merge master

server/web/admin.go

@@ -80,22 +80,15 @@ type adminApp struct {
 	*HttpServer
 }
 
-// Route adds http.HandlerFunc to adminApp with url pattern.
+// Run start Beego admin
 func (admin *adminApp) Run() {
-	// if len(task.AdminTaskList) > 0 {
-	// 	task.StartTask()
-	// }
-	logs.Warning("now we don't start tasks here, if you use task module," +
+	logs.Debug("now we don't start tasks here, if you use task module," +
 		" please invoke task.StartTask, or task will not be executed")
-
 	addr := BConfig.Listen.AdminAddr
-
 	if BConfig.Listen.AdminPort != 0 {
 		addr = fmt.Sprintf("%s:%d", BConfig.Listen.AdminAddr, BConfig.Listen.AdminPort)
 	}
-
 	logs.Info("Admin server Running on %s", addr)
-
 	admin.HttpServer.Run(addr)
 }
 

server/web/admin_test.go

@@ -29,7 +29,6 @@ func (cc *SampleCacheCheck) Check() error {
 func TestList_01(t *testing.T) {
 	m := make(M)
 	list("BConfig", BConfig, m)
-	t.Log(m)
 	om := oldMap()
 	for k, v := range om {
 		if fmt.Sprint(m[k]) != fmt.Sprint(v) {
@@ -98,8 +97,6 @@ func oldMap() M {
 }
 
 func TestWriteJSON(t *testing.T) {
-	t.Log("Testing the adding of JSON to the response")
-
 	w := httptest.NewRecorder()
 	originalBody := []int{1, 2, 3}
 

server/web/config.go

@@ -405,6 +405,11 @@ type SessionConfig struct {
 	// the default value is http.SameSiteDefaultMode
 	// @Default 1
 	SessionCookieSameSite http.SameSite
+
+	// SessionIDPrefix
+	// @Description session id's prefix
+	// @Default ""
+	SessionIDPrefix string
 }
 
 // LogConfig holds Log related config

server/web/filter_chain_test.go

@@ -27,7 +27,7 @@ import (
 	"github.com/beego/beego/v2/server/web/context"
 )
 
-func TestControllerRegister_InsertFilterChain(t *testing.T) {
+func TestControllerRegisterInsertFilterChain(t *testing.T) {
 	InsertFilterChain("/*", func(next FilterFunc) FilterFunc {
 		return func(ctx *context.Context) {
 			ctx.Output.Header("filter", "filter-chain")
@@ -80,3 +80,57 @@ func TestControllerRegister_InsertFilterChain_Order(t *testing.T) {
 
 	assert.True(t, st > ft)
 }
+
+func TestFilterChainRouter(t *testing.T) {
+	app := NewHttpSever()
+	const filterNonMatch = "filter-chain-non-match"
+	app.InsertFilterChain("/app/nonMatch/before/*", func(next FilterFunc) FilterFunc {
+		return func(ctx *context.Context) {
+			ctx.Output.Header("filter", filterNonMatch)
+			next(ctx)
+		}
+	})
+
+	const filterAll = "filter-chain-all"
+	app.InsertFilterChain("/*", func(next FilterFunc) FilterFunc {
+		return func(ctx *context.Context) {
+			ctx.Output.Header("filter", filterAll)
+			next(ctx)
+		}
+	})
+
+	app.InsertFilterChain("/app/nonMatch/after/*", func(next FilterFunc) FilterFunc {
+		return func(ctx *context.Context) {
+			ctx.Output.Header("filter", filterNonMatch)
+			next(ctx)
+		}
+	})
+
+	app.InsertFilterChain("/app/match/*", func(next FilterFunc) FilterFunc {
+		return func(ctx *context.Context) {
+			ctx.Output.Header("match", "yes")
+			next(ctx)
+		}
+	})
+
+	app.Handlers.Init()
+
+	r, _ := http.NewRequest("GET", "/app/match", nil)
+	w := httptest.NewRecorder()
+
+	app.Handlers.ServeHTTP(w, r)
+	assert.Equal(t, filterAll, w.Header().Get("filter"))
+	assert.Equal(t, "yes", w.Header().Get("match"))
+
+	r, _ = http.NewRequest("GET", "/app/match1", nil)
+	w = httptest.NewRecorder()
+	app.Handlers.ServeHTTP(w, r)
+	assert.Equal(t, filterAll, w.Header().Get("filter"))
+	assert.NotEqual(t, "yes", w.Header().Get("match"))
+
+	r, _ = http.NewRequest("GET", "/app/nonMatch", nil)
+	w = httptest.NewRecorder()
+	app.Handlers.ServeHTTP(w, r)
+	assert.Equal(t, filterAll, w.Header().Get("filter"))
+	assert.NotEqual(t, "yes", w.Header().Get("match"))
+}

