chore(deps): upgrade dependencies in submodules

- Updated the Hijack method in LazyResponseModifier and ResponseModifier to return a wrapped error for unsupported hijacking.
- Added a nil check in LazyResponseModifier's Unwrap method to ensure safe access to the underlying ResponseWriter.

Dockerfile

@@ -1,5 +1,5 @@
 # Stage 1: deps
-FROM golang:1.25.4-alpine AS deps
+FROM golang:1.25.5-alpine AS deps
 HEALTHCHECK NONE
 
 # package version does not matter
@@ -19,7 +19,9 @@ COPY go.mod go.sum ./
 # remove godoxy stuff from go.mod first
 RUN --mount=type=cache,target=/root/.cache/go-build \
   --mount=type=cache,target=/root/go/pkg/mod \
-  sed -i '/^module github\.com\/yusing\/godoxy/!{/github\.com\/yusing\/godoxy/d}' go.mod && go mod download -x
+  sed -i '/^module github\.com\/yusing\/godoxy/!{/github\.com\/yusing\/godoxy/d}' go.mod && \
+  sed -i '/^module github\.com\/yusing\/goutils/!{/github\.com\/yusing\/goutils/d}' go.mod && \
+  go mod download -x
 
 # Stage 2: builder
 FROM deps AS builder

Makefile

@@ -80,6 +80,7 @@ test:
 docker-build-test:
 	docker build -t godoxy .
 	docker build --build-arg=MAKE_ARGS=agent=1 -t godoxy-agent .
+	docker build --build-arg=MAKE_ARGS=socket-proxy=1 -t godoxy-socket-proxy .
 
 go_ver := $(shell go version | cut -d' ' -f3 | cut -d'o' -f2)
 files := $(shell find . -name go.mod -type f -or -name Dockerfile -type f)
@@ -110,7 +111,7 @@ mod-tidy:
 
 build:
 	mkdir -p $(shell dirname ${BIN_PATH})
-	cd ${PWD} && go build ${BUILD_FLAGS} -o ${BIN_PATH} ./cmd
+	go build -C ${PWD} ${BUILD_FLAGS} -o ${BIN_PATH} ./cmd
 	${POST_BUILD}
 
 run:

agent/go.mod

@@ -1,14 +1,16 @@
 module github.com/yusing/godoxy/agent
 
-go 1.25.4
+go 1.25.5
 
-replace github.com/yusing/godoxy => ..
-
-replace github.com/yusing/godoxy/socketproxy => ../socket-proxy
-
-replace github.com/shirou/gopsutil/v4 => ../internal/gopsutil
-
-replace github.com/yusing/goutils => ../goutils
+replace (
+	github.com/shirou/gopsutil/v4 => ../internal/gopsutil
+	github.com/yusing/godoxy => ../
+	github.com/yusing/godoxy/socketproxy => ../socket-proxy
+	github.com/yusing/goutils => ../goutils
+	github.com/yusing/goutils/http/reverseproxy => ../goutils/http/reverseproxy
+	github.com/yusing/goutils/http/websocket => ../goutils/http/websocket
+	github.com/yusing/goutils/server => ../goutils/server
+)
 
 exclude github.com/containerd/nerdctl/mod/tigron v0.0.0
 
@@ -23,6 +25,8 @@ require (
 	github.com/yusing/godoxy v0.20.10
 	github.com/yusing/godoxy/socketproxy v0.0.0-00010101000000-000000000000
 	github.com/yusing/goutils v0.7.0
+	github.com/yusing/goutils/http/reverseproxy v0.0.0-00010101000000-000000000000
+	github.com/yusing/goutils/server v0.0.0-20250927113415-dd977d2edaeb
 )
 
 require (
@@ -30,6 +34,7 @@ require (
 	github.com/PuerkitoBio/goquery v1.11.0 // indirect
 	github.com/andybalholm/brotli v1.2.0 // indirect
 	github.com/andybalholm/cascadia v1.3.3 // indirect
+	github.com/buger/goterm v1.0.4 // indirect
 	github.com/bytedance/gopkg v0.1.3 // indirect
 	github.com/bytedance/sonic/loader v0.4.0 // indirect
 	github.com/cenkalti/backoff/v5 v5.0.3 // indirect
@@ -37,7 +42,9 @@ require (
 	github.com/containerd/errdefs v1.0.0 // indirect
 	github.com/containerd/errdefs/pkg v0.3.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/diskfs/go-diskfs v1.7.0 // indirect
 	github.com/distribution/reference v0.6.0 // indirect
+	github.com/djherbis/times v1.6.0 // indirect
 	github.com/docker/cli v29.1.2+incompatible // indirect
 	github.com/docker/go-connections v0.6.0 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
@@ -45,24 +52,31 @@ require (
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.11 // indirect
 	github.com/gin-contrib/sse v1.1.0 // indirect
+	github.com/go-acme/lego/v4 v4.29.0 // indirect
+	github.com/go-jose/go-jose/v4 v4.1.3 // indirect
 	github.com/go-logr/logr v1.4.3 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-ole/go-ole v1.3.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.28.0 // indirect
+	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/goccy/go-yaml v1.19.0 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/gotify/server/v2 v2.7.3 // indirect
+	github.com/jinzhu/copier v0.4.0 // indirect
 	github.com/json-iterator/go v1.1.13-0.20220915233716-71ac16282d12 // indirect
 	github.com/klauspost/compress v1.18.2 // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/lithammer/fuzzysearch v1.1.8 // indirect
 	github.com/lufia/plan9stats v0.0.0-20251013123823-9fd1530e3ec3 // indirect
+	github.com/luthermonson/go-proxmox v0.2.3 // indirect
+	github.com/magefile/mage v1.15.0 // indirect
 	github.com/mattn/go-colorable v0.1.14 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/miekg/dns v1.1.68 // indirect
 	github.com/moby/docker-image-spec v1.3.1 // indirect
 	github.com/moby/moby/api v1.52.0 // indirect
 	github.com/moby/moby/client v0.2.1 // indirect
@@ -70,6 +84,7 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.1.1 // indirect
+	github.com/oschwald/maxminddb-golang v1.13.1 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
 	github.com/pires/go-proxyproto v0.8.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
@@ -81,6 +96,7 @@ require (
 	github.com/samber/slog-zerolog/v2 v2.9.0 // indirect
 	github.com/shirou/gopsutil/v4 v4.25.11 // indirect
 	github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af // indirect
+	github.com/spf13/afero v1.15.0 // indirect
 	github.com/tklauser/go-sysconf v0.3.16 // indirect
 	github.com/tklauser/numcpus v0.11.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
@@ -89,6 +105,7 @@ require (
 	github.com/vincent-petithory/dataurl v1.0.0 // indirect
 	github.com/yusing/ds v0.3.1 // indirect
 	github.com/yusing/gointernals v0.1.16 // indirect
+	github.com/yusing/goutils/http/websocket v0.0.0-00010101000000-000000000000 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 // indirect
@@ -97,9 +114,13 @@ require (
 	go.opentelemetry.io/otel/trace v1.38.0 // indirect
 	golang.org/x/arch v0.23.0 // indirect
 	golang.org/x/crypto v0.45.0 // indirect
+	golang.org/x/mod v0.30.0 // indirect
 	golang.org/x/net v0.47.0 // indirect
+	golang.org/x/sync v0.18.0 // indirect
 	golang.org/x/sys v0.38.0 // indirect
 	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/time v0.14.0 // indirect
+	golang.org/x/tools v0.39.0 // indirect
 	google.golang.org/protobuf v1.36.10 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

