httpx

package
v0.0.528 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2023 License: Apache-2.0 Imports: 24 Imported by: 31

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var NoInternalDialer = &net.Dialer{
	Timeout:   30 * time.Second,
	KeepAlive: 30 * time.Second,
	Control: func(network, address string, _ syscall.RawConn) error {
		if !(network == "tcp4" || network == "tcp6") {
			return ErrPrivateIPAddressDisallowed(fmt.Errorf("%s is not a safe network type", network))
		}

		host, _, err := net.SplitHostPort(address)
		if err != nil {
			return ErrPrivateIPAddressDisallowed(fmt.Errorf("%s is not a valid host/port pair: %s", address, err))
		}

		ip := net.ParseIP(host)
		if ip == nil {
			return ErrPrivateIPAddressDisallowed(fmt.Errorf("%s is not a valid IP address", host))
		}

		if ip.IsPrivate() || ip.IsLoopback() || ip.IsUnspecified() {
			return ErrPrivateIPAddressDisallowed(fmt.Errorf("%s is not a public IP address", ip))
		}

		return nil
	},
}
View Source 
var NoInternalTransport http.RoundTripper = &http.Transport{
	Proxy:                 http.ProxyFromEnvironment,
	DialContext:           NoInternalDialer.DialContext,
	ForceAttemptHTTP2:     true,
	MaxIdleConns:          100,
	IdleConnTimeout:       90 * time.Second,
	TLSHandshakeTimeout:   10 * time.Second,
	ExpectContinueTimeout: 1 * time.Second,
}

Functions

func ClientIP added in v0.0.522 

func ClientIP(r *http.Request) string

func DisallowIPPrivateAddresses added in v0.0.334 

func DisallowIPPrivateAddresses(ipOrHostnameOrURL string) error

DisallowIPPrivateAddresses returns nil for a domain (with NS lookup), IP, or IPv6 address if it does not resolve to a private IP subnet. This is a first level of defense against SSRF attacks by disallowing any domain or IP to resolve to a private network range.

Please keep in mind that validations for domains is valid only when looking up. A malicious actor could easily update the DSN record post validation to point to an internal IP

func DisallowPrivateIPAddressesWhenSet added in v0.0.334 

func DisallowPrivateIPAddressesWhenSet(ipOrHostnameOrURL string) error

DisallowPrivateIPAddressesWhenSet is a wrapper for DisallowIPPrivateAddresses which returns valid when ipOrHostnameOrURL is empty.

func GetClientIPAddressesWithoutInternalIPs added in v0.0.496 

func GetClientIPAddressesWithoutInternalIPs(ipAddresses []string) (string, error)

func GetResponseMeta added in v0.0.302 

func GetResponseMeta(w http.ResponseWriter) (status, size int)

func HasContentType added in v0.0.81 

func HasContentType(r *http.Request, mimetypes ...string) bool

HasContentType determines whether the request `content-type` includes a server-acceptable mime-type

Failure should yield an HTTP 415 (`http.StatusUnsupportedMediaType`)

func IncomingRequestURL added in v0.0.448 

func IncomingRequestURL(r *http.Request) *url.URL

IncomingRequestURL returns the URL of the incoming HTTP request by looking at the host, TLS, and X-Forwarded-* headers.

func MustNewRequest added in v0.0.83 

func MustNewRequest(method, url string, body io.Reader, contentType string) *http.Request

MustNewRequest returns a new *http.Request or fatals.

func NewChanHandler added in v0.0.297 

func NewChanHandler(buf int) (http.Handler, chan<- http.HandlerFunc)

NewChanHandler returns a new handler and corresponding channel for sending handler funcs. Useful for testing. The argument buf specifies the channel capacity, so pass 0 for a sync handler.

func NewRequestForm added in v0.0.83 

func NewRequestForm(method, url string, data url.Values) (*http.Request, error)

NewRequestForm returns a new POST Form *http.Request.

func NewRequestJSON added in v0.0.83 

func NewRequestJSON(method, url string, data interface{}) (*http.Request, error)

NewRequestJSON returns a new JSON *http.Request.

func NewResilientClient added in v0.0.204 

func NewResilientClient(opts ...ResilientOptions) *retryablehttp.Client

NewResilientClient creates a new ResilientClient.

func WaitForEndpoint added in v0.0.405 

func WaitForEndpoint(ctx context.Context, endpoint string, opts ...retry.Option) error

WaitForEndpoint waits for the endpoint to be available.

func WaitForEndpointWithClient added in v0.0.409 

func WaitForEndpointWithClient(ctx context.Context, client *http.Client, endpoint string, opts ...retry.Option) error

WaitForEndpointWithClient waits for the endpoint to be available while using the given http.Client.

