Refactor header checks, setup, and CI testing for improved clarity.

dvershinin · Dec 8, 2024 · 1a27cff · 1a27cff
1 parent 67cecfe
commit 1a27cff
Show file tree

Hide file tree

Showing 13 changed files with 147 additions and 109 deletions.
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
@@ -1,13 +1,3 @@
 # These are supported funding model platforms
 
 github: dvershinin
-patreon: getpagespeed
-open_collective: # Replace with a single Open Collective username
-ko_fi: # Replace with a single Ko-fi username
-tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
-community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
-liberapay: # Replace with a single Liberapay username
-issuehunt: # Replace with a single IssueHunt username
-otechie: # Replace with a single Otechie username
-lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
-custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
diff --git a/LICENSE b/LICENSE
@@ -1,3 +1,4 @@
+(C) Danila Vershinin, 2024
 (C) YANDEX LLC, 2017
 
 Mozilla Public License Version 2.0
@@ -352,4 +353,4 @@ Licenses
 
 If You choose to distribute Source Code Form that is Incompatible With
 Secondary Licenses under the terms of this version of the License, the
-notice described in Exhibit B of this License must be attached.
+notice described in Exhibit B of this License must be attached.
diff --git a/README.md b/README.md
@@ -6,6 +6,9 @@ GIXY
 [![GitHub issues](https://img.shields.io/github/issues/dvershinin/gixy.svg?style=flat-square)](https://github.com/dvershinin/gixy/issues)
 [![GitHub pull requests](https://img.shields.io/github/issues-pr/dvershinin/gixy.svg?style=flat-square)](https://github.com/dvershinin/gixy/pulls)
 
+> [!TIP]
+> This is an **actively maintained fork** of the original [Gixy](https://github.com/yandex/gixy) project by **Yandex LLC**.  
+
 # Overview
 <img align="right" width="192" height="192" src="docs/gixy.png">
 
@@ -33,6 +36,7 @@ Right now Gixy can find:
 *   [[add_header_content_type] Setting Content-Type via add_header](https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/add_header_content_type.md)
 *   [[resolver_external] Using external DNS nameservers](https://blog.zorinaq.com/nginx-resolver-vulns/)
 *   [[version_disclosure] Using insecure values for server_tokens](https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/version_disclosure.md)
+*   [[try_files_is_evil_too] The try_files directive is evil without open_file_cache](https://www.getpagespeed.com/server-setup/nginx-try_files-is-evil-too)
 
 You can find things that Gixy is learning to detect at [Issues labeled with "new plugin"](https://github.com/dvershinin/gixy/issues?q=is%3Aissue+is%3Aopen+label%3A%22new+plugin%22)
 

diff --git a/docs/en/plugins/if_is_evil.md b/docs/en/plugins/if_is_evil.md
@@ -27,9 +27,12 @@ if ($args ~ post=140){
 
 ## What to do instead
 
-Use [`try_files`](https://nginx.org/en/docs/http/ngx_http_core_module.html#try_files) if it suits your needs.  Use the "return ..." or "rewrite ... last" in other cases.  In some cases, it's also possible to move ifs to server level (where it's safe as only other rewrite module directives are allowed within it).
+Use the "return ..." or "rewrite ... last" if it suits your needs.
+You can allocate additional locations and `map` if you want to set variables based on conditions.
 
