205hlab-mirrors/traefik
2
0
Fork 0
mirror of https://github.com/traefik/traefik.git synced 2026-06-17 19:09:29 +03:00
Code Issues Packages Projects Releases Wiki Activity
5,115 Commits 29 Branches 562 Tags
855561306fee33fa5fd59d2bbbb7961cf34aa6ef
Commit Graph

948 Commits

Author SHA1 Message Date
Romain 892bcc288b Reject requests with different paths after StripPrefix and StripPrefixRegex normalisation 2026-05-28 15:56:25 +02:00
Julien Salleyron 5026ca97d0 Move snicheck to ctx instead of simulated routing 2026-05-28 10:30:07 +02:00
Romain f9d9b72380 Avoid ingress path matcher injection and backport 11d251415 2026-05-27 16:32:10 +02:00
Romain 4d9031bdb2 Add error on basic auth build if users is empty 2026-05-18 15:06:09 +02:00
Kevin Pollet 83cc8fee5d Make resolveReference method as a function 2026-05-11 11:14:06 +02:00
Romain 36a565a599 Fix cross-provider ref check for Kubernetes CRD provider 2026-05-07 16:58:05 +02:00
Romain 28604083a4 Add CrossProviderNamespaces option 
Co-authored-by: Gina A. <70909035+gndz07@users.noreply.github.com>
 2026-05-06 14:49:23 +02:00
Michael e4537f8b04 Migrate to github.com/moby/moby modules 2026-05-04 16:06:05 +02:00
Romain e6abf7c3c8 Remove cross-provider sanitization for Kubernetes service loading 
Co-authored-by: Gina A. <70909035+gndz07@users.noreply.github.com>
 2026-05-04 11:12:05 +02:00
Gina A. 0fdea20eb1 Add errorRequestHeaders option to Errors middleware 2026-04-24 14:40:06 +02:00
Kevin Pollet 13302a212e Cleanup and make ForwardAuth logs consistent 2026-04-21 10:22:05 +02:00
Julien Salleyron 5e1de22584 Fix trustForwardHeader on forward auth middleware 2026-04-17 15:42:05 +02:00
Kevin Pollet 1a43505387 Sanitize the request URL after stripping the prefix 2026-04-16 14:26:06 +02:00
Romain df00d82fc7 Honor allowCrossNamespace with chain middleware CRD 2026-04-15 10:36:06 +02:00
Romain 61b5bc4ad1 Remove untrusted X headers with underscores 2026-04-14 16:38:06 +02:00
Romain 8c4fc89579 Remove map lookup making the basic auth notFoundSecret empty 2026-04-13 10:24:08 +02:00
Gina A. f19aaa769c Fix StripPrefix and StripPrefixRegex to slice the prefix using encoded prefix length 
Co-authored-by: Mathis Urien <contact.lbf38@gmail.com>
 2026-03-24 17:06:05 +01:00
Julien Salleyron 51f6b0435f Prevent duplicate user headers in basic and digest auth middleware 2026-03-20 16:24:05 +01:00
Romain 122175ac2f Make basic auth check timing constant 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
 2026-03-17 15:36:05 +01:00
Romain 832f48d9bf Support fragmented TLS client hello 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
 2026-03-11 13:56:06 -03:00
Gina A. b460351f7e Add maxResponseBodySize configuration on HTTP provider 2026-03-11 10:24:05 -03:00
Michael 1268d9bc22 Bump Docker and OpenTelemetry dependencies 2026-03-05 11:52:04 -03:00
Julien Salleyron 7a3ffcc3d9 Fix TLS handshake error handling 2026-02-23 14:06:05 +01:00
Gina A. 4595c7a920 Add maxResponseBodySize configuration to forwardAuth middleware 2026-02-23 11:30:06 +01:00
Jesper Noordsij 288e4e2e2b Upgrade golangci-lint 2026-02-23 11:04:04 +01:00
LBF38 7494b5c9ff Fix case sensitivity on x-forwarded headers for Connection 2026-02-23 10:04:10 +01:00
Michael 72e2454e42 Cap TLS record length to RFC 8446 limit in ClientHello peeking 2026-02-11 09:22:04 +01:00
Romain 0beed101ec Validate healthcheck path configuration 
Co-authored-by: Michael <michael.matur@gmail.com>
 2026-02-10 14:52:05 +01:00
Jesper Noordsij c320bb4adb Bump to go1.25 2026-01-30 17:30:05 +01:00
Julien Salleyron 85cd5485b7 Avoid recursion with services 2026-01-26 10:28:04 +01:00
Michael 51343bc15f Upgrade golangci-lint 2026-01-14 17:26:08 +01:00
Gina A. adf47fba31 Make encoded character options opt-in 2026-01-14 10:16:04 +01:00
LBF38 e9f3089e90 Add timeout to ACME-TLS/1 challenge handshake 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
 2026-01-08 16:16:05 +01:00
Michael 47d7094dfb Welcome 2026 2026-01-02 09:58:04 +01:00
Romain 90ce858347 Fix deny encoded characters 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
 2025-12-23 16:00:05 +01:00
Romain 60b19b7b81 Print access logs for rejected requests and warn about new behavior 2025-12-16 16:20:05 +01:00
Romain 4d7d627319 Reject suspicious encoded characters 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
 2025-12-04 15:10:05 +01:00
Kevin Pollet 9232535cf6 Validate plugin module name 
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
 2025-11-20 10:50:04 +01:00
Kevin Pollet 058b194604 Auto-negotiate Docker API version 2025-11-12 16:32:06 +01:00
Kevin Pollet ffd82c92cb Fix KV key name used to check if connection is alive 2025-10-16 16:50:05 +02:00
Hannah Kim 8441c476f1 Bump gopkg.in/DataDog/dd-trace-go.v1 to v1.74.6 2025-10-03 09:44:04 +01:00
Romain 4ff8eca572 Fix Swarm unit test for the nodeIP property 2025-08-27 09:40:05 +02:00
Kevin Pollet 5cc2a8344c Bump github.com/docker/docker to v28.3.3 2025-08-20 15:52:06 +02:00
Ludovic Fernandez c820d18ada Bump github.com/go-acme/lego/v4 to v4.25.2 2025-08-11 14:44:05 +02:00
Jesper Noordsij 50931813f2 Remove all mentions of ordering for TLSOption CurvePreferences field 2025-07-22 15:44:05 +02:00
Zeroday BYTE 5ef853a0c5 Fix client arbitrary file access during archive extraction zipslip 2025-07-22 14:24:05 +02:00
Romain b2b4b66b08 Disable MPTCP by default 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
 2025-07-22 11:10:05 +02:00
Romain b0d8e08e2b Fix typo in redirect middleware documentation 2025-06-11 09:46:05 +02:00
Kevin Pollet ae79d4e5f0 Do not log redis sentinel username and password 2025-06-04 12:08:04 +02:00
Kevin Pollet cd16321dd9 Bump to go1.24 
Co-authored-by: Romain <rtribotte@users.noreply.github.com>
 2025-06-02 10:36:05 +02:00