| 
									
										
										
										
											2019-06-30 16:07:58 -06:00
										 |  |  | // Copyright 2015 Matthew Holt and The Caddy Authors | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Licensed under the Apache License, Version 2.0 (the "License"); | 
					
						
							|  |  |  | // you may not use this file except in compliance with the License. | 
					
						
							|  |  |  | // You may obtain a copy of the License at | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | //     http://www.apache.org/licenses/LICENSE-2.0 | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Unless required by applicable law or agreed to in writing, software | 
					
						
							|  |  |  | // distributed under the License is distributed on an "AS IS" BASIS, | 
					
						
							|  |  |  | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 
					
						
							|  |  |  | // See the License for the specific language governing permissions and | 
					
						
							|  |  |  | // limitations under the License. | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | package caddyhttp | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							| 
									
										
										
										
											2019-06-04 13:42:54 -06:00
										 |  |  | 	"encoding/json" | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 	"errors" | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	"fmt" | 
					
						
							| 
									
										
										
										
											2019-06-04 13:42:54 -06:00
										 |  |  | 	"net" | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 	"net/http" | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	"net/textproto" | 
					
						
							|  |  |  | 	"net/url" | 
					
						
							| 
									
										
										
										
											2021-11-08 15:45:03 -05:00
										 |  |  | 	"path" | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 	"reflect" | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	"regexp" | 
					
						
							| 
									
										
										
										
											2023-07-08 13:42:13 -06:00
										 |  |  | 	"runtime" | 
					
						
							| 
									
										
										
										
											2024-04-04 18:27:52 -04:00
										 |  |  | 	"slices" | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | 	"sort" | 
					
						
							| 
									
										
										
										
											2021-05-03 00:35:28 +08:00
										 |  |  | 	"strconv" | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 	"strings" | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 	"github.com/google/cel-go/cel" | 
					
						
							|  |  |  | 	"github.com/google/cel-go/common/types" | 
					
						
							|  |  |  | 	"github.com/google/cel-go/common/types/ref" | 
					
						
							| 
									
										
										
										
											2024-06-18 14:43:54 -06:00
										 |  |  | 	"golang.org/x/net/idna" | 
					
						
							| 
									
										
										
										
											2023-08-14 23:41:15 +08:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	"github.com/caddyserver/caddy/v2" | 
					
						
							|  |  |  | 	"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" | 
					
						
							| 
									
										
										
										
											2019-04-03 11:47:27 -04:00
										 |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | type ( | 
					
						
							| 
									
										
										
										
											2019-11-15 12:47:06 -07:00
										 |  |  | 	// MatchHost matches requests by the Host value (case-insensitive). | 
					
						
							| 
									
										
										
										
											2019-12-31 16:57:54 -07:00
										 |  |  | 	// | 
					
						
							| 
									
										
										
										
											2020-01-17 10:57:57 -07:00
										 |  |  | 	// When used in a top-level HTTP route, | 
					
						
							| 
									
										
										
										
											2019-12-31 16:57:54 -07:00
										 |  |  | 	// [qualifying domain names](/docs/automatic-https#hostname-requirements) | 
					
						
							|  |  |  | 	// may trigger [automatic HTTPS](/docs/automatic-https), which automatically | 
					
						
							|  |  |  | 	// provisions and renews certificates for you. Before doing this, you | 
					
						
							|  |  |  | 	// should ensure that DNS records for these domains are properly configured, | 
					
						
							|  |  |  | 	// especially A/AAAA pointed at your server. | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// Automatic HTTPS can be | 
					
						
							| 
									
										
										
										
											2020-03-24 10:53:53 -06:00
										 |  |  | 	// [customized or disabled](/docs/modules/http#servers/automatic_https). | 
					
						
							| 
									
										
										
										
											2020-04-01 11:40:59 -06:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// Wildcards (`*`) may be used to represent exactly one label of the | 
					
						
							|  |  |  | 	// hostname, in accordance with RFC 1034 (because host matchers are also | 
					
						
							|  |  |  | 	// used for automatic HTTPS which influences TLS certificates). Thus, | 
					
						
							|  |  |  | 	// a host of `*` matches hosts like `localhost` or `internal` but not | 
					
						
							|  |  |  | 	// `example.com`. To catch all hosts, omit the host matcher entirely. | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// The wildcard can be useful for matching all subdomains, for example: | 
					
						
							|  |  |  | 	// `*.example.com` matches `foo.example.com` but not `foo.bar.example.com`. | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// Duplicate entries will return an error. | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | 	MatchHost []string | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	// MatchPath case-insensitively matches requests by the URI's path. Path | 
					
						
							|  |  |  | 	// matching is exact, not prefix-based, giving you more control and clarity | 
					
						
							|  |  |  | 	// over matching. Wildcards (`*`) may be used: | 
					
						
							| 
									
										
										
										
											2020-01-09 14:00:32 -07:00
										 |  |  | 	// | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	// - At the end only, for a prefix match (`/prefix/*`) | 
					
						
							|  |  |  | 	// - At the beginning only, for a suffix match (`*.suffix`) | 
					
						
							|  |  |  | 	// - On both sides only, for a substring match (`*/contains/*`) | 
					
						
							| 
									
										
										
										
											2020-01-09 14:00:32 -07:00
										 |  |  | 	// - In the middle, for a globular match (`/accounts/*/info`) | 
					
						
							|  |  |  | 	// | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	// Slashes are significant; i.e. `/foo*` matches `/foo`, `/foo/`, `/foo/bar`, | 
					
						
							|  |  |  | 	// and `/foobar`; but `/foo/*` does not match `/foo` or `/foobar`. Valid | 
					
						
							|  |  |  | 	// paths start with a slash `/`. | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// Because there are, in general, multiple possible escaped forms of any | 
					
						
							|  |  |  | 	// path, path matchers operate in unescaped space; that is, path matchers | 
					
						
							|  |  |  | 	// should be written in their unescaped form to prevent ambiguities and | 
					
						
							|  |  |  | 	// possible security issues, as all request paths will be normalized to | 
					
						
							|  |  |  | 	// their unescaped forms before matcher evaluation. | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// However, escape sequences in a match pattern are supported; they are | 
					
						
							|  |  |  | 	// compared with the request's raw/escaped path for those bytes only. | 
					
						
							|  |  |  | 	// In other words, a matcher of `/foo%2Fbar` will match a request path | 
					
						
							|  |  |  | 	// of precisely `/foo%2Fbar`, but not `/foo/bar`. It follows that matching | 
					
						
							|  |  |  | 	// the literal percent sign (%) in normalized space can be done using the | 
					
						
							|  |  |  | 	// escaped form, `%25`. | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// Even though wildcards (`*`) operate in the normalized space, the special | 
					
						
							|  |  |  | 	// escaped wildcard (`%*`), which is not a valid escape sequence, may be | 
					
						
							|  |  |  | 	// used in place of a span that should NOT be decoded; that is, `/bands/%*` | 
					
						
							|  |  |  | 	// will match `/bands/AC%2fDC` whereas `/bands/*` will not. | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// Even though path matching is done in normalized space, the special | 
					
						
							|  |  |  | 	// wildcard `%*` may be used in place of a span that should NOT be decoded; | 
					
						
							|  |  |  | 	// that is, `/bands/%*/` will match `/bands/AC%2fDC/` whereas `/bands/*/` | 
					
						
							|  |  |  | 	// will not. | 
					
						
							|  |  |  | 	// | 
					
						
							| 
									
										
										
										
											2020-01-09 14:00:32 -07:00
										 |  |  | 	// This matcher is fast, so it does not support regular expressions or | 
					
						
							| 
									
										
										
										
											2020-01-17 10:57:57 -07:00
										 |  |  | 	// capture groups. For slower but more powerful matching, use the | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	// path_regexp matcher. (Note that due to the special treatment of | 
					
						
							|  |  |  | 	// escape sequences in matcher patterns, they may perform slightly slower | 
					
						
							|  |  |  | 	// in high-traffic environments.) | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | 	MatchPath []string | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// MatchPathRE matches requests by a regular expression on the URI's path. | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	// Path matching is performed in the unescaped (decoded) form of the path. | 
					
						
							| 
									
										
										
										
											2019-12-29 13:16:34 -07:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// Upon a match, it adds placeholders to the request: `{http.regexp.name.capture_group}` | 
					
						
							|  |  |  | 	// where `name` is the regular expression's name, and `capture_group` is either | 
					
						
							|  |  |  | 	// the named or positional capture group from the expression itself. If no name | 
					
						
							|  |  |  | 	// is given, then the placeholder omits the name: `{http.regexp.capture_group}` | 
					
						
							|  |  |  | 	// (potentially leading to collisions). | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | 	MatchPathRE struct{ MatchRegexp } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// MatchMethod matches requests by the method. | 
					
						
							|  |  |  | 	MatchMethod []string | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-08-20 14:14:28 +09:30
										 |  |  | 	// MatchQuery matches requests by the URI's query string. It takes a JSON object | 
					
						
							|  |  |  | 	// keyed by the query keys, with an array of string values to match for that key. | 
					
						
							|  |  |  | 	// Query key matches are exact, but wildcards may be used for value matches. Both | 
					
						
							|  |  |  | 	// keys and values may be placeholders. | 
					
						
							| 
									
										
										
										
											2022-11-30 16:03:31 -07:00
										 |  |  | 	// | 
					
						
							| 
									
										
										
										
											2021-08-20 14:14:28 +09:30
										 |  |  | 	// An example of the structure to match `?key=value&topic=api&query=something` is: | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// ```json | 
					
						
							|  |  |  | 	// { | 
					
						
							|  |  |  | 	// 	"key": ["value"], | 
					
						
							|  |  |  | 	//	"topic": ["api"], | 
					
						
							|  |  |  | 	//	"query": ["*"] | 
					
						
							|  |  |  | 	// } | 
					
						
							|  |  |  | 	// ``` | 
					
						
							| 
									
										
										
										
											2022-07-13 12:20:00 -06:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// Invalid query strings, including those with bad escapings or illegal characters | 
					
						
							|  |  |  | 	// like semicolons, will fail to parse and thus fail to match. | 
					
						
							| 
									
										
										