-E.g. the following may be used to safely change location which will be used to process request:
+In some cases, it's also possible to move `if`s to server level (where it's safe as only other rewrite module directives are allowed within it).
+
+E.g., the following may be used to safely change location which will be used to process request:
 
 ```nginx
 location / {

diff --git a/gixy/__init__.py b/gixy/__init__.py
@@ -2,4 +2,4 @@
 
 from gixy.core import severity
 
-version = '0.1.24'
+version = "0.2.0"
diff --git a/gixy/directives/block.py b/gixy/directives/block.py
@@ -14,7 +14,7 @@ def get_overrides():
         if not klass.nginx_name:
             continue
 
-        if not klass.__name__.endswith('Block'):
+        if not klass.__name__.endswith("Block"):
             continue
 
         result[klass.nginx_name] = klass
@@ -31,6 +31,7 @@ def __init__(self, name, args):
         self.children = []
 
     def some(self, name, flat=True):
+        """Find first directive with given name"""
         for child in self.children:
             if child.name == name:
                 return child
@@ -41,6 +42,7 @@ def some(self, name, flat=True):
         return None
 
     def find(self, name, flat=False):
+        """Find all directives with given name"""
         result = []
         for child in self.children:
             if child.name == name:
@@ -63,7 +65,7 @@ def append(self, directive):
         self.children.append(directive)
 
     def __str__(self):
-        return '{name} {args} {{'.format(name=self.name, args=' '.join(self.args))
+        return "{name} {args} {{".format(name=self.name, args=" ".join(self.args))
 
 
 class Root(Block):
@@ -74,30 +76,30 @@ def __init__(self):
 
 
 class HttpBlock(Block):
-    nginx_name = 'http'
+    nginx_name = "http"
 
     def __init__(self, name, args):
         super(HttpBlock, self).__init__(name, args)
 
 
 class ServerBlock(Block):
-    nginx_name = 'server'
+    nginx_name = "server"
 
     def __init__(self, name, args):
         super(ServerBlock, self).__init__(name, args)
 
     def get_names(self):
-        return self.find('server_name')
+        return self.find("server_name")
 
     def __str__(self):
-        server_names = [str(sn) for sn in self.find('server_name')]
+        server_names = [str(sn) for sn in self.find("server_name")]
         if server_names:
-            return 'server {{\n{0}'.format('\n'.join(server_names[:2]))
-        return 'server {'
+            return "server {{\n{0}".format("\n".join(server_names[:2]))
+        return "server {"
 
 
 class LocationBlock(Block):
-    nginx_name = 'location'
+    nginx_name = "location"
     provide_variables = True
 
     def __init__(self, name, args):
@@ -110,22 +112,24 @@ def __init__(self, name, args):
 
     @property
     def is_internal(self):
-        return self.some('internal') is not None
+        return self.some("internal") is not None
 
     @cached_property
     def variables(self):
-        if not self.modifier or self.modifier not in ('~', '~*'):
+        if not self.modifier or self.modifier not in ("~", "~*"):
             return []
 
-        regexp = Regexp(self.path, case_sensitive=self.modifier == '~')
+        regexp = Regexp(self.path, case_sensitive=self.modifier == "~")
         result = []
         for name, group in regexp.groups.items():
-            result.append(Variable(name=name, value=group, boundary=None, provider=self))
+            result.append(
+                Variable(name=name, value=group, boundary=None, provider=self)
+            )
         return result
 
 
 class IfBlock(Block):
-    nginx_name = 'if'
+    nginx_name = "if"
     self_context = False
 
     def __init__(self, name, args):
@@ -147,54 +151,70 @@ def __init__(self, name, args):
             raise Exception('Unknown "if" definition, args: {0!r}'.format(args))
 
     def __str__(self):
-        return '{name} ({args}) {{'.format(name=self.name, args=' '.join(self.args))
+        return "{name} ({args}) {{".format(name=self.name, args=" ".join(self.args))
 
 
 class IncludeBlock(Block):
-    nginx_name = 'include'
+    nginx_name = "include"
     self_context = False
 
     def __init__(self, name, args):
         super(IncludeBlock, self).__init__(name, args)
         self.file_path = args[0]
 
     def __str__(self):
-        return 'include {0};'.format(self.file_path)
+        return "include {0};".format(self.file_path)
 
 
 class MapBlock(Block):
-    nginx_name = 'map'
+    nginx_name = "map"
     self_context = False
     provide_variables = True
 
     def __init__(self, name, args):
         super(MapBlock, self).__init__(name, args)
         self.source = args[0]
-        self.variable = args[1].strip('$')
+        self.variable = args[1].strip("$")
 
     @cached_property
     def variables(self):
         # TODO(buglloc): Finish him!
-        return [Variable(name=self.variable, value='', boundary=None, provider=self, have_script=False)]
+        return [
+            Variable(
+                name=self.variable,
+                value="",
+                boundary=None,
+                provider=self,
+                have_script=False,
+            )
+        ]
 
 
 class GeoBlock(Block):
-    nginx_name = 'geo'
+    nginx_name = "geo"
     self_context = False
     provide_variables = True
 
     def __init__(self, name, args):
         super(GeoBlock, self).__init__(name, args)
         if len(args) == 1:  # geo uses $remote_addr as default source of the value
-            source = '$remote_addr'
-            variable = args[0].strip('$')
+            source = "$remote_addr"
+            variable = args[0].strip("$")
         else:
             source = args[0]
-            variable = args[1].strip('$')
+            variable = args[1].strip("$")
         self.source = source
         self.variable = variable
 
     @cached_property
     def variables(self):
         # TODO(buglloc): Finish him! -- same as in MapBlock
-        return [Variable(name=self.variable, value='', boundary=None, provider=self, have_script=False)]
+        return [
+            Variable(
+                name=self.variable,
+                value="",
+                boundary=None,
+                provider=self,
+                have_script=False,
+            )
+        ]
Original file line number	Diff line number	Diff line change
Expand Up		@@ -2,4 +2,4 @@

		from gixy.core import severity

		version = '0.1.24'
		version = "0.2.0"