Merge 4c81c2a933738dc74934576edc3173eaa688c769 into b2b489dbf4826c2c630717a77fd5e42774625410

chore(context): always trust xff headers from unix socket (#3359 )
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2026-06-13 00:59:29 +08:00 · 2026-01-18 17:57:57 -08:00 · 2026-01-18 12:56:22 +08:00 · 2026-01-17 16:40:43 +08:00 · 2026-01-02 10:15:27 +08:00 · 2025-12-27 19:25:17 +08:00
10 changed files with 371 additions and 44 deletions
--- a/.github/workflows/gin.yml
+++ b/.github/workflows/gin.yml
@ -65,7 +65,7 @@ jobs:
        with:
          ref: ${{ github.ref }}

-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: |
            ${{ matrix.go-build }}
--- a/context.go
+++ b/context.go
@ -5,6 +5,7 @@
 package gin

 import (
+	"bytes"
 	"errors"
 	"fmt"
 	"io"
@ -906,6 +907,24 @@ func (c *Context) ShouldBindUri(obj any) error {
 // ShouldBindWith binds the passed struct pointer using the specified binding engine.
 // See the binding package.
 func (c *Context) ShouldBindWith(obj any, b binding.Binding) error {
+	if b.Name() == "form-urlencoded" || b.Name() == "form" {
+		var body []byte
+		if cb, ok := c.Get(BodyBytesKey); ok {
+			if cbb, ok := cb.([]byte); ok {
+				body = cbb
+			}
+		}
+
+		if body == nil {
+			var err error
+			body, err = io.ReadAll(c.Request.Body)
+			if err != nil {
+				return err
+			}
+			c.Set(BodyBytesKey, body)
+		}
+		c.Request.Body = io.NopCloser(bytes.NewBuffer(body))
+	}
 	return b.Bind(c.Request, obj)
 }

@ -978,18 +997,32 @@ func (c *Context) ClientIP() string {
 		}
 	}

-	// It also checks if the remoteIP is a trusted proxy or not.
-	// In order to perform this validation, it will see if the IP is contained within at least one of the CIDR blocks
-	// defined by Engine.SetTrustedProxies()
-	remoteIP := net.ParseIP(c.RemoteIP())
-	if remoteIP == nil {
-		return ""
+	var (
+		trusted  bool
+		remoteIP net.IP
+	)
+	// If gin is listening a unix socket, always trust it.
+	localAddr, ok := c.Request.Context().Value(http.LocalAddrContextKey).(net.Addr)
+	if ok && strings.HasPrefix(localAddr.Network(), "unix") {
+		trusted = true
+	}
+
+	// Fallback
+	if !trusted {
+		// It also checks if the remoteIP is a trusted proxy or not.
+		// In order to perform this validation, it will see if the IP is contained within at least one of the CIDR blocks
+		// defined by Engine.SetTrustedProxies()
+		remoteIP = net.ParseIP(c.RemoteIP())
+		if remoteIP == nil {
+			return ""
+		}
+		trusted = c.engine.isTrustedProxy(remoteIP)
 	}
-	trusted := c.engine.isTrustedProxy(remoteIP)

 	if trusted && c.engine.ForwardedByClientIP && c.engine.RemoteIPHeaders != nil {
 		for _, headerName := range c.engine.RemoteIPHeaders {
-			ip, valid := c.engine.validateHeader(c.requestHeader(headerName))
+			headerValue := strings.Join(c.Request.Header.Values(headerName), ",")
+			ip, valid := c.engine.validateHeader(headerValue)
 			if valid {
 				return ip
 			}
@ -1069,9 +1102,43 @@ func (c *Context) GetRawData() ([]byte, error) {
 	if c.Request.Body == nil {
 		return nil, errors.New("cannot read nil body")
 	}
+
+	if cb, ok := c.Get(BodyBytesKey); ok {
+		if cbb, ok := cb.([]byte); ok {
+			return cbb, nil
+		}
+	}
+
 	return io.ReadAll(c.Request.Body)
 }