agent/go.sum

@@ -2,6 +2,8 @@ github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERo
 github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
 github.com/PuerkitoBio/goquery v1.11.0 h1:jZ7pwMQXIITcUXNH83LLk+txlaEy6NVOfTuP43xxfqw=
 github.com/PuerkitoBio/goquery v1.11.0/go.mod h1:wQHgxUOU3JGuj3oD/QFfxUdlzW6xPHfqyHre6VMY4DQ=
+github.com/anchore/go-lzo v0.1.0 h1:NgAacnzqPeGH49Ky19QKLBZEuFRqtTG9cdaucc3Vncs=
+github.com/anchore/go-lzo v0.1.0/go.mod h1:3kLx0bve2oN1iDwgM1U5zGku1Tfbdb0No5qp1eL1fIk=
 github.com/andybalholm/brotli v1.2.0 h1:ukwgCxwYrmACq68yiUqwIWnGY0cTPox/M94sVwToPjQ=
 github.com/andybalholm/brotli v1.2.0/go.mod h1:rzTDkvFWvIrjDXZHkuS16NPggd91W3kUSvPlQ1pLaKY=
 github.com/andybalholm/cascadia v1.3.3 h1:AG2YHrzJIm4BZ19iwJ/DAua6Btl3IwJX+VI4kktS1LM=
@@ -43,6 +45,8 @@ github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4
 github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
 github.com/ebitengine/purego v0.9.1 h1:a/k2f2HQU3Pi399RPW1MOaZyhKJL9w/xFpKAg4q1s0A=
 github.com/ebitengine/purego v0.9.1/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
+github.com/elliotwutingfeng/asciiset v0.0.0-20230602022725-51bbb787efab h1:h1UgjJdAAhj+uPL68n7XASS6bU+07ZX1WJvVS2eyoeY=
+github.com/elliotwutingfeng/asciiset v0.0.0-20230602022725-51bbb787efab/go.mod h1:GLo/8fDswSAniFG+BFIaiSPcK610jyzgEhWYPQwuQdw=
 github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
 github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
@@ -73,6 +77,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.28.0 h1:Q7ibns33JjyW48gHkuFT91qX48KG0ktULL6FgHdG688=
 github.com/go-playground/validator/v10 v10.28.0/go.mod h1:GoI6I1SjPBh9p7ykNE/yj3fFYbyDOpwMn5KXd+m2hUU=
+github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM=
+github.com/go-test/deep v1.0.8/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
 github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
 github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
 github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
@@ -94,6 +100,10 @@ github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aN
 github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gotify/server/v2 v2.7.3 h1:nro/ZnxdlZFvxFcw9LREGA8zdk6CK744azwhuhX/A4g=
 github.com/gotify/server/v2 v2.7.3/go.mod h1:VAtE1RIc/2j886PYs9WPQbMjqbFsoyQ0G8IdFtnAxU0=
+github.com/h2non/gock v1.2.0 h1:K6ol8rfrRkUOefooBC8elXoaNGYkpp7y2qcxGG6BzUE=
+github.com/h2non/gock v1.2.0/go.mod h1:tNhoxHYW2W42cYkYb1WqzdbYIieALC99kpYr7rH/BQk=
+github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw=
+github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI=
 github.com/jinzhu/copier v0.4.0 h1:w3ciUoD19shMCRargcpm0cm91ytaBhDvuRpz1ODO/U8=
 github.com/jinzhu/copier v0.4.0/go.mod h1:DfbEm0FYsaqBcKcFuvmOZb218JkPGtvSHsKg8S8hyyg=
 github.com/json-iterator/go v1.1.13-0.20220915233716-71ac16282d12 h1:9Nu54bhS/H/Kgo2/7xNSUuC5G28VR8ljfrLKU2G4IjU=
@@ -144,9 +154,13 @@ github.com/oschwald/maxminddb-golang v1.13.1 h1:G3wwjdN9JmIK2o/ermkHM+98oX5fS+k5
 github.com/oschwald/maxminddb-golang v1.13.1/go.mod h1:K4pgV9N/GcK694KSTmVSDTODk4IsCNThNdTmnaBZ/F8=
 github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
 github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
+github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ=
+github.com/pierrec/lz4/v4 v4.1.21/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
 github.com/pires/go-proxyproto v0.8.1 h1:9KEixbdJfhrbtjpz/ZwCdWDD2Xem0NZ38qMYaASJgp0=
 github.com/pires/go-proxyproto v0.8.1/go.mod h1:ZKAAyp3cgy5Y5Mo4n9AlScrkCZwUy0g3Jf+slqQVcuU=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/xattr v0.4.9 h1:5883YPCtkSd8LFbs13nXplj9g9tlrwoJRjgpgMu1/fE=
+github.com/pkg/xattr v0.4.9/go.mod h1:di8WF84zAKk8jzR1UBTEWh9AUlIZZ7M/JNt8e9B6ktU=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@@ -192,6 +206,8 @@ github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.3.1 h1:waO7eEiFDwidsBN6agj1vJQ4AG7lh2yqXyOXqhgQuyY=
 github.com/ugorji/go/codec v1.3.1/go.mod h1:pRBVtBSKl77K30Bv8R2P+cLSGaTtex6fsA2Wjqmfxj4=
+github.com/ulikunitz/xz v0.5.15 h1:9DNdB5s+SgV3bQ2ApL10xRc35ck0DuIX/isZvIk+ubY=
+github.com/ulikunitz/xz v0.5.15/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasthttp v1.68.0 h1:v12Nx16iepr8r9ySOwqI+5RBJ/DqTxhOy1HrHoDFnok=
@@ -223,8 +239,8 @@ go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJr
 go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
-go.uber.org/mock v0.6.0 h1:hyF9dfmbgIX5EfOdasqLsWD6xqpNZlXblLB/Dbnwv3Y=
-go.uber.org/mock v0.6.0/go.mod h1:KiVJ4BqZJaMj4svdfmHM0AUx4NJYO8ZNpPnZn1Z+BBU=
+go.uber.org/mock v0.5.2 h1:LbtPTcP8A5k9WPXj54PPPbjcI4Y6lhyOZXn+VS7wNko=
+go.uber.org/mock v0.5.2/go.mod h1:wLlUxC2vVTPTaE3UD51E0BGOAElKrILxhVSDYQLld5o=
 golang.org/x/arch v0.23.0 h1:lKF64A2jF6Zd8L0knGltUnegD62JMFBiCPBmQpToHhg=
 golang.org/x/arch v0.23.0/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -268,8 +284,10 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210331175145-43e1dd70ce54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

agent/pkg/handler/check_health.go

@@ -1,6 +1,7 @@
 package handler
 
 import (
+	"context"
 	"fmt"
 	"net/http"
 	"net/url"
@@ -12,8 +13,6 @@ import (
 	"github.com/yusing/godoxy/internal/watcher/health/monitor"
 )
 