										
											2022-11-30 16:03:31 -07:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// **NOTE:** Notice that query string values are arrays, not singular values. This is | 
					
						
							|  |  |  | 	// because repeated keys are valid in query strings, and each one may have a | 
					
						
							|  |  |  | 	// different value. This matcher will match for a key if any one of its configured | 
					
						
							| 
									
										
										
										
											2022-12-08 08:55:04 -07:00
										 |  |  | 	// values is assigned in the query string. Backend applications relying on query | 
					
						
							| 
									
										
										
										
											2022-11-30 16:03:31 -07:00
										 |  |  | 	// strings MUST take into consideration that query string values are arrays and can | 
					
						
							|  |  |  | 	// have multiple values. | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | 	MatchQuery url.Values | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-09-24 18:31:01 -06:00
										 |  |  | 	// MatchHeader matches requests by header fields. The key is the field | 
					
						
							|  |  |  | 	// name and the array is the list of field values. It performs fast, | 
					
						
							| 
									
										
										
										
											2020-02-14 11:00:46 -07:00
										 |  |  | 	// exact string comparisons of the field values. Fast prefix, suffix, | 
					
						
							|  |  |  | 	// and substring matches can also be done by suffixing, prefixing, or | 
					
						
							|  |  |  | 	// surrounding the value with the wildcard `*` character, respectively. | 
					
						
							|  |  |  | 	// If a list is null, the header must not exist. If the list is empty, | 
					
						
							|  |  |  | 	// the field must simply exist, regardless of its value. | 
					
						
							| 
									
										
										
										
											2022-11-30 16:03:31 -07:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// **NOTE:** Notice that header values are arrays, not singular values. This is | 
					
						
							|  |  |  | 	// because repeated fields are valid in headers, and each one may have a | 
					
						
							|  |  |  | 	// different value. This matcher will match for a field if any one of its configured | 
					
						
							|  |  |  | 	// values matches in the header. Backend applications relying on headers MUST take | 
					
						
							|  |  |  | 	// into consideration that header field values are arrays and can have multiple | 
					
						
							|  |  |  | 	// values. | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | 	MatchHeader http.Header | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// MatchHeaderRE matches requests by a regular expression on header fields. | 
					
						
							| 
									
										
										
										
											2019-12-29 13:16:34 -07:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// Upon a match, it adds placeholders to the request: `{http.regexp.name.capture_group}` | 
					
						
							|  |  |  | 	// where `name` is the regular expression's name, and `capture_group` is either | 
					
						
							|  |  |  | 	// the named or positional capture group from the expression itself. If no name | 
					
						
							|  |  |  | 	// is given, then the placeholder omits the name: `{http.regexp.capture_group}` | 
					
						
							|  |  |  | 	// (potentially leading to collisions). | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | 	MatchHeaderRE map[string]*MatchRegexp | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-09-24 18:31:01 -06:00
										 |  |  | 	// MatchProtocol matches requests by protocol. Recognized values are | 
					
						
							| 
									
										
										
										
											2022-09-28 13:35:51 -06:00
										 |  |  | 	// "http", "https", and "grpc" for broad protocol matches, or specific | 
					
						
							|  |  |  | 	// HTTP versions can be specified like so: "http/1", "http/1.1", | 
					
						
							|  |  |  | 	// "http/2", "http/3", or minimum versions: "http/2+", etc. | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | 	MatchProtocol string | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | 	// MatchTLS matches HTTP requests based on the underlying | 
					
						
							|  |  |  | 	// TLS connection state. If this matcher is specified but | 
					
						
							|  |  |  | 	// the request did not come over TLS, it will never match. | 
					
						
							|  |  |  | 	// If this matcher is specified but is empty and the request | 
					
						
							|  |  |  | 	// did come in over TLS, it will always match. | 
					
						
							|  |  |  | 	MatchTLS struct { | 
					
						
							|  |  |  | 		// Matches if the TLS handshake has completed. QUIC 0-RTT early | 
					
						
							|  |  |  | 		// data may arrive before the handshake completes. Generally, it | 
					
						
							|  |  |  | 		// is unsafe to replay these requests if they are not idempotent; | 
					
						
							|  |  |  | 		// additionally, the remote IP of early data packets can more | 
					
						
							|  |  |  | 		// easily be spoofed. It is conventional to respond with HTTP 425 | 
					
						
							|  |  |  | 		// Too Early if the request cannot risk being processed in this | 
					
						
							|  |  |  | 		// state. | 
					
						
							|  |  |  | 		HandshakeComplete *bool `json:"handshake_complete,omitempty"` | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 	// MatchNot matches requests by negating the results of its matcher | 
					
						
							|  |  |  | 	// sets. A single "not" matcher takes one or more matcher sets. Each | 
					
						
							|  |  |  | 	// matcher set is OR'ed; in other words, if any matcher set returns | 
					
						
							|  |  |  | 	// true, the final result of the "not" matcher is false. Individual | 
					
						
							|  |  |  | 	// matchers within a set work the same (i.e. different matchers in | 
					
						
							|  |  |  | 	// the same set are AND'ed). | 
					
						
							| 
									
										
										
										
											2020-04-06 18:44:12 -06:00
										 |  |  | 	// | 
					
						
							| 
									
										
										
										
											2021-09-24 18:31:01 -06:00
										 |  |  | 	// NOTE: The generated docs which describe the structure of this | 
					
						
							|  |  |  | 	// module are wrong because of how this type unmarshals JSON in a | 
					
						
							|  |  |  | 	// custom way. The correct structure is: | 
					
						
							| 
									
										
										
										
											2020-04-06 18:44:12 -06:00
										 |  |  | 	// | 
					
						
							|  |  |  | 	// ```json | 
					
						
							|  |  |  | 	// [ | 
					
						
							|  |  |  | 	// 	{}, | 
					
						
							|  |  |  | 	// 	{} | 
					
						
							|  |  |  | 	// ] | 
					
						
							|  |  |  | 	// ``` | 
					
						
							|  |  |  | 	// | 
					
						
							|  |  |  | 	// where each of the array elements is a matcher set, i.e. an | 
					
						
							|  |  |  | 	// object keyed by matcher name. | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | 	MatchNot struct { | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 		MatcherSetsRaw []caddy.ModuleMap `json:"-" caddy:"namespace=http.matchers"` | 
					
						
							|  |  |  | 		MatcherSets    []MatcherSet      `json:"-"` | 
					
						
							| 
									
										
										
										
											2019-06-04 13:42:54 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func init() { | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	caddy.RegisterModule(MatchHost{}) | 
					
						
							|  |  |  | 	caddy.RegisterModule(MatchPath{}) | 
					
						
							|  |  |  | 	caddy.RegisterModule(MatchPathRE{}) | 
					
						
							|  |  |  | 	caddy.RegisterModule(MatchMethod{}) | 
					
						
							|  |  |  | 	caddy.RegisterModule(MatchQuery{}) | 
					
						
							|  |  |  | 	caddy.RegisterModule(MatchHeader{}) | 
					
						
							|  |  |  | 	caddy.RegisterModule(MatchHeaderRE{}) | 
					
						
							|  |  |  | 	caddy.RegisterModule(new(MatchProtocol)) | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | 	caddy.RegisterModule(MatchTLS{}) | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | 	caddy.RegisterModule(MatchNot{}) | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchHost) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.host", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchHost) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (m *MatchHost) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2020-03-18 23:36:25 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							|  |  |  | 		*m = append(*m, d.RemainingArgs()...) | 
					
						
							| 
									
										
										
										
											2020-04-06 15:07:07 -04:00
										 |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed host matcher: blocks are not supported") | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-03-18 23:36:25 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | // Provision sets up and validates m, including making it more efficient for large lists. | 
					
						
							|  |  |  | func (m MatchHost) Provision(_ caddy.Context) error { | 
					
						
							|  |  |  | 	// check for duplicates; they are nonsensical and reduce efficiency | 
					
						
							|  |  |  | 	// (we could just remove them, but the user should know their config is erroneous) | 
					
						
							| 
									
										
										
										
											2024-06-18 14:43:54 -06:00
										 |  |  | 	seen := make(map[string]int, len(m)) | 
					
						
							|  |  |  | 	for i, host := range m { | 
					
						
							|  |  |  | 		asciiHost, err := idna.ToASCII(host) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return fmt.Errorf("converting hostname '%s' to ASCII: %v", host, err) | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2024-06-18 14:43:54 -06:00
										 |  |  | 		if asciiHost != host { | 
					
						
							|  |  |  | 			m[i] = asciiHost | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		normalizedHost := strings.ToLower(asciiHost) | 
					
						
							|  |  |  | 		if firstI, ok := seen[normalizedHost]; ok { | 
					
						
							|  |  |  | 			return fmt.Errorf("host at index %d is repeated at index %d: %s", firstI, i, host) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		seen[normalizedHost] = i | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	if m.large() { | 
					
						
							|  |  |  | 		// sort the slice lexicographically, grouping "fuzzy" entries (wildcards and placeholders) | 
					
						
							|  |  |  | 		// at the front of the list; this allows us to use binary search for exact matches, which | 
					
						
							|  |  |  | 		// we have seen from experience is the most common kind of value in large lists; and any | 
					
						
							|  |  |  | 		// other kinds of values (wildcards and placeholders) are grouped in front so the linear | 
					
						
							|  |  |  | 		// search should find a match fairly quickly | 
					
						
							|  |  |  | 		sort.Slice(m, func(i, j int) bool { | 
					
						
							|  |  |  | 			iInexact, jInexact := m.fuzzy(m[i]), m.fuzzy(m[j]) | 
					
						
							|  |  |  | 			if iInexact && !jInexact { | 
					
						
							|  |  |  | 				return true | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if !iInexact && jInexact { | 
					
						
							|  |  |  | 				return false | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return m[i] < m[j] | 
					
						
							|  |  |  | 		}) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Match returns true if r matches m. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchHost) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchHost) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2019-06-20 20:24:46 -06:00
										 |  |  | 	reqHost, _, err := net.SplitHostPort(r.Host) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		// OK; probably didn't have a port | 
					
						
							|  |  |  | 		reqHost = r.Host | 
					
						
							| 
									
										
										