Types

type CompressionRequestReader added in v0.0.110 

type CompressionRequestReader struct {
	ErrHandler func(w http.ResponseWriter, r *http.Request, err error)
}

func NewCompressionRequestReader added in v0.0.110 

func NewCompressionRequestReader(eh func(w http.ResponseWriter, r *http.Request, err error)) *CompressionRequestReader

func (*CompressionRequestReader) ServeHTTP added in v0.0.110 

func (c *CompressionRequestReader) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)

type ErrPrivateIPAddressDisallowed added in v0.0.418 

type ErrPrivateIPAddressDisallowed error

ErrPrivateIPAddressDisallowed is returned when a private IP address is disallowed.

type NoInternalIPRoundTripper added in v0.0.334 

type NoInternalIPRoundTripper struct {
	// contains filtered or unexported fields
}

NoInternalIPRoundTripper is a RoundTripper that disallows internal IP addresses.

func (NoInternalIPRoundTripper) RoundTrip added in v0.0.334 

func (n NoInternalIPRoundTripper) RoundTrip(request *http.Request) (*http.Response, error)

type ResilientOptions added in v0.0.204 

type ResilientOptions func(o *resilientOptions)

ResilientOptions is a set of options for the ResilientClient.

func ResilientClientAllowInternalIPRequestsTo added in v0.0.460 

func ResilientClientAllowInternalIPRequestsTo(urls ...string) ResilientOptions

ResilientClientAllowInternalIPRequestsTo allows requests to the exact matching URLs even if they are internal IPs.

func ResilientClientDisallowInternalIPs added in v0.0.334 

func ResilientClientDisallowInternalIPs() ResilientOptions

ResilientClientDisallowInternalIPs disallows internal IPs from being used.

func ResilientClientWithClient added in v0.0.204 

func ResilientClientWithClient(c *http.Client) ResilientOptions

ResilientClientWithClient sets the underlying http client to use.

func ResilientClientWithConnectionTimeout added in v0.0.207 

func ResilientClientWithConnectionTimeout(connTimeout time.Duration) ResilientOptions

ResilientClientWithConnectionTimeout sets the connection timeout for the client.

func ResilientClientWithLogger added in v0.0.204 

func ResilientClientWithLogger(l *logrusx.Logger) ResilientOptions

ResilientClientWithLogger sets the logger to be used by the client.

func ResilientClientWithMaxRetry added in v0.0.204 

func ResilientClientWithMaxRetry(retryMax int) ResilientOptions

ResilientClientWithMaxRetry sets the maximum number of retries.

func ResilientClientWithMaxRetryWait added in v0.0.204 

func ResilientClientWithMaxRetryWait(retryWaitMax time.Duration) ResilientOptions

ResilientClientWithMaxRetryWait sets the maximum wait time for a retry.

func ResilientClientWithMinxRetryWait added in v0.0.204 

func ResilientClientWithMinxRetryWait(retryWaitMin time.Duration) ResilientOptions

ResilientClientWithMinxRetryWait sets the minimum wait time between retries.

func ResilientClientWithTracer added in v0.0.337 

func ResilientClientWithTracer(tracer trace.Tracer) ResilientOptions

ResilientClientWithTracer wraps the http clients transport with a tracing instrumentation

type TransportWithHeader added in v0.0.407 

type TransportWithHeader struct {
	http.RoundTripper
	// contains filtered or unexported fields
}

TransportWithHeader is an http.RoundTripper that always uses the values from the given header.

func NewTransportWithHeader added in v0.0.407 

func NewTransportWithHeader(h http.Header) *TransportWithHeader

NewTransportWithHeader returns a new http.Transport that always uses the values from the given header.

func WrapTransportWithHeader added in v0.0.488 

func WrapTransportWithHeader(parent http.RoundTripper, h http.Header) *TransportWithHeader

WrapTransportWithHeader wraps a http.Transport to always use the values from the given header.

func (*TransportWithHeader) RoundTrip added in v0.0.407 

func (ct *TransportWithHeader) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements http.RoundTripper.

type TransportWithHost added in v0.0.407 

type TransportWithHost struct {
	http.RoundTripper
	// contains filtered or unexported fields
}

TransportWithHost is an http.RoundTripper that always uses the given host.

func NewTransportWithHost added in v0.0.407 

func NewTransportWithHost(host string) *TransportWithHost

NewTransportWithHost returns a new http.Transport that always uses the given host.

func WrapRoundTripperWithHost added in v0.0.408 

func WrapRoundTripperWithHost(parent http.RoundTripper, host string) *TransportWithHost

WrapRoundTripperWithHost wraps a http.RoundTripper that always uses the given host.

func (*TransportWithHost) RoundTrip added in v0.0.407 

func (ct *TransportWithHost) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements http.RoundTripper.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.