-var defaultHealthConfig = types.DefaultHealthConfig()
-
 func CheckHealth(w http.ResponseWriter, r *http.Request) {
 	query := r.URL.Query()
 	scheme := query.Get("scheme")
@@ -49,7 +48,7 @@ func CheckHealth(w http.ResponseWriter, r *http.Request) {
 			Scheme: scheme,
 			Host:   host,
 			Path:   path,
-		}, defaultHealthConfig).CheckHealth()
+		}, healthCheckConfigFromRequest(r)).CheckHealth()
 	case "tcp", "udp":
 		host := query.Get("host")
 		if host == "" {
@@ -68,7 +67,7 @@ func CheckHealth(w http.ResponseWriter, r *http.Request) {
 		result, err = monitor.NewRawHealthMonitor(&url.URL{
 			Scheme: scheme,
 			Host:   host,
-		}, defaultHealthConfig).CheckHealth()
+		}, healthCheckConfigFromRequest(r)).CheckHealth()
 	}
 
 	if err != nil {
@@ -80,3 +79,13 @@ func CheckHealth(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 	sonic.ConfigDefault.NewEncoder(w).Encode(result)
 }
+
+func healthCheckConfigFromRequest(r *http.Request) types.HealthCheckConfig {
+	// we only need timeout and base context because it's one shot request
+	return types.HealthCheckConfig{
+		Timeout: types.HealthCheckTimeoutDefault,
+		BaseContext: func() context.Context {
+			return r.Context()
+		},
+	}
+}

cmd/main.go

@@ -16,6 +16,7 @@ import (
 	"github.com/yusing/godoxy/internal/metrics/systeminfo"
 	"github.com/yusing/godoxy/internal/metrics/uptime"
 	"github.com/yusing/godoxy/internal/net/gphttp/middleware"
+	"github.com/yusing/godoxy/internal/route/rules"
 	gperr "github.com/yusing/goutils/errs"
 	"github.com/yusing/goutils/server"
 	"github.com/yusing/goutils/task"
@@ -58,9 +59,12 @@ func main() {
 	}
 
 	config.StartProxyServers()
+
 	if err := auth.Initialize(); err != nil {
 		log.Fatal().Err(err).Msg("failed to initialize authentication")
 	}
+	rules.InitAuthHandler(auth.AuthOrProceed)
+
 	// API Handler needs to start after auth is initialized.
 	server.StartServer(task.RootTask("api_server", false), server.Options{
 		Name:     "api",

config.example.yml

@@ -88,6 +88,12 @@ entrypoint:
   #     - name: default
   #       do: proxy http://other-proxy:8080
 
+defaults:
+  healthcheck:
+    interval: 5s
+    timeout: 15s
+    retries: 3
+
 providers:
   # include files are standalone yaml files under `config/` directory
   #

go.mod

@@ -1,16 +1,17 @@
 module github.com/yusing/godoxy
 
-go 1.25.4
+go 1.25.5
 
-replace github.com/yusing/godoxy/agent => ./agent
-
-replace github.com/yusing/godoxy/internal/dnsproviders => ./internal/dnsproviders
-
-replace github.com/coreos/go-oidc/v3 => ./internal/go-oidc
-
-replace github.com/shirou/gopsutil/v4 => ./internal/gopsutil
-
-replace github.com/yusing/goutils => ./goutils
+replace (
+	github.com/coreos/go-oidc/v3 => ./internal/go-oidc
+	github.com/shirou/gopsutil/v4 => ./internal/gopsutil
+	github.com/yusing/godoxy/agent => ./agent
+	github.com/yusing/godoxy/internal/dnsproviders => ./internal/dnsproviders
+	github.com/yusing/goutils => ./goutils
+	github.com/yusing/goutils/http/reverseproxy => ./goutils/http/reverseproxy
+	github.com/yusing/goutils/http/websocket => ./goutils/http/websocket
+	github.com/yusing/goutils/server => ./goutils/server
+)
 
 require (
 	github.com/PuerkitoBio/goquery v1.11.0 // parsing HTML for extract fav icon
@@ -50,10 +51,13 @@ require (
 	github.com/stretchr/testify v1.11.1 // testing framework
 	github.com/valyala/fasthttp v1.68.0 // fast http for health check
 	github.com/yusing/ds v0.3.1 // data structures and algorithms
-	github.com/yusing/godoxy/agent v0.0.0-20251123034604-fac3d67a5116
-	github.com/yusing/godoxy/internal/dnsproviders v0.0.0-20251123034604-fac3d67a5116
+	github.com/yusing/godoxy/agent v0.0.0-20251204100826-e3fe126a5c12
+	github.com/yusing/godoxy/internal/dnsproviders v0.0.0-20251204100826-e3fe126a5c12
 	github.com/yusing/gointernals v0.1.16
 	github.com/yusing/goutils v0.7.0
+	github.com/yusing/goutils/http/reverseproxy v0.0.0-00010101000000-000000000000
+	github.com/yusing/goutils/http/websocket v0.0.0-00010101000000-000000000000
+	github.com/yusing/goutils/server v0.0.0-20250927113415-dd977d2edaeb
 )
 
 require (

go.sum

@@ -334,8 +334,8 @@ go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJr
 go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs=
 go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
 go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
-go.uber.org/mock v0.6.0 h1:hyF9dfmbgIX5EfOdasqLsWD6xqpNZlXblLB/Dbnwv3Y=
-go.uber.org/mock v0.6.0/go.mod h1:KiVJ4BqZJaMj4svdfmHM0AUx4NJYO8ZNpPnZn1Z+BBU=
+go.uber.org/mock v0.5.2 h1:LbtPTcP8A5k9WPXj54PPPbjcI4Y6lhyOZXn+VS7wNko=
+go.uber.org/mock v0.5.2/go.mod h1:wLlUxC2vVTPTaE3UD51E0BGOAElKrILxhVSDYQLld5o=
 go.uber.org/ratelimit v0.3.1 h1:K4qVE+byfv/B3tC+4nYWP7v/6SimcO7HzHekoMNBma0=
 go.uber.org/ratelimit v0.3.1/go.mod h1:6euWsTB6U/Nb3X++xEUXA8ciPJvr19Q/0h1+oDcJhRk=
 golang.org/x/arch v0.23.0 h1:lKF64A2jF6Zd8L0knGltUnegD62JMFBiCPBmQpToHhg=

internal/api/v1/route/playground.go

@@ -12,6 +12,7 @@ import (
 	"github.com/yusing/godoxy/internal/route/rules"
 	apitypes "github.com/yusing/goutils/apitypes"
 	gperr "github.com/yusing/goutils/errs"
+	httputils "github.com/yusing/goutils/http"
 )
 
 type RawRule struct {
@@ -348,7 +349,7 @@ func checkMatchedRules(rulesList rules.Rules, w http.ResponseWriter, r *http.Req
 	var matched []string
 
