Commit Graph

11 Commits

Author SHA1 Message Date
Canelo Hill 1d5465562b Unbundle x/net/proxy and update to recent version
Import golang.org/x/net/proxy instead of using the bundle in
x_net_proxy.go. There's no need to avoid the dependency on
golang.org/x/net/proxy now that Go's module system is in widespread use.

Change Dialer.DialContext to pass contexts as an argument to the dial
function instead of tunneling the context through closures. Tunneling is
no longer needed because the proxy package supports contexts. The
version of the proxy package in the bundle predates contexts!

Simplify the code for calculating the base dial function.

Prevent the HTTP proxy dialer from leaking out of the websocket package
by selecting the HTTP proxy dialer directly in the websocket package.
Previously, the HTTP dialer was registered with the proxy package.
2024-06-19 20:11:25 -04:00
Canelo Hill ac1b326ac0
Set min Go version to 1.20 (#930)
Update go.mod and CI to Go version 1.20.
2024-06-19 14:40:57 +10:00
Daniel Holmes 227456c3cc chore: Retract v1.5.2 from go.mod
Maintainers accidentally changed the reference commit
for v1.5.2. This change retracts v1.5.2 which also
includes a number of avoidable issues.

Fixes #927
2024-06-19 04:30:55 +00:00
apoorvajagtap ce903f6d1d Reverts to v1.5.0
This commit reverts the changes back till 8983b96324.
And inherits the README.md changes of 931041c5ee
Relates to:
- https://github.com/gorilla/websocket/issues/880#issuecomment-2081189055
2024-06-13 23:18:03 -04:00
apoorvajagtap 1bddf2e0db bumps go version & removes deprecated module usage 2024-05-01 18:51:54 +05:30
apoorvajagtap b2c246b2ec Revert " Update go version & add verification/testing tools (#840)"
This reverts commit 666c197fc9.
2024-05-01 18:51:54 +05:30
Corey Daley ac0789be11
update GitHub workflows (#857)
<!--
For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.

     For a timely review/response, please avoid force-pushing additional
     commits if your PR already received reviews or comments.

     Before submitting a Pull Request, please ensure that you have:
- 📖 Read the Contributing guide:
https://github.com/gorilla/.github/blob/main/CONTRIBUTING.md
- 📖 Read the Code of Conduct:
https://github.com/gorilla/.github/blob/main/CODE_OF_CONDUCT.md

     - Provide tests for your changes.
     - Use descriptive commit messages.
	 - Comment your code where appropriate.
	 - Squash your commits
     - Update any related documentation.

     - Add gorilla/pull-request-reviewers as a Reviewer
-->

## What type of PR is this? (check all applicable)

- [x] Refactor
- [ ] Feature
- [ ] Bug Fix
- [ ] Optimization
- [ ] Documentation Update
- [ ] Go Version Update
- [ ] Dependency Update

## Description

## Related Tickets & Documents

<!--
For pull requests that relate or close an issue, please include them
below. We like to follow [Github's guidance on linking issues to pull
requests](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue).

For example having the text: "closes #1234" would connect the current
pull
request to issue 1234.  And when we merge the pull request, Github will
automatically close the issue.
-->

- Related Issue #
- Closes #

## Added/updated tests?

- [ ] Yes
- [ ] No, and this is why: _please replace this line with details on why
tests
      have not been included_
- [ ] I need help with writing tests

## Run verifications and test

- [x] `make verify` is passing
- [x] `make test` is passing
2023-10-18 17:57:41 +05:30
Corey Daley 78c34874c8
update golang.org/x/net (#856)
<!--
For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.

     For a timely review/response, please avoid force-pushing additional
     commits if your PR already received reviews or comments.

     Before submitting a Pull Request, please ensure that you have:
- 📖 Read the Contributing guide:
https://github.com/gorilla/.github/blob/main/CONTRIBUTING.md
- 📖 Read the Code of Conduct:
https://github.com/gorilla/.github/blob/main/CODE_OF_CONDUCT.md

     - Provide tests for your changes.
     - Use descriptive commit messages.
	 - Comment your code where appropriate.
	 - Squash your commits
     - Update any related documentation.

     - Add gorilla/pull-request-reviewers as a Reviewer
-->

## What type of PR is this? (check all applicable)

- [ ] Refactor
- [ ] Feature
- [ ] Bug Fix
- [ ] Optimization
- [ ] Documentation Update
- [ ] Go Version Update
- [x] Dependency Update

## Description

## Related Tickets & Documents

<!--
For pull requests that relate or close an issue, please include them
below. We like to follow [Github's guidance on linking issues to pull
requests](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue).

For example having the text: "closes #1234" would connect the current
pull
request to issue 1234.  And when we merge the pull request, Github will
automatically close the issue.
-->

- Related Issue #
- Closes #

## Added/updated tests?

- [ ] Yes
- [ ] No, and this is why: _please replace this line with details on why
tests
      have not been included_
- [ ] I need help with writing tests

## Run verifications and test

- [ ] `make verify` is passing
- [ ] `make test` is passing
2023-10-17 19:57:41 -04:00
Corey Daley 666c197fc9
Update go version & add verification/testing tools (#840)
Fixes #

**Summary of Changes**

1.
2. 
3.

> PS: Make sure your PR includes/updates tests! If you need help with
this part, just ask!
2023-08-27 01:31:45 +05:30
Matt Silverlock 5b740c2926
Read Limit Fix (#537)
This fix addresses a potential denial-of-service (DoS) vector that can cause an integer overflow in the presence of malicious WebSocket frames.

The fix adds additional checks against the remaining bytes on a connection, as well as a test to prevent regression.

Credit to Max Justicz (https://justi.cz/) for discovering and reporting this, as well as providing a robust PoC and review.

* build: go.mod to go1.12
* bugfix: fix DoS vector caused by readLimit bypass
* test: update TestReadLimit sub-test
* bugfix: payload length 127 should read bytes as uint64
* bugfix: defend against readLength overflows
2019-08-24 18:17:28 -07:00
Saddam H 7c8e298727 Add support for go-module 2019-02-04 16:44:14 -08:00