Merge pull request #16 from corazawaf/upgrade-to-stable

unexport non-required functions
corazawaf · Jul 26, 2022 · dd9f90d · dd9f90d
2 parents 4804ee0 + 275baf2
commit dd9f90d
Show file tree

Hide file tree

Showing 6 changed files with 37 additions and 44 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -4,8 +4,14 @@ on:
   push:
     branches: 
       - '*'
+    paths-ignore:
+      - "**/*.md"
+      - "LICENSE"      
   pull_request:
     branches: [ master ]
+    paths-ignore:
+      - "**/*.md"
+      - "LICENSE"    
 
 jobs:
   test:

diff --git a/README.md b/README.md
@@ -2,16 +2,11 @@
 
 [![Tests](https://github.com/corazawaf/coraza-caddy/actions/workflows/tests.yml/badge.svg)](https://github.com/corazawaf/coraza-caddy/actions/workflows/tests.yml)
 <a href="https://pkg.go.dev/github.com/corazawaf/coraza-caddy" target="_blank"><img src="https://img.shields.io/badge/godoc-reference-blue.svg"></a>
-[![Project Status: WIP – Initial development is in progress, but there has not yet been a stable, usable release suitable for the public.](https://www.repostatus.org/badges/latest/wip.svg)](https://www.repostatus.org/#wip)
+[![Project Status: Active – The project has reached a stable, usable state and is being actively developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active)
 
-Coraza Caddy Module a WAF for your applications using FastCGI or reverse proxy.
-
-## Prerequisites
-
-* [Xcaddy](https://github.com/caddyserver/xcaddy#install)
-* [Golang 1.16+](https://golang.org/doc/install)
-* Linux Operating system (Coraza does not support Windows)
+[OWASP Coraza](https://github.com/corazawaf/coraza) Caddy Module provides Web Application Firewall capabilities for Caddy. 
 
+OWASP Coraza WAF is 100% compatible with OWASP Coreruleset and Modsecurity syntax.
 ## Plugin syntax
 
 Important: `order coraza_waf first` must be always included in your Caddyfile for Coraza module to work
@@ -28,7 +23,6 @@ Sample usage:
 
 ```
 {
-    auto_https off
     order coraza_waf first
 }
 
@@ -65,13 +59,9 @@ $ cd coraza-caddy
 $ go test ./...`
 ```
 
-## Compiling with CRS support
-
-Uncomment the plugin github.com/coraza-pcre from caddy/main.go and then compile.
-
 ## Using OWASP Core Ruleset
 
