Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
Motivation: to make it easy to switch Sproxy's primary port.
This could be useful when running private (behind Sproxy) and public
(e. g. nginx) HTTPS services on the same server. In such a setup
one can use port 443 for public services and alt. HTTPS port 8443
for Sproxy.
Before this change, Sproxy took possible port number into account
when looking for backend and privileges. Now it ignores port and
considers domain name only.
This also gets Sproxy in line with browsers and SSL certificates:
certificates do not include port numbers, browsers ignore ports
when sending cookies.
|
|
|
|
This feature was ambiguous (in the same way as paths are)
and never used anyway.
|
|
SQL wildcards are no longer supported for HTTP methods
|
|
|
|
|
|
They don't make much sense in files.
|
|
|
|
|
|
This changes semantics of these options:
- key
- oauth2.<provider>.client_secret
They are no longer files, but strings. To read content
from files, use !include. The point of being files or
read from files is to segregate secrets from non-sensitive
easily discoverable settings. With !include it is much
more simple and flexible.
|
|
|
|
|
|
|
|
This can be useful when Sproxy is behind some
other proxy or load-balancer.
|
|
This will allow simple listing, removing and renaming users
(changing email). It also will allow synchronizing Sproxy
database with other sources.
Note that this change is not compatible with current SproxyWeb,
so don't try to update production databases.
Speaking of synchronization, more then added, it's
important that account are deleted automatically.
|
|
|
|
|
|
Use persistent prepared statements for PostgreSQL data source.
Import should be faster from now on.
|
|
|
|
|
|
|
|
Especially X-Family-Name, X-Given-Name.
Since we get all the data from JSON and JSON is in UTF8
by default RFC 7159, we are safe.
Refactored to make it less error-prone and to get
as small number of encoding/decoding as possible.
|
|
|
|
We have our own traps and logging.
|
|
|
|
|
|
|
|
|
|
By underlying HTTP Client or WAI
|
|
|
|
|
|
If method of the original query is GET,
redirect to original path with query parameters.
Otherwise redirect to "/".
Previously, when unauthenticated users click on "https://example.net/foo?bar",
they are redirected to "https://example.net/foo" after authentication.
Now, they will be redirected to "https://example.net/foo?bar"
|
|
|