caddy

mirror of https://github.com/caddyserver/caddy.git synced 2026-04-19 23:48:46 -04:00

Author	SHA1	Message	Date
tsinglua	0722cf6fd8	chore: replace `interface{}` with `any` for modernization (#7571 ) Some checks failed Tests / test (s390x on IBM Z) (push) Has been skipped Details Tests / goreleaser-check (push) Has been skipped Details Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 1m28s Details Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m38s Details Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m39s Details Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m50s Details Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m25s Details Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m32s Details Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m31s Details Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m41s Details Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m23s Details Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m36s Details Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m34s Details Lint / dependency-review (push) Failing after 23s Details OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 27s Details Lint / lint (ubuntu-latest, linux) (push) Successful in 2m5s Details Lint / govulncheck (push) Successful in 1m25s Details Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled Details Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled Details Lint / lint (macos-14, mac) (push) Has been cancelled Details Lint / lint (windows-latest, windows) (push) Has been cancelled Details Signed-off-by: tsinglua <tsinglua@outlook.com>	2026-04-11 19:53:12 +03:00
XYenon	03e6e439dd	reverseproxy: fix X-Forwarded-* headers for Unix socket requests (#7463 ) Some checks failed Tests / test (./cmd/caddy/caddy, ~1.25.0, ubuntu-latest, 0, 1.25, linux) (push) Failing after 16s Details Tests / test (s390x on IBM Z) (push) Has been skipped Details Tests / goreleaser-check (push) Has been skipped Details Cross-Build / build (~1.25.0, 1.25, aix) (push) Failing after 13s Details Cross-Build / build (~1.25.0, 1.25, dragonfly) (push) Failing after 52s Details Cross-Build / build (~1.25.0, 1.25, freebsd) (push) Failing after 14s Details Cross-Build / build (~1.25.0, 1.25, illumos) (push) Failing after 13s Details Cross-Build / build (~1.25.0, 1.25, linux) (push) Failing after 14s Details Cross-Build / build (~1.25.0, 1.25, netbsd) (push) Failing after 15s Details Cross-Build / build (~1.25.0, 1.25, openbsd) (push) Failing after 14s Details Cross-Build / build (~1.25.0, 1.25, solaris) (push) Failing after 14s Details Cross-Build / build (~1.25.0, 1.25, windows) (push) Failing after 13s Details Lint / lint (ubuntu-latest, linux) (push) Failing after 14s Details Lint / govulncheck (push) Successful in 1m42s Details Lint / dependency-review (push) Failing after 14s Details OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 13s Details Cross-Build / build (~1.25.0, 1.25, darwin) (push) Failing after 12m18s Details Tests / test (./cmd/caddy/caddy, ~1.25.0, macos-14, 0, 1.25, mac) (push) Has been cancelled Details Tests / test (./cmd/caddy/caddy.exe, ~1.25.0, windows-latest, True, 1.25, windows) (push) Has been cancelled Details Lint / lint (macos-14, mac) (push) Has been cancelled Details Lint / lint (windows-latest, windows) (push) Has been cancelled Details When a request arrives via a Unix domain socket (RemoteAddr == "@"), net.SplitHostPort fails, causing addForwardedHeaders to strip all X-Forwarded-* headers even when the connection is trusted via trusted_proxies_unix. Handle Unix socket connections before parsing RemoteAddr: if untrusted, strip headers for security; if trusted, let clientIP remain empty (no peer IP for a Unix socket hop) and fall through to the shared header logic, preserving the existing XFF chain without appending a spurious entry. Amp-Thread-ID: https://ampcode.com/threads/T-019c4225-a0ad-7283-ac56-e2c01eae1103 Co-authored-by: Amp <amp@ampcode.com>	2026-02-10 13:00:20 -07:00
Paulo Henrique	62134d65af	reverseproxy: fix error when remote address is not an IP (#7429 )	2026-01-13 19:52:56 +00:00

3 Commits