-Once you have enabled your plugin, you will have to clone coreruleset and download the default coraza configurations from [Coraza repository](https://raw.githubusercontent.com/corazawaf/coraza/v2/master/coraza.conf-recommended), then add the following to you coraza_waf directive:
+Clone the coreruleset repository and download the default coraza configurations from [Coraza repository](https://raw.githubusercontent.com/corazawaf/coraza/v2/master/coraza.conf-recommended), then add the following to you coraza_waf directive:
 
 ```
 include caddypath/coraza.conf-recommended

diff --git a/caddy/main.go b/caddy/main.go
@@ -19,9 +19,6 @@ import (
 
 	_ "github.com/caddyserver/caddy/v2/modules/standard"
 	_ "github.com/corazawaf/coraza-caddy"
-
-	// You may uncomment the following lines to enable pcre plugins (if you need use crs rules)
-	// _ "github.com/jptosso/coraza-pcre"
 )
 
 func main() {

diff --git a/coraza.go b/coraza.go
@@ -1,4 +1,4 @@
-// Copyright 2022 The Corazawaf Authors.
+// Copyright 2022 Juan Pablo Tosso and the OWASP Coraza contributors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -32,11 +32,12 @@ import (
 )
 
 func init() {
-	caddy.RegisterModule(Middleware{})
+	caddy.RegisterModule(Coraza{})
 	httpcaddyfile.RegisterHandlerDirective("coraza_waf", parseCaddyfile)
 }
 
-type Middleware struct {
+// Coraza is a Web Application Firewall implementation for Caddy.
+type Coraza struct {
 	Include    []string `json:"include"`
 	Directives string   `json:"directives"`
 
@@ -45,15 +46,15 @@ type Middleware struct {
 }
 
 // CaddyModule returns the Caddy module information.
-func (Middleware) CaddyModule() caddy.ModuleInfo {
+func (Coraza) CaddyModule() caddy.ModuleInfo {
 	return caddy.ModuleInfo{
 		ID:  "http.handlers.waf",
-		New: func() caddy.Module { return new(Middleware) },
+		New: func() caddy.Module { return new(Coraza) },
 	}
 }
 
 // Provision implements caddy.Provisioner.
-func (m *Middleware) Provision(ctx caddy.Context) error {
+func (m *Coraza) Provision(ctx caddy.Context) error {
 	var err error
 	m.logger = ctx.Logger(m)
 	m.waf = coraza.NewWaf()
@@ -92,12 +93,12 @@ func (m *Middleware) Provision(ctx caddy.Context) error {
 }
 
 // Validate implements caddy.Validator.
-func (m *Middleware) Validate() error {
+func (m *Coraza) Validate() error {
 	return nil
 }
 
 // ServeHTTP implements caddyhttp.MiddlewareHandler.
-func (m Middleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error {
+func (m Coraza) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error {
 	var err error
 	tx := m.waf.NewTransaction()
 	defer tx.ProcessLogging()
@@ -118,7 +119,7 @@ func (m Middleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddy
 		return err
 	}
 	r.Body = io.NopCloser(re)
-	rec := NewStreamRecorder(w, tx)
+	rec := newStreamRecorder(w, tx)
 	err = next.ServeHTTP(rec, r)
 	if err != nil {
 		return err
@@ -145,7 +146,7 @@ func (m Middleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddy
 }
 
 // Unmarshal Caddyfile implements caddyfile.Unmarshaler.
-func (m *Middleware) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
+func (m *Coraza) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 	if !d.Next() {
 		return d.Err("expected token following filter")
 	}
@@ -171,7 +172,7 @@ func (m *Middleware) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 
 // parseCaddyfile unmarshals tokens from h into a new Middleware.
 func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) {
-	var m Middleware
+	var m Coraza
 	err := m.UnmarshalCaddyfile(h.Dispenser)
 	return m, err
 }
@@ -221,8 +222,8 @@ func interrupt(err error, tx *coraza.Transaction) error {
 
 // Interface guards
 var (
-	_ caddy.Provisioner           = (*Middleware)(nil)
-	_ caddy.Validator             = (*Middleware)(nil)
-	_ caddyhttp.MiddlewareHandler = (*Middleware)(nil)
-	_ caddyfile.Unmarshaler       = (*Middleware)(nil)
+	_ caddy.Provisioner           = (*Coraza)(nil)
+	_ caddy.Validator             = (*Coraza)(nil)
+	_ caddyhttp.MiddlewareHandler = (*Coraza)(nil)
+	_ caddyfile.Unmarshaler       = (*Coraza)(nil)
 )
diff --git a/coraza_test.go b/coraza_test.go
@@ -1,4 +1,4 @@
-// Copyright 2022 The Corazawaf Authors.
+// Copyright 2022 Juan Pablo Tosso and the OWASP Coraza contributors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

diff --git a/stream.go b/stream.go
@@ -1,4 +1,4 @@
-// Copyright 2022 The Corazawaf Authors.
+// Copyright 2022 Juan Pablo Tosso and the OWASP Coraza contributors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -22,7 +22,7 @@ import (
 	"github.com/corazawaf/coraza/v2"
 )
 
-type StreamRecorder struct {
+type streamRecorder struct {
 	*caddyhttp.ResponseWriterWrapper
 	transaction *coraza.Transaction
 	statusCode  int
@@ -31,7 +31,7 @@ type StreamRecorder struct {
 	stream bool
 }
 
-func (sr *StreamRecorder) WriteHeader(statusCode int) {
+func (sr *streamRecorder) WriteHeader(statusCode int) {
 	if sr.wroteHeader {
 		return
 	}
@@ -56,7 +56,7 @@ func (sr *StreamRecorder) WriteHeader(statusCode int) {
 	}
 }
 
-func (sr *StreamRecorder) Write(data []byte) (int, error) {
+func (sr *streamRecorder) Write(data []byte) (int, error) {
 	sr.WriteHeader(http.StatusOK)
 	if sr.transaction.Interruption != nil {
 		// We won't process the response body if the transaction was interrupted
@@ -67,12 +67,11 @@ func (sr *StreamRecorder) Write(data []byte) (int, error) {
 		return sr.ResponseWriterWrapper.Write(data)
 	}
 
-	sr.transaction.ResponseBodyBuffer.Write(data)
-	return len(data), nil
+	return sr.transaction.ResponseBodyBuffer.Write(data)
 }
 
 // Reader provides access to the buffered/inmemory response object
-func (sr *StreamRecorder) Reader() (io.Reader, error) {
+func (sr *streamRecorder) Reader() (io.Reader, error) {
 	if sr.stream {
 		return nil, nil
 	}
@@ -81,16 +80,16 @@ func (sr *StreamRecorder) Reader() (io.Reader, error) {
 
 // Buffered returns true if the response is stored inside the transaction
 // IF false the response was already sent to the client
-func (sr *StreamRecorder) Buffered() bool {
+func (sr *streamRecorder) Buffered() bool {
 	return !sr.stream
 }
 
-func (sr *StreamRecorder) Status() int {
+func (sr *streamRecorder) Status() int {
 	return sr.statusCode
 }
 
-func NewStreamRecorder(w http.ResponseWriter, tx *coraza.Transaction) *StreamRecorder {
-	return &StreamRecorder{
+func newStreamRecorder(w http.ResponseWriter, tx *coraza.Transaction) *streamRecorder {
+	return &streamRecorder{
 		ResponseWriterWrapper: &caddyhttp.ResponseWriterWrapper{ResponseWriter: w},
 		transaction:           tx,
 	}