbe8 100644 --- a/render/render_msgpack_test.go +++ b/render/render_msgpack_test.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. +//go:build !nomsgpack // +build !nomsgpack package render From a331dc6a31473b7208c57ec32e14bfcec3062dbb Mon Sep 17 00:00:00 2001 From: Ni Hao Date: Sat, 27 Mar 2021 14:41:31 +0800 Subject: [PATCH 17/28] chore: remove duplicate test 'assert.Equal' (#2617) Co-authored-by: thinkerou --- routes_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/routes_test.go b/routes_test.go index 11ff71a6..485f0eea 100644 --- a/routes_test.go +++ b/routes_test.go @@ -238,7 +238,6 @@ func TestRouteParamsByName(t *testing.T) { assert.True(t, ok) assert.Equal(t, name, c.Param("name")) - assert.Equal(t, name, c.Param("name")) assert.Equal(t, lastName, c.Param("last_name")) assert.Empty(t, c.Param("wtf")) @@ -272,7 +271,6 @@ func TestRouteParamsByNameWithExtraSlash(t *testing.T) { assert.True(t, ok) assert.Equal(t, name, c.Param("name")) - assert.Equal(t, name, c.Param("name")) assert.Equal(t, lastName, c.Param("last_name")) assert.Empty(t, c.Param("wtf")) From f3de8132c5d955784deeadb9bcf5752e9fdf0d8c Mon Sep 17 00:00:00 2001 From: Ross Wolf <31489089+rw-access@users.noreply.github.com> Date: Mon, 5 Apr 2021 20:49:08 -0600 Subject: [PATCH 18/28] Add mixed param and non-param paths (port of httprouter#329) (#2663) Co-authored-by: Bo-Yi Wu --- AUTHORS.md | 2 + CHANGELOG.md | 6 +++ README.md | 7 ++++ tree.go | 115 ++++++++++++++++++++++++++------------------------- tree_test.go | 50 ++++++++++++++++------ 5 files changed, 112 insertions(+), 68 deletions(-) diff --git a/AUTHORS.md b/AUTHORS.md index a477611b..c634e6be 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -190,6 +190,8 @@ People and companies, who have contributed, in alphabetical order. **@rogierlommers (Rogier Lommers)** - Add updated static serve example +**@rw-access (Ross Wolf)** +- Added support to mix exact and param routes **@se77en (Damon Zhao)** - Improve color logging diff --git a/CHANGELOG.md b/CHANGELOG.md index ddf30e18..a56d4ff8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Gin ChangeLog +## Gin v1.7.0 + +### ENHANCEMENTS + +* Support params and exact routes without creating conflicts [#2663](https://github.com/gin-gonic/gin/pull/2663) + ## Gin v1.6.3 ### ENHANCEMENTS diff --git a/README.md b/README.md index 119f9452..eb84031a 100644 --- a/README.md +++ b/README.md @@ -243,6 +243,13 @@ func main() { c.FullPath() == "/user/:name/*action" // true }) + // This handler will add a new router for /user/groups. + // Exact routes are resolved before param routes, regardless of the order they were defined. + // Routes starting with /user/groups are never interpreted as /user/:name/... routes + router.GET("/user/groups", func(c *gin.Context) { + c.String(http.StatusOK, "The available groups are [...]", name) + }) + router.Run(":8080") } ``` diff --git a/tree.go b/tree.go index 74e07e84..ca753e6d 100644 --- a/tree.go +++ b/tree.go @@ -80,6 +80,16 @@ func longestCommonPrefix(a, b string) int { return i } +// addChild will add a child node, keeping wildcards at the end +func (n *node) addChild(child *node) { + if n.wildChild && len(n.children) > 0 { + wildcardChild := n.children[len(n.children)-1] + n.children = append(n.children[:len(n.children)-1], child, wildcardChild) + } else { + n.children = append(n.children, child) + } +} + func countParams(path string) uint16 { var n uint16 s := bytesconv.StringToBytes(path) @@ -103,7 +113,7 @@ type node struct { wildChild bool nType nodeType priority uint32 - children []*node + children []*node // child nodes, at most 1 :param style node at the end of the array handlers HandlersChain fullPath string } @@ -177,36 +187,9 @@ walk: // Make new node a child of this node if i < len(path) { path = path[i:] - - if n.wildChild { - parentFullPathIndex += len(n.path) - n = n.children[0] - n.priority++ - - // Check if the wildcard matches - if len(path) >= len(n.path) && n.path == path[:len(n.path)] && - // Adding a child to a catchAll is not possible - n.nType != catchAll && - // Check for longer wildcard, e.g. :name and :names - (len(n.path) >= len(path) || path[len(n.path)] == '/') { - continue walk - } - - pathSeg := path - if n.nType != catchAll { - pathSeg = strings.SplitN(path, "/", 2)[0] - } - prefix := fullPath[:strings.Index(fullPath, pathSeg)] + n.path - panic("'" + pathSeg + - "' in new path '" + fullPath + - "' conflicts with existing wildcard '" + n.path + - "' in existing prefix '" + prefix + - "'") - } - c := path[0] - // slash after param + // '/' after param if n.nType == param && c == '/' && len(n.children) == 1 { parentFullPathIndex += len(n.path) n = n.children[0] @@ -225,21 +208,47 @@ walk: } // Otherwise insert it - if c != ':' && c != '*' { + if c != ':' && c != '*' && n.nType != catchAll { // []byte for proper unicode char conversion, see #65 n.indices += bytesconv.BytesToString([]byte{c}) child := &node{ fullPath: fullPath, } - n.children = append(n.children, child) + n.addChild(child) n.incrementChildPrio(len(n.indices) - 1) n = child + } else if n.wildChild { + // inserting a wildcard node, need to check if it conflicts with the existing wildcard + n = n.children[len(n.children)-1] + n.priority++ + + // Check if the wildcard matches + if len(path) >= len(n.path) && n.path == path[:len(n.path)] && + // Adding a child to a catchAll is not possible + n.nType != catchAll && + // Check for longer wildcard, e.g. :name and :names + (len(n.path) >= len(path) || path[len(n.path)] == '/') { + continue walk + } + + // Wildcard conflict + pathSeg := path + if n.nType != catchAll { + pathSeg = strings.SplitN(pathSeg, "/", 2)[0] + } + prefix := fullPath[:strings.Index(fullPath, pathSeg)] + n.path + panic("'" + pathSeg + + "' in new path '" + fullPath + + "' conflicts with existing wildcard '" + n.path + + "' in existing prefix '" + prefix + + "'") } + n.insertChild(path, fullPath, handlers) return } - // Otherwise and handle to current node + // Otherwise add handle to current node if n.handlers != nil { panic("handlers are already registered for path '" + fullPath + "'") } @@ -293,13 +302,6 @@ func (n *node) insertChild(path string, fullPath string, handlers HandlersChain) panic("wildcards must be named with a