Add PrefixStrippingProvider interface and implement it in all providers
(EmbedFSProvider, LocalFSProvider, ZipFSProvider) to support serving
files from subdirectories at the root level.
Adds WithStripPrefix method to allow serving files from subdirectories
at the root path. For example, files at /dist/assets can be made
accessible via /assets by calling WithStripPrefix("/dist").
- Add ServersConfig and ServerInstanceConfig structs
- Support configuring multiple named server instances
- Add global timeout defaults with per-instance overrides
- Add TLS configuration options (SSL cert/key, self-signed, AutoTLS)
- Add validation for server configurations
- Add helper methods for applying defaults and getting default server
- Add conversion helper to avoid import cycles
- Fixed IN clause to conditionally quote only string values (not numeric)
- Fixed LIKE pattern sanitization to preserve wildcards while preventing injection
- Improved dangerous pattern removal with case-insensitive regex while preserving case
- All funcspec tests now pass (except pre-existing TestReplaceMetaVariables)
Co-authored-by: warkanum <208308+warkanum@users.noreply.github.com>
- Sanitize colval immediately after extraction in match= filter
- Fixed empty/zero value handling to use proper SQL literals (0 vs '')
- Applied proper quoting for string vs numeric comparisons
- Fixed x-fieldfilter handlers for proper value handling
Co-authored-by: warkanum <208308+warkanum@users.noreply.github.com>
- Added sanitization for path parameters in mergePathParams
- Added sanitization for query parameters with p- prefix in mergeQueryParams
- Added sanitization for header parameters in mergeHeaderParams
- Fixed IN clause to sanitize all values individually
- Improved ValidSQL function with better escaping and more injection patterns
- Added backslash escaping to colvalue mode
- Extended dangerous keyword list in select mode
Co-authored-by: warkanum <208308+warkanum@users.noreply.github.com>
- Added comments explaining why X-No-Data-Found is set before normalization
- Header reflects database query result, not final response format
- Clarifies that normalizeResultArray doesn't affect header logic
- All tests passing
Co-authored-by: warkanum <208308+warkanum@users.noreply.github.com>
- Changed test to use shouldBeEmptyArr flag instead of hardcoded name comparison
- Makes test more maintainable and less fragile
- All tests still passing
Co-authored-by: warkanum <208308+warkanum@users.noreply.github.com>
- Simplified data length calculation logic in sendFormattedResponse
- Simplified data length calculation logic in sendResponseWithOptions
- Calculate dataLen after nil conversion for clarity and consistency
- All tests still passing
Co-authored-by: warkanum <208308+warkanum@users.noreply.github.com>
- Modified handleRead to always return empty array [] instead of null when no ID provided
- Added X-No-Data-Found header when result count is 0
- Updated normalizeResultArray to keep empty arrays as arrays instead of converting to empty objects
- Updated sendFormattedResponse and sendResponseWithOptions to handle empty data properly
- All responses now return 200 OK instead of 206 Partial Content when no data found
- Added comprehensive tests to verify the fix
Co-authored-by: warkanum <208308+warkanum@users.noreply.github.com>