										
											2019-09-18 09:45:21 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		// make sure we strip the brackets from IPv6 addresses | 
					
						
							|  |  |  | 		reqHost = strings.TrimPrefix(reqHost, "[") | 
					
						
							|  |  |  | 		reqHost = strings.TrimSuffix(reqHost, "]") | 
					
						
							| 
									
										
										
										
											2019-06-20 20:24:46 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | 	if m.large() { | 
					
						
							|  |  |  | 		// fast path: locate exact match using binary search (about 100-1000x faster for large lists) | 
					
						
							|  |  |  | 		pos := sort.Search(len(m), func(i int) bool { | 
					
						
							|  |  |  | 			if m.fuzzy(m[i]) { | 
					
						
							|  |  |  | 				return false | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return m[i] >= reqHost | 
					
						
							|  |  |  | 		}) | 
					
						
							|  |  |  | 		if pos < len(m) && m[pos] == reqHost { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return true, nil | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-29 13:12:52 -07:00
										 |  |  | 	repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) | 
					
						
							| 
									
										
										
										
											2019-10-14 19:29:36 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | outer: | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 	for _, host := range m { | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | 		// fast path: if matcher is large, we already know we don't have an exact | 
					
						
							|  |  |  | 		// match, so we're only looking for fuzzy match now, which should be at the | 
					
						
							|  |  |  | 		// front of the list; if we have reached a value that is not fuzzy, there | 
					
						
							|  |  |  | 		// will be no match and we can short-circuit for efficiency | 
					
						
							|  |  |  | 		if m.large() && !m.fuzzy(host) { | 
					
						
							|  |  |  | 			break | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-10-14 19:29:36 +02:00
										 |  |  | 		host = repl.ReplaceAll(host, "") | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 		if strings.Contains(host, "*") { | 
					
						
							|  |  |  | 			patternParts := strings.Split(host, ".") | 
					
						
							| 
									
										
										
										
											2019-06-20 20:24:46 -06:00
										 |  |  | 			incomingParts := strings.Split(reqHost, ".") | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 			if len(patternParts) != len(incomingParts) { | 
					
						
							|  |  |  | 				continue | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			for i := range patternParts { | 
					
						
							|  |  |  | 				if patternParts[i] == "*" { | 
					
						
							|  |  |  | 					continue | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 				if !strings.EqualFold(patternParts[i], incomingParts[i]) { | 
					
						
							|  |  |  | 					continue outer | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return true, nil | 
					
						
							| 
									
										
										
										
											2019-06-20 20:24:46 -06:00
										 |  |  | 		} else if strings.EqualFold(reqHost, host) { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return true, nil | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2019-06-20 20:24:46 -06:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return false, nil | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression host('localhost') | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchHost) CELLibrary(ctx caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	return CELMatcherImpl( | 
					
						
							|  |  |  | 		"host", | 
					
						
							|  |  |  | 		"host_match_request_list", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.ListType(cel.StringType)}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			refStringList := reflect.TypeOf([]string{}) | 
					
						
							|  |  |  | 			strList, err := data.ConvertToNative(refStringList) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			matcher := MatchHost(strList.([]string)) | 
					
						
							|  |  |  | 			err = matcher.Provision(ctx) | 
					
						
							|  |  |  | 			return matcher, err | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-12-02 13:26:28 -07:00
										 |  |  | // fuzzy returns true if the given hostname h is not a specific | 
					
						
							|  |  |  | // hostname, e.g. has placeholders or wildcards. | 
					
						
							|  |  |  | func (MatchHost) fuzzy(h string) bool { return strings.ContainsAny(h, "{*") } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // large returns true if m is considered to be large. Optimizing | 
					
						
							|  |  |  | // the matcher for smaller lists has diminishing returns. | 
					
						
							|  |  |  | // See related benchmark function in test file to conduct experiments. | 
					
						
							|  |  |  | func (m MatchHost) large() bool { return len(m) > 100 } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchPath) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.path", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchPath) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-11-15 12:47:06 -07:00
										 |  |  | // Provision lower-cases the paths in m to ensure case-insensitive matching. | 
					
						
							|  |  |  | func (m MatchPath) Provision(_ caddy.Context) error { | 
					
						
							|  |  |  | 	for i := range m { | 
					
						
							| 
									
										
										
										
											2022-09-13 11:26:10 -06:00
										 |  |  | 		if m[i] == "*" && i > 0 { | 
					
						
							|  |  |  | 			// will always match, so just put it first | 
					
						
							|  |  |  | 			m[0] = m[i] | 
					
						
							|  |  |  | 			break | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-11-15 12:47:06 -07:00
										 |  |  | 		m[i] = strings.ToLower(m[i]) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Match returns true if r matches m. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchPath) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchPath) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	// Even though RFC 9110 says that path matching is case-sensitive | 
					
						
							|  |  |  | 	// (https://www.rfc-editor.org/rfc/rfc9110.html#section-4.2.3), | 
					
						
							|  |  |  | 	// we do case-insensitive matching to mitigate security issues | 
					
						
							|  |  |  | 	// related to differences between operating systems, applications, | 
					
						
							|  |  |  | 	// etc; if case-sensitive matching is needed, the regex matcher | 
					
						
							|  |  |  | 	// can be used instead. | 
					
						
							|  |  |  | 	reqPath := strings.ToLower(r.URL.Path) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// See #2917; Windows ignores trailing dots and spaces | 
					
						
							| 
									
										
										
										
											2019-12-17 10:14:04 -07:00
										 |  |  | 	// when accessing files (sigh), potentially causing a | 
					
						
							|  |  |  | 	// security risk (cry) if PHP files end up being served | 
					
						
							|  |  |  | 	// as static files, exposing the source code, instead of | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	// being matched by *.php to be treated as PHP scripts. | 
					
						
							| 
									
										
										
										
											2023-07-08 13:42:13 -06:00
										 |  |  | 	if runtime.GOOS == "windows" { // issue #5613 | 
					
						
							|  |  |  | 		reqPath = strings.TrimRight(reqPath, ". ") | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2021-11-08 15:45:03 -05:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-01-09 14:00:32 -07:00
										 |  |  | 	repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	for _, matchPattern := range m { | 
					
						
							|  |  |  | 		matchPattern = repl.ReplaceAll(matchPattern, "") | 
					
						
							| 
									
										
										
										
											2020-01-09 14:00:32 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-03-16 16:08:33 -06:00
										 |  |  | 		// special case: whole path is wildcard; this is unnecessary | 
					
						
							|  |  |  | 		// as it matches all requests, which is the same as no matcher | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 		if matchPattern == "*" { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return true, nil | 
					
						
							| 
									
										
										
										
											2020-03-16 16:08:33 -06:00
										 |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 		// Clean the path, merge doubled slashes, etc. | 
					
						
							|  |  |  | 		// This ensures maliciously crafted requests can't bypass | 
					
						
							|  |  |  | 		// the path matcher. See #4407. Good security posture | 
					
						
							|  |  |  | 		// requires that we should do all we can to reduce any | 
					
						
							|  |  |  | 		// funny-looking paths into "normalized" forms such that | 
					
						
							|  |  |  | 		// weird variants can't sneak by. | 
					
						
							|  |  |  | 		// | 
					
						
							|  |  |  | 		// How we clean the path depends on the kind of pattern: | 
					
						
							|  |  |  | 		// we either merge slashes or we don't. If the pattern | 
					
						
							|  |  |  | 		// has double slashes, we preserve them in the path. | 
					
						
							|  |  |  | 		// | 
					
						
							|  |  |  | 		// TODO: Despite the fact that the *vast* majority of path | 
					
						
							|  |  |  | 		// matchers have only 1 pattern, a possible optimization is | 
					
						
							|  |  |  | 		// to remember the cleaned form of the path for future | 
					
						
							|  |  |  | 		// iterations; it's just that the way we clean depends on | 
					
						
							|  |  |  | 		// the kind of pattern. | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		mergeSlashes := !strings.Contains(matchPattern, "//") | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		// if '%' appears in the match pattern, we interpret that to mean | 
					
						
							|  |  |  | 		// the intent is to compare that part of the path in raw/escaped | 
					
						
							|  |  |  | 		// space; i.e. "%40"=="%40", not "@", and "%2F"=="%2F", not "/" | 
					
						
							|  |  |  | 		if strings.Contains(matchPattern, "%") { | 
					
						
							|  |  |  | 			reqPathForPattern := CleanPath(r.URL.EscapedPath(), mergeSlashes) | 
					
						
							|  |  |  | 			if m.matchPatternWithEscapeSequence(reqPathForPattern, matchPattern) { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 				return true, nil | 
					
						
							| 
									
										
										
										
											2019-11-28 21:11:45 -07:00
										 |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  | 			// doing prefix/suffix/substring matches doesn't make sense | 
					
						
							| 
									
										
										
										
											2019-11-28 21:11:45 -07:00
										 |  |  | 			continue | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 		reqPathForPattern := CleanPath(reqPath, mergeSlashes) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		// for substring, prefix, and suffix matching, only perform those | 
					
						
							|  |  |  | 		// special, fast matches if they are the only wildcards in the pattern; | 
					
						
							|  |  |  | 		// otherwise we assume a globular match if any * appears in the middle | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		// special case: first and last characters are wildcard, | 
					
						
							|  |  |  | 		// treat it as a fast substring match | 
					
						
							|  |  |  | 		if strings.Count(matchPattern, "*") == 2 && | 
					
						
							|  |  |  | 			strings.HasPrefix(matchPattern, "*") && | 
					
						
							| 
									
										
										
										
											2024-04-10 16:38:10 +02:00
										 |  |  | 			strings.HasSuffix(matchPattern, "*") { | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 			if strings.Contains(reqPathForPattern, matchPattern[1:len(matchPattern)-1]) { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 				return true, nil | 
					
						
							| 
									
										
										