+// GetRequestBody returns the request body as bytes, caching it for reuse.
+// This allows the body to be read multiple times without being consumed.
+// Returns an error if the body cannot be read or if it's nil.
+func (c *Context) GetRequestBody() ([]byte, error) {
+	if c.Request.Body == nil {
+		return nil, errors.New("cannot read nil body")
+	}
+
+	// Check if body is already cached
+	if cb, ok := c.Get(BodyBytesKey); ok {
+		if cbb, ok := cb.([]byte); ok {
+			return cbb, nil
+		}
+	}
+
+	// Read and cache the body
+	body, err := io.ReadAll(c.Request.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	// Cache the body for future use
+	c.Set(BodyBytesKey, body)
+
+	return body, nil
+}
+
 // SetSameSite with cookie
 func (c *Context) SetSameSite(samesite http.SameSite) {
 	c.sameSite = samesite
--- a/context_test.go
+++ b/context_test.go
@ -1143,6 +1143,37 @@ func TestContextRenderNoContentIndentedJSON(t *testing.T) {
 	assert.Equal(t, "application/json; charset=utf-8", w.Header().Get("Content-Type"))
 }

+func TestContextClientIPWithMultipleHeaders(t *testing.T) {
+	c, _ := CreateTestContext(httptest.NewRecorder())
+	c.Request, _ = http.NewRequest(http.MethodGet, "/test", nil)
+
+	// Multiple X-Forwarded-For headers
+	c.Request.Header.Add("X-Forwarded-For", "1.2.3.4, "+localhostIP)
+	c.Request.Header.Add("X-Forwarded-For", "5.6.7.8")
+	c.Request.RemoteAddr = localhostIP + ":1234"
+
+	c.engine.ForwardedByClientIP = true
+	c.engine.RemoteIPHeaders = []string{"X-Forwarded-For"}
+	_ = c.engine.SetTrustedProxies([]string{localhostIP})
+
+	// Should return 5.6.7.8 (last non-trusted IP)
+	assert.Equal(t, "5.6.7.8", c.ClientIP())
+}
+
+func TestContextClientIPWithSingleHeader(t *testing.T) {
+	c, _ := CreateTestContext(httptest.NewRecorder())
+	c.Request, _ = http.NewRequest(http.MethodGet, "/test", nil)
+	c.Request.Header.Set("X-Forwarded-For", "1.2.3.4, "+localhostIP)
+	c.Request.RemoteAddr = localhostIP + ":1234"
+
+	c.engine.ForwardedByClientIP = true
+	c.engine.RemoteIPHeaders = []string{"X-Forwarded-For"}
+	_ = c.engine.SetTrustedProxies([]string{localhostIP})
+
+	// Should return 1.2.3.4
+	assert.Equal(t, "1.2.3.4", c.ClientIP())
+}
+
 // Tests that the response is serialized as Secure JSON
 // and Content-Type is set to application/json
 func TestContextRenderSecureJSON(t *testing.T) {
@ -1884,6 +1915,16 @@ func TestContextClientIP(t *testing.T) {
 	c.engine.trustedCIDRs, _ = c.engine.prepareTrustedCIDRs()
 	resetContextForClientIPTests(c)

+	// unix address
+	addr := &net.UnixAddr{Net: "unix", Name: "@"}
+	c.Request = c.Request.WithContext(context.WithValue(c.Request.Context(), http.LocalAddrContextKey, addr))
+	c.Request.RemoteAddr = addr.String()
+	assert.Equal(t, "20.20.20.20", c.ClientIP())
+
+	// reset
+	c.Request = c.Request.WithContext(context.Background())
+	resetContextForClientIPTests(c)
+
 	// Legacy tests (validating that the defaults don't break the
 	// (insecure!) old behaviour)
 	assert.Equal(t, "20.20.20.20", c.ClientIP())
@ -1910,7 +1951,7 @@ func TestContextClientIP(t *testing.T) {
 	resetContextForClientIPTests(c)

 	// IPv6 support
-	c.Request.RemoteAddr = "[::1]:12345"
+	c.Request.RemoteAddr = fmt.Sprintf("[%s]:12345", localhostIPv6)
 	assert.Equal(t, "20.20.20.20", c.ClientIP())

 	resetContextForClientIPTests(c)
@ -2349,6 +2390,28 @@ func TestContextShouldBindWithQuery(t *testing.T) {
 	assert.Equal(t, 0, w.Body.Len())
 }

