0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-23 22:27:38 -05:00
caddy/modules/caddyhttp
Matthew Holt 937ec34201
caddyauth: Prevent user enumeration by timing
Always follow the code path of hashing and comparing a plaintext
password even if the account is not found by the given username; this
ensures that similar CPU cycles are spent for both valid and invalid
usernames.

Thanks to @tylerlm for helping and looking into this!
2020-10-31 10:51:05 -06:00
..
caddyauth caddyauth: Prevent user enumeration by timing 2020-10-31 10:51:05 -06:00
encode gzip: Use klauspost/gzip, an optimized gzip implementation 2020-04-01 14:09:57 -06:00
fileserver fileserver: Fix try_files for directories; windows fix (#3684) 2020-09-16 18:09:28 -06:00
headers push: Implement HTTP/2 server push (#3573) 2020-07-20 12:28:40 -06:00
map map: Bug fixes; null literal with hyphen in Caddyfile 2020-10-02 16:08:28 -06:00
push push: Implement HTTP/2 server push (#3573) 2020-07-20 12:28:40 -06:00
requestbody Remove some non-essential plugins from this repo (#2780) 2020-03-24 10:37:47 -06:00
reverseproxy reverseproxy: Add max_idle_conns_per_host; fix godocs (#3829) 2020-10-30 12:05:21 -06:00
rewrite httpcaddyfile: New handle_path directive (#3281) 2020-05-26 15:27:51 -06:00
standard push: Implement HTTP/2 server push (#3573) 2020-07-20 12:28:40 -06:00
templates admin,templates,core: Minor enhancements and error handling (#3607) 2020-07-31 16:54:18 -06:00
app.go metrics: Fix hidden panic while observing with bad exemplars (#3733) 2020-09-17 21:46:24 -06:00
autohttps.go caddytls: Add support for ZeroSSL; add Caddyfile support for issuers (#3633) 2020-08-11 08:58:06 -06:00
caddyhttp.go reverseproxy: Enable changing only the status code (close #2920) 2020-06-04 12:06:38 -06:00
celmatcher.go caddyhttp: Add support to resolve DN in CEL expression (#3608) 2020-07-31 15:06:30 -06:00
celmatcher_test.go caddyhttp: Add support to resolve DN in CEL expression (#3608) 2020-07-31 15:06:30 -06:00
errors.go
marshalers.go caddyhttp: Add TLS client cert info to logs (#3640) 2020-08-07 12:12:29 -06:00
matchers.go caddyhttp: Merge header matchers in Caddyfile (#3832) 2020-10-31 10:27:01 -06:00
matchers_test.go caddyhttp: Reorder some access log fields; add host matcher test case 2020-07-07 08:11:35 -06:00
metrics.go metrics: Always track method label in uppercase (#3742) 2020-09-22 20:10:34 -06:00
metrics_test.go metrics: Fix panic when headers aren't written (#3737) 2020-09-21 13:42:47 -06:00
replacer.go caddyhttp: New placeholder for PEM of client certificate (#3662) 2020-09-16 15:06:51 -06:00
replacer_test.go caddyhttp: New placeholder for PEM of client certificate (#3662) 2020-09-16 15:06:51 -06:00
responsewriter.go caddyhttp: Fix trailers when recording responses (fixes #3236) 2020-04-22 11:10:13 -06:00
routes.go metrics: Fix hidden panic while observing with bad exemplars (#3733) 2020-09-17 21:46:24 -06:00
server.go caddyhttp: Restore original request params before error handlers (#3781) 2020-10-13 10:52:39 -06:00
staticerror.go Fix some godocs 2020-04-11 09:01:40 -06:00
staticresp.go caddyhttp: Default to error status if found in context 2020-06-04 10:32:01 -06:00
staticresp_test.go
subroute.go reverseproxy: Enable changing only the status code (close #2920) 2020-06-04 12:06:38 -06:00
vars.go caddyfile: Add support for vars and vars_regexp matchers (#3730) 2020-09-25 17:50:26 -06:00