										
											2019-11-28 21:11:45 -07:00
										 |  |  | 			} | 
					
						
							|  |  |  | 			continue | 
					
						
							| 
									
										
										
										
											2019-05-20 10:59:20 -06:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-11-28 21:11:45 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 		// only perform prefix/suffix match if it is the only wildcard... | 
					
						
							|  |  |  | 		// I think that is more correct most of the time | 
					
						
							|  |  |  | 		if strings.Count(matchPattern, "*") == 1 { | 
					
						
							|  |  |  | 			// special case: first character is a wildcard, | 
					
						
							|  |  |  | 			// treat it as a fast suffix match | 
					
						
							|  |  |  | 			if strings.HasPrefix(matchPattern, "*") { | 
					
						
							|  |  |  | 				if strings.HasSuffix(reqPathForPattern, matchPattern[1:]) { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 					return true, nil | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 				} | 
					
						
							|  |  |  | 				continue | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			// special case: last character is a wildcard, | 
					
						
							|  |  |  | 			// treat it as a fast prefix match | 
					
						
							|  |  |  | 			if strings.HasSuffix(matchPattern, "*") { | 
					
						
							|  |  |  | 				if strings.HasPrefix(reqPathForPattern, matchPattern[:len(matchPattern)-1]) { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 					return true, nil | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 				} | 
					
						
							|  |  |  | 				continue | 
					
						
							| 
									
										
										
										
											2020-01-09 14:00:32 -07:00
										 |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 		// at last, use globular matching, which also is exact matching | 
					
						
							|  |  |  | 		// if there are no glob/wildcard chars; we ignore the error here | 
					
						
							|  |  |  | 		// because we can't handle it anyway | 
					
						
							|  |  |  | 		matches, _ := path.Match(matchPattern, reqPathForPattern) | 
					
						
							| 
									
										
										
										
											2019-05-20 10:59:20 -06:00
										 |  |  | 		if matches { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return true, nil | 
					
						
							| 
									
										
										
										
											2019-05-20 10:59:20 -06:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return false, nil | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | func (MatchPath) matchPatternWithEscapeSequence(escapedPath, matchPath string) bool { | 
					
						
							|  |  |  | 	// We would just compare the pattern against r.URL.Path, | 
					
						
							|  |  |  | 	// but the pattern contains %, indicating that we should | 
					
						
							|  |  |  | 	// compare at least some part of the path in raw/escaped | 
					
						
							|  |  |  | 	// space, not normalized space; so we build the string we | 
					
						
							|  |  |  | 	// will compare against by adding the normalized parts | 
					
						
							|  |  |  | 	// of the path, then switching to the escaped parts where | 
					
						
							|  |  |  | 	// the pattern hints to us wherever % is present. | 
					
						
							|  |  |  | 	var sb strings.Builder | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// iterate the pattern and escaped path in lock-step; | 
					
						
							|  |  |  | 	// increment iPattern every time we consume a char from the pattern, | 
					
						
							|  |  |  | 	// increment iPath every time we consume a char from the path; | 
					
						
							|  |  |  | 	// iPattern and iPath are our cursors/iterator positions for each string | 
					
						
							|  |  |  | 	var iPattern, iPath int | 
					
						
							|  |  |  | 	for { | 
					
						
							|  |  |  | 		if iPattern >= len(matchPath) || iPath >= len(escapedPath) { | 
					
						
							|  |  |  | 			break | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		// get the next character from the request path | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		pathCh := string(escapedPath[iPath]) | 
					
						
							|  |  |  | 		var escapedPathCh string | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		// normalize (decode) escape sequences | 
					
						
							|  |  |  | 		if pathCh == "%" && len(escapedPath) >= iPath+3 { | 
					
						
							|  |  |  | 			// hold onto this in case we find out the intent is to match in escaped space here; | 
					
						
							|  |  |  | 			// we lowercase it even though technically the spec says: "For consistency, URI | 
					
						
							|  |  |  | 			// producers and normalizers should use uppercase hexadecimal digits for all percent- | 
					
						
							|  |  |  | 			// encodings" (RFC 3986 section 2.1) - we lowercased the matcher pattern earlier in | 
					
						
							|  |  |  | 			// provisioning so we do the same here to gain case-insensitivity in equivalence; | 
					
						
							|  |  |  | 			// besides, this string is never shown visibly | 
					
						
							|  |  |  | 			escapedPathCh = strings.ToLower(escapedPath[iPath : iPath+3]) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			var err error | 
					
						
							|  |  |  | 			pathCh, err = url.PathUnescape(escapedPathCh) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				// should be impossible unless EscapedPath() is giving us an invalid sequence! | 
					
						
							|  |  |  | 				return false | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			iPath += 2 // escape sequence is 2 bytes longer than normal char | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		// now get the next character from the pattern | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		normalize := true | 
					
						
							|  |  |  | 		switch matchPath[iPattern] { | 
					
						
							|  |  |  | 		case '%': | 
					
						
							|  |  |  | 			// escape sequence | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			// if not a wildcard ("%*"), compare literally; consume next two bytes of pattern | 
					
						
							|  |  |  | 			if len(matchPath) >= iPattern+3 && matchPath[iPattern+1] != '*' { | 
					
						
							|  |  |  | 				sb.WriteString(escapedPathCh) | 
					
						
							|  |  |  | 				iPath++ | 
					
						
							|  |  |  | 				iPattern += 2 | 
					
						
							|  |  |  | 				break | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			// escaped wildcard sequence; consume next byte only ('*') | 
					
						
							|  |  |  | 			iPattern++ | 
					
						
							|  |  |  | 			normalize = false | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			fallthrough | 
					
						
							|  |  |  | 		case '*': | 
					
						
							|  |  |  | 			// wildcard, so consume until next matching character | 
					
						
							|  |  |  | 			remaining := escapedPath[iPath:] | 
					
						
							|  |  |  | 			until := len(escapedPath) - iPath // go until end of string... | 
					
						
							|  |  |  | 			if iPattern < len(matchPath)-1 {  // ...unless the * is not at the end | 
					
						
							|  |  |  | 				nextCh := matchPath[iPattern+1] | 
					
						
							|  |  |  | 				until = strings.IndexByte(remaining, nextCh) | 
					
						
							|  |  |  | 				if until == -1 { | 
					
						
							|  |  |  | 					// terminating char of wildcard span not found, so definitely no match | 
					
						
							|  |  |  | 					return false | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if until == 0 { | 
					
						
							|  |  |  | 				// empty span; nothing to add on this iteration | 
					
						
							|  |  |  | 				break | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			next := remaining[:until] | 
					
						
							|  |  |  | 			if normalize { | 
					
						
							|  |  |  | 				var err error | 
					
						
							|  |  |  | 				next, err = url.PathUnescape(next) | 
					
						
							|  |  |  | 				if err != nil { | 
					
						
							|  |  |  | 					return false // should be impossible anyway | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			sb.WriteString(next) | 
					
						
							|  |  |  | 			iPath += until | 
					
						
							|  |  |  | 		default: | 
					
						
							|  |  |  | 			sb.WriteString(pathCh) | 
					
						
							|  |  |  | 			iPath++ | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		iPattern++ | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// we can now treat rawpath globs (%*) as regular globs (*) | 
					
						
							|  |  |  | 	matchPath = strings.ReplaceAll(matchPath, "%*", "*") | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// ignore error here because we can't handle it anyway= | 
					
						
							|  |  |  | 	matches, _ := path.Match(matchPath, sb.String()) | 
					
						
							|  |  |  | 	return matches | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression path('*substring*', '*suffix') | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchPath) CELLibrary(ctx caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	return CELMatcherImpl( | 
					
						
							|  |  |  | 		// name of the macro, this is the function name that users see when writing expressions. | 
					
						
							|  |  |  | 		"path", | 
					
						
							|  |  |  | 		// name of the function that the macro will be rewritten to call. | 
					
						
							|  |  |  | 		"path_match_request_list", | 
					
						
							|  |  |  | 		// internal data type of the MatchPath value. | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.ListType(cel.StringType)}, | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 		// function to convert a constant list of strings to a MatchPath instance. | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			refStringList := reflect.TypeOf([]string{}) | 
					
						
							|  |  |  | 			strList, err := data.ConvertToNative(refStringList) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			matcher := MatchPath(strList.([]string)) | 
					
						
							|  |  |  | 			err = matcher.Provision(ctx) | 
					
						
							|  |  |  | 			return matcher, err | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (m *MatchPath) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							| 
									
										
										
										
											2020-03-18 23:36:25 -06:00
										 |  |  | 		*m = append(*m, d.RemainingArgs()...) | 
					
						
							| 
									
										
										
										
											2020-04-06 15:07:07 -04:00
										 |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed path matcher: blocks are not supported") | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchPathRE) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.path_regexp", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchPathRE) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Match returns true if r matches m. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchPathRE) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchPathRE) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2019-12-29 13:12:52 -07:00
										 |  |  | 	repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) | 
					
						
							| 
									
										
										
										
											2021-11-08 15:45:03 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	// Clean the path, merges doubled slashes, etc. | 
					
						
							|  |  |  | 	// This ensures maliciously crafted requests can't bypass | 
					
						
							|  |  |  | 	// the path matcher. See #4407 | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | 	cleanedPath := cleanPath(r.URL.Path) | 
					
						
							| 
									
										
										