+func TestContextGetRawDataAfterShouldBind(t *testing.T) {
+	w := httptest.NewRecorder()
+	c, _ := CreateTestContext(w)
+
+	c.Request, _ = http.NewRequest(http.MethodPost, "/", strings.NewReader("p1=1&p2=2&p3=4"))
+	c.Request.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
+	var s struct {
+		P1 string `form:"p1"`
+		P2 string `form:"p2"`
+		P3 string `form:"p3"`
+	}
+	require.NoError(t, c.ShouldBind(&s))
+	assert.Equal(t, "1", s.P1)
+	assert.Equal(t, "2", s.P2)
+	assert.Equal(t, "4", s.P3)
+
+	rawData, err := c.GetRawData()
+	require.NoError(t, err)
+	assert.Equal(t, "p1=1&p2=2&p3=4", string(rawData))
+}
+
 func TestContextShouldBindWithYAML(t *testing.T) {
 	w := httptest.NewRecorder()
 	c, _ := CreateTestContext(w)
@ -2872,6 +2935,105 @@ func TestContextGetRawData(t *testing.T) {
 	assert.Equal(t, "Fetch binary post data", string(data))
 }

+func TestContextGetRequestBody(t *testing.T) {
+	// Test basic functionality
+	t.Run("basic functionality", func(t *testing.T) {
+		c, _ := CreateTestContext(httptest.NewRecorder())
+		bodyContent := "test request body data"
+		body := strings.NewReader(bodyContent)
+		c.Request, _ = http.NewRequest(http.MethodPost, "/", body)
+
+		data, err := c.GetRequestBody()
+		require.NoError(t, err)
+		assert.Equal(t, bodyContent, string(data))
+	})
+
+	// Test multiple calls return cached data
+	t.Run("multiple calls return cached data", func(t *testing.T) {
+		c, _ := CreateTestContext(httptest.NewRecorder())
+		bodyContent := "reusable request body"
+		body := strings.NewReader(bodyContent)
+		c.Request, _ = http.NewRequest(http.MethodPost, "/", body)
+
+		// First call
+		data1, err1 := c.GetRequestBody()
+		require.NoError(t, err1)
+		assert.Equal(t, bodyContent, string(data1))
+
+		// Second call should return cached data
+		data2, err2 := c.GetRequestBody()
+		require.NoError(t, err2)
+		assert.Equal(t, bodyContent, string(data2))
+
+		// Third call should also return cached data
+		data3, err3 := c.GetRequestBody()
+		require.NoError(t, err3)
+		assert.Equal(t, bodyContent, string(data3))
+
+		// All calls should return the same data
+		assert.Equal(t, data1, data2)
+		assert.Equal(t, data2, data3)
+	})
+
+	// Test nil body error
+	t.Run("nil body error", func(t *testing.T) {
+		c, _ := CreateTestContext(httptest.NewRecorder())
+		c.Request, _ = http.NewRequest(http.MethodPost, "/", nil)
+		c.Request.Body = nil
+
+		data, err := c.GetRequestBody()
+		assert.Error(t, err)
+		assert.Nil(t, data)
+		assert.Contains(t, err.Error(), "cannot read nil body")
+	})
+
+	// Test empty body
+	t.Run("empty body", func(t *testing.T) {
+		c, _ := CreateTestContext(httptest.NewRecorder())
+		body := strings.NewReader("")
+		c.Request, _ = http.NewRequest(http.MethodPost, "/", body)
+
+		data, err := c.GetRequestBody()
+		require.NoError(t, err)
+		assert.Equal(t, "", string(data))
+		assert.Equal(t, 0, len(data))
+	})
+
+	// Test large body
+	t.Run("large body", func(t *testing.T) {
+		c, _ := CreateTestContext(httptest.NewRecorder())
+		largeContent := strings.Repeat("large body content ", 1000)
+		body := strings.NewReader(largeContent)
+		c.Request, _ = http.NewRequest(http.MethodPost, "/", body)
+
+		data, err := c.GetRequestBody()
+		require.NoError(t, err)
+		assert.Equal(t, largeContent, string(data))
+		assert.Equal(t, len(largeContent), len(data))
+	})
+
+	// Test integration with ShouldBindBodyWith
+	t.Run("integration with ShouldBindBodyWith", func(t *testing.T) {
+		c, _ := CreateTestContext(httptest.NewRecorder())
+		jsonBody := `{"name":"test","value":123}`
+		body := strings.NewReader(jsonBody)
+		c.Request, _ = http.NewRequest(http.MethodPost, "/", body)
+		c.Request.Header.Set("Content-Type", "application/json")
+
+		// Get body first
+		bodyData, err := c.GetRequestBody()
+		require.NoError(t, err)
+		assert.Equal(t, jsonBody, string(bodyData))
+
+		// ShouldBindBodyWith should still work and reuse cached body
+		var jsonData map[string]interface{}
+		err = c.ShouldBindBodyWithJSON(&jsonData)
+		require.NoError(t, err)
+		assert.Equal(t, "test", jsonData["name"])
+		assert.Equal(t, float64(123), jsonData["value"])
+	})
+}
+
 func TestContextRenderDataFromReader(t *testing.T) {
 	w := httptest.NewRecorder()
 	c, _ := CreateTestContext(w)
@ -3212,7 +3374,7 @@ func TestContextCopyShouldNotCancel(t *testing.T) {
 	}()

