A default of true is risky when protecting assets by matching base path.
It's not obvious that protecting /foo/ will allow /Foo/ through, and if
accessing static files on a case-insensitive file system... that's no
good. So the default is now to be case-INsensitive when matching paths.
When two Caddyfiles with the same name, but different paths, are
imported, it can cause a weird bug because isNewLine() returned false
when it should return true, since the files are actually different,
but it couldn't know that because only the base name was stored,
not the whole path.
This change eliminates the `[ERROR] Could not write pidfile: open /var/run/caddy.pid: permission denied` from caddy.log.
The start-stop-daemon writes the file as root so the DAEMONUSER that caddy runs as cannot write to the .pid file.
* Proxy can now use QUIC for upstream connections
Add HandshakeTimeout, change h2quic syntax
* Add setup and upstream test
Test QUIC proxy with actual h2quic instance
Use different port fo QUIC test server
Add quic host to CI config
Added testdata to vendor
Revert "Added testdata to vendor"
This reverts commit 959512282deed8623168d090e5ca5e5a7933019c.
* Use local testdata
Renewed certificates would not be reloaded into the cache because their
names conflict with names of certificates already in the cache; this
was intentional when loading new certs to avoid confusion, but is
problematic when renewing, since the old certificate doesn't get
evicted from the cache. (Oops.)
Here, I remedy this situation by explicitly deleting the old cert from
the cache before adding the renewed one back in.
(See EULA.) Personally-licensed official Caddy builds cannot remove
this header by configuration. The commercially-licensed builds of Caddy
don't have this header.
* Allow pushing multiple resources via Link header
* Add nopush test case
* Extract Link header parsing to separate function
* Parser regexp-free
* Remove dead code, thx gometalinter
* Redundant condition - won't happen
* Reduce duplication
