|
|
8beb22a93b
|
no more needs
CI/CD Pipeline / publish (push) Successful in 24m58s
|
2025-07-25 11:00:59 +05:30 |
|
|
|
b28d39ab74
|
fix ci
CI/CD Pipeline / publish (push) Has been cancelled
|
2025-07-24 16:58:21 +05:30 |
|
|
|
158462136b
|
CI attempt Uno
CI/CD Pipeline / build (amd64) (push) Failing after 3m35s
CI/CD Pipeline / build (arm64) (push) Failing after 29s
CI/CD Pipeline / publish (push) Has been skipped
|
2025-07-22 14:05:51 +01:00 |
|
|
|
458022b3c2
|
Was that reaaaaaaally necessary?
Defining full path don't work and cause a panic, I'll have to patch that
up.
|
2025-07-19 03:14:54 +01:00 |
|
WeebDataHoarder
|
e1a318bc38
|
build/wasm: update script to build TinyGo v0.38.0, update resulting js-pow-sha256 wasm artifact
|
2025-07-03 02:41:50 +02:00 |
|
WeebDataHoarder
|
8323536e84
|
build/docker: disable PIE buildmode under riscv64 due to https://github.com/golang/go/issues/64875
|
2025-06-28 10:44:08 +02:00 |
|
WeebDataHoarder
|
99ddb2b62b
|
build/docker: address legacy "ENV key value" form and RedundantTargetPlatform
|
2025-06-28 10:35:10 +02:00 |
|
WeebDataHoarder
|
e4e5b0bc5d
|
build/docker: pass JWT_PRIVATE_KEY_SEED as a secret env, add alternate GOAWAY_JWT_PRIVATE_KEY_SEED env
|
2025-06-28 10:29:42 +02:00 |
|
WeebDataHoarder
|
057bca753d
|
build: set -buildmode pie, -bindnow linker flag. Enables Full RELRO, NX, PIE, no RPATH/RUNPATH, nothing to FORTIFY
|
2025-06-28 10:19:38 +02:00 |
|
Geoffrey “Frogeye” Preud'homme
|
d1d80c5078
|
challenges/context: add JA4 fingerprint in the headers
|
2025-06-27 21:28:43 +02:00 |
|
WeebDataHoarder
|
9a6f25df59
|
http/query: preserve raw query state when modifying url query
|
2025-06-09 13:49:37 +02:00 |
|
Alan Orth
|
c16f0863ae
|
examples/generic.yml: use path.matches in condition
The string here uses a character set with path.contains, which will
not work in CEL. We need to use path.matches to use regex syntax.
|
2025-05-17 23:50:36 +03:00 |
|
Alan Orth
|
85a8f0d9ec
|
examples: remove erroneous whitespace
|
2025-05-17 23:45:39 +03:00 |
|
WeebDataHoarder
|
a5e2e6625b
|
cmd: move http/backend error logs to debug level
|
2025-05-17 18:55:48 +02:00 |
|
WeebDataHoarder
|
d24e4b521a
|
examples/snippets: add CGNAT range to networks-private
|
2025-05-14 21:12:48 +02:00 |
|
WeebDataHoarder
|
3ac6b9d366
|
cmd/go-away: log private key fingerprint on load
|
2025-05-14 01:30:48 +02:00 |
|
WeebDataHoarder
|
484a5e3535
|
challenge/context: clear cookies by issuing a new cookie instead of clearing it
|
2025-05-14 01:30:31 +02:00 |
|
WeebDataHoarder
|
6032ac0b78
|
http: add cache-control headers to prevent caching by other proxies elsewhere
|
2025-05-13 23:48:21 +02:00 |
|
WeebDataHoarder
|
163fce6cfc
|
challenge/resource-load: use proper redirect URL to current issued challenge, add static/dynamic cache bust
|
2025-05-13 23:43:31 +02:00 |
|
WeebDataHoarder
|
3abdc2ee5b
|
examples: add private / localhost networks to snippets and forgejo/generic examples
|
2025-05-13 03:06:23 +02:00 |
|
WeebDataHoarder
|
3b045e9608
|
state/template: fix not allowing external templates to be defined
|
2025-05-08 12:14:01 +02:00 |
|
WeebDataHoarder
|
1d2f4e8a5b
|
challenge/context: use additional HTTP headers in challenge key generation if the challenge allows for it
|
2025-05-04 20:22:34 +02:00 |
|
Alan Orth
|
c6a1d50f39
|
examples/config.yml: fix YAML syntax
|
2025-05-04 12:25:44 +03:00 |
|
WeebDataHoarder
|
b1f1e9a54f
|
challenge/http: fix setting request headers properly, add method header
|
2025-05-04 04:03:07 +02:00 |
|
WeebDataHoarder
|
e0c0f8745d
|
readme: add latest release badge
|
2025-05-04 04:02:38 +02:00 |
|
WeebDataHoarder
|
fb6c5c3eb4
|
examples/forgejo: remove standard-bots rule, it's redundant
