- update dependency versions to current
- include deps in tree (ease build for heroku)
- minor makefile cleanup
- rebuild with go-1.9
- rebuild with go-1.8
- strip binaries as part of default build
- Pass through ETag header from server. The previous omission was inconsistent with passing the if-none-match client request header.
- resolve potential resource leak with redirection failures and http response body closing
- better address rejection logic
- resolve hostname and check against rfc1918 (best effort blocking of dns rebind attacks)
- fix regex match bug with 172.16.0.0/12 addresses (over eager match)
- apply a more friendly default content-security-policy
- just a rebuild of 1.0.8 with go 1.7.3
- update go version support
- build release with go1.7
- conver to different logging mechanism (mlog)
- fix a go16 logging issue
- add --no-log-ts command line option
- use sync/atomic for internal stats counters
- reorganize some struct memory layout a little
- add -VV license info output
- move simple-server to its own repo
- more performant stats (replaced mutex with sync/atomic)
- fewer spawned goroutines when using stats
- Build release with go1.6
- Switch to building with gb
- Minor change for go1.5 with proxy timeout 504
- revert to stdlib http client
- fix issue with http date header generation
- optimization for allow-list checks
- keepalive options fix
- minor code organization changes
- fix for heroku build issue with example code
- use simple router instead of gorilla/mux to reduce overhead and increase performance.
- move some code from camo proxy into the simple router
- some minor changes to Makefile/building
- add support for HTTP HEAD requests
- add support for adding custom default response headers
- return custom headers on 404s as well.
- enable http keepalives on upstream/backends
- add support for disable http keepalives on frontend/backend separately
- upgrade library deps
- various bug fixes
- remove config support (use env or cli flags)
- turn allowlist into a cli flag to parse a plain text file vs json config
- clean ups/general code hygiene
- Transparent base64 url support
- Remove NoFollowRedirects and add MaxRedirects
- Use https://github.com/mreiferson/go-httpclient to handle timeouts more cleanly
- fix bug in loop prevention
- bump max idle conn count
- keep idle conn trimmer running
- Add ReadTimeout to http.Server, to close excessive keepalive goroutines
- optimize date header generation to use a ticker
- performance improvements
- fix a few subtle race conditions with stats
- Refactor logging a bit
- Move encoding functionality into a submodule to reduce import size (and thus resultant binary size) for url-tool
- Prevent request loop
- Remove custom Denylist support. Filtering should be done on signed url generation. rfc1918 filtering retained and internalized so as do reduce internal network exposue surface and avoid non-routable effort.
- Inverted redirect boolean. Redirects are now followed by default, and
the flag
no-follow
was learned. - Use new flag parsing library for nicer help and cleaner usage.
- Specify a fallback accept header if none is provided by client.
- Refactor Stats code out of camoproxy
- Make stats an optional flag in go-camo
- Minor documentation cleanup
- Clean up excessive logging on client initiated broken pipe
- organize and clean up code
- make header filters exported
- start filtering response headers
- add default Server name
- fix bug dealing with header filtering logic
- add cli utility to encode/decode urls for testing, etc.
- change repo layout to be friendlier for Go development/building
- timeout flag is now a duration (15s, 10m, 1h, etc)
- X-Forwarded-For support
- Added more info to readme
- documentation cleanup
- code reorganization
- some cleanup of command flag text
- logging code simplification
- initial release