										
											2021-11-08 15:45:03 -05:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return m.MatchRegexp.Match(cleanedPath, repl), nil | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression path_regexp('^/bar') | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchPathRE) CELLibrary(ctx caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	unnamedPattern, err := CELMatcherImpl( | 
					
						
							|  |  |  | 		"path_regexp", | 
					
						
							|  |  |  | 		"path_regexp_request_string", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.StringType}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			pattern := data.(types.String) | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 			matcher := MatchPathRE{MatchRegexp{ | 
					
						
							|  |  |  | 				Name:    ctx.Value(MatcherNameCtxKey).(string), | 
					
						
							|  |  |  | 				Pattern: string(pattern), | 
					
						
							|  |  |  | 			}} | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			err := matcher.Provision(ctx) | 
					
						
							|  |  |  | 			return matcher, err | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	namedPattern, err := CELMatcherImpl( | 
					
						
							|  |  |  | 		"path_regexp", | 
					
						
							|  |  |  | 		"path_regexp_request_string_string", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.StringType, cel.StringType}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			refStringList := reflect.TypeOf([]string{}) | 
					
						
							|  |  |  | 			params, err := data.ConvertToNative(refStringList) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			strParams := params.([]string) | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 			name := strParams[0] | 
					
						
							|  |  |  | 			if name == "" { | 
					
						
							|  |  |  | 				name = ctx.Value(MatcherNameCtxKey).(string) | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			matcher := MatchPathRE{MatchRegexp{ | 
					
						
							|  |  |  | 				Name:    name, | 
					
						
							|  |  |  | 				Pattern: strParams[1], | 
					
						
							|  |  |  | 			}} | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			err = matcher.Provision(ctx) | 
					
						
							|  |  |  | 			return matcher, err | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	envOpts := append(unnamedPattern.CompileOptions(), namedPattern.CompileOptions()...) | 
					
						
							|  |  |  | 	prgOpts := append(unnamedPattern.ProgramOptions(), namedPattern.ProgramOptions()...) | 
					
						
							|  |  |  | 	return NewMatcherCELLibrary(envOpts, prgOpts), nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchMethod) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.method", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchMethod) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (m *MatchMethod) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							| 
									
										
										
										
											2020-03-18 23:36:25 -06:00
										 |  |  | 		*m = append(*m, d.RemainingArgs()...) | 
					
						
							| 
									
										
										
										
											2020-04-06 15:07:07 -04:00
										 |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed method matcher: blocks are not supported") | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Match returns true if r matches m. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchMethod) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchMethod) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							|  |  |  | 	return slices.Contains(m, r.Method), nil | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression method('PUT', 'POST') | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchMethod) CELLibrary(_ caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	return CELMatcherImpl( | 
					
						
							|  |  |  | 		"method", | 
					
						
							|  |  |  | 		"method_request_list", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.ListType(cel.StringType)}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			refStringList := reflect.TypeOf([]string{}) | 
					
						
							|  |  |  | 			strList, err := data.ConvertToNative(refStringList) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return MatchMethod(strList.([]string)), nil | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchQuery) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.query", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchQuery) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (m *MatchQuery) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2020-06-16 12:02:23 -06:00
										 |  |  | 	if *m == nil { | 
					
						
							|  |  |  | 		*m = make(map[string][]string) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							| 
									
										
										
										
											2020-11-02 18:05:01 -05:00
										 |  |  | 		for _, query := range d.RemainingArgs() { | 
					
						
							|  |  |  | 			if query == "" { | 
					
						
							|  |  |  | 				continue | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-08-04 19:17:35 +02:00
										 |  |  | 			before, after, found := strings.Cut(query, "=") | 
					
						
							|  |  |  | 			if !found { | 
					
						
							| 
									
										
										
										
											2020-11-02 18:05:01 -05:00
										 |  |  | 				return d.Errf("malformed query matcher token: %s; must be in param=val format", d.Val()) | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-08-04 19:17:35 +02:00
										 |  |  | 			url.Values(*m).Add(before, after) | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-04-06 15:07:07 -04:00
										 |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed query matcher: blocks are not supported") | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-06-16 12:02:23 -06:00
										 |  |  | // Match returns true if r matches m. An empty m matches an empty query string. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchQuery) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | // An empty m matches an empty query string. | 
					
						
							|  |  |  | func (m MatchQuery) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2024-01-21 20:36:44 -06:00
										 |  |  | 	// If no query keys are configured, this only | 
					
						
							|  |  |  | 	// matches an empty query string. | 
					
						
							|  |  |  | 	if len(m) == 0 { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return len(r.URL.Query()) == 0, nil | 
					
						
							| 
									
										
										
										
											2024-01-21 20:36:44 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-06-26 22:14:47 +01:00
										 |  |  | 	repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) | 
					
						
							| 
									
										
										
										
											2022-07-13 12:20:00 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	// parse query string just once, for efficiency | 
					
						
							|  |  |  | 	parsed, err := url.ParseQuery(r.URL.RawQuery) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2022-07-16 23:33:43 -06:00
										 |  |  | 		// Illegal query string. Likely bad escape sequence or unescaped literals. | 
					
						
							| 
									
										
										
										
											2022-07-13 12:20:00 -06:00
										 |  |  | 		// Note that semicolons in query string have a controversial history. Summaries: | 
					
						
							|  |  |  | 		// - https://github.com/golang/go/issues/50034 | 
					
						
							|  |  |  | 		// - https://github.com/golang/go/issues/25192 | 
					
						
							| 
									
										
										
										
											2022-07-16 23:33:43 -06:00
										 |  |  | 		// Despite the URL WHATWG spec mandating the use of & separators for query strings, | 
					
						
							|  |  |  | 		// every URL parser implementation is different, and Filippo Valsorda rightly wrote: | 
					
						
							|  |  |  | 		// "Relying on parser alignment for security is doomed." Overall conclusion is that | 
					
						
							|  |  |  | 		// splitting on & and rejecting ; in key=value pairs is safer than accepting raw ;. | 
					
						
							|  |  |  | 		// We regard the Go team's decision as sound and thus reject malformed query strings. | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return false, nil | 
					
						
							| 
									
										
										
										
											2022-07-13 12:20:00 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-01-21 20:36:44 -06:00
										 |  |  | 	// Count the amount of matched keys, to ensure we AND | 
					
						
							|  |  |  | 	// between all configured query keys; all keys must | 
					
						
							|  |  |  | 	// match at least one value. | 
					
						
							|  |  |  | 	matchedKeys := 0 | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 	for param, vals := range m { | 
					
						
							| 
									
										
										
										
											2020-06-26 22:14:47 +01:00
										 |  |  | 		param = repl.ReplaceAll(param, "") | 
					
						
							| 
									
										
										
										
											2022-07-13 12:20:00 -06:00
										 |  |  | 		paramVal, found := parsed[param] | 
					
						
							| 
									
										
										
										
											2024-01-21 20:36:44 -06:00
										 |  |  | 		if !found { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return false, nil | 
					
						
							| 
									
										
										
										
											2024-01-21 20:36:44 -06:00
										 |  |  | 		} | 
					
						
							|  |  |  | 		for _, v := range vals { | 
					
						
							|  |  |  | 			v = repl.ReplaceAll(v, "") | 
					
						
							|  |  |  | 			if slices.Contains(paramVal, v) || v == "*" { | 
					
						
							|  |  |  | 				matchedKeys++ | 
					
						
							|  |  |  | 				break | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return matchedKeys == len(m), nil | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression query({'sort': 'asc'}) || query({'foo': ['*bar*', 'baz']}) | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchQuery) CELLibrary(_ caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	return CELMatcherImpl( | 
					
						
							|  |  |  | 		"query", | 
					
						
							|  |  |  | 		"query_matcher_request_map", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{CELTypeJSON}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			mapStrListStr, err := CELValueToMapStrList(data) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return MatchQuery(url.Values(mapStrListStr)), nil | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchHeader) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.header", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchHeader) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (m *MatchHeader) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2019-09-10 19:21:52 -06:00
										 |  |  | 	if *m == nil { | 
					
						
							|  |  |  | 		*m = make(map[string][]string) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							|  |  |  | 		var field, val string | 
					
						
							| 
									
										
										
										
											2020-12-09 18:28:14 +00:00
										 |  |  | 		if !d.Args(&field) { | 
					
						
							|  |  |  | 			return d.Errf("malformed header matcher: expected field") | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-10-31 12:27:01 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-12-09 18:28:14 +00:00
										 |  |  | 		if strings.HasPrefix(field, "!") { | 
					
						
							|  |  |  | 			if len(field) == 1 { | 
					
						
							|  |  |  | 				return d.Errf("malformed header matcher: must have field name following ! character") | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			field = field[1:] | 
					
						
							|  |  |  | 			headers := *m | 
					
						
							|  |  |  | 			headers[field] = nil | 
					
						
							|  |  |  | 			m = &headers | 
					
						
							|  |  |  | 			if d.NextArg() { | 
					
						
							|  |  |  | 				return d.Errf("malformed header matcher: null matching headers cannot have a field value") | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} else { | 
					
						
							|  |  |  | 			if !d.NextArg() { | 
					
						
							|  |  |  | 				return d.Errf("malformed header matcher: expected both field and value") | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			// If multiple header matchers with the same header field are defined, | 
					
						
							|  |  |  | 			// we want to add the existing to the list of headers (will be OR'ed) | 
					
						
							|  |  |  | 			val = d.Val() | 
					
						
							|  |  |  | 			http.Header(*m).Add(field, val) | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-10-31 12:27:01 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-04-06 15:07:07 -04:00
										 |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed header matcher: blocks are not supported") | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-26 17:35:27 -06:00
										 |  |  | // Match returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchHeader) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchHeader) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2021-02-11 16:27:09 -07:00
										 |  |  | 	repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) | 
					
						
							| 
									
										
										
										
											2024-12-20 13:16:34 -05:00
										 |  |  | 	return matchHeaders(r.Header, http.Header(m), r.Host, r.TransferEncoding, repl), nil | 
					
						
							| 
									
										
										
										
											2020-05-26 17:35:27 -06:00
										 |  |  | } | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression header({'content-type': 'image/png'}) | 
					
						
							|  |  |  | //	expression header({'foo': ['bar', 'baz']}) // match bar or baz | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchHeader) CELLibrary(_ caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	return CELMatcherImpl( | 
					
						
							|  |  |  | 		"header", | 
					
						
							|  |  |  | 		"header_matcher_request_map", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{CELTypeJSON}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			mapStrListStr, err := CELValueToMapStrList(data) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return MatchHeader(http.Header(mapStrListStr)), nil | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-26 17:35:27 -06:00
										 |  |  | // getHeaderFieldVals returns the field values for the given fieldName from input. | 
					
						
							| 
									
										
										