 	// Create a ResponseModifier to properly check rules
-	rm := rules.NewResponseModifier(w)
+	rm := httputils.NewResponseModifier(w)
 
 	for _, rule := range rulesList {
 		// Check if rule matches

internal/autocert/config.go

@@ -16,16 +16,17 @@ import (
 	"github.com/rs/zerolog/log"
 	"github.com/yusing/godoxy/internal/common"
 	gperr "github.com/yusing/goutils/errs"
+	strutils "github.com/yusing/goutils/strings"
 )
 
 type Config struct {
-	Email       string         `json:"email,omitempty"`
-	Domains     []string       `json:"domains,omitempty"`
-	CertPath    string         `json:"cert_path,omitempty"`
-	KeyPath     string         `json:"key_path,omitempty"`
-	ACMEKeyPath string         `json:"acme_key_path,omitempty"`
-	Provider    string         `json:"provider,omitempty"`
-	Options     map[string]any `json:"options,omitempty"`
+	Email       string                       `json:"email,omitempty"`
+	Domains     []string                     `json:"domains,omitempty"`
+	CertPath    string                       `json:"cert_path,omitempty"`
+	KeyPath     string                       `json:"key_path,omitempty"`
+	ACMEKeyPath string                       `json:"acme_key_path,omitempty"`
+	Provider    string                       `json:"provider,omitempty"`
+	Options     map[string]strutils.Redacted `json:"options,omitempty"`
 
 	Resolvers []string `json:"resolvers,omitempty"`
 

internal/autocert/providers.go

@@ -4,9 +4,10 @@ import (
 	"github.com/go-acme/lego/v4/challenge"
 	"github.com/yusing/godoxy/internal/serialization"
 	gperr "github.com/yusing/goutils/errs"
+	strutils "github.com/yusing/goutils/strings"
 )
 
-type Generator func(map[string]any) (challenge.Provider, gperr.Error)
+type Generator func(map[string]strutils.Redacted) (challenge.Provider, gperr.Error)
 
 var Providers = make(map[string]Generator)
 
@@ -14,10 +15,10 @@ func DNSProvider[CT any, PT challenge.Provider](
 	defaultCfg func() *CT,
 	newProvider func(*CT) (PT, error),
 ) Generator {
-	return func(opt map[string]any) (challenge.Provider, gperr.Error) {
+	return func(opt map[string]strutils.Redacted) (challenge.Provider, gperr.Error) {
 		cfg := defaultCfg()
 		if len(opt) > 0 {
-			err := serialization.MapUnmarshalValidate(opt, &cfg)
+			err := serialization.MapUnmarshalValidate(serialization.ToSerializedObject(opt), &cfg)
 			if err != nil {
 				return nil, err
 			}

internal/dnsproviders/go.mod

@@ -1,12 +1,12 @@
 module github.com/yusing/godoxy/internal/dnsproviders
 
-go 1.25.4
+go 1.25.5
 
 replace github.com/yusing/godoxy => ../..
 
 require (
 	github.com/go-acme/lego/v4 v4.29.0
-	github.com/yusing/godoxy v0.20.10
+	github.com/yusing/godoxy v0.20.11
 )
 
 require (

internal/maxmind/maxmind.go

@@ -178,7 +178,7 @@ func (cfg *MaxMind) doReq(method string) (*http.Response, error) {
 	if err != nil {
 		return nil, err
 	}
-	req.SetBasicAuth(cfg.AccountID, cfg.LicenseKey)
+	req.SetBasicAuth(cfg.AccountID, cfg.LicenseKey.String())
 	resp, err := doReq(req)
 	if err != nil {
 		return nil, err

internal/maxmind/types/config.go

@@ -4,14 +4,15 @@ import (
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 	gperr "github.com/yusing/goutils/errs"
+	strutils "github.com/yusing/goutils/strings"
 )
 
 type (
 	DatabaseType string
 	Config       struct {
-		AccountID  string       `json:"account_id" validate:"required"`
-		LicenseKey string       `json:"license_key" validate:"required"`
-		Database   DatabaseType `json:"database" validate:"omitempty,oneof=geolite geoip2"`
+		AccountID  string            `json:"account_id" validate:"required"`
+		LicenseKey strutils.Redacted `json:"license_key" validate:"required"`
+		Database   DatabaseType      `json:"database" validate:"omitempty,oneof=geolite geoip2"`
 	}
 )
 

internal/net/gphttp/middleware/bypass.go

@@ -7,6 +7,7 @@ import (
 	"github.com/rs/zerolog/log"
 	"github.com/yusing/godoxy/internal/auth"
 	"github.com/yusing/godoxy/internal/route/rules"
+	httputils "github.com/yusing/goutils/http"
 )
 
 type Bypass []rules.RuleOn
@@ -50,7 +51,7 @@ func (c *checkBypass) before(w http.ResponseWriter, r *http.Request) (proceedNex
 }
 
 func (c *checkBypass) modifyResponse(resp *http.Response) error {
-	if c.modRes == nil || (!c.isEnforced(resp.Request) && c.bypass.ShouldBypass(rules.ResponseAsRW(resp), resp.Request)) {
+	if c.modRes == nil || (!c.isEnforced(resp.Request) && c.bypass.ShouldBypass(httputils.ResponseAsRW(resp), resp.Request)) {
 		return nil
 	}
 	log.Debug().Str("middleware", c.name).Str("url", resp.Request.Host+resp.Request.URL.Path).Msg("modifying response")

internal/net/gphttp/middleware/middleware.go

@@ -9,9 +9,10 @@ import (
 	"github.com/bytedance/sonic"
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
-	"github.com/yusing/godoxy/internal/route/rules"
 	"github.com/yusing/godoxy/internal/serialization"
 	gperr "github.com/yusing/goutils/errs"
+	httputils "github.com/yusing/goutils/http"
+	"github.com/yusing/goutils/http/httpheaders"
 	"github.com/yusing/goutils/http/reverseproxy"
 )
 
@@ -190,11 +191,22 @@ func (m *Middleware) ServeHTTP(next http.HandlerFunc, w http.ResponseWriter, r *
 		}
 	}
 
-	if exec, ok := m.impl.(ResponseModifier); ok {
-		rm := rules.NewResponseModifier(w)
-		defer rm.FlushRelease()
-		next(rm, r)
+	if httpheaders.IsWebsocket(r.Header) || r.Header.Get("Accept") == "text/event-stream" {
+		next(w, r)
+		return
+	}
 