non-empty name in path '" + fullPath + "'") } - // Check if this node has existing children which would be - // unreachable if we insert the wildcard here - if len(n.children) > 0 { - panic("wildcard segment '" + wildcard + - "' conflicts with existing children in path '" + fullPath + "'") - } - if wildcard[0] == ':' { // param if i > 0 { // Insert prefix before the current wildcard @@ -307,13 +309,13 @@ func (n *node) insertChild(path string, fullPath string, handlers HandlersChain) path = path[i:] } - n.wildChild = true child := &node{ nType: param, path: wildcard, fullPath: fullPath, } - n.children = []*node{child} + n.addChild(child) + n.wildChild = true n = child n.priority++ @@ -326,7 +328,7 @@ func (n *node) insertChild(path string, fullPath string, handlers HandlersChain) priority: 1, fullPath: fullPath, } - n.children = []*node{child} + n.addChild(child) n = child continue } @@ -360,7 +362,7 @@ func (n *node) insertChild(path string, fullPath string, handlers HandlersChain) fullPath: fullPath, } - n.children = []*node{child} + n.addChild(child) n.indices = string('/') n = child n.priority++ @@ -404,18 +406,18 @@ walk: // Outer loop for walking the tree if len(path) > len(prefix) { if path[:len(prefix)] == prefix { path = path[len(prefix):] - // If this node does not have a wildcard (param or catchAll) - // child, we can just look up the next child node and continue - // to walk down the tree - if !n.wildChild { - idxc := path[0] - for i, c := range []byte(n.indices) { - if c == idxc { - n = n.children[i] - continue walk - } - } + // Try all the non-wildcard children first by matching the indices + idxc := path[0] + for i, c := range []byte(n.indices) { + if c == idxc { + n = n.children[i] + continue walk + } + } + + // If there is no wildcard pattern, recommend a redirection + if !n.wildChild { // Nothing found. // We can recommend to redirect to the same URL without a // trailing slash if a leaf exists for that path. @@ -423,8 +425,9 @@ walk: // Outer loop for walking the tree return } - // Handle wildcard child - n = n.children[0] + // Handle wildcard child, which is always at the end of the array + n = n.children[len(n.children)-1] + switch n.nType { case param: // Find param end (either '/' or path end) diff --git a/tree_test.go b/tree_test.go index 1cb4f559..d7c4fb0b 100644 --- a/tree_test.go +++ b/tree_test.go @@ -137,6 +137,8 @@ func TestTreeWildcard(t *testing.T) { "/", "/cmd/:tool/:sub", "/cmd/:tool/", + "/cmd/whoami", + "/cmd/whoami/root/", "/src/*filepath", "/search/", "/search/:query", @@ -155,8 +157,12 @@ func TestTreeWildcard(t *testing.T) { checkRequests(t, tree, testRequests{ {"/", false, "/", nil}, - {"/cmd/test/", false, "/cmd/:tool/", Params{Param{Key: "tool", Value: "test"}}}, - {"/cmd/test", true, "", Params{Param{Key: "tool", Value: "test"}}}, + {"/cmd/test", true, "/cmd/:tool/", Params{Param{"tool", "test"}}}, + {"/cmd/test/", false, "/cmd/:tool/", Params{Param{"tool", "test"}}}, + {"/cmd/whoami", false, "/cmd/whoami", nil}, + {"/cmd/whoami/", true, "/cmd/whoami", nil}, + {"/cmd/whoami/root/", false, "/cmd/whoami/root/", nil}, + {"/cmd/whoami/root", true, "/cmd/whoami/root/", nil}, {"/cmd/test/3", false, "/cmd/:tool/:sub", Params{Param{Key: "tool", Value: "test"}, Param{Key: "sub", Value: "3"}}}, {"/src/", false, "/src/*filepath", Params{Param{Key: "filepath", Value: "/"}}}, {"/src/some/file.png", false, "/src/*filepath", Params{Param{Key: "filepath", Value: "/some/file.png"}}}, @@ -245,20 +251,38 @@ func testRoutes(t *testing.T, routes []testRoute) { func TestTreeWildcardConflict(t *testing.T) { routes := []testRoute{ {"/cmd/:tool/:sub", false}, - {"/cmd/vet", true}, + {"/cmd/vet", false}, + {"/foo/bar", false}, + {"/foo/:name", false}, + {"/foo/:names", true}, + {"/cmd/*path", true}, + {"/cmd/:badvar", true}, + {"/cmd/:tool/names", false}, + {"/cmd/:tool/:badsub/details", true}, {"/src/*filepath", false}, + {"/src/:file", true}, + {"/src/static.json", true}, {"/src/*filepathx", true}, {"/src/", true}, + {"/src/foo/bar", true}, {"/src1/", false}, {"/src1/*filepath", true}, {"/src2*filepath", true}, + {"/src2/*filepath", false}, {"/search/:query", false}, - {"/search/invalid", true}, + {"/search/valid", false}, {"/user_:name", false}, - {"/user_x", true}, + {"/user_x", false}, {"/user_:name", false}, {"/id:id", false}, - {"/id/:id", true}, + {"/id/:id", false}, + } + testRoutes(t, routes) +} + +func TestCatchAllAfterSlash(t *testing.T) { + routes := []testRoute{ + {"/non-leading-*catchall", true}, } testRoutes(t, routes) } @@ -266,14 +290,17 @@ func TestTreeWildcardConflict(t *testing.T) { func TestTreeChildConflict(t *testing.T) { routes := []testRoute{ {"/cmd/vet", false}, - {"/cmd/:tool/:sub", true}, + {"/cmd/:tool", false}, + {"/cmd/:tool/:sub", false}, + {"/cmd/:tool/misc", false}, + {"/cmd/:tool/:othersub", true}, {"/src/AUTHORS", false}, {"/src/*filepath", true}, {"/user_x", false}, - {"/user_:name", true}, + {"/user_:name", false}, {"/id/:id", false}, - {"/id:id", true}, - {"/:id", true}, + {"/id:id", false}, + {"/:id", false}, {"/*filepath", true}, } testRoutes(t, routes) @@ -688,8 +715,7 @@ func TestTreeWildcardConflictEx(t *testing.T) { {"/who/are/foo", "/foo", `/who/are/\*you`, `/\*you`}, {"/who/are/foo/", "/foo/", `/who/are/\*you`, `/\*you`}, {"/who/are/foo/bar", "/foo/bar", `/who/are/\*you`, `/\*you`}, - {"/conxxx", "xxx", `/con:tact`, `:tact`}, - {"/conooo/xxx", "ooo", `/con:tact`, `:tact`}, + {"/con:nection", ":nection", `/con:tact`, `:tact`}, } for _, conflict := range conflicts { From bfc8ca285eb46dad60e037d57c545cd260636711 Mon Sep 17 00:00:00 2001 From: Manu MA Date: Tue, 6 Apr 2021 05:37:25 +0200 Subject: [PATCH 19/28] feat(engine): add trustedproxies and remoteIP (#2632) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Søren L. Hansen Co-authored-by: Bo-Yi Wu Co-authored-by: thinkerou Co-authored-by: Javier Provecho Fernandez --- README.md | 33 ++++++++++ context.go | 84 ++++++++++++++++++++----- context_test.go | 84 +++++++++++++++++++++++-- gin.go | 73 +++++++++++++++++++++- gin_integration_test.go | 7 +++ gin_test.go | 134 ++++++++++++++++++++++++++++++++++++++++ 6 files changed, 392 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index eb84031a..d4772d76 100644 --- a/README.md +++ b/README.md @@ -2124,6 +2124,39 @@ func main() { } ``` +## Don't trust all proxies + +Gin lets you specify which headers to hold the real client IP (if any), +as well as specifying which proxies (or direct clients) you trust to +specify one of these headers. + +The `TrustedProxies` slice on your `gin.Engine` specifes network addresses or +network CIDRs from where clients which their request headers related to client +IP can be trusted. They can be IPv4 addresses, IPv4 CIDRs, IPv6 addresses or +IPv6 CIDRs. + +```go +import ( + "fmt" + + "github.com/gin-gonic/gin" +) + +func main() { + + router := gin.Default() + router.TrustedProxies = []string{"192.168.1.2"} + + router.GET("/", func(c *gin.Context) { + // If the client is 192.168.1.2, use the X-Forwarded-For + // header to deduce the original client IP from the trust- + // worthy parts of that header. + // Otherwise, simply return the direct client IP + fmt.Printf("ClientIP: %s\n", c.ClientIP()) + }) + router.Run() +} +``` ## Testing diff --git a/context.go b/context.go index 3d6b56d6..1ba0fa2b 100644 --- a/context.go +++ b/context.go @@ -725,32 +725,82 @@ func (c *Context) ShouldBindBodyWith(obj interface{}, bb binding.BindingBody) (e return bb.BindBody(body, obj) } -// ClientIP implements a best effort algorithm to return the real client IP, it parses -// X-Real-IP and X-Forwarded-For in order to work properly with reverse-proxies such us: nginx or haproxy. -// Use X-Forwarded-For before X-Real-Ip as nginx uses X-Real-Ip with the proxy's IP. +// ClientIP implements a best effort algorithm to return the real client IP. +// It called c.RemoteIP() under the hood, to check if the remote IP is a trusted proxy or not. +// If it's it will then try to parse the headers defined in Engine.RemoteIPHeaders (defaulting to [X-Forwarded-For, X-Real-Ip]). +// If the headers are nots syntactically valid OR the remote IP does not correspong to a trusted proxy, +// the remote IP (coming form Request.RemoteAddr) is returned. func (c *Context) ClientIP() string { - if c.engine.ForwardedByClientIP { - clientIP := c.requestHeader("X-Forwarded-For") - clientIP = strings.TrimSpace(strings.Split(clientIP, ",")[0]) - if clientIP == "" { - clientIP = strings.TrimSpace(c.requestHeader("X-Real-Ip")) - } - if clientIP != "" { - return clientIP - } - } - if c.engine.AppEngine { if addr := c.requestHeader("X-Appengine-Remote-Addr"); addr != "" { return addr } } - if ip, _, err := net.SplitHostPort(strings.TrimSpace(c.Request.RemoteAddr)); err == nil { - return ip + remoteIP, trusted := c.RemoteIP() + if remoteIP == nil { + return "" } - return "" + if trusted && c.engine.ForwardedByClientIP && c.engine.RemoteIPHeaders != nil { + for _, headerName := range c.engine.RemoteIPHeaders { + ip, valid := validateHeader(c.requestHeader(headerName)) + if valid { + return ip + } + } + } + return remoteIP.String() +} + +// RemoteIP parses the IP from Request.RemoteAddr, normalizes and returns the IP (without the port). +// It also checks if the remoteIP is a trusted proxy or not. +// In order to perform this validation, it will see if the IP is contained within at least one of the CIDR blocks +// defined in Engine.TrustedProxies +func (c *Context) RemoteIP() (net.IP, bool) { + ip, _, err := net.SplitHostPort(strings.TrimSpace(c.Request.RemoteAddr)) + if err != nil { + return nil, false + } + remoteIP := net.ParseIP(ip) + if remoteIP == nil { + return nil, false + } + + trustedCIDRs, _ := c.engine.prepareTrustedCIDRs() + c.engine.trustedCIDRs = trustedCIDRs + if c.engine.trustedCIDRs != nil { + for _, cidr := range c.engine.trustedCIDRs { + if cidr.Contains(remoteIP) { + return remoteIP, true + } + } + } + + return remoteIP, false +} + +func validateHeader(header string) (clientIP string, valid bool) { + if header == "" { + return "", false + } + items := strings.Split(header, ",") + for i, ipStr := range items { + ipStr = strings.TrimSpace(ipStr) + ip := net.ParseIP(ipStr) + if ip == nil { + return "", false + } + + // We need to return the first IP in the list, but, + // we should not early return since we need to validate that + // the rest of the header is syntactically valid + if i == 0 { + clientIP = ipStr + valid = true + } + } + return } // ContentType returns the Content-Type header of the request. diff --git a/context_test.go b/context_test.go index 8e1e3b57..8fe47615 100644 --- a/context_test.go +++ b/context_test.go @@ -1392,11 +1392,10 @@ func TestContextClientIP(t *testing.T) { c, _ := CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("POST", "/", nil) - c.Request.Header.Set("X-Real-IP", " 10.10.10.10 ") - c.Request.Header.Set("X-Forwarded-For", " 20.20.20.20, 30.30.30.30") - c.Request.Header.Set("X-Appengine-Remote-Addr", "50.50.50.50") - c.Request.RemoteAddr = " 40.40.40.40:42123 " + resetContextForClientIPTests(c) + // Legacy tests (validating that the defaults don't break the + // (insecure!) old behaviour) assert.Equal(t, "20.20.20.20", c.ClientIP()) c.Request.Header.Del("X-Forwarded-For") @@ -1416,6 +1415,74 @@ func TestContextClientIP(t *testing.T) { // no port c.Request.RemoteAddr = "50.50.50.50" assert.Empty(t, c.ClientIP()) + + // Tests exercising the TrustedProxies functionality + resetContextForClientIPTests(c) + + // No trusted proxies + c.engine.TrustedProxies = []string{} + c.engine.RemoteIPHeaders = []string{"X-Forwarded-For"} + assert.Equal(t, "40.40.40.40", c.ClientIP()) + + // Last proxy is trusted, but the RemoteAddr is not + c.engine.TrustedProxies = []string{"30.30.30.30"} + assert.Equal(t, "40.40.40.40", c.ClientIP()) + + // Only trust RemoteAddr + c.engine.TrustedProxies = []string{"40.40.40.40"} + assert.Equal(t, "20.20.20.20", c.ClientIP()) + + // All steps are trusted + c.engine.TrustedProxies = []string{"40.40.40.40", "30.30.30.30", "20.20.20.20"} + assert.Equal(t, "20.20.20.20", c.ClientIP()) + + // Use CIDR + c.engine.TrustedProxies = []string{"40.40.25.25/16", "30.30.30.30"} + assert.Equal(t, "20.20.20.20", c.ClientIP()) + + // Use hostname that resolves to all the proxies + c.engine.TrustedProxies = []string{"foo"} + assert.Equal(t, "40.40.40.40", c.ClientIP()) + + // Use hostname that returns an error + c.engine.TrustedProxies = []string{"bar"} + assert.Equal(t, "40.40.40.40", c.ClientIP()) + + // X-Forwarded-For