										
											2024-12-20 13:16:34 -05:00
										 |  |  | // The host parameter should be obtained from the http.Request.Host field, and the | 
					
						
							|  |  |  | // transferEncoding from http.Request.TransferEncoding, since net/http removes them | 
					
						
							|  |  |  | // from the header map. | 
					
						
							|  |  |  | func getHeaderFieldVals(input http.Header, fieldName, host string, transferEncoding []string) []string { | 
					
						
							| 
									
										
										
										
											2020-05-26 17:35:27 -06:00
										 |  |  | 	fieldName = textproto.CanonicalMIMEHeaderKey(fieldName) | 
					
						
							|  |  |  | 	if fieldName == "Host" && host != "" { | 
					
						
							|  |  |  | 		return []string{host} | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-12-20 13:16:34 -05:00
										 |  |  | 	if fieldName == "Transfer-Encoding" && input[fieldName] == nil { | 
					
						
							|  |  |  | 		return transferEncoding | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2020-05-26 17:35:27 -06:00
										 |  |  | 	return input[fieldName] | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-05-26 17:35:27 -06:00
										 |  |  | // matchHeaders returns true if input matches the criteria in against without regex. | 
					
						
							|  |  |  | // The host parameter should be obtained from the http.Request.Host field since | 
					
						
							|  |  |  | // net/http removes it from the header map. | 
					
						
							| 
									
										
										
										
											2024-12-20 13:16:34 -05:00
										 |  |  | func matchHeaders(input, against http.Header, host string, transferEncoding []string, repl *caddy.Replacer) bool { | 
					
						
							| 
									
										
										
										
											2020-05-26 17:35:27 -06:00
										 |  |  | 	for field, allowedFieldVals := range against { | 
					
						
							| 
									
										
										
										
											2024-12-20 13:16:34 -05:00
										 |  |  | 		actualFieldVals := getHeaderFieldVals(input, field, host, transferEncoding) | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 		if allowedFieldVals != nil && len(allowedFieldVals) == 0 && actualFieldVals != nil { | 
					
						
							| 
									
										
										
										
											2019-09-06 14:25:16 -06:00
										 |  |  | 			// a non-nil but empty list of allowed values means | 
					
						
							|  |  |  | 			// match if the header field exists at all | 
					
						
							|  |  |  | 			continue | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-11-17 11:29:43 -07:00
										 |  |  | 		if allowedFieldVals == nil && actualFieldVals == nil { | 
					
						
							|  |  |  | 			// a nil list means match if the header does not exist at all | 
					
						
							|  |  |  | 			continue | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 		var match bool | 
					
						
							|  |  |  | 	fieldVals: | 
					
						
							|  |  |  | 		for _, actualFieldVal := range actualFieldVals { | 
					
						
							|  |  |  | 			for _, allowedFieldVal := range allowedFieldVals { | 
					
						
							| 
									
										
										
										
											2021-02-11 16:27:09 -07:00
										 |  |  | 				if repl != nil { | 
					
						
							|  |  |  | 					allowedFieldVal = repl.ReplaceAll(allowedFieldVal, "") | 
					
						
							|  |  |  | 				} | 
					
						
							| 
									
										
										
										
											2019-11-27 11:52:31 -07:00
										 |  |  | 				switch { | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 				case allowedFieldVal == "*": | 
					
						
							|  |  |  | 					match = true | 
					
						
							| 
									
										
										
										
											2019-11-27 11:52:31 -07:00
										 |  |  | 				case strings.HasPrefix(allowedFieldVal, "*") && strings.HasSuffix(allowedFieldVal, "*"): | 
					
						
							|  |  |  | 					match = strings.Contains(actualFieldVal, allowedFieldVal[1:len(allowedFieldVal)-1]) | 
					
						
							|  |  |  | 				case strings.HasPrefix(allowedFieldVal, "*"): | 
					
						
							|  |  |  | 					match = strings.HasSuffix(actualFieldVal, allowedFieldVal[1:]) | 
					
						
							|  |  |  | 				case strings.HasSuffix(allowedFieldVal, "*"): | 
					
						
							|  |  |  | 					match = strings.HasPrefix(actualFieldVal, allowedFieldVal[:len(allowedFieldVal)-1]) | 
					
						
							|  |  |  | 				default: | 
					
						
							|  |  |  | 					match = actualFieldVal == allowedFieldVal | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 				if match { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 					break fieldVals | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 		if !match { | 
					
						
							|  |  |  | 			return false | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return true | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchHeaderRE) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.header_regexp", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchHeaderRE) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (m *MatchHeaderRE) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							|  |  |  | 	if *m == nil { | 
					
						
							|  |  |  | 		*m = make(map[string]*MatchRegexp) | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 		var first, second, third string | 
					
						
							|  |  |  | 		if !d.Args(&first, &second) { | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 			return d.ArgErr() | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		var name, field, val string | 
					
						
							|  |  |  | 		if d.Args(&third) { | 
					
						
							|  |  |  | 			name = first | 
					
						
							|  |  |  | 			field = second | 
					
						
							|  |  |  | 			val = third | 
					
						
							|  |  |  | 		} else { | 
					
						
							|  |  |  | 			field = first | 
					
						
							|  |  |  | 			val = second | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 		// Default to the named matcher's name, if no regexp name is provided | 
					
						
							|  |  |  | 		if name == "" { | 
					
						
							|  |  |  | 			name = d.GetContextString(caddyfile.MatcherNameCtxKey) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-09-13 13:18:37 -04:00
										 |  |  | 		// If there's already a pattern for this field | 
					
						
							|  |  |  | 		// then we would end up overwriting the old one | 
					
						
							|  |  |  | 		if (*m)[field] != nil { | 
					
						
							|  |  |  | 			return d.Errf("header_regexp matcher can only be used once per named matcher, per header field: %s", field) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 		(*m)[field] = &MatchRegexp{Pattern: val, Name: name} | 
					
						
							| 
									
										
										
										
											2020-04-06 15:07:07 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed header_regexp matcher: blocks are not supported") | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Match returns true if r matches m. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchHeaderRE) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchHeaderRE) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	for field, rm := range m { | 
					
						
							| 
									
										
										
										
											2024-12-20 13:16:34 -05:00
										 |  |  | 		actualFieldVals := getHeaderFieldVals(r.Header, field, r.Host, r.TransferEncoding) | 
					
						
							| 
									
										
										
										
											2020-02-20 18:55:47 +01:00
										 |  |  | 		match := false | 
					
						
							|  |  |  | 	fieldVal: | 
					
						
							|  |  |  | 		for _, actualFieldVal := range actualFieldVals { | 
					
						
							|  |  |  | 			repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) | 
					
						
							|  |  |  | 			if rm.Match(actualFieldVal, repl) { | 
					
						
							|  |  |  | 				match = true | 
					
						
							|  |  |  | 				break fieldVal | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 		if !match { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return false, nil | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return true, nil | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Provision compiles m's regular expressions. | 
					
						
							| 
									
										
										
										
											2019-06-21 14:36:26 -06:00
										 |  |  | func (m MatchHeaderRE) Provision(ctx caddy.Context) error { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	for _, rm := range m { | 
					
						
							| 
									
										
										
										
											2019-06-21 14:36:26 -06:00
										 |  |  | 		err := rm.Provision(ctx) | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Validate validates m's regular expressions. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchHeaderRE) Validate() error { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	for _, rm := range m { | 
					
						
							|  |  |  | 		err := rm.Validate() | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression header_regexp('foo', 'Field', 'fo+') | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchHeaderRE) CELLibrary(ctx caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	unnamedPattern, err := CELMatcherImpl( | 
					
						
							|  |  |  | 		"header_regexp", | 
					
						
							|  |  |  | 		"header_regexp_request_string_string", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.StringType, cel.StringType}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			refStringList := reflect.TypeOf([]string{}) | 
					
						
							|  |  |  | 			params, err := data.ConvertToNative(refStringList) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			strParams := params.([]string) | 
					
						
							|  |  |  | 			matcher := MatchHeaderRE{} | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 			matcher[strParams[0]] = &MatchRegexp{ | 
					
						
							|  |  |  | 				Pattern: strParams[1], | 
					
						
							|  |  |  | 				Name:    ctx.Value(MatcherNameCtxKey).(string), | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			err = matcher.Provision(ctx) | 
					
						
							|  |  |  | 			return matcher, err | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	namedPattern, err := CELMatcherImpl( | 
					
						
							|  |  |  | 		"header_regexp", | 
					
						
							|  |  |  | 		"header_regexp_request_string_string_string", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.StringType, cel.StringType, cel.StringType}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			refStringList := reflect.TypeOf([]string{}) | 
					
						
							|  |  |  | 			params, err := data.ConvertToNative(refStringList) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			strParams := params.([]string) | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 			name := strParams[0] | 
					
						
							|  |  |  | 			if name == "" { | 
					
						
							|  |  |  | 				name = ctx.Value(MatcherNameCtxKey).(string) | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			matcher := MatchHeaderRE{} | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 			matcher[strParams[1]] = &MatchRegexp{ | 
					
						
							|  |  |  | 				Pattern: strParams[2], | 
					
						
							|  |  |  | 				Name:    name, | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			err = matcher.Provision(ctx) | 
					
						
							|  |  |  | 			return matcher, err | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	envOpts := append(unnamedPattern.CompileOptions(), namedPattern.CompileOptions()...) | 
					
						
							|  |  |  | 	prgOpts := append(unnamedPattern.ProgramOptions(), namedPattern.ProgramOptions()...) | 
					
						
							|  |  |  | 	return NewMatcherCELLibrary(envOpts, prgOpts), nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchProtocol) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.protocol", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchProtocol) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Match returns true if r matches m. | 
					
						
							| 
									
										
										
										
											2019-05-22 12:32:36 -06:00
										 |  |  | func (m MatchProtocol) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchProtocol) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	switch string(m) { | 
					
						
							|  |  |  | 	case "grpc": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return strings.HasPrefix(r.Header.Get("content-type"), "application/grpc"), nil | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	case "https": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.TLS != nil, nil | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	case "http": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.TLS == nil, nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/1.0": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoMajor == 1 && r.ProtoMinor == 0, nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/1.0+": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoAtLeast(1, 0), nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/1.1": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoMajor == 1 && r.ProtoMinor == 1, nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/1.1+": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoAtLeast(1, 1), nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/2": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoMajor == 2, nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/2+": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoAtLeast(2, 0), nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/3": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoMajor == 3, nil | 
					
						
							| 
									
										
										
