Releases · fabriziosalmi/caddy-waf · GitHub

22 Feb 19:07

v0.3.0 Latest

Latest

What's changed

Bug fixes

Fix duplicate response headers (#91): The copyResponse method was iterating over recorder.Header() and adding each value back to w.Header(), but since the recorder delegates Header() directly to the underlying writer, both references point to the same map. This caused every response header to appear twice in logs and on the wire. The fix removes the redundant header copy loop and the duplicate WriteHeader call, since the recorder already delegates both operations to the original writer. Only the response body (which the recorder buffers separately) needs to be copied.
Support CIDR notation in IP blacklist (#92): Entries already in CIDR notation (e.g., 144.86.173.0/24) were getting an extra /32 appended by appendCIDR(), producing invalid prefixes like 144.86.173.0/24/32. The fix detects existing CIDR notation and skips the suffix. Additionally, the default IPv6 single-host mask has been corrected from /64 to /128.

Version

Bumped version constant to v0.3.0.

Full changelog: v0.2.0...v0.3.0

Assets 7

17 Jan 23:17

v0.2.0

What's Changed

Fix gci import ordering in caddywaf.go and types.go by @Copilot in #86

Full Changelog: v0.1.6...v0.2.0

Assets 7

06 Jan 10:42

v0.1.6

What's Changed

fix: use X-Forwarded-For for country/ASN blocking behind proxies by @Bestigor89 in #83
build(deps): bump github.com/quic-go/quic-go from 0.54.0 to 0.57.0 in the go_modules group across 1 directory by @dependabot[bot] in #79
Fix file logger ignoring log_severity configuration by @Copilot in #84
Document caddy add-package installation method by @Copilot in #85

New Contributors

@Bestigor89 made their first contribution in #83

Full Changelog: v0.1.5...v0.1.6

Contributors

dependabot and Bestigor89

Assets 7

08 Dec 06:31

v0.1.5

Fixed

Fixed critical bug where POST request bodies were lost or truncated by using io.MultiReader to restore the full body stream (fixes #76).

Assets 7

06 Dec 22:14

v0.1.4

Full Changelog: v0.1.3...v0.1.4

Assets 7

06 Dec 21:56

v0.1.3

Full Changelog: v0.1.2...v0.1.3

Assets 7

06 Dec 21:54

v0.1.2

Full Changelog: v0.1.0...v0.1.2

Assets 2

06 Dec 21:47

v0.1.0

Full Changelog: v0.0.9...v0.1.0

Assets 2

06 Dec 21:27

v0.0.9

What's Changed

feat(ci): add golangci-lint to flow by @drev74 in #70
Bump golang.org/x/crypto from 0.43.0 to 0.45.0 in the go_modules group across 1 directory by @dependabot[bot] in #71
fix: config initialization by @webpolis in #75
Bump github.com/smallstep/certificates from 0.28.4 to 0.29.0 in the go_modules group across 1 directory by @dependabot[bot] in #72

New Contributors

@webpolis made their first contribution in #75

Full Changelog: v0.0.8...v0.0.9

Contributors

webpolis, dependabot, and drev74

Assets 2

20 Oct 15:49

v0.0.8

What's Changed

fix: solve integration issue with Caddy server by @drev74 in #69

Full Changelog: v0.0.7...v0.0.8

Contributors

drev74

Assets 2