+	if exec, ok := m.impl.(ResponseModifier); ok {
+		lrm := httputils.NewLazyResponseModifier(w, needsBuffering)
+		defer lrm.FlushRelease()
+		next(lrm, r)
+
+		// Skip modification if response wasn't buffered (non-HTML content)
+		if !lrm.IsBuffered() {
+			return
+		}
+
+		rm := lrm.ResponseModifier()
 		currentBody := rm.BodyReader()
 		currentResp := &http.Response{
 			StatusCode:    rm.StatusCode(),
@@ -222,6 +234,12 @@ func (m *Middleware) ServeHTTP(next http.HandlerFunc, w http.ResponseWriter, r *
 	}
 }
 
+// needsBuffering determines if a response should be buffered for modification.
+// Only HTML responses need buffering; streaming content (video, audio, etc.) should pass through.
+func needsBuffering(header http.Header) bool {
+	return httputils.GetContentType(header).IsHTML()
+}
+
 func (m *Middleware) LogWarn(req *http.Request) *zerolog.Event {
 	return log.Warn().Str("middleware", m.name).
 		Str("host", req.Host).

internal/proxmox/config.go

@@ -11,13 +11,14 @@ import (
 	"github.com/luthermonson/go-proxmox"
 	"github.com/yusing/godoxy/internal/net/gphttp"
 	gperr "github.com/yusing/goutils/errs"
+	strutils "github.com/yusing/goutils/strings"
 )
 
 type Config struct {
 	URL string `json:"url" validate:"required,url"`
 
-	TokenID string `json:"token_id" validate:"required"`
-	Secret  string `json:"secret" validate:"required"`
+	TokenID string            `json:"token_id" validate:"required"`
+	Secret  strutils.Redacted `json:"secret" validate:"required"`
 
 	NoTLSVerify bool `json:"no_tls_verify" yaml:"no_tls_verify,omitempty"`
 
@@ -48,7 +49,7 @@ func (c *Config) Init() gperr.Error {
 	}
 
 	opts := []proxmox.Option{
-		proxmox.WithAPIToken(c.TokenID, c.Secret),
+		proxmox.WithAPIToken(c.TokenID, c.Secret.String()),
 		proxmox.WithHTTPClient(&http.Client{
 			Transport: tr,
 		}),

internal/route/route.go

@@ -394,6 +394,8 @@ func (r *Route) start(parent task.Parent) gperr.Error {
 		if err := r.impl.Start(parent); err != nil {
 			return err
 		}
+	} else { // required by idlewatcher
+		r.task = parent.Subtask("excluded."+r.Name(), false)
 	}
 	return nil
 }

internal/route/routes/context.go

@@ -2,10 +2,6 @@ package routes
 
 import (
 	"context"
-	"crypto/tls"
-	"fmt"
-	"io"
-	"mime/multipart"
 	"net/http"
 	"net/url"
 	"reflect"
@@ -34,7 +30,8 @@ func (r *RouteContext) Value(key any) any {
 func WithRouteContext(r *http.Request, route types.HTTPRoute) *http.Request {
 	// we don't want to copy the request object every fucking requests
 	// return r.WithContext(context.WithValue(r.Context(), routeContextKey, route))
-	(*requestInternal)(unsafe.Pointer(r)).ctx = &RouteContext{
+	ctxFieldPtr := (*context.Context)(unsafe.Pointer(uintptr(unsafe.Pointer(r)) + ctxFieldOffset))
+	*ctxFieldPtr = &RouteContext{
 		Context: r.Context(),
 		Route:   route,
 	}
@@ -107,43 +104,12 @@ func TryGetUpstreamURL(r *http.Request) string {
 	return ""
 }
 
-type requestInternal struct {
-	Method           string
-	URL              *url.URL
-	Proto            string
-	ProtoMajor       int
-	ProtoMinor       int
-	Header           http.Header
-	Body             io.ReadCloser
-	GetBody          func() (io.ReadCloser, error)
-	ContentLength    int64
-	TransferEncoding []string
-	Close            bool
-	Host             string
-	Form             url.Values
-	PostForm         url.Values
-	MultipartForm    *multipart.Form
-	Trailer          http.Header
-	RemoteAddr       string
-	RequestURI       string
-	TLS              *tls.ConnectionState
-	Cancel           <-chan struct{}
-	Response         *http.Response
-	Pattern          string
-	ctx              context.Context
-}
+var ctxFieldOffset uintptr
 
 func init() {
-	// make sure ctx has the same offset as http.Request
-	f, ok := reflect.TypeFor[requestInternal]().FieldByName("ctx")
+	f, ok := reflect.TypeFor[http.Request]().FieldByName("ctx")
 	if !ok {
 		panic("ctx field not found")
 	}
-	f2, ok := reflect.TypeFor[http.Request]().FieldByName("ctx")
-	if !ok {
-		panic("ctx field not found")
-	}
-	if f.Offset != f2.Offset {
-		panic(fmt.Sprintf("ctx has different offset than http.Request: %d != %d", f.Offset, f2.Offset))
-	}
+	ctxFieldOffset = f.Offset
 }

internal/route/rules/cache.go

@@ -1,108 +0,0 @@
-package rules
-
-import (
-	"net"
-	"net/http"
-	"net/url"
-	"sync"
-)
-
-// Cache is a map of cached values for a request.
-// It prevents the same value from being parsed multiple times.
-type (
-	Cache             map[string]any
-	UpdateFunc[T any] func(T) T
-)
-
-const (
-	cacheKeyQueries   = "queries"
-	cacheKeyCookies   = "cookies"
-	cacheKeyRemoteIP  = "remote_ip"
-	cacheKeyBasicAuth = "basic_auth"
-)
-
-var cachePool = sync.Pool{
-	New: func() any {
-		return make(Cache)
-	},
-}
-
-// NewCache returns a new Cached.
-func NewCache() Cache {
-	return cachePool.Get().(Cache)
-}
-
-// Release clear the contents of the Cached and returns it to the pool.
-func (c Cache) Release() {
-	clear(c)
-	cachePool.Put(c)
-}
-
-// GetQueries returns the queries.
-// If r does not have queries, an empty map is returned.
-func (c Cache) GetQueries(r *http.Request) url.Values {
-	v, ok := c[cacheKeyQueries]
-	if !ok {
-		v = r.URL.Query()
-		c[cacheKeyQueries] = v
-	}
-	return v.(url.Values)
-}
-
-func (c Cache) UpdateQueries(r *http.Request, update func(url.Values)) {
-	queries := c.GetQueries(r)
-	update(queries)
-	r.URL.RawQuery = queries.Encode()
-}
-
-// GetCookies returns the cookies.
-// If r does not have cookies, an empty slice is returned.
-func (c Cache) GetCookies(r *http.Request) []*http.Cookie {
-	v, ok := c[cacheKeyCookies]
-	if !ok {
-		v = r.Cookies()
-		c[cacheKeyCookies] = v
-	}
-	return v.([]*http.Cookie)
-}
-
-func (c Cache) UpdateCookies(r *http.Request, update UpdateFunc[[]*http.Cookie]) {
-	cookies := update(c.GetCookies(r))
-	c[cacheKeyCookies] = cookies
-	r.Header.Del("Cookie")
-	for _, cookie := range cookies {
-		r.AddCookie(cookie)
-	}
-}
-
-// GetRemoteIP returns the remote ip address.
-// If r.RemoteAddr is not a valid ip address, nil is returned.
-func (c Cache) GetRemoteIP(r *http.Request) net.IP {
-	v, ok := c[cacheKeyRemoteIP]
-	if !ok {
-		host, _, err := net.SplitHostPort(r.RemoteAddr)
-		if err != nil {
-			host = r.RemoteAddr
-		}
-		v = net.ParseIP(host)
-		c[cacheKeyRemoteIP] = v
-	}
-	return v.(net.IP)
-}
-
-// GetBasicAuth returns *Credentials the basic auth username and password.
-// If r does not have basic auth, nil is returned.
-func (c Cache) GetBasicAuth(r *http.Request) *Credentials {
-	v, ok := c[cacheKeyBasicAuth]
-	if !ok {
-		u, p, ok := r.BasicAuth()
-		if ok {
-			v = &Credentials{u, []byte(p)}
-			c[cacheKeyBasicAuth] = v
-		} else {
-			c[cacheKeyBasicAuth] = nil
-			return nil
-		}
-	}
-	return v.(*Credentials)
-}