 	addr := strings.Split(l.Addr().String(), ":")
-	res, err := http.Get(fmt.Sprintf("http://127.0.0.1:%s/", addr[len(addr)-1]))
+	res, err := http.Get(fmt.Sprintf("http://%s:%s/", localhostIP, addr[len(addr)-1]))
 	if err != nil {
 		t.Error(fmt.Errorf("request error: %w", err))
 		return
--- a/examples/get_request_body_example.go
+++ b/examples/get_request_body_example.go
@ -0,0 +1,86 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+func main() {
+	r := gin.Default()
+
+	// Example middleware that reads the request body
+	r.Use(func(c *gin.Context) {
+		// Get the request body - this can be called multiple times
+		body, err := c.GetRequestBody()
+		if err != nil {
+			c.AbortWithError(http.StatusBadRequest, err)
+			return
+		}
+
+		// Log the body length for demonstration
+		fmt.Printf("Middleware: Request body length: %d bytes\n", len(body))
+
+		// Store body in context for use by handlers
+		c.Set("rawBody", body)
+		c.Next()
+	})
+
+	// Handler that also reads the body
+	r.POST("/echo", func(c *gin.Context) {
+		// Get the body again - this will use the cached version
+		body, err := c.GetRequestBody()
+		if err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+			return
+		}
+
+		// Also get the body that was stored by middleware
+		storedBody, exists := c.Get("rawBody")
+		if !exists {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "body not found in context"})
+			return
+		}
+
+		// Both should be identical
+		if string(body) != string(storedBody.([]byte)) {
+			c.JSON(http.StatusInternalServerError, gin.H{"error": "bodies don't match"})
+			return
+		}
+
+		c.JSON(http.StatusOK, gin.H{
+			"message": "Body received and cached successfully",
+			"body":    string(body),
+			"length":  len(body),
+		})
+	})
+
+	// Handler that uses binding after GetRequestBody
+	r.POST("/bind-after-body", func(c *gin.Context) {
+		// First bind to a struct - this caches the body
+		var jsonData map[string]interface{}
+		if err := c.ShouldBindBodyWithJSON(&jsonData); err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+			return
+		}
+
+		// Then get the raw body - this will use the cached version
+		rawBody, err := c.GetRequestBody()
+		if err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+			return
+		}
+
+		c.JSON(http.StatusOK, gin.H{
+			"raw_body": string(rawBody),
+			"parsed_data": jsonData,
+		})
+	})
+
+	fmt.Println("Server starting on :9090")
+	fmt.Println("Try: curl -X POST -d 'hello world' http://localhost:9090/echo")
+	fmt.Println("Or: curl -X POST -H 'Content-Type: application/json' -d '{\"name\":\"test\"}' http://localhost:9090/bind-after-body")
+
+	r.Run(":9090")
+}
--- a/gin_integration_test.go
+++ b/gin_integration_test.go
@ -16,6 +16,7 @@ import (
 	"os"
 	"path/filepath"
 	"runtime"
+	"strconv"
 	"strings"
 	"sync"
 	"testing"
@ -64,7 +65,16 @@ func testRequest(t *testing.T, params ...string) {
 }

 func TestRunEmpty(t *testing.T) {
-	os.Setenv("PORT", "")
+	addr, err := net.ResolveTCPAddr("tcp", "localhost:0")
+	require.NoError(t, err)
+	l, err := net.ListenTCP("tcp", addr)
+	require.NoError(t, err)
+	port := strconv.Itoa(l.Addr().(*net.TCPAddr).Port)
+	l.Close()
+
+	os.Setenv("PORT", port)
+	defer os.Unsetenv("PORT")
+
 	router := New()
 	go func() {
 		router.GET("/example", func(c *Context) { c.String(http.StatusOK, "it worked") })
@ -75,8 +85,8 @@ func TestRunEmpty(t *testing.T) {
 	err := waitForServerReady("http://localhost:8080/example", 10)
 	require.NoError(t, err, "server should start successfully")

