fasthttp

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.32.0

Jan 10, 2022 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ const HeaderProxyConnection

+ var ErrBadTrailer = errors.New("contain forbidden trailer")

type Request

+ UseHostHeader bool

+ func (req *Request) ReadBody(r *bufio.Reader, contentLength int, maxBodySize int) (err error)

+ func (req *Request) SetURI(newUri *URI)

type RequestHeader

+ func (h *RequestHeader) AddTrailer(trailer string) error

+ func (h *RequestHeader) AddTrailerBytes(trailer []byte) error

+ func (h *RequestHeader) ReadTrailer(r *bufio.Reader) error

+ func (h *RequestHeader) SetTrailer(trailer string) error

+ func (h *RequestHeader) SetTrailerBytes(trailer []byte) error

+ func (h *RequestHeader) TrailerHeader() []byte

+ func (h *RequestHeader) VisitAllTrailer(f func(value []byte))

type Response

+ func (resp *Response) ReadBody(r *bufio.Reader, maxBodySize int) (err error)

type ResponseHeader

+ func (h *ResponseHeader) AddTrailer(trailer string) error

+ func (h *ResponseHeader) AddTrailerBytes(trailer []byte) error

+ func (h *ResponseHeader) Protocol() []byte

+ func (h *ResponseHeader) ReadTrailer(r *bufio.Reader) error

+ func (h *ResponseHeader) SetProtocol(protocol []byte)

+ func (h *ResponseHeader) SetStatusMessage(statusMessage []byte)

+ func (h *ResponseHeader) SetTrailer(trailer string) error

+ func (h *ResponseHeader) SetTrailerBytes(trailer []byte) error

+ func (h *ResponseHeader) StatusMessage() []byte

+ func (h *ResponseHeader) TrailerHeader() []byte

+ func (h *ResponseHeader) VisitAllTrailer(f func(value []byte))

type Server

+ MaxIdleWorkerDuration time.Duration

+ TLSConfig *tls.Config

v1.31.0

Oct 9, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ type EscapeError string

+ func (e EscapeError) Error() string

+ type InvalidHostError string

+ func (e InvalidHostError) Error() string

type RequestCtx

+ func (ctx *RequestCtx) RemoveUserValue(key string)

+ func (ctx *RequestCtx) RemoveUserValueBytes(key []byte)

v1.30.0

Sep 7, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.29.0

Aug 16, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type RequestCtx

+ func (ctx *RequestCtx) ResetUserValues()

v1.28.0

Jun 29, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.27.0

Jun 18, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type HostClient

+ Transport TransportFunc

type TCPDialer

+ DNSCacheDuration time.Duration

+ type TransportFunc func(*Request, *Response) error

v1.26.0

Jun 1, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.25.0

May 17, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.24.0

Apr 23, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type RequestCtx

+ func (ctx *RequestCtx) SetRemoteAddr(remoteAddr net.Addr)

v1.23.0

Mar 26, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type HostClient

+ SecureErrorLogMessage bool

type PipelineClient

+ DisableHeaderNamesNormalizing bool

+ Name string

+ NoDefaultUserAgentHeader bool

type Server

+ SecureErrorLogMessage bool

v1.22.0

Feb 26, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type HostClient

+ func (c *HostClient) ConnsCount() int

type PipelineClient

+ DisablePathNormalizing bool

v1.21.0

Feb 16, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type RequestHeader

+ func (h *RequestHeader) Protocol() []byte

+ func (h *RequestHeader) SetProtocol(method string)

+ func (h *RequestHeader) SetProtocolBytes(method []byte)

v1.20.0

Feb 7, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ func GenerateTestCertificate(host string) ([]byte, []byte, error)

type FS

+ CleanStop chan struct{}

type Request

+ func (req *Request) ContinueReadBodyStream(r *bufio.Reader, maxBodySize int, preParseMultipartForm ...bool) error

type RequestCtx

+ func (ctx *RequestCtx) RequestBodyStream() io.Reader

type Server

+ CloseOnShutdown bool

+ StreamRequestBody bool

v1.19.0

Jan 2, 2021 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.18.0

Dec 9, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.17.0

Nov 5, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ var FSCompressedFileSuffixes = map[string]string

type Client

+ func (c *Client) CloseIdleConnections()

type FS

+ CompressBrotli bool

+ CompressedFileSuffixes map[string]string

type HostClient

+ func (c *HostClient) CloseIdleConnections()

type Request

+ func (req *Request) SetBodyRaw(body []byte)

v1.16.0

Aug 16, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ const StatusEarlyHints