internal/route/rules/crypto.go

@@ -1,16 +1,15 @@
 package rules
 
-import "golang.org/x/crypto/bcrypt"
+import (
+	httputils "github.com/yusing/goutils/http"
+	"golang.org/x/crypto/bcrypt"
+)
 
 type (
 	HashedCrendentials struct {
 		Username   string
 		CheckMatch func(inputPwd []byte) bool
 	}
-	Credentials struct {
-		Username string
-		Password []byte
-	}
 )
 
 func BCryptCrendentials(username string, hashedPassword []byte) *HashedCrendentials {
@@ -19,7 +18,7 @@ func BCryptCrendentials(username string, hashedPassword []byte) *HashedCrendenti
 	}}
 }
 
-func (hc *HashedCrendentials) Match(cred *Credentials) bool {
+func (hc *HashedCrendentials) Match(cred *httputils.Credentials) bool {
 	if cred == nil {
 		return false
 	}

internal/route/rules/do.go

@@ -10,7 +10,6 @@ import (
 	"strings"
 
 	"github.com/rs/zerolog"
-	"github.com/yusing/godoxy/internal/auth"
 	"github.com/yusing/godoxy/internal/logging"
 	gphttp "github.com/yusing/godoxy/internal/net/gphttp"
 	nettypes "github.com/yusing/godoxy/internal/net/types"
@@ -50,6 +49,14 @@ const (
 	CommandPassAlt          = "bypass"
 )
 
+type AuthHandler func(w http.ResponseWriter, r *http.Request) (proceed bool)
+
+var authHandler AuthHandler
+
+func InitAuthHandler(handler AuthHandler) {
+	authHandler = handler
+}
+
 var commands = map[string]struct {
 	help              Help
 	validate          ValidateFunc
@@ -70,7 +77,7 @@ var commands = map[string]struct {
 		},
 		build: func(args any) CommandHandler {
 			return NonTerminatingCommand(func(w http.ResponseWriter, r *http.Request) error {
-				if !auth.AuthOrProceed(w, r) {
+				if !authHandler(w, r) {
 					return errTerminated
 				}
 				return nil
@@ -198,7 +205,7 @@ var commands = map[string]struct {
 			code, textTmpl := args.(*Tuple[int, templateString]).Unpack()
 			return TerminatingCommand(func(w http.ResponseWriter, r *http.Request) error {
 				// error command should overwrite the response body
-				GetInitResponseModifier(w).ResetBody()
+				httputils.GetInitResponseModifier(w).ResetBody()
 				w.WriteHeader(code)
 				err := textTmpl.ExpandVars(w, r, w)
 				return err

internal/route/rules/do_set.go

@@ -7,6 +7,7 @@ import (
 	"strconv"
 
 	gperr "github.com/yusing/goutils/errs"
+	httputils "github.com/yusing/goutils/http"
 	ioutils "github.com/yusing/goutils/io"
 )
 
@@ -128,7 +129,7 @@ var modFields = map[string]struct {
 					if err != nil {
 						return err
 					}
-					GetSharedData(w).UpdateQueries(r, func(queries url.Values) {
+					httputils.GetSharedData(w).UpdateQueries(r, func(queries url.Values) {
 						queries.Set(k, v)
 					})
 					return nil
@@ -138,13 +139,13 @@ var modFields = map[string]struct {
 					if err != nil {
 						return err
 					}
-					GetSharedData(w).UpdateQueries(r, func(queries url.Values) {
+					httputils.GetSharedData(w).UpdateQueries(r, func(queries url.Values) {
 						queries.Add(k, v)
 					})
 					return nil
 				}),
 				remove: NonTerminatingCommand(func(w http.ResponseWriter, r *http.Request) error {
-					GetSharedData(w).UpdateQueries(r, func(queries url.Values) {
+					httputils.GetSharedData(w).UpdateQueries(r, func(queries url.Values) {
 						queries.Del(k)
 					})
 					return nil
@@ -169,7 +170,7 @@ var modFields = map[string]struct {
 					if err != nil {
 						return err
 					}
-					GetSharedData(w).UpdateCookies(r, func(cookies []*http.Cookie) []*http.Cookie {
+					httputils.GetSharedData(w).UpdateCookies(r, func(cookies []*http.Cookie) []*http.Cookie {
 						for i, c := range cookies {
 							if c.Name == k {
 								cookies[i].Value = v
@@ -185,13 +186,13 @@ var modFields = map[string]struct {
 					if err != nil {
 						return err
 					}
-					GetSharedData(w).UpdateCookies(r, func(cookies []*http.Cookie) []*http.Cookie {
+					httputils.GetSharedData(w).UpdateCookies(r, func(cookies []*http.Cookie) []*http.Cookie {
 						return append(cookies, &http.Cookie{Name: k, Value: v})
 					})
 					return nil
 				}),
 				remove: NonTerminatingCommand(func(w http.ResponseWriter, r *http.Request) error {
-					GetSharedData(w).UpdateCookies(r, func(cookies []*http.Cookie) []*http.Cookie {
+					httputils.GetSharedData(w).UpdateCookies(r, func(cookies []*http.Cookie) []*http.Cookie {
 						index := -1
 						for i, c := range cookies {
 							if c.Name == k {
@@ -242,7 +243,7 @@ var modFields = map[string]struct {
 						r.Body = nil
 					}
 