										
											2022-09-05 13:50:44 -06:00
										 |  |  | 	case "http/3+": | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return r.ProtoAtLeast(3, 0), nil | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return false, nil | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (m *MatchProtocol) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							|  |  |  | 		var proto string | 
					
						
							|  |  |  | 		if !d.Args(&proto) { | 
					
						
							|  |  |  | 			return d.Err("expected exactly one protocol") | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		*m = MatchProtocol(proto) | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | // CELLibrary produces options that expose this matcher for use in CEL | 
					
						
							|  |  |  | // expression matchers. | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // Example: | 
					
						
							| 
									
										
										
										
											2022-08-16 08:48:57 -06:00
										 |  |  | // | 
					
						
							|  |  |  | //	expression protocol('https') | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | func (MatchProtocol) CELLibrary(_ caddy.Context) (cel.Library, error) { | 
					
						
							|  |  |  | 	return CELMatcherImpl( | 
					
						
							|  |  |  | 		"protocol", | 
					
						
							|  |  |  | 		"protocol_request_string", | 
					
						
							| 
									
										
										
										
											2022-07-28 14:50:28 -06:00
										 |  |  | 		[]*cel.Type{cel.StringType}, | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		func(data ref.Val) (RequestMatcherWithError, error) { | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 			protocolStr, ok := data.(types.String) | 
					
						
							|  |  |  | 			if !ok { | 
					
						
							|  |  |  | 				return nil, errors.New("protocol argument was not a string") | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return MatchProtocol(strings.ToLower(string(protocolStr))), nil | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							|  |  |  | func (MatchTLS) CaddyModule() caddy.ModuleInfo { | 
					
						
							|  |  |  | 	return caddy.ModuleInfo{ | 
					
						
							|  |  |  | 		ID:  "http.matchers.tls", | 
					
						
							|  |  |  | 		New: func() caddy.Module { return new(MatchTLS) }, | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // Match returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchTLS) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. | 
					
						
							|  |  |  | func (m MatchTLS) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | 	if r.TLS == nil { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		return false, nil | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	if m.HandshakeComplete != nil { | 
					
						
							|  |  |  | 		if (!*m.HandshakeComplete && r.TLS.HandshakeComplete) || | 
					
						
							|  |  |  | 			(*m.HandshakeComplete && !r.TLS.HandshakeComplete) { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			return false, nil | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return true, nil | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // UnmarshalCaddyfile parses Caddyfile tokens for this matcher. Syntax: | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // ... tls [early_data] | 
					
						
							|  |  |  | // | 
					
						
							|  |  |  | // EXPERIMENTAL SYNTAX: Subject to change. | 
					
						
							|  |  |  | func (m *MatchTLS) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							|  |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							|  |  |  | 	for d.Next() { | 
					
						
							|  |  |  | 		if d.NextArg() { | 
					
						
							|  |  |  | 			switch d.Val() { | 
					
						
							|  |  |  | 			case "early_data": | 
					
						
							|  |  |  | 				var false bool | 
					
						
							|  |  |  | 				m.HandshakeComplete = &false | 
					
						
							| 
									
										
										
										
											2025-03-08 21:45:05 +01:00
										 |  |  | 			default: | 
					
						
							|  |  |  | 				return d.Errf("unrecognized option '%s'", d.Val()) | 
					
						
							| 
									
										
										
										
											2024-07-05 10:46:20 -06:00
										 |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		if d.NextArg() { | 
					
						
							|  |  |  | 			return d.ArgErr() | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed tls matcher: blocks are not supported yet") | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | // CaddyModule returns the Caddy module information. | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | func (MatchNot) CaddyModule() caddy.ModuleInfo { | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	return caddy.ModuleInfo{ | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 		ID:  "http.matchers.not", | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | 		New: func() caddy.Module { return new(MatchNot) }, | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | func (m *MatchNot) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-09-30 09:09:57 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							| 
									
										
										
										
											2022-07-13 16:15:00 -04:00
										 |  |  | 		matcherSet, err := ParseCaddyfileNestedMatcherSet(d) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return err | 
					
						
							| 
									
										
										
										
											2019-09-30 09:09:57 -06:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2022-07-13 16:15:00 -04:00
										 |  |  | 		m.MatcherSetsRaw = append(m.MatcherSetsRaw, matcherSet) | 
					
						
							| 
									
										
										
										
											2019-09-30 09:09:57 -06:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | // UnmarshalJSON satisfies json.Unmarshaler. It puts the JSON | 
					
						
							|  |  |  | // bytes directly into m's MatcherSetsRaw field. | 
					
						
							|  |  |  | func (m *MatchNot) UnmarshalJSON(data []byte) error { | 
					
						
							|  |  |  | 	return json.Unmarshal(data, &m.MatcherSetsRaw) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MarshalJSON satisfies json.Marshaler by marshaling | 
					
						
							|  |  |  | // m's raw matcher sets. | 
					
						
							|  |  |  | func (m MatchNot) MarshalJSON() ([]byte, error) { | 
					
						
							|  |  |  | 	return json.Marshal(m.MatcherSetsRaw) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-06-04 13:42:54 -06:00
										 |  |  | // Provision loads the matcher modules to be negated. | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | func (m *MatchNot) Provision(ctx caddy.Context) error { | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 	matcherSets, err := ctx.LoadModule(m, "MatcherSetsRaw") | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 		return fmt.Errorf("loading matcher sets: %v", err) | 
					
						
							| 
									
										
										
										
											2019-12-10 13:36:46 -07:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-08-02 16:39:09 -04:00
										 |  |  | 	for _, modMap := range matcherSets.([]map[string]any) { | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 		var ms MatcherSet | 
					
						
							|  |  |  | 		for _, modIface := range modMap { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 			if mod, ok := modIface.(RequestMatcherWithError); ok { | 
					
						
							|  |  |  | 				ms = append(ms, mod) | 
					
						
							|  |  |  | 				continue | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if mod, ok := modIface.(RequestMatcher); ok { | 
					
						
							|  |  |  | 				ms = append(ms, mod) | 
					
						
							|  |  |  | 				continue | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return fmt.Errorf("module is not a request matcher: %T", modIface) | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 		} | 
					
						
							|  |  |  | 		m.MatcherSets = append(m.MatcherSets, ms) | 
					
						
							| 
									
										
										
										
											2019-06-04 13:42:54 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | // Match returns true if r matches m. Since this matcher negates | 
					
						
							|  |  |  | // the embedded matchers, false is returned if any of its matcher | 
					
						
							|  |  |  | // sets return true. | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | func (m MatchNot) Match(r *http.Request) bool { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	match, _ := m.MatchWithError(r) | 
					
						
							|  |  |  | 	return match | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // MatchWithError returns true if r matches m. Since this matcher | 
					
						
							|  |  |  | // negates the embedded matchers, false is returned if any of its | 
					
						
							|  |  |  | // matcher sets return true. | 
					
						
							|  |  |  | func (m MatchNot) MatchWithError(r *http.Request) (bool, error) { | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 	for _, ms := range m.MatcherSets { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		matches, err := ms.MatchWithError(r) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return false, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		if matches { | 
					
						
							|  |  |  | 			return false, nil | 
					
						
							| 
									
										
										
										
											2020-04-01 10:58:29 -06:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	return true, nil | 
					
						
							| 
									
										
										
										
											2019-06-04 13:42:54 -06:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-02-28 10:30:48 +08:00
										 |  |  | // MatchRegexp is an embedable type for matching | 
					
						
							| 
									
										
										
										
											2019-12-29 13:16:34 -07:00
										 |  |  | // using regular expressions. It adds placeholders | 
					
						
							|  |  |  | // to the request's replacer. | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | type MatchRegexp struct { | 
					
						
							| 
									
										
										
										
											2019-12-29 13:16:34 -07:00
										 |  |  | 	// A unique name for this regular expression. Optional, | 
					
						
							|  |  |  | 	// but useful to prevent overwriting captures from other | 
					
						
							|  |  |  | 	// regexp matchers. | 
					
						
							|  |  |  | 	Name string `json:"name,omitempty"` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// The regular expression to evaluate, in RE2 syntax, | 
					
						
							|  |  |  | 	// which is the same general syntax used by Go, Perl, | 
					
						
							|  |  |  | 	// and Python. For details, see | 
					
						
							|  |  |  | 	// [Go's regexp package](https://golang.org/pkg/regexp/). | 
					
						
							|  |  |  | 	// Captures are accessible via placeholders. Unnamed | 
					
						
							|  |  |  | 	// capture groups are exposed as their numeric, 1-based | 
					
						
							|  |  |  | 	// index, while named capture groups are available by | 
					
						
							|  |  |  | 	// the capture group name. | 
					
						
							|  |  |  | 	Pattern string `json:"pattern"` | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	compiled *regexp.Regexp | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Provision compiles the regular expression. | 
					
						
							| 
									
										
										
										
											2019-06-21 14:36:26 -06:00
										 |  |  | func (mre *MatchRegexp) Provision(caddy.Context) error { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	re, err := regexp.Compile(mre.Pattern) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return fmt.Errorf("compiling matcher regexp %s: %v", mre.Pattern, err) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	mre.compiled = re | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Validate ensures mre is set up correctly. | 
					
						
							|  |  |  | func (mre *MatchRegexp) Validate() error { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	if mre.Name != "" && !wordRE.MatchString(mre.Name) { | 
					
						
							|  |  |  | 		return fmt.Errorf("invalid regexp name (must contain only word characters): %s", mre.Name) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-05-22 13:13:39 -06:00
										 |  |  | // Match returns true if input matches the compiled regular | 
					
						
							|  |  |  | // expression in mre. It sets values on the replacer repl | 
					
						
							|  |  |  | // associated with capture groups, using the given scope | 
					
						
							| 
									
										
										