+ const StatusMisdirectedRequest

type RequestHeader

+ func (h *RequestHeader) EnableNormalizing()

type ResponseHeader

+ func (h *ResponseHeader) EnableNormalizing()

+ func (h *ResponseHeader) SetNoDefaultContentType(noDefaultContentType bool)

v1.15.1

Jul 15, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.15.0

Jul 12, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ type ErrNothingRead struct

v1.14.0

Jun 1, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ var ErrorInvalidURI = errors.New("invalid uri")

type Client

+ RetryIf RetryIfFunc

type HostClient

+ RetryIf RetryIfFunc

+ type RetryIfFunc func(request *Request) bool

v1.13.1

May 25, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.13.0

May 25, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ const CompressBrotliBestCompression

+ const CompressBrotliBestSpeed

+ const CompressBrotliDefaultCompression

+ const CompressBrotliNoCompression

+ var ErrHostClientRedirectToDifferentScheme = errors.New(...)

+ func AppendBrotliBytes(dst, src []byte) []byte

+ func AppendBrotliBytesLevel(dst, src []byte, level int) []byte

+ func AppendUnbrotliBytes(dst, src []byte) ([]byte, error)

+ func WriteBrotli(w io.Writer, p []byte) (int, error)

+ func WriteBrotliLevel(w io.Writer, p []byte, level int) (int, error)

+ func WriteUnbrotli(w io.Writer, p []byte) (int, error)

type Request

+ func (req *Request) BodyUnbrotli() ([]byte, error)

type RequestHandler

+ func CompressHandlerBrotliLevel(h RequestHandler, brotliLevel, otherLevel int) RequestHandler

type Response

+ func (resp *Response) BodyUnbrotli() ([]byte, error)

type Server

+ ContinueHandler func(header *RequestHeader) bool

v1.12.0

Apr 20, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.11.0

Apr 18, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.10.0

Apr 14, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ var ErrMissingLocation = errors.New("missing Location header for http redirect")

+ var ErrTooManyRedirects = errors.New("too many redirects detected when doing the request")

+ func DoRedirects(req *Request, resp *Response, maxRedirectsCount int) error

type Client

+ MaxConnWaitTimeout time.Duration

+ func (c *Client) DoRedirects(req *Request, resp *Response, maxRedirectsCount int) error

type HostClient

+ MaxConnWaitTimeout time.Duration

+ func (c *HostClient) DoRedirects(req *Request, resp *Response, maxRedirectsCount int) error

type Server

+ DisablePreParseMultipartForm bool

+ NoDefaultDate bool

type TCPDialer

+ LocalAddr *net.TCPAddr

v1.9.0

Jan 31, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.8.0

Jan 12, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

v1.7.1

Dec 29, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type RequestCtx

+ func (ctx *RequestCtx) HijackSetNoResponse(noResponse bool)

v1.7.0

Dec 14, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

type Client

+ MaxConnDuration time.Duration

+ type ErrBodyStreamWritePanic struct

+ type Resolver interface

+ LookupIPAddr func(context.Context, string) (names []net.IPAddr, err error)

type TCPDialer

+ Resolver Resolver

v1.6.0

Oct 28, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ func StatusCodeIsRedirect(statusCode int) bool

type Client

+ DisablePathNormalizing bool

type HostClient

+ DisablePathNormalizing bool

type URI

+ DisablePathNormalizing bool

v1.5.0

Sep 13, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ var ErrTLSHandshakeTimeout = errors.New("tls handshake timed out")

+ type RequestConfig struct

+ MaxRequestBodySize int

+ ReadTimeout time.Duration

+ WriteTimeout time.Duration

type Server

+ HeaderReceived func(header *RequestHeader) RequestConfig

type URI

+ func (u *URI) Password() []byte

+ func (u *URI) SetPassword(password string)

+ func (u *URI) SetPasswordBytes(password []byte)

+ func (u *URI) SetUsername(username string)

+ func (u *URI) SetUsernameBytes(username []byte)