-					bufPool := GetInitResponseModifier(w).BufPool()
+					bufPool := httputils.GetInitResponseModifier(w).BufPool()
 					b := bufPool.GetBuffer()
 					err := tmpl.ExpandVars(w, r, b)
 					if err != nil {
@@ -282,7 +283,7 @@ var modFields = map[string]struct {
 			tmpl := args.(templateString)
 			return &FieldHandler{
 				set: OnResponseCommand(func(w http.ResponseWriter, r *http.Request) error {
-					rm := GetInitResponseModifier(w)
+					rm := httputils.GetInitResponseModifier(w)
 					rm.ResetBody()
 					return tmpl.ExpandVars(w, r, rm)
 				}),
@@ -317,7 +318,7 @@ var modFields = map[string]struct {
 			status := args.(int)
 			return &FieldHandler{
 				set: NonTerminatingCommand(func(w http.ResponseWriter, r *http.Request) error {
-					GetInitResponseModifier(w).WriteHeader(status)
+					httputils.GetInitResponseModifier(w).WriteHeader(status)
 					return nil
 				}),
 			}

internal/route/rules/do_set_test.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+	httputils "github.com/yusing/goutils/http"
 )
 
 func TestFieldHandler_Header(t *testing.T) {
@@ -420,7 +421,7 @@ func TestFieldHandler_ResponseBody(t *testing.T) {
 		name     string
 		template string
 		setup    func(*http.Request)
-		verify   func(*ResponseModifier)
+		verify   func(*httputils.ResponseModifier)
 	}{
 		{
 			name:     "set response body with template",
@@ -429,8 +430,8 @@ func TestFieldHandler_ResponseBody(t *testing.T) {
 				r.Method = "GET"
 				r.URL.Path = "/api/test"
 			},
-			verify: func(rm *ResponseModifier) {
-				content := rm.buf.String()
+			verify: func(rm *httputils.ResponseModifier) {
+				content := string(rm.Content())
 				expected := "Response: GET /api/test"
 				assert.Equal(t, expected, content, "Expected response body")
 			},
@@ -444,7 +445,7 @@ func TestFieldHandler_ResponseBody(t *testing.T) {
 			w := httptest.NewRecorder()
 
 			// Create ResponseModifier wrapper
-			rm := NewResponseModifier(w)
+			rm := httputils.NewResponseModifier(w)
 
 			tmpl, tErr := validateTemplate(tt.template, false)
 			if tErr != nil {
@@ -495,7 +496,7 @@ func TestFieldHandler_StatusCode(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			req := httptest.NewRequest("GET", "/", nil)
 			w := httptest.NewRecorder()
-			rm := NewResponseModifier(w)
+			rm := httputils.NewResponseModifier(w)
 			var cmd Command
 			err := cmd.Parse(fmt.Sprintf("set %s %d", FieldStatusCode, tt.status))
 			if err != nil {

internal/route/rules/on.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/yusing/godoxy/internal/route/routes"
 	gperr "github.com/yusing/goutils/errs"
+	httputils "github.com/yusing/goutils/http"
 )
 
 type RuleOn struct {
@@ -95,11 +96,11 @@ var checkers = map[string]struct {
 			k, matcher := args.(*MapValueMatcher).Unpack()
 			if matcher == nil {
 				return func(w http.ResponseWriter, r *http.Request) bool {
-					return len(GetInitResponseModifier(w).Header()[k]) > 0
+					return len(httputils.GetInitResponseModifier(w).Header()[k]) > 0
 				}
 			}
 			return func(w http.ResponseWriter, r *http.Request) bool {
-				return slices.ContainsFunc(GetInitResponseModifier(w).Header()[k], matcher)
+				return slices.ContainsFunc(httputils.GetInitResponseModifier(w).Header()[k], matcher)
 			}
 		},
 	},
@@ -122,11 +123,11 @@ var checkers = map[string]struct {
 			k, matcher := args.(*MapValueMatcher).Unpack()
 			if matcher == nil {
 				return func(w http.ResponseWriter, r *http.Request) bool {
-					return len(GetSharedData(w).GetQueries(r)[k]) > 0
+					return len(httputils.GetSharedData(w).GetQueries(r)[k]) > 0
 				}
 			}
 			return func(w http.ResponseWriter, r *http.Request) bool {
-				return slices.ContainsFunc(GetSharedData(w).GetQueries(r)[k], matcher)
+				return slices.ContainsFunc(httputils.GetSharedData(w).GetQueries(r)[k], matcher)
 			}
 		},
 	},
@@ -149,7 +150,7 @@ var checkers = map[string]struct {
 			k, matcher := args.(*MapValueMatcher).Unpack()
 			if matcher == nil {
 				return func(w http.ResponseWriter, r *http.Request) bool {
-					cookies := GetSharedData(w).GetCookies(r)
+					cookies := httputils.GetSharedData(w).GetCookies(r)
 					for _, cookie := range cookies {
 						if cookie.Name == k {
 							return true
@@ -159,7 +160,7 @@ var checkers = map[string]struct {
 				}
 			}
 			return func(w http.ResponseWriter, r *http.Request) bool {
-				cookies := GetSharedData(w).GetCookies(r)
+				cookies := httputils.GetSharedData(w).GetCookies(r)
 				for _, cookie := range cookies {
 					if cookie.Name == k {
 						if matcher(cookie.Value) {
@@ -302,7 +303,7 @@ var checkers = map[string]struct {
 			if ones, bits := ipnet.Mask.Size(); ones == bits {
 				wantIP := ipnet.IP
 				return func(w http.ResponseWriter, r *http.Request) bool {
-					ip := GetSharedData(w).GetRemoteIP(r)
+					ip := httputils.GetSharedData(w).GetRemoteIP(r)
 					if ip == nil {
 						return false
 					}
@@ -310,7 +311,7 @@ var checkers = map[string]struct {
 				}
 			}
 			return func(w http.ResponseWriter, r *http.Request) bool {
-				ip := GetSharedData(w).GetRemoteIP(r)
+				ip := httputils.GetSharedData(w).GetRemoteIP(r)
 				if ip == nil {
 					return false
 				}
@@ -330,7 +331,7 @@ var checkers = map[string]struct {
 		builder: func(args any) CheckFunc {
 			cred := args.(*HashedCrendentials)
 			return func(w http.ResponseWriter, r *http.Request) bool {
-				return cred.Match(GetSharedData(w).GetBasicAuth(r))
+				return cred.Match(httputils.GetSharedData(w).GetBasicAuth(r))
 			}
 		},
 	},
@@ -378,11 +379,11 @@ var checkers = map[string]struct {
 			beg, end := args.(*IntTuple).Unpack()
 			if beg == end {
 				return func(w http.ResponseWriter, _ *http.Request) bool {
-					return GetInitResponseModifier(w).StatusCode() == beg
+					return httputils.GetInitResponseModifier(w).StatusCode() == beg
 				}
 			}
 			return func(w http.ResponseWriter, _ *http.Request) bool {
-				statusCode := GetInitResponseModifier(w).StatusCode()
+				statusCode := httputils.GetInitResponseModifier(w).StatusCode()
 				return statusCode >= beg && statusCode <= end
 			}
 		},