-	require.Error(t, router.Run(":8080"))
-	testRequest(t, "http://localhost:8080/example")
+	require.Error(t, router.Run(":"+port))
+	testRequest(t, "http://localhost:"+port+"/example")
 }

 func TestBadTrustedCIDRs(t *testing.T) {
--- a/gin_test.go
+++ b/gin_test.go
@ -83,7 +83,7 @@ func TestLoadHTMLGlobDebugMode(t *testing.T) {
 }

 func TestH2c(t *testing.T) {
-	ln, err := net.Listen("tcp", "127.0.0.1:0")
+	ln, err := net.Listen("tcp", localhostIP+":0")
 	if err != nil {
 		t.Error(err)
 	}
--- a/recovery.go
+++ b/recovery.go
@ -12,12 +12,12 @@ import (
 	"fmt"
 	"io"
 	"log"
-	"net"
 	"net/http"
 	"net/http/httputil"
 	"os"
 	"runtime"
 	"strings"
+	"syscall"
 	"time"

 	"github.com/gin-gonic/gin/internal/bytesconv"
@ -57,40 +57,33 @@ func CustomRecoveryWithWriter(out io.Writer, handle RecoveryFunc) HandlerFunc {
 	}
 	return func(c *Context) {
 		defer func() {
-			if err := recover(); err != nil {
+			if rec := recover(); rec != nil {
 				// Check for a broken connection, as it is not really a
 				// condition that warrants a panic stack trace.
-				var brokenPipe bool
-				if ne, ok := err.(*net.OpError); ok {
-					var se *os.SyscallError
-					if errors.As(ne, &se) {
-						seStr := strings.ToLower(se.Error())
-						if strings.Contains(seStr, "broken pipe") ||
-							strings.Contains(seStr, "connection reset by peer") {
-							brokenPipe = true
-						}
-					}
-				}
-				if e, ok := err.(error); ok && errors.Is(e, http.ErrAbortHandler) {
-					brokenPipe = true
+				var isBrokenPipe bool
+				err, ok := rec.(error)
+				if ok {
+					isBrokenPipe = errors.Is(err, syscall.EPIPE) ||
+						errors.Is(err, syscall.ECONNRESET) ||
+						errors.Is(err, http.ErrAbortHandler)
 				}
 				if logger != nil {
-					if brokenPipe {
-						logger.Printf("%s\n%s%s", err, secureRequestDump(c.Request), reset)
+					if isBrokenPipe {
+						logger.Printf("%s\n%s%s", rec, secureRequestDump(c.Request), reset)
 					} else if IsDebugging() {
 						logger.Printf("[Recovery] %s panic recovered:\n%s\n%s\n%s%s",
-							timeFormat(time.Now()), secureRequestDump(c.Request), err, stack(stackSkip), reset)
+							timeFormat(time.Now()), secureRequestDump(c.Request), rec, stack(stackSkip), reset)
 					} else {
 						logger.Printf("[Recovery] %s panic recovered:\n%s\n%s%s",
-							timeFormat(time.Now()), err, stack(stackSkip), reset)
+							timeFormat(time.Now()), rec, stack(stackSkip), reset)
 					}
 				}
-				if brokenPipe {
+				if isBrokenPipe {
 					// If the connection is dead, we can't write a status to it.
-					c.Error(err.(error)) //nolint: errcheck
+					c.Error(err) //nolint: errcheck
 					c.Abort()
 				} else {
-					handle(c, err)
+					handle(c, rec)
 				}
 			}
 		}()
--- a/recovery_test.go
+++ b/recovery_test.go
@ -98,13 +98,13 @@ func TestFunction(t *testing.T) {
 func TestPanicWithBrokenPipe(t *testing.T) {
 	const expectCode = 204

-	expectMsgs := map[syscall.Errno]string{
-		syscall.EPIPE:      "broken pipe",
-		syscall.ECONNRESET: "connection reset by peer",
+	expectErrnos := []syscall.Errno{
+		syscall.EPIPE,
+		syscall.ECONNRESET,
 	}

