AgeCommit message (Collapse)AuthorFilesLines
2019-09-06Apply cabal formatHEADmasterIgor Pashev1-66/+64
2019-09-06Version Pashev3-3/+9
2019-09-06Delete .gitignoreIgor Pashev1-8/+0
2019-09-06Reformat with modern hindent 5.2.7Igor Pashev7-227/+295
2019-09-06Use "getAddrInfo" instead of "inet_addr"Igor Pashev1-12/+15
2018-12-29Remove cabal.projectIgor Pashev1-2/+0
2018-12-15Version Pashev2-4/+10
2018-04-28Use 64 bytes long key by defaultIgor Pashev2-4/+3
It is padded with zeros to 64 bytes anyway if the length is less.
2018-04-28Stick to Data.AesonIgor Pashev1-2/+1
2017-12-19Drop StackIgor Pashev2-16/+2
2017-12-19Clean importsIgor Pashev3-19/+16
Drop `containers`.
2017-10-31Use Template HaskellIgor Pashev1-5/+4
2017-10-17Remove unused extensionIgor Pashev1-1/+0
2017-10-14Update stack.yamlIgor Pashev1-2/+5
2017-10-14Use voidIgor Pashev1-3/+2
2017-09-21Allow configure backend response timeoutIgor Pashev3-2/+7
2017-09-21Delete extra spaceIgor Pashev1-1/+1
2017-08-06Version Pashev2-1/+15
2017-08-06Format with hindentIgor Pashev11-650/+708
2017-08-06Encode full URL in stateIgor Pashev1-5/+5
Encode full URL in state, not just path. Use encoded URL for cross-domain redirect. This is useful for OAuth2 providers that do not support multiple callback URLs, like https://oauth.yandex.com/
2017-08-06Fix POST requests for tokensIgor Pashev2-118/+131
Really use application/x-www-form-urlencoded instead of query paramaters. Apparently, Google and LinkedIn are too tolerant. Yandex is not.
2017-08-06Add .hindent.yamlIgor Pashev1-0/+3
2017-08-06Support stackIgor Pashev2-0/+14
2017-08-06Add YandexIgor Pashev5-10/+105
2017-06-07Fix commentIgor Pashev1-1/+1
2017-05-15Version Pashev2-1/+9
2017-05-13Respond with 502 on every backend exceptionIgor Pashev1-2/+6
From RFC 7231: 6.6.3. 502 Bad Gateway The 502 (Bad Gateway) status code indicates that the server, while acting as a gateway or proxy, received an invalid response from an inbound server it accessed while attempting to fulfill the request.
2017-05-13Add end-point for checking access in a bunchIgor Pashev5-36/+140
2017-04-20ChangeLog: updated linkIgor Pashev1-1/+1
2017-02-07Version Pashev2-1/+8
2017-02-07Oops ¯\_(ツ)_/¯Igor Pashev1-1/+1
2017-01-30Version Pashev2-1/+16
2017-01-15README: replace HTTP Basic authenticationIgor Pashev1-1/+3
2017-01-03TypoIgor Pashev1-1/+1
2016-12-27Disregard possible port in the Host HTTP headerIgor Pashev2-13/+16
Motivation: to make it easy to switch Sproxy's primary port. This could be useful when running private (behind Sproxy) and public (e. g. nginx) HTTPS services on the same server. In such a setup one can use port 443 for public services and alt. HTTPS port 8443 for Sproxy. Before this change, Sproxy took possible port number into account when looking for backend and privileges. Now it ignores port and considers domain name only. This also gets Sproxy in line with browsers and SSL certificates: certificates do not include port numbers, browsers ignore ports when sending cookies.
2016-12-27Suggest alternative HTTPS port 8443Igor Pashev1-1/+4
2016-12-18BREAKING: no wildcards for domain namesIgor Pashev2-3/+3
This feature was ambiguous (in the same way as paths are) and never used anyway.
2016-12-18sproxy.sql: updated exampleIgor Pashev1-1/+4
SQL wildcards are no longer supported for HTTP methods
2016-12-14TypoIgor Pashev1-1/+1
2016-12-13Version Pashev2-1/+12
2016-12-10Examples: removed yaml markersIgor Pashev2-9/+0
They don't make much sense in files.
2016-12-05datafile.yml.example -> datafile.example.ymlIgor Pashev3-2/+2
2016-12-05sproxy.yml.example -> sproxy.example.ymlIgor Pashev3-2/+2
2016-12-01BREAKING: Allow !include in config fileIgor Pashev3-25/+16
This changes semantics of these options: - key - oauth2.<provider>.client_secret They are no longer files, but strings. To read content from files, use !include. The point of being files or read from files is to segregate secrets from non-sensitive easily discoverable settings. With !include it is much more simple and flexible.
2016-11-30Restructured README.mdIgor Pashev1-11/+11
2016-11-29TypoIgor Pashev1-1/+1
2016-11-28Version Pashev2-1/+14
2016-11-28Allow running in plain HTTP mode (no SSL)Igor Pashev3-27/+73
This can be useful when Sproxy is behind some other proxy or load-balancer.
2016-11-28sproxy.sql: add "user" tableIgor Pashev1-6/+11
This will allow simple listing, removing and renaming users (changing email). It also will allow synchronizing Sproxy database with other sources. Note that this change is not compatible with current SproxyWeb, so don't try to update production databases. Speaking of synchronization, more then added, it's important that account are deleted automatically.
2016-11-28Apply same settings to redirect serverIgor Pashev1-7/+7