has a non-IP element + c.engine.TrustedProxies = []string{"40.40.40.40"} + c.Request.Header.Set("X-Forwarded-For", " blah ") + assert.Equal(t, "40.40.40.40", c.ClientIP()) + + // Result from LookupHost has non-IP element. This should never + // happen, but we should test it to make sure we handle it + // gracefully. + c.engine.TrustedProxies = []string{"baz"} + c.Request.Header.Set("X-Forwarded-For", " 30.30.30.30 ") + assert.Equal(t, "40.40.40.40", c.ClientIP()) + + c.engine.TrustedProxies = []string{"40.40.40.40"} + c.Request.Header.Del("X-Forwarded-For") + c.engine.RemoteIPHeaders = []string{"X-Forwarded-For", "X-Real-IP"} + assert.Equal(t, "10.10.10.10", c.ClientIP()) + + c.engine.RemoteIPHeaders = []string{} + c.engine.AppEngine = true + assert.Equal(t, "50.50.50.50", c.ClientIP()) + + c.Request.Header.Del("X-Appengine-Remote-Addr") + assert.Equal(t, "40.40.40.40", c.ClientIP()) + + // no port + c.Request.RemoteAddr = "50.50.50.50" + assert.Empty(t, c.ClientIP()) +} + +func resetContextForClientIPTests(c *Context) { + c.Request.Header.Set("X-Real-IP", " 10.10.10.10 ") + c.Request.Header.Set("X-Forwarded-For", " 20.20.20.20, 30.30.30.30") + c.Request.Header.Set("X-Appengine-Remote-Addr", "50.50.50.50") + c.Request.RemoteAddr = " 40.40.40.40:42123 " + c.engine.AppEngine = false } func TestContextContentType(t *testing.T) { @@ -1960,3 +2027,12 @@ func TestContextWithKeysMutex(t *testing.T) { assert.Nil(t, value) assert.False(t, err) } + +func TestRemoteIPFail(t *testing.T) { + c, _ := CreateTestContext(httptest.NewRecorder()) + c.Request, _ = http.NewRequest("POST", "/", nil) + c.Request.RemoteAddr = "[:::]:80" + ip, trust := c.RemoteIP() + assert.Nil(t, ip) + assert.False(t, trust) +} diff --git a/gin.go b/gin.go index 1e126179..03a0e127 100644 --- a/gin.go +++ b/gin.go @@ -11,6 +11,7 @@ import ( "net/http" "os" "path" + "strings" "sync" "github.com/gin-gonic/gin/internal/bytesconv" @@ -81,9 +82,26 @@ type Engine struct { // If no other Method is allowed, the request is delegated to the NotFound // handler. HandleMethodNotAllowed bool - ForwardedByClientIP bool - // #726 #755 If enabled, it will thrust some headers starting with + // If enabled, client IP will be parsed from the request's headers that + // match those stored at `(*gin.Engine).RemoteIPHeaders`. If no IP was + // fetched, it falls back to the IP obtained from + // `(*gin.Context).Request.RemoteAddr`. + ForwardedByClientIP bool + + // List of headers used to obtain the client IP when + // `(*gin.Engine).ForwardedByClientIP` is `true` and + // `(*gin.Context).Request.RemoteAddr` is matched by at least one of the + // network origins of `(*gin.Engine).TrustedProxies`. + RemoteIPHeaders []string + + // List of network origins (IPv4 addresses, IPv4 CIDRs, IPv6 addresses or + // IPv6 CIDRs) from which to trust request's headers that contain + // alternative client IP when `(*gin.Engine).ForwardedByClientIP` is + // `true`. + TrustedProxies []string + + // #726 #755 If enabled, it will trust some headers starting with // 'X-AppEngine...' for better integration with that PaaS. AppEngine bool @@ -114,6 +132,7 @@ type Engine struct { pool sync.Pool trees methodTrees maxParams uint16 + trustedCIDRs []*net.IPNet } var _ IRouter = &Engine{} @@ -139,6 +158,8 @@ func New() *Engine { RedirectFixedPath: false, HandleMethodNotAllowed: false, ForwardedByClientIP: true, + RemoteIPHeaders: []string{"X-Forwarded-For", "X-Real-IP"}, + TrustedProxies: []string{"0.0.0.0/0"}, AppEngine: defaultAppEngine, UseRawPath: false, RemoveExtraSlash: false, @@ -305,12 +326,60 @@ func iterate(path, method string, routes RoutesInfo, root *node) RoutesInfo { func (engine *Engine) Run(addr ...string) (err error) { defer func() { debugPrintError(err) }() + trustedCIDRs, err := engine.prepareTrustedCIDRs() + if err != nil { + return err + } + engine.trustedCIDRs = trustedCIDRs address := resolveAddress(addr) debugPrint("Listening and serving HTTP on %s\n", address) err = http.ListenAndServe(address, engine) return } +func (engine *Engine) prepareTrustedCIDRs() ([]*net.IPNet, error) { + if engine.TrustedProxies == nil { + return nil, nil + } + + cidr := make([]*net.IPNet, 0, len(engine.TrustedProxies)) + for _, trustedProxy := range engine.TrustedProxies { + if !strings.Contains(trustedProxy, "/") { + ip := parseIP(trustedProxy) + if ip == nil { + return cidr, &net.ParseError{Type: "IP address", Text: trustedProxy} + } + + switch len(ip) { + case net.IPv4len: + trustedProxy += "/32" + case net.IPv6len: + trustedProxy += "/128" + } + } + _, cidrNet, err := net.ParseCIDR(trustedProxy) + if err != nil { + return cidr, err + } + cidr = append(cidr, cidrNet) + } + return cidr, nil +} + +// parseIP parse a string representation of an IP and returns a net.IP with the +// minimum byte representation or nil if input is invalid. +func parseIP(ip string) net.IP { + parsedIP := net.ParseIP(ip) + + if ipv4 := parsedIP.To4(); ipv4 != nil { + // return ip in a 4-byte representation + return ipv4 + } + + // return ip in a 16-byte representation or nil + return parsedIP +} + // RunTLS attaches the router to a http.Server and starts listening and serving HTTPS (secure) requests. // It is a shortcut for http.ListenAndServeTLS(addr, certFile, keyFile, router) // Note: this method will block the calling goroutine indefinitely unless an error happens. diff --git a/gin_integration_test.go b/gin_integration_test.go index 41ad9874..fd972657 100644 --- a/gin_integration_test.go +++ b/gin_integration_test.go @@ -55,6 +55,13 @@ func TestRunEmpty(t *testing.T) { testRequest(t, "http://localhost:8080/example") } +func TestTrustedCIDRsForRun(t *testing.T) { + os.Setenv("PORT", "") + router := New() + router.TrustedProxies = []string{"hello/world"} + assert.Error(t, router.Run(":8080")) +} + func TestRunTLS(t *testing.T) { router := New() go func() { diff --git a/gin_test.go b/gin_test.go index 11bdd79c..678d95f2 100644 --- a/gin_test.go +++ b/gin_test.go @@ -9,6 +9,7 @@ import ( "fmt" "html/template" "io/ioutil" + "net" "net/http" "net/http/httptest" "reflect" @@ -532,6 +533,139 @@ func TestEngineHandleContextManyReEntries(t *testing.T) { assert.Equal(t, int64(expectValue), middlewareCounter) } +func TestPrepareTrustedCIRDsWith(t *testing.T) { + r := New() + + // valid ipv4 cidr + { + expectedTrustedCIDRs := []*net.IPNet{parseCIDR("0.0.0.0/0")} + r.TrustedProxies = []string{"0.0.0.0/0"} + + trustedCIDRs, err := r.prepareTrustedCIDRs() + + assert.NoError(t, err) + assert.Equal(t, expectedTrustedCIDRs, trustedCIDRs) + } + + // invalid ipv4 cidr + { + r.TrustedProxies = []string{"192.168.1.33/33"} + + _, err := r.prepareTrustedCIDRs() + + assert.Error(t, err) + } + + // valid ipv4 address + { + expectedTrustedCIDRs := []*net.IPNet{parseCIDR("192.168.1.33/32")} + r.TrustedProxies = []string{"192.168.1.33"} + + trustedCIDRs, err := r.prepareTrustedCIDRs() + + assert.NoError(t, err) + assert.Equal(t, expectedTrustedCIDRs, trustedCIDRs) + } + + // invalid ipv4 address + { + r.TrustedProxies = []string{"192.168.1.256"} + + _, err := r.prepareTrustedCIDRs() + + assert.Error(t, err) + } + + // valid ipv6 address + { + expectedTrustedCIDRs := []*net.IPNet{parseCIDR("2002:0000:0000:1234:abcd:ffff:c0a8:0101/128")} + r.TrustedProxies = []string{"2002:0000:0000:1234:abcd:ffff:c0a8:0101"} + + trustedCIDRs, err := r.prepareTrustedCIDRs() + + assert.NoError(t, err) + assert.Equal(t, expectedTrustedCIDRs, trustedCIDRs) + } + + // invalid ipv6 address + { + r.TrustedProxies = []string{"gggg:0000:0000:1234:abcd:ffff:c0a8:0101"} + + _, err := r.prepareTrustedCIDRs() + + assert.Error(t, err) + } + + // valid ipv6 cidr + { + expectedTrustedCIDRs := []*net.IPNet{parseCIDR("::/0")} + r.TrustedProxies = []string{"::/0"} + + trustedCIDRs, err := r.prepareTrustedCIDRs() + + assert.NoError(t, err) + assert.Equal(t, expectedTrustedCIDRs, trustedCIDRs) + } + + // invalid ipv6 cidr + { + r.TrustedProxies = []string{"gggg:0000:0000:1234:abcd:ffff:c0a8:0101/129"} + + _, err := r.prepareTrustedCIDRs() + + assert.Error(t, err) + } + + // valid combination + { + expectedTrustedCIDRs := []*net.IPNet{ + parseCIDR("::/0"), + parseCIDR("192.168.0.0/16"), + parseCIDR("172.16.0.1/32"), + } + r.TrustedProxies = []string{ + "::/0", + "192.168.0.0/16", + "172.16.0.1", + } + + trustedCIDRs, err := r.prepareTrustedCIDRs() + + assert.NoError(t, err) + assert.Equal(t, expectedTrustedCIDRs, trustedCIDRs) + } + + // invalid combination + { + r.TrustedProxies = []string{ + "::/0", + "192.168.0.0/16", + "172.16.0.256", + } + _, err := r.prepareTrustedCIDRs() + + assert.Error(t, err) + } + + // nil value + { + r.TrustedProxies = nil + trustedCIDRs, err := r.prepareTrustedCIDRs() + + assert.Nil(t, trustedCIDRs) + assert.Nil(t, err) + } + +} + +func parseCIDR(cidr string) *net.IPNet { + _, parsedCIDR, err := net.ParseCIDR(cidr) + if err != nil { + fmt.Println(err) + } + return parsedCIDR +} + func assertRoutePresent(t *testing.T, gotRoutes RoutesInfo, wantRoute RouteInfo) { for _, gotRoute := range gotRoutes { if gotRoute.Path == wantRoute.Path && gotRoute.Method == wantRoute.Method { From d496f64540b6707602de50ab57aeea8ff4080b74 Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Thu, 8 Apr 2021 15:47:41 +0800 Subject: [PATCH 20/28] bump to v1.7.0 version (#2672) --- CHANGELOG.md | 29 ++++++++++++++++++++++++++++- version.go | 2 +- 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a56d4ff8..44d62514 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,9 +2,36 @@ ## Gin v1.7.0 +### BUGFIXES + +* fix compile error from [#2572](https://github.com/gin-gonic/gin/pull/2572) ([#2600](https://github.com/gin-gonic/gin/pull/2600)) +* fix: print headers without Authorization header on broken pipe ([#2528](https://github.com/gin-gonic/gin/pull/2528)) +* fix(tree): reassign fullpath when register new node ([#2366](https://github.com/gin-gonic/gin/pull/2366)) + ### ENHANCEMENTS -* Support params and exact routes without creating conflicts [#2663](https://github.com/gin-gonic/gin/pull/2663) +* Support params and exact routes without creating conflicts ([#2663](https://github.com/gin-gonic/gin/pull/2663)) +* chore: improve render string performance ([#2365](https://github.com/gin-gonic/gin/pull/2365)) +* Sync route tree to httprouter latest code ([#2368](https://github.com/gin-gonic/gin/pull/2368)) +* chore: rename getQueryCache/getFormCache to initQueryCache/initFormCa ([#2375](https://github.com/gin-gonic/gin/pull/2375)) +* chore(performance): improve countParams ([#2378](https://github.com/gin-gonic/gin/pull/2378)) +* Remove some functions that have the same effect as the bytes package ([#2387](https://github.com/gin-gonic/gin/pull/2387)) +* update:SetMode function ([#2321](https://github.com/gin-gonic/gin/pull/2321)) +* remove a unused type SecureJSONPrefix ([#2391](https://github.com/gin-gonic/gin/pull/2391)) +* Add a redirect sample for POST method ([#2389](https://github.com/gin-gonic/gin/pull/2389)) +* Add CustomRecovery builtin middleware ([#2322](https://github.com/gin-gonic/gin/pull/2322)) +* binding: avoid 2038 problem on 32-bit architectures ([#2450](https://github.com/gin-gonic/gin/pull/2450)) +* Prevent panic in Context.GetQuery() when there is no Request ([#2412](https://github.com/gin-gonic/gin/pull/2412)) +* Add GetUint and GetUint64 method on gin.context ([#2487](https://github.com/gin-gonic/gin/pull/2487)) +* update content-disposition header to MIME-style ([#2512](https://github.com/gin-gonic/gin/pull/2512)) +* reduce allocs and improve the render `WriteString` ([#2508](https://github.com/gin-gonic/gin/pull/2508)) +* implement ".Unwrap() error" on Error type ([#2525](https://github.com/gin-gonic/gin/pull/2525)) ([#2526](https://github.com/gin-gonic/gin/pull/2526)) +* Allow bind with a map[string]string ([#2484](https://github.com/gin-gonic/gin/pull/2484)) +* chore: update tree ([#2371](https://github.com/gin-gonic/gin/pull/2371)) +* Support binding for slice/array obj [Rewrite] ([#2302](https://github.com/gin-gonic/gin/pull/2302)) +* basic auth: fix timing oracle ([#2609](https://github.com/gin-gonic/gin/pull/2609)) +* Add mixed param and non-param paths (port of httprouter[#329](https://github.com/gin-gonic/gin/pull/329)) ([#2663](https://github.com/gin-gonic/gin/pull/2663)) +* feat(engine): add trustedproxies and remoteIP ([#2632](https://github.com/gin-gonic/gin/pull/2632)) ## Gin v1.6.3 diff --git a/version.go b/version.go index 3e9687dc..95b4ed14 100644 --- a/version.go +++ b/version.go @@ -5,4 +5,4 @@ package gin // Version is the current gin framework's version. -const Version = "v1.6.3" +const Version = "v1.7.0" From 03e5e05ae089bc989f1ca41841f05504d29e3fd9 Mon Sep 17 00:00:00 2001 From: Xudong Cai Date: Fri, 9 Apr 2021 00:27:34 +0800 Subject: [PATCH 21/28] fix: data race with trustedCIDRs (#2674) (#2675) Co-authored-by: Bo-Yi Wu --- context.go | 2 -- context_test.go | 16 +++++++++++++++- logger_test.go | 2 ++ 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/context.go b/context.go index 1ba0fa2b..dc03c358 100644 --- a/context.go +++ b/context.go @@ -767,8 +767,6 @@ func (c *Context) RemoteIP() (net.IP, bool) { return nil, false } - trustedCIDRs, _ := c.engine.prepareTrustedCIDRs() - c.engine.trustedCIDRs = trustedCIDRs if c.engine.trustedCIDRs != nil { for _, cidr := range c.engine.trustedCIDRs { if cidr.Contains(remoteIP) { diff --git a/context_test.go b/context_test.go index 8fe47615..cf3f0be9 100644 --- a/context_test.go +++ b/context_test.go @@ -1388,10 +1388,14 @@ func TestContextAbortWithError(t *testing.T) { assert.True(t, c.IsAborted()) } +func resetTrustedCIDRs(c *Context) { + c.engine.trustedCIDRs, _ = c.engine.prepareTrustedCIDRs() +} + func TestContextClientIP(t *testing.T) { c, _ := CreateTestContext(httptest.NewRecorder()) c.Request, _ = http.NewRequest("POST", "/", nil) - + resetTrustedCIDRs(c) resetContextForClientIPTests(c) // Legacy tests (validating that the defaults don't break the @@ -1421,35 +1425,43 @@ func TestContextClientIP(t *testing.T) { // No trusted proxies c.engine.TrustedProxies = []string{} + resetTrustedCIDRs(c) c.engine.RemoteIPHeaders = []string{"X-Forwarded-For"} assert.Equal(t, "40.40.40.40", c.ClientIP()) // Last proxy is trusted, but the RemoteAddr is not c.engine.TrustedProxies = []string{"30.30.30.30"} + resetTrustedCIDRs(c) assert.Equal(t, "40.40.40.40", c.ClientIP()) // Only trust RemoteAddr c.engine.TrustedProxies = []string{"40.40.40.40"} + resetTrustedCIDRs(c) assert.Equal(t, "20.20.20.20", c.ClientIP()) // All steps are trusted c.engine.TrustedProxies = []string{"40.40.40.40", "30.30.30.30", "20.20.20.20"} + resetTrustedCIDRs(c) assert.Equal(t, "20.20.20.20", c.ClientIP()) // Use CIDR c.engine.TrustedProxies = []string{"40.40.25.25/16", "30.30.30.30"} + resetTrustedCIDRs(c) assert.Equal(t, "20.20.20.20", c.ClientIP()) // Use hostname that resolves to all the proxies c.engine.TrustedProxies = []string{"foo"} + resetTrustedCIDRs(c) assert.Equal(t, "40.40.40.40", c.ClientIP()) // Use hostname that returns an error c.engine.TrustedProxies = []string{"bar"} + resetTrustedCIDRs(c) assert.Equal(t, "40.40.40.40", c.ClientIP()) // X-Forwarded-For has a non-IP element c.engine.TrustedProxies = []string{"40.40.40.40"} + resetTrustedCIDRs(c) c.Request.Header.Set("X-Forwarded-For", " blah ") assert.Equal(t, "40.40.40.40", c.ClientIP()) @@ -1457,10 +1469,12 @@ func TestContextClientIP(t *testing.T) { // happen, but we should test it to make sure we handle it // gracefully. c.engine.TrustedProxies = []string{"baz"} + resetTrustedCIDRs(c) c.Request.Header.Set("X-Forwarded-For", " 30.30.30.30 ") assert.Equal(t, "40.40.40.40", c.ClientIP()) c.engine.TrustedProxies = []string{"40.40.40.40"} + resetTrustedCIDRs(c) c.Request.Header.Del("X-Forwarded-For") c.engine.RemoteIPHeaders = []string{"X-Forwarded-For", "X-Real-IP"} assert.Equal(t, "10.10.10.10", c.ClientIP()) diff --git a/logger_test.go b/logger_test.go index 0d40666e..80961ce1 100644 --- a/logger_test.go +++ b/logger_test.go @@ -185,6 +185,8 @@ func TestLoggerWithConfigFormatting(t *testing.T) { buffer := new(bytes.Buffer) router := New() + router.engine.trustedCIDRs, _ = router.engine.prepareTrustedCIDRs() + router.Use(LoggerWithConfig(LoggerConfig{ Output: buffer, Formatter: func(param LogFormatterParams) string { From 51c7d001e086ef3eda9cb08d5bbb63c605ec06af Mon Sep 17 00:00:00 2001 From: thinkerou Date: Fri, 9 Apr 2021 07:38:13 +0800 Subject: [PATCH 22/28] bump to v1.7.1 (#2678) --- CHANGELOG.md | 6 ++++++ version.go | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 44d62514..dc2c2f55 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Gin ChangeLog +## Gin v1.7.1 + +### BUGFIXES + +* fix: data race with trustedCIDRs from [#2674](https://github.com/gin-gonic/gin/issues/2674)([#2675](https://github.com/gin-gonic/gin/pull/2675)) + ## Gin v1.7.0 ### BUGFIXES diff --git a/version.go b/version.go index 95b4ed14..3647461b 100644 --- a/version.go +++ b/version.go @@ -5,4 +5,4 @@ package gin // Version is the current gin framework's version. -const Version = "v1.7.0" +const Version = "v1.7.1" From ee4de846a894e9049321e809d69f4343f62d2862 Mon Sep 17 00:00:00 2001 From: thinkerou Date: Mon, 12 Apr 2021 00:29:34 +0800 Subject: [PATCH 23/28] Remove go1.12 support (#2679) * Revert "Adding ppc64le architecture support on travis-ci (#2538)" This reverts commit fca3f95d7cdfdef203c78f220b84118f44590512. * not support go1.12 * fix * Update errors_test.go * Update debug.go --- .travis.yml | 2 -- README.md | 2 +- debug.go | 4 ++-- debug_test.go | 2 +- errors_1.13_test.go | 34 ---------------------------------- errors_test.go | 22 ++++++++++++++++++++++ 6 files changed, 26 insertions(+), 40 deletions(-) delete mode 100644 errors_1.13_test.go diff --git a/.travis.yml b/.travis.yml index 8ebae712..bcc21414 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,8 +3,6 @@ language: go matrix: fast_finish: true include: - - go: 1.12.x - env: GO111MODULE=on - go: 1.13.x - go: 1.13.x env: diff --git a/README.md b/README.md index d4772d76..e5e3b46a 100644 --- a/README.md +++ b/README.md @@ -84,7 +84,7 @@ Gin is a web framework written in Go (Golang). It features a martini-like API wi To install Gin package, you need to install Go and set your Go workspace first. -1. The first need [Go](https://golang.org/) installed (**version 1.12+ is required**), then you can use the below Go command to install Gin. +1. The first need [Go](https://golang.org/) installed (**version 1.13+ is required**), then you can use the below Go command to install Gin. ```sh $ go get -u github.com/gin-gonic/gin diff --git a/debug.go b/debug.go index 4c7cd0c3..9bacc685 100644 --- a/debug.go +++ b/debug.go @@ -12,7 +12,7 @@ import ( "strings" ) -const ginSupportMinGoVer = 12 +const ginSupportMinGoVer = 13 // IsDebugging returns true if the framework is running in debug mode. // Use SetMode(gin.ReleaseMode) to disable debug mode. @@ -67,7 +67,7 @@ func getMinVer(v string) (uint64, error) { func debugPrintWARNINGDefault() { if v, e := getMinVer(runtime.Version()); e == nil && v <= ginSupportMinGoVer { - debugPrint(`[WARNING] Now Gin requires Go 1.12+. + debugPrint(`[WARNING] Now Gin requires Go 1.13+. `) } diff --git a/debug_test.go b/debug_test.go index c2272d0f..05509992 100644 --- a/debug_test.go +++ b/debug_test.go @@ -104,7 +104,7 @@ func TestDebugPrintWARNINGDefault(t *testing.T) { }) m, e := getMinVer(runtime.Version()) if e == nil && m <= ginSupportMinGoVer { - assert.Equal(t, "[GIN-debug] [WARNING] Now Gin requires Go 1.12+.