+ func (u *URI) Username() []byte

v1.4.0

Jul 3, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ const HeaderAccept

+ const HeaderAcceptCH

+ const HeaderAcceptCHLifetime

+ const HeaderAcceptCharset

+ const HeaderAcceptEncoding

+ const HeaderAcceptLanguage

+ const HeaderAcceptPatch

+ const HeaderAcceptPushPolicy

+ const HeaderAcceptRanges

+ const HeaderAcceptSignature

+ const HeaderAccessControlAllowCredentials

+ const HeaderAccessControlAllowHeaders

+ const HeaderAccessControlAllowMethods

+ const HeaderAccessControlAllowOrigin

+ const HeaderAccessControlExposeHeaders

+ const HeaderAccessControlMaxAge

+ const HeaderAccessControlRequestHeaders

+ const HeaderAccessControlRequestMethod

+ const HeaderAge

+ const HeaderAllow

+ const HeaderAltSvc

+ const HeaderAuthorization

+ const HeaderCacheControl

+ const HeaderClearSiteData

+ const HeaderConnection

+ const HeaderContentDPR

+ const HeaderContentDisposition

+ const HeaderContentEncoding

+ const HeaderContentLanguage

+ const HeaderContentLength

+ const HeaderContentLocation

+ const HeaderContentRange

+ const HeaderContentSecurityPolicy

+ const HeaderContentSecurityPolicyReportOnly

+ const HeaderContentType

+ const HeaderCookie

+ const HeaderCrossOriginResourcePolicy

+ const HeaderDNT

+ const HeaderDPR

+ const HeaderDate

+ const HeaderETag

+ const HeaderEarlyData

+ const HeaderExpect

+ const HeaderExpectCT

+ const HeaderExpires

+ const HeaderFeaturePolicy

+ const HeaderForwarded

+ const HeaderFrom

+ const HeaderHost

+ const HeaderIfMatch

+ const HeaderIfModifiedSince

+ const HeaderIfNoneMatch

+ const HeaderIfRange

+ const HeaderIfUnmodifiedSince

+ const HeaderIndex

+ const HeaderKeepAlive

+ const HeaderLargeAllocation

+ const HeaderLastEventID

+ const HeaderLastModified

+ const HeaderLink

+ const HeaderLocation

+ const HeaderMaxForwards

+ const HeaderNEL

+ const HeaderOrigin

+ const HeaderPingFrom

+ const HeaderPingTo

+ const HeaderPragma

+ const HeaderProxyAuthenticate

+ const HeaderProxyAuthorization

+ const HeaderPublicKeyPins

+ const HeaderPublicKeyPinsReportOnly

+ const HeaderPushPolicy

+ const HeaderRange

+ const HeaderReferer

+ const HeaderReferrerPolicy

+ const HeaderReportTo

+ const HeaderRetryAfter

+ const HeaderSaveData

+ const HeaderSecWebSocketAccept

+ const HeaderSecWebSocketExtensions

+ const HeaderSecWebSocketKey

+ const HeaderSecWebSocketProtocol

+ const HeaderSecWebSocketVersion

+ const HeaderServer

+ const HeaderServerTiming

+ const HeaderSetCookie

+ const HeaderSignature

+ const HeaderSignedHeaders

+ const HeaderSourceMap

+ const HeaderStrictTransportSecurity

+ const HeaderTE

+ const HeaderTimingAllowOrigin

+ const HeaderTk

+ const HeaderTrailer

+ const HeaderTransferEncoding

+ const HeaderUpgrade

+ const HeaderUpgradeInsecureRequests

+ const HeaderUserAgent

+ const HeaderVary

+ const HeaderVia

+ const HeaderViewportWidth

+ const HeaderWWWAuthenticate

+ const HeaderWarning

+ const HeaderWidth

+ const HeaderXContentTypeOptions

+ const HeaderXDNSPrefetchControl

+ const HeaderXDownloadOptions

+ const HeaderXForwardedFor

+ const HeaderXForwardedHost

+ const HeaderXForwardedProto

+ const HeaderXFrameOptions

+ const HeaderXPermittedCrossDomainPolicies

+ const HeaderXPingback

+ const HeaderXPoweredBy

+ const HeaderXRequestedWith

+ const HeaderXRobotsTag

+ const HeaderXUACompatible

+ const HeaderXXSSProtection

type CookieSameSite

+ const CookieSameSiteNoneMode

type RequestHandler

+ func TimeoutWithCodeHandler(h RequestHandler, timeout time.Duration, msg string, statusCode int) RequestHandler

type Response

+ ImmediateHeaderFlush bool

v1.3.0

May 15, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ const MethodConnect

+ const MethodDelete

+ const MethodGet

+ const MethodHead

+ const MethodOptions

+ const MethodPatch

+ const MethodPost

+ const MethodPut

+ const MethodTrace

type Response

+ func (resp *Response) SetBodyRaw(body []byte)

type Server

+ IdleTimeout time.Duration

+ KeepHijackedConns bool

v1.2.0

Feb 17, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ func AcquireTimer(timeout time.Duration) *time.Timer

+ func ReleaseTimer(t *time.Timer)

type HostClient

+ func (c *HostClient) SetMaxConns(newMaxConns int)

type Response

+ func (resp *Response) LocalAddr() net.Addr

+ func (resp *Response) RemoteAddr() net.Addr

+ type TCPDialer struct

+ Concurrency int

+ func (d *TCPDialer) Dial(addr string) (net.Conn, error)