										
											2019-12-29 13:12:52 -07:00
										 |  |  | // (namespace). | 
					
						
							|  |  |  | func (mre *MatchRegexp) Match(input string, repl *caddy.Replacer) bool { | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	matches := mre.compiled.FindStringSubmatch(input) | 
					
						
							|  |  |  | 	if matches == nil { | 
					
						
							|  |  |  | 		return false | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// save all capture groups, first by index | 
					
						
							|  |  |  | 	for i, match := range matches { | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 		keySuffix := "." + strconv.Itoa(i) | 
					
						
							|  |  |  | 		if mre.Name != "" { | 
					
						
							|  |  |  | 			repl.Set(regexpPlaceholderPrefix+"."+mre.Name+keySuffix, match) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		repl.Set(regexpPlaceholderPrefix+keySuffix, match) | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// then by name | 
					
						
							|  |  |  | 	for i, name := range mre.compiled.SubexpNames() { | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 		// skip the first element (the full match), and empty names | 
					
						
							|  |  |  | 		if i == 0 || name == "" { | 
					
						
							|  |  |  | 			continue | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		keySuffix := "." + name | 
					
						
							|  |  |  | 		if mre.Name != "" { | 
					
						
							|  |  |  | 			repl.Set(regexpPlaceholderPrefix+"."+mre.Name+keySuffix, matches[i]) | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 		repl.Set(regexpPlaceholderPrefix+keySuffix, matches[i]) | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return true | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | // UnmarshalCaddyfile implements caddyfile.Unmarshaler. | 
					
						
							|  |  |  | func (mre *MatchRegexp) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { | 
					
						
							| 
									
										
										
										
											2024-01-23 19:36:59 -05:00
										 |  |  | 	// iterate to merge multiple matchers into one | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 	for d.Next() { | 
					
						
							| 
									
										
										
										
											2022-09-13 13:18:37 -04:00
										 |  |  | 		// If this is the second iteration of the loop | 
					
						
							|  |  |  | 		// then there's more than one path_regexp matcher | 
					
						
							|  |  |  | 		// and we would end up overwriting the old one | 
					
						
							|  |  |  | 		if mre.Pattern != "" { | 
					
						
							|  |  |  | 			return d.Err("regular expression can only be used once per named matcher") | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-08-21 10:46:35 -06:00
										 |  |  | 		args := d.RemainingArgs() | 
					
						
							|  |  |  | 		switch len(args) { | 
					
						
							|  |  |  | 		case 1: | 
					
						
							|  |  |  | 			mre.Pattern = args[0] | 
					
						
							|  |  |  | 		case 2: | 
					
						
							|  |  |  | 			mre.Name = args[0] | 
					
						
							|  |  |  | 			mre.Pattern = args[1] | 
					
						
							|  |  |  | 		default: | 
					
						
							|  |  |  | 			return d.ArgErr() | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2024-04-17 14:19:14 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		// Default to the named matcher's name, if no regexp name is provided | 
					
						
							|  |  |  | 		if mre.Name == "" { | 
					
						
							|  |  |  | 			mre.Name = d.GetContextString(caddyfile.MatcherNameCtxKey) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-04-06 15:07:07 -04:00
										 |  |  | 		if d.NextBlock(0) { | 
					
						
							|  |  |  | 			return d.Err("malformed path_regexp matcher: blocks are not supported") | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-07-13 16:15:00 -04:00
										 |  |  | // ParseCaddyfileNestedMatcher parses the Caddyfile tokens for a nested | 
					
						
							|  |  |  | // matcher set, and returns its raw module map value. | 
					
						
							|  |  |  | func ParseCaddyfileNestedMatcherSet(d *caddyfile.Dispenser) (caddy.ModuleMap, error) { | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	matcherMap := make(map[string]any) | 
					
						
							| 
									
										
										
										
											2022-07-13 16:15:00 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	// in case there are multiple instances of the same matcher, concatenate | 
					
						
							|  |  |  | 	// their tokens (we expect that UnmarshalCaddyfile should be able to | 
					
						
							|  |  |  | 	// handle more than one segment); otherwise, we'd overwrite other | 
					
						
							|  |  |  | 	// instances of the matcher in this set | 
					
						
							|  |  |  | 	tokensByMatcherName := make(map[string][]caddyfile.Token) | 
					
						
							|  |  |  | 	for nesting := d.Nesting(); d.NextArg() || d.NextBlock(nesting); { | 
					
						
							|  |  |  | 		matcherName := d.Val() | 
					
						
							|  |  |  | 		tokensByMatcherName[matcherName] = append(tokensByMatcherName[matcherName], d.NextSegment()...) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for matcherName, tokens := range tokensByMatcherName { | 
					
						
							|  |  |  | 		mod, err := caddy.GetModule("http.matchers." + matcherName) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, d.Errf("getting matcher module '%s': %v", matcherName, err) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		unm, ok := mod.New().(caddyfile.Unmarshaler) | 
					
						
							|  |  |  | 		if !ok { | 
					
						
							|  |  |  | 			return nil, d.Errf("matcher module '%s' is not a Caddyfile unmarshaler", matcherName) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		err = unm.UnmarshalCaddyfile(caddyfile.NewDispenser(tokens)) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		if rm, ok := unm.(RequestMatcherWithError); ok { | 
					
						
							|  |  |  | 			matcherMap[matcherName] = rm | 
					
						
							|  |  |  | 			continue | 
					
						
							| 
									
										
										
										
											2022-07-13 16:15:00 -04:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 		if rm, ok := unm.(RequestMatcher); ok { | 
					
						
							|  |  |  | 			matcherMap[matcherName] = rm | 
					
						
							|  |  |  | 			continue | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		return nil, fmt.Errorf("matcher module '%s' is not a request matcher", matcherName) | 
					
						
							| 
									
										
										
										
											2022-07-13 16:15:00 -04:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	// we should now have a functional matcher, but we also | 
					
						
							|  |  |  | 	// need to be able to marshal as JSON, otherwise config | 
					
						
							|  |  |  | 	// adaptation will be missing the matchers! | 
					
						
							|  |  |  | 	matcherSet := make(caddy.ModuleMap) | 
					
						
							|  |  |  | 	for name, matcher := range matcherMap { | 
					
						
							|  |  |  | 		jsonBytes, err := json.Marshal(matcher) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, fmt.Errorf("marshaling %T matcher: %v", matcher, err) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		matcherSet[name] = jsonBytes | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return matcherSet, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-08-08 03:40:31 +08:00
										 |  |  | var wordRE = regexp.MustCompile(`\w+`) | 
					
						
							| 
									
										
										
										
											2019-05-10 21:07:02 -06:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-12-29 13:16:34 -07:00
										 |  |  | const regexpPlaceholderPrefix = "http.regexp" | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-09-17 02:52:32 -04:00
										 |  |  | // MatcherErrorVarKey is the key used for the variable that | 
					
						
							|  |  |  | // holds an optional error emitted from a request matcher, | 
					
						
							|  |  |  | // to short-circuit the handler chain, since matchers cannot | 
					
						
							|  |  |  | // return errors via the RequestMatcher interface. | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | // | 
					
						
							|  |  |  | // Deprecated: Matchers should implement RequestMatcherWithError | 
					
						
							|  |  |  | // which can return an error directly, instead of smuggling it | 
					
						
							|  |  |  | // through the vars map. | 
					
						
							| 
									
										
										
										
											2021-09-17 02:52:32 -04:00
										 |  |  | const MatcherErrorVarKey = "matchers.error" | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-04-11 20:42:55 -06:00
										 |  |  | // Interface guards | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | var ( | 
					
						
							| 
									
										
										
										
											2024-11-04 18:18:50 -05:00
										 |  |  | 	_ RequestMatcherWithError = (*MatchHost)(nil) | 
					
						
							|  |  |  | 	_ caddy.Provisioner       = (*MatchHost)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchPath)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchPathRE)(nil) | 
					
						
							|  |  |  | 	_ caddy.Provisioner       = (*MatchPathRE)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchMethod)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchQuery)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchHeader)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchHeaderRE)(nil) | 
					
						
							|  |  |  | 	_ caddy.Provisioner       = (*MatchHeaderRE)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchProtocol)(nil) | 
					
						
							|  |  |  | 	_ RequestMatcherWithError = (*MatchNot)(nil) | 
					
						
							|  |  |  | 	_ caddy.Provisioner       = (*MatchNot)(nil) | 
					
						
							|  |  |  | 	_ caddy.Provisioner       = (*MatchRegexp)(nil) | 
					
						
							| 
									
										
										
										
											2019-08-09 12:05:47 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchHost)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchPath)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchPathRE)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchMethod)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchQuery)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchHeader)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchHeaderRE)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchProtocol)(nil) | 
					
						
							| 
									
										
										
										
											2020-09-26 02:50:26 +03:00
										 |  |  | 	_ caddyfile.Unmarshaler = (*VarsMatcher)(nil) | 
					
						
							|  |  |  | 	_ caddyfile.Unmarshaler = (*MatchVarsRE)(nil) | 
					
						
							| 
									
										
										
										
											2019-09-17 15:16:17 -06:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 	_ CELLibraryProducer = (*MatchHost)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchPath)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchPathRE)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchMethod)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchQuery)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchHeader)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchHeaderRE)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchProtocol)(nil) | 
					
						
							| 
									
										
										
										
											2024-10-02 08:34:04 -04:00
										 |  |  | 	_ CELLibraryProducer = (*VarsMatcher)(nil) | 
					
						
							|  |  |  | 	_ CELLibraryProducer = (*MatchVarsRE)(nil) | 
					
						
							| 
									
										
										
										
											2022-06-22 15:53:46 -07:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2020-03-30 11:53:19 -06:00
										 |  |  | 	_ json.Marshaler   = (*MatchNot)(nil) | 
					
						
							|  |  |  | 	_ json.Unmarshaler = (*MatchNot)(nil) | 
					
						
							| 
									
										
										
										
											2019-03-31 20:41:29 -06:00
										 |  |  | ) |