\n\n[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.\n\n", re) + assert.Equal(t, "[GIN-debug] [WARNING] Now Gin requires Go 1.13+.\n\n[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.\n\n", re) } else { assert.Equal(t, "[GIN-debug] [WARNING] Creating an Engine instance with the Logger and Recovery middleware already attached.\n\n", re) } diff --git a/errors_1.13_test.go b/errors_1.13_test.go deleted file mode 100644 index 5fb6057b..00000000 --- a/errors_1.13_test.go +++ /dev/null @@ -1,34 +0,0 @@ -//go:build go1.13 -// +build go1.13 - -package gin - -import ( - "errors" - "fmt" - "testing" - - "github.com/stretchr/testify/assert" -) - -type TestErr string - -func (e TestErr) Error() string { return string(e) } - -// TestErrorUnwrap tests the behavior of gin.Error with "errors.Is()" and "errors.As()". -// "errors.Is()" and "errors.As()" have been added to the standard library in go 1.13, -// hence the "// +build go1.13" directive at the beginning of this file. -func TestErrorUnwrap(t *testing.T) { - innerErr := TestErr("somme error") - - // 2 layers of wrapping : use 'fmt.Errorf("%w")' to wrap a gin.Error{}, which itself wraps innerErr - err := fmt.Errorf("wrapped: %w", &Error{ - Err: innerErr, - Type: ErrorTypeAny, - }) - - // check that 'errors.Is()' and 'errors.As()' behave as expected : - assert.True(t, errors.Is(err, innerErr)) - var testErr TestErr - assert.True(t, errors.As(err, &testErr)) -} diff --git a/errors_test.go b/errors_test.go index 6aae1c10..ee95ab31 100644 --- a/errors_test.go +++ b/errors_test.go @@ -6,6 +6,7 @@ package gin import ( "errors" + "fmt" "testing" "github.com/gin-gonic/gin/internal/json" @@ -104,3 +105,24 @@ Error #03: third assert.Nil(t, errs.JSON()) assert.Empty(t, errs.String()) } + +type TestErr string + +func (e TestErr) Error() string { return string(e) } + +// TestErrorUnwrap tests the behavior of gin.Error with "errors.Is()" and "errors.As()". +// "errors.Is()" and "errors.As()" have been added to the standard library in go 1.13. +func TestErrorUnwrap(t *testing.T) { + innerErr := TestErr("somme error") + + // 2 layers of wrapping : use 'fmt.Errorf("%w")' to wrap a gin.Error{}, which itself wraps innerErr + err := fmt.Errorf("wrapped: %w", &Error{ + Err: innerErr, + Type: ErrorTypeAny, + }) + + // check that 'errors.Is()' and 'errors.As()' behave as expected : + assert.True(t, errors.Is(err, innerErr)) + var testErr TestErr + assert.True(t, errors.As(err, &testErr)) +} From 77649bcfee1a3eef1cc79839457ed5369916edb4 Mon Sep 17 00:00:00 2001 From: thinkerou Date: Wed, 21 Apr 2021 07:38:54 +0800 Subject: [PATCH 24/28] support Go v1.16 version (#2638) --- .travis.yml | 4 ++++ context_test.go | 8 ++++++-- routes_test.go | 4 +++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index bcc21414..81662315 100644 --- a/.travis.yml +++ b/.travis.yml @@ -15,6 +15,10 @@ matrix: - go: 1.15.x env: - TESTTAGS=nomsgpack + - go: 1.16.x + - go: 1.16.x + env: + - TESTTAGS=nomsgpack - go: master git: diff --git a/context_test.go b/context_test.go index cf3f0be9..8e9f7264 100644 --- a/context_test.go +++ b/context_test.go @@ -1018,7 +1018,9 @@ func TestContextRenderFile(t *testing.T) { assert.Equal(t, http.StatusOK, w.Code) assert.Contains(t, w.Body.String(), "func New() *Engine {") - assert.Equal(t, "text/plain; charset=utf-8", w.Header().Get("Content-Type")) + // Content-Type='text/plain; charset=utf-8' when go version <= 1.16, + // else, Content-Type='text/x-go; charset=utf-8' + assert.NotEqual(t, "", w.Header().Get("Content-Type")) } func TestContextRenderFileFromFS(t *testing.T) { @@ -1030,7 +1032,9 @@ func TestContextRenderFileFromFS(t *testing.T) { assert.Equal(t, http.StatusOK, w.Code) assert.Contains(t, w.Body.String(), "func New() *Engine {") - assert.Equal(t, "text/plain; charset=utf-8", w.Header().Get("Content-Type")) + // Content-Type='text/plain; charset=utf-8' when go version <= 1.16, + // else, Content-Type='text/x-go; charset=utf-8' + assert.NotEqual(t, "", w.Header().Get("Content-Type")) assert.Equal(t, "/some/path", c.Request.URL.Path) } diff --git a/routes_test.go b/routes_test.go index 485f0eea..036fa1c3 100644 --- a/routes_test.go +++ b/routes_test.go @@ -360,7 +360,9 @@ func TestRouterMiddlewareAndStatic(t *testing.T) { assert.Equal(t, http.StatusOK, w.Code) assert.Contains(t, w.Body.String(), "package gin") - assert.Equal(t, "text/plain; charset=utf-8", w.Header().Get("Content-Type")) + // Content-Type='text/plain; charset=utf-8' when go version <= 1.16, + // else, Content-Type='text/x-go; charset=utf-8' + assert.NotEqual(t, "", w.Header().Get("Content-Type")) assert.NotEqual(t, w.Header().Get("Last-Modified"), "Mon, 02 Jan 2006 15:04:05 MST") assert.Equal(t, "Mon, 02 Jan 2006 15:04:05 MST", w.Header().Get("Expires")) assert.Equal(t, "Gin Framework", w.Header().Get("x-GIN")) From 7313b8fddc61fa4df9788abfda4fab53a83dfead Mon Sep 17 00:00:00 2001 From: y-yagi Date: Wed, 21 Apr 2021 08:55:08 +0900 Subject: [PATCH 25/28] Use `Header()` instead of deprecated `HeaderMap` (#2694) Co-authored-by: Bo-Yi Wu --- context_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/context_test.go b/context_test.go index 8e9f7264..993c632f 100644 --- a/context_test.go +++ b/context_test.go @@ -1048,7 +1048,7 @@ func TestContextRenderAttachment(t *testing.T) { assert.Equal(t, 200, w.Code) assert.Contains(t, w.Body.String(), "func New() *Engine {") - assert.Equal(t, fmt.Sprintf("attachment; filename=\"%s\"", newFilename), w.HeaderMap.Get("Content-Disposition")) + assert.Equal(t, fmt.Sprintf("attachment; filename=\"%s\"", newFilename), w.Header().Get("Content-Disposition")) } // TestContextRenderYAML tests that the response is serialized as YAML From f1da692fbdf67736b371eada8997b25f91de5c30 Mon Sep 17 00:00:00 2001 From: heige Date: Wed, 21 Apr 2021 08:24:55 +0800 Subject: [PATCH 26/28] RouterGroup.Handle regular match optimization of http method (#2685) Co-authored-by: thinkerou Co-authored-by: Bo-Yi Wu --- routergroup.