server/web/hooks.go

@@ -62,6 +62,7 @@ func registerSession() error {
 			conf.SessionNameInHTTPHeader = BConfig.WebConfig.Session.SessionNameInHTTPHeader
 			conf.EnableSidInURLQuery = BConfig.WebConfig.Session.SessionEnableSidInURLQuery
 			conf.CookieSameSite = BConfig.WebConfig.Session.SessionCookieSameSite
+			conf.SessionIDPrefix = BConfig.WebConfig.Session.SessionIDPrefix
 		} else {
 			if err = json.Unmarshal([]byte(sessionConfig), conf); err != nil {
 				return err

server/web/router.go

@@ -196,7 +196,10 @@ func (p *ControllerRegister) Init() {
 	for i := len(p.filterChains) - 1; i >= 0; i-- {
 		fc := p.filterChains[i]
 		root := p.chainRoot
-		filterFunc := fc.chain(root.filterFunc)
+		filterFunc := fc.chain(func(ctx *beecontext.Context) {
+			var preFilterParams map[string]string
+			root.filter(ctx, p.getUrlPath(ctx), preFilterParams)
+		})
 		p.chainRoot = newFilterRouter(fc.pattern, filterFunc, fc.opts...)
 		p.chainRoot.next = root
 	}
@@ -332,7 +335,6 @@ func (p *ControllerRegister) Include(cList ...ControllerInterface) {
 				for _, f := range a.Filters {
 					p.InsertFilter(f.Pattern, f.Pos, f.Filter, WithReturnOnOutput(f.ReturnOnOutput), WithResetParams(f.ResetParams))
 				}
-
 				p.addWithMethodParams(a.Router, c, a.MethodParams, WithRouterMethods(c, strings.Join(a.AllowHTTPMethods, ",")+":"+a.Method))
 			}
 		}
@@ -786,7 +788,7 @@ func (p *ControllerRegister) InsertFilter(pattern string, pos int, filter Filter
 //     }
 // }
 func (p *ControllerRegister) InsertFilterChain(pattern string, chain FilterChain, opts ...FilterOpt) {
-	opts = append(opts, WithCaseSensitive(p.cfg.RouterCaseSensitive))
+	opts = append([]FilterOpt{WithCaseSensitive(p.cfg.RouterCaseSensitive)}, opts...)
 	p.filterChains = append(p.filterChains, filterChainConfig{
 		pattern: pattern,
 		chain:   chain,

server/web/statistics.go

@@ -16,6 +16,7 @@ package web
 
 import (
 	"fmt"
+	"html/template"
 	"sync"
 	"time"
 
@@ -97,7 +98,7 @@ func (m *URLMap) GetMap() map[string]interface{} {
 	for k, v := range m.urlmap {
 		for kk, vv := range v {
 			result := []string{
-				fmt.Sprintf("% -50s", k),
+				fmt.Sprintf("% -50s", template.HTMLEscapeString(k)),
 				fmt.Sprintf("% -10s", kk),
 				fmt.Sprintf("% -16d", vv.RequestNum),
 				fmt.Sprintf("%d", vv.TotalTime),