+ func (d *TCPDialer) DialDualStack(addr string) (net.Conn, error)

+ func (d *TCPDialer) DialDualStackTimeout(addr string, timeout time.Duration) (net.Conn, error)

+ func (d *TCPDialer) DialTimeout(addr string, timeout time.Duration) (net.Conn, error)

v1.1.0

Jan 4, 2019 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ var ErrGetOnly = errors.New("non-GET request received")

type Args

+ func (a *Args) AddBytesKNoValue(key []byte)

+ func (a *Args) AddNoValue(key string)

+ func (a *Args) SetBytesKNoValue(key []byte)

+ func (a *Args) SetNoValue(key string)

+ func (a *Args) Sort(f func(x, y []byte) int)

type Client

+ MaxIdemponentCallAttempts int

+ NoDefaultUserAgentHeader bool

type Cookie

+ func (c *Cookie) SameSite() CookieSameSite

+ func (c *Cookie) SetSameSite(mode CookieSameSite)

+ type CookieSameSite int

+ const CookieSameSiteDefaultMode

+ const CookieSameSiteDisabled

+ const CookieSameSiteLaxMode

+ const CookieSameSiteStrictMode

+ type ErrBrokenChunk struct

type HostClient

+ NoDefaultUserAgentHeader bool

type RequestCtx

+ func (ctx *RequestCtx) Conn() net.Conn

+ func (ctx *RequestCtx) Deadline() (deadline time.Time, ok bool)

+ func (ctx *RequestCtx) Done() <-chan struct{}

+ func (ctx *RequestCtx) Err() error

+ func (ctx *RequestCtx) Value(key interface{}) interface{}

type RequestHeader

+ func (h *RequestHeader) RawHeaders() []byte

+ func (h *RequestHeader) VisitAllInOrder(f func(key, value []byte))

+ type ServeHandler func(c net.Conn) error

type Server

+ ErrorHandler func(ctx *RequestCtx, err error)

+ SleepWhenConcurrencyLimitsExceeded time.Duration

+ func (s *Server) GetCurrentConcurrency() uint32

+ func (s *Server) GetOpenConnectionsCount() int32

+ func (s *Server) NextProto(key string, nph ServeHandler)

v1.0.0

Oct 1, 2018 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ const DefaultMaxIdemponentCallAttempts

+ var ErrAlreadyServing = errors.New("Server is already serving connections")

+ type ConnState int

+ const StateActive

+ const StateClosed

+ const StateHijacked

+ const StateIdle

+ const StateNew

+ func (c ConnState) String() string

type Cookie

+ func (c *Cookie) MaxAge() int

+ func (c *Cookie) SetMaxAge(seconds int)

type FS

+ PathNotFound RequestHandler

type HostClient

+ MaxIdemponentCallAttempts int

type RequestCtx

+ func (ctx *RequestCtx) IsConnect() bool

+ func (ctx *RequestCtx) IsOptions() bool

+ func (ctx *RequestCtx) IsPatch() bool

+ func (ctx *RequestCtx) IsTrace() bool

type RequestHeader

+ func (h *RequestHeader) IsConnect() bool

+ func (h *RequestHeader) IsOptions() bool

+ func (h *RequestHeader) IsPatch() bool

+ func (h *RequestHeader) IsTrace() bool

type ResponseHeader

+ func (h *ResponseHeader) PeekCookie(key string) []byte

type Server

+ ConnState func(net.Conn, ConnState)

+ NoDefaultContentType bool

+ NoDefaultServerHeader bool

+ TCPKeepalive bool

+ TCPKeepalivePeriod time.Duration

+ func (s *Server) AppendCert(certFile, keyFile string) error

+ func (s *Server) AppendCertEmbed(certData, keyData []byte) error

+ func (s *Server) Shutdown() error

v0

v0.1.0

Apr 28, 2020 GO-2022-0355

GO-2022-0355: The fasthttp.FS request handler is vulnerable to directory traversal attacks on Windows systems, and can serve files from outside the provided root directory. URL path normalization does not handle Windows path separators (backslashes), permitting an attacker to construct requests with relative paths.

Changes in this version

+ const CompressBestCompression

+ const CompressBestSpeed

+ const CompressDefaultCompression

+ const CompressHuffmanOnly

+ const CompressNoCompression

+ const DefaultConcurrency

+ const DefaultDNSCacheDuration

+ const DefaultDialTimeout

+ const DefaultLBClientTimeout

+ const DefaultMaxConnsPerHost

+ const DefaultMaxIdleConnDuration