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/routergroup.go b/routergroup.go index 15d9930d..6f14bf59 100644 --- a/routergroup.go +++ b/routergroup.go @@ -11,6 +11,11 @@ import ( "strings" ) +var ( + // reg match english letters for http method name + regEnLetter = regexp.MustCompile("^[A-Z]+$") +) + // IRouter defines all router handle interface includes single and group router. type IRouter interface { IRoutes @@ -87,7 +92,7 @@ func (group *RouterGroup) handle(httpMethod, relativePath string, handlers Handl // frequently used, non-standardized or custom methods (e.g. for internal // communication with a proxy). func (group *RouterGroup) Handle(httpMethod, relativePath string, handlers ...HandlerFunc) IRoutes { - if matches, err := regexp.MatchString("^[A-Z]+$", httpMethod); !matches || err != nil { + if matched := regEnLetter.MatchString(httpMethod); !matched { panic("http method " + httpMethod + " is not valid") } return group.handle(httpMethod, relativePath, handlers) From c0418c48e45eabbeceabdaef1b70e4221b980cdd Mon Sep 17 00:00:00 2001 From: zzjin Date: Wed, 21 Apr 2021 08:45:49 +0800 Subject: [PATCH 27/28] Add support go-json, another drop-in json replacement. (#2680) Co-authored-by: Bo-Yi Wu Co-authored-by: thinkerou --- README.md | 12 +++++++++--- go.sum | 2 ++ internal/json/go_json.go | 23 +++++++++++++++++++++++ internal/json/json.go | 4 ++-- 4 files changed, 36 insertions(+), 5 deletions(-) create mode 100644 internal/json/go_json.go diff --git a/README.md b/README.md index e5e3b46a..2e953f5a 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Gin is a web framework written in Go (Golang). It features a martini-like API wi - [Quick start](#quick-start) - [Benchmarks](#benchmarks) - [Gin v1. stable](#gin-v1-stable) - - [Build with jsoniter](#build-with-jsoniter) + - [Build with jsoniter/go-json](#build-with-json-replacement) - [API Examples](#api-examples) - [Using GET, POST, PUT, PATCH, DELETE and OPTIONS](#using-get-post-put-patch-delete-and-options) - [Parameters in path](#parameters-in-path) @@ -182,13 +182,18 @@ Gin uses a custom version of [HttpRouter](https://github.com/julienschmidt/httpr - [x] Battle tested. - [x] API frozen, new releases will not break your code. -## Build with [jsoniter](https://github.com/json-iterator/go) +## Build with json replacement -Gin uses `encoding/json` as default json package but you can change to [jsoniter](https://github.com/json-iterator/go) by build from other tags. +Gin uses `encoding/json` as default json package but you can change it by build from other tags. +[jsoniter](https://github.com/json-iterator/go) ```sh $ go build -tags=jsoniter . ``` +[go-json](https://github.com/goccy/go-json) +```sh +$ go build -tags=go_json . +``` ## API Examples @@ -2215,3 +2220,4 @@ Awesome project lists using [Gin](https://github.com/gin-gonic/gin) web framewor * [picfit](https://github.com/thoas/picfit): An image resizing server written in Go. * [brigade](https://github.com/brigadecore/brigade): Event-based Scripting for Kubernetes. * [dkron](https://github.com/distribworks/dkron): Distributed, fault tolerant job scheduling system. + diff --git a/go.sum b/go.sum index a64b3319..ac92ada3 100644 --- a/go.sum +++ b/go.sum @@ -11,6 +11,8 @@ github.com/go-playground/universal-translator v0.17.0 h1:icxd5fm+REJzpZx7ZfpaD87 github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= github.com/go-playground/validator/v10 v10.4.1 h1:pH2c5ADXtd66mxoE0Zm9SUhxE20r7aM3F26W0hOn+GE= github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= +github.com/goccy/go-json v0.4.11 h1:92nyX606ZN/cUFwctfxwDWm8YWSA38Zlv9s7taFeLyo= +github.com/goccy/go-json v0.4.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/golang/protobuf v1.3.3 h1:gyjaxf+svBWX08ZjK86iN9geUJF0H6gp2IRKX6Nf6/I= github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= diff --git a/internal/json/go_json.go b/internal/json/go_json.go new file mode 100644 index 00000000..da960571 --- /dev/null +++ b/internal/json/go_json.go @@ -0,0 +1,23 @@ +// Copyright 2017 Bo-Yi Wu. All rights reserved. +// Use of this source code is governed by a MIT style +// license that can be found in the LICENSE file. + +//go:build go_json +// +build go_json + +package json + +import json "github.com/goccy/go-json" + +var ( + // Marshal is exported by gin/json package. + Marshal = json.Marshal + // Unmarshal is exported by gin/json package. + Unmarshal = json.Unmarshal + // MarshalIndent is exported by gin/json package. + MarshalIndent = json.MarshalIndent + // NewDecoder is exported by gin/json package. + NewDecoder = json.NewDecoder + // NewEncoder is exported by gin/json package. + NewEncoder = json.NewEncoder +) diff --git a/internal/json/json.go b/internal/json/json.go index 172aeb24..75b60224 100644 --- a/internal/json/json.go +++ b/internal/json/json.go @@ -2,8 +2,8 @@ // Use of this source code is governed by a MIT style // license that can be found in the LICENSE file. -//go:build !jsoniter -// +build !jsoniter +//go:build !jsoniter && !go_json +// +build !jsoniter,!go_json package json From 215c9ce231e55e369e072d402fb9dbd0ec01aa1a Mon Sep 17 00:00:00 2001 From: Qt Date: Wed, 28 Apr 2021 18:39:09 +0800 Subject: [PATCH 28/28] use errors.New to replace fmt.Errorf will much better (#2707) --- binding/json.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/binding/json.go b/binding/json.go index d62e0705..45aaa494 100644 --- a/binding/json.go +++ b/binding/json.go @@ -6,7 +6,7 @@ package binding import ( "bytes" - "fmt" + "errors" "io" "net/http" @@ -32,7 +32,7 @@ func (jsonBinding) Name() string { func (jsonBinding) Bind(req *http.Request, obj interface{}) error { if req == nil || req.Body == nil { - return fmt.Errorf("invalid request") + return errors.New("invalid request") } return decodeJSON(req.Body, obj) }