-	for errno, expectMsg := range expectMsgs {
-		t.Run(expectMsg, func(t *testing.T) {
+	for _, errno := range expectErrnos {
+		t.Run("Recovery from "+errno.Error(), func(t *testing.T) {
 			var buf strings.Builder

 			router := New()
@ -122,7 +122,8 @@ func TestPanicWithBrokenPipe(t *testing.T) {
 			w := PerformRequest(router, http.MethodGet, "/recovery")
 			// TEST
 			assert.Equal(t, expectCode, w.Code)
-			assert.Contains(t, strings.ToLower(buf.String()), expectMsg)
+			assert.Contains(t, strings.ToLower(buf.String()), errno.Error())
+			assert.NotContains(t, strings.ToLower(buf.String()), "[Recovery]")
 		})
 	}
 }
--- a/response_writer.go
+++ b/response_writer.go
@ -128,7 +128,9 @@ func (w *responseWriter) CloseNotify() <-chan bool {
 // Flush implements the http.Flusher interface.
 func (w *responseWriter) Flush() {
 	w.WriteHeaderNow()
-	w.ResponseWriter.(http.Flusher).Flush()
+	if f, ok := w.ResponseWriter.(http.Flusher); ok {
+		f.Flush()
+	}
 }

 func (w *responseWriter) Pusher() (pusher http.Pusher) {
--- a/utils.go
+++ b/utils.go
@ -19,6 +19,12 @@ import (
 // BindKey indicates a default bind key.
 const BindKey = "_gin-gonic/gin/bindkey"

+// localhostIP indicates the default localhost IP address.
+const localhostIP = "127.0.0.1"
+
+// localhostIPv6 indicates the default localhost IPv6 address.
+const localhostIPv6 = "::1"
+
 // Bind is a helper function for given interface object and returns a Gin middleware.
 func Bind(val any) HandlerFunc {
 	value := reflect.ValueOf(val)
Author	SHA1	Message	Date
ljluestc	95f32b908d	Merge 4c81c2a933738dc74934576edc3173eaa688c769 into b2b489dbf4826c2c630717a77fd5e42774625410	2026-01-18 17:57:57 -08:00
WeidiDeng	b2b489dbf4	chore(context): always trust xff headers from unix socket (#3359 ) Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>	2026-01-18 12:56:22 +08:00
OHZEKI Naoki	3ab698dc51	refactor(recovery): smart error comparison (#4142 ) * refactor(recovery): rename var in CustomRecoveryWithWriter * refactor(recovery): smart error comparison * test(recovery): Directly reference the syscall error string	2026-01-17 16:40:43 +08:00
Nurysso	9914178584	fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472 ) * Fix ClientIP calculation by concatenating all RemoteIPHeaders values * test: used http.MethodGet instead constants and fix lints * lint error fixed * Refactor ClientIP X-Forwarded-For tests --------- Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>	2026-01-02 10:15:27 +08:00
Paulo Henrique	915e4c90d2	refactor(context): replace hardcoded localhost IPs with constants (#4481 )	2025-12-27 19:25:17 +08:00
Twacqwq	26c3a62865	chore(response): prevent Flush() panic when `http.Flusher` (#4479 )	2025-12-24 18:35:20 +08:00
dependabot[bot]	22c274c84b	chore(deps): bump actions/cache from 4 to 5 in the actions group (#4469 ) Bumps the actions group with 1 update: [actions/cache](https://github.com/actions/cache). Updates `actions/cache` from 4 to 5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-24 18:33:46 +08:00
ljluestc	4c81c2a933	fix tests	2025-11-29 14:45:35 -08:00
ljluestc	f6e887d460	docs: remove GetRequestBody documentation changes	2025-11-29 14:28:12 -08:00
ljluestc	b296dbea8b	fix context	2025-11-29 14:04:30 -08:00
ljluestc	51137fbe43	docs: add GetRequestBody() method documentation - Add 'Get Request Body' section to docs/doc.md - Include usage examples and curl test commands - Document the new API for reusable request body access	2025-11-25 14:08:01 -08:00
ljluestc	9e193dc13c	feat: add GetRequestBody() method for reusable request body access - Add Context.GetRequestBody() method that caches request body bytes - Allows multiple reads of request body without consumption - Integrates with existing ShouldBindBodyWith* caching mechanism - Includes comprehensive tests and usage examples - Addresses issue #1974: Wrap Request.Body for reuse by Gin, middlewares and app code	2025-11-25 13:56:26 -08:00