|
2025-05-03 22:43:09 +02:00 |
|
WeebDataHoarder
|
aebbfa4eaa
|
context: set client network address without original port on backend-ip-header option
|
2025-05-03 22:32:25 +02:00 |
|
WeebDataHoarder
|
816d0fef90
|
ci: trigger on tags
v0.7.0
|
2025-05-03 22:14:15 +02:00 |
|
WeebDataHoarder
|
06aca367a1
|
ci: change push trigger
|
2025-05-03 22:12:13 +02:00 |
|
WeebDataHoarder
|
44c9114ae5
|
challenges: add refresh via JavaScript window.location
|
2025-05-03 21:35:12 +02:00 |
|
WeebDataHoarder
|
4b1878f1ac
|
examples/forgejo: exclude fetchers from suspicious crawler
|
2025-05-03 21:21:13 +02:00 |
|
WeebDataHoarder
|
925a1d59a2
|
challenges: return ErrNoCookie when no cookies of given name are present
|
2025-05-03 17:41:50 +02:00 |
|
WeebDataHoarder
|
76417b4308
|
challenges: parse all existing cookies with given name and extract valid one always
|
2025-05-03 17:37:52 +02:00 |
|
WeebDataHoarder
|
0e62f80f9b
|
challenges: prevent unbounded growth of stored cookies by bundling all state onto a single JWT token
|
2025-05-03 17:30:39 +02:00 |
|
WeebDataHoarder
|
2cb5972371
|
challenges/context: allow setting request headers towards the backend
|
2025-05-03 15:55:13 +02:00 |
|
WeebDataHoarder
|
3d73ee76c4
|
state: add more meta tags onto cached tags, add missing txt and xml resources to well-known snippet
|
2025-05-03 05:59:32 +02:00 |
|
WeebDataHoarder
|
5bc1ab428b
|
docker: add GOAWAY_CHALLENGE_TEMPLATE_LOGO parameter to Dockerfile
|
2025-05-03 04:17:02 +02:00 |
|
WeebDataHoarder
|
606f8ec3a0
|
templates: explicitly allow overriding logo via cmdline/override in config, have bundled templates support it
|
2025-05-03 04:14:11 +02:00 |
|
WeebDataHoarder
|
1ea19c5a6c
|
state context: Added proxy-safe-link-tags to proxy <link> tags, use specific LinkTags ranger on templates instead of raw elements
|
2025-05-03 04:12:58 +02:00 |
|
WeebDataHoarder
|
736c2708e9
|
examples/forgejo: exclude fetchers from TLS Fingerprint rule
|
2025-05-02 22:21:40 +02:00 |
|
WeebDataHoarder
|
74cc614564
|
readme: cleanup, redirect to wiki as necessary
|
2025-05-02 20:55:44 +02:00 |
|
WeebDataHoarder
|
e8e072286e
|
challenge: lower preload-early-hint-deadline to 2 seconds by default
|
2025-05-02 20:42:25 +02:00 |
|
WeebDataHoarder
|
0d28d1680c
|
readme: add ngx_http_js_challenge_module and haproxy-protection
|
2025-05-02 13:39:25 +02:00 |
|
pwgen2155
|
2ab45983e9
|
feat: all betterstack ip ranges and useragent (#16)
ref: https://betterstack.com/docs/uptime/frequently-asked-questions/#what-ips-does-uptime-use
I believe this is how you do it. Will test later on. Unfortunately their playwrite contains a generic user agent...
Co-authored-by: WeebDataHoarder <weebdatahoarder@noreply.gammaspectra.live>
Reviewed-on: https://git.gammaspectra.live/git/go-away/pulls/16
Co-authored-by: pwgen2155 <pwgen2155@noreply.gammaspectra.live>
Co-committed-by: pwgen2155 <pwgen2155@noreply.gammaspectra.live>
|
2025-05-02 11:00:39 +00:00 |
|
WeebDataHoarder
|
a2225fe749
|
context: allow nil request context in fetch cases
|
2025-05-02 02:23:48 +02:00 |
|
nakoo
|
61d0964eb0
|
docker: fix docker entrypoint to optionally accept the command option
|
2025-05-01 21:08:38 +00:00 |
|
WeebDataHoarder
|
b9ca196c63
|
settings/bind: allow specifying bind/client timeouts
|
2025-05-01 22:26:51 +02:00 |
|
WeebDataHoarder
|
f6a8f50a53
|
settings/backend: allow configuring dial and transport timeouts
|
2025-05-01 22:23:23 +02:00 |
|
WeebDataHoarder
|
3047dcfd4b
|
examples/forgejo: Restrict meta tag fetching for likely bots
|
2025-05-01 16:15:28 +02:00 |
|
WeebDataHoarder
|
868c76eeb9
|
examples/forgejo: add commit graph endpoint to heavy resources
|
2025-05-01 14:20:03 +02:00 |
|