internal/route/rules/response_modifier.go

@@ -1,267 +0,0 @@
-package rules
-
-import (
-	"bufio"
-	"bytes"
-	"errors"
-	"fmt"
-	"io"
-	"net"
-	"net/http"
-	"strconv"
-
-	"github.com/rs/zerolog/log"
-	gperr "github.com/yusing/goutils/errs"
-	"github.com/yusing/goutils/synk"
-)
-
-type ResponseModifier struct {
-	bufPool synk.UnsizedBytesPool
-
-	w          http.ResponseWriter
-	buf        *bytes.Buffer
-	statusCode int
-	shared     Cache
-
-	origContentLength int64 // from http.Response in ResponseAsRW, -1 if not set
-	bodyModified      bool
-
-	hijacked bool
-
-	errs gperr.Builder
-}
-
-type Response struct {
-	StatusCode int
-	Header     http.Header
-}
-
-func unwrapResponseModifier(w http.ResponseWriter) *ResponseModifier {
-	for {
-		switch ww := w.(type) {
-		case *ResponseModifier:
-			return ww
-		case interface{ Unwrap() http.ResponseWriter }:
-			w = ww.Unwrap()
-		default:
-			return nil
-		}
-	}
-}
-
-type responseAsRW struct {
-	resp *http.Response
-}
-
-func (r responseAsRW) WriteHeader(code int) {
-	log.Error().Msg("write header after response has been created")
-}
-
-func (r responseAsRW) Write(b []byte) (int, error) {
-	return 0, io.ErrClosedPipe
-}
-
-func (r responseAsRW) Header() http.Header {
-	return r.resp.Header
-}
-
-func ResponseAsRW(resp *http.Response) *ResponseModifier {
-	return &ResponseModifier{
-		statusCode:        resp.StatusCode,
-		w:                 responseAsRW{resp},
-		origContentLength: resp.ContentLength,
-	}
-}
-
-// GetInitResponseModifier returns the response modifier for the given response writer.
-// If the response writer is already wrapped, it will return the wrapped response modifier.
-// Otherwise, it will return a new response modifier.
-func GetInitResponseModifier(w http.ResponseWriter) *ResponseModifier {
-	if rm := unwrapResponseModifier(w); rm != nil {
-		return rm
-	}
-	return NewResponseModifier(w)
-}
-
-// GetSharedData returns the shared data for the given response writer.
-// It will initialize the shared data if not initialized.
-func GetSharedData(w http.ResponseWriter) Cache {
-	rm := GetInitResponseModifier(w)
-	if rm.shared == nil {
-		rm.shared = NewCache()
-	}
-	return rm.shared
-}
-
-// NewResponseModifier returns a new response modifier for the given response writer.
-//
-// It should only be called once, at the very beginning of the request.
-func NewResponseModifier(w http.ResponseWriter) *ResponseModifier {
-	return &ResponseModifier{
-		bufPool:           synk.GetUnsizedBytesPool(),
-		w:                 w,
-		origContentLength: -1,
-	}
-}
-
-func (rm *ResponseModifier) BufPool() synk.UnsizedBytesPool {
-	return rm.bufPool
-}
-
-// func (rm *ResponseModifier) Unwrap() http.ResponseWriter {
-// 	return rm.w
-// }
-
-func (rm *ResponseModifier) WriteHeader(code int) {
-	rm.statusCode = code
-}
-
-// BodyReader returns a reader for the response body.
-// Every call to this function will return a new reader that starts from the beginning of the buffer.
-func (rm *ResponseModifier) BodyReader() io.ReadCloser {
-	if rm.buf == nil {
-		return io.NopCloser(bytes.NewReader(nil))
-	}
-	return io.NopCloser(bytes.NewReader(rm.buf.Bytes()))
-}
-
-func (rm *ResponseModifier) ResetBody() {
-	if !rm.bodyModified {
-		return
-	}
-	if rm.buf == nil {
-		return
-	}
-	rm.buf.Reset()
-}
-
-func (rm *ResponseModifier) SetBody(r io.ReadCloser) error {
-	if rm.buf == nil {
-		rm.buf = rm.bufPool.GetBuffer()
-	} else {
-		rm.buf.Reset()
-	}
-
-	rm.bodyModified = true
-
-	_, err := io.Copy(rm.buf, r)
-	if err != nil {
-		return fmt.Errorf("failed to copy body: %w", err)
-	}
-	r.Close()
-	return nil
-}
-
-func (rm *ResponseModifier) ContentLength() int {
-	if !rm.bodyModified {
-		if rm.origContentLength >= 0 {
-			return int(rm.origContentLength)
-		}
-		contentLength, _ := strconv.Atoi(rm.ContentLengthStr())
-		return contentLength
-	}
-	return rm.buf.Len()
-}
-
-func (rm *ResponseModifier) ContentLengthStr() string {
-	if !rm.bodyModified {
-		if rm.origContentLength >= 0 {
-			return strconv.FormatInt(rm.origContentLength, 10)
-		}
-		return rm.w.Header().Get("Content-Length")
-	}
-	return strconv.Itoa(rm.buf.Len())
-}
-
-func (rm *ResponseModifier) Content() []byte {
-	if rm.buf == nil {
-		return nil
-	}
-	return rm.buf.Bytes()
-}
-
-func (rm *ResponseModifier) StatusCode() int {
-	if rm.statusCode == 0 {
-		return http.StatusOK
-	}
-	return rm.statusCode
-}
-
-func (rm *ResponseModifier) Header() http.Header {
-	return rm.w.Header()
-}
-
-func (rm *ResponseModifier) Response() Response {
-	return Response{StatusCode: rm.StatusCode(), Header: rm.Header()}
-}
-
-func (rm *ResponseModifier) Write(b []byte) (int, error) {
-	if len(b) == 0 {
-		return 0, nil
-	}
-
-	rm.bodyModified = true
-	if rm.buf == nil {
-		rm.buf = rm.bufPool.GetBuffer()
-	}
-	return rm.buf.Write(b)
-}
-
-// AppendError appends an error to the response modifier
-// the error will be formatted as "rule <rule.Name> error: <err>"
-//
-// It will be aggregated and returned in FlushRelease.
-func (rm *ResponseModifier) AppendError(rule Rule, err error) {
-	rm.errs.Addf("rule %q error: %w", rule.Name, err)
-}
-
-func (rm *ResponseModifier) Hijack() (net.Conn, *bufio.ReadWriter, error) {
-	if hijacker, ok := rm.w.(http.Hijacker); ok {
-		rm.hijacked = true
-		return hijacker.Hijack()
-	}
-	return nil, nil, errors.New("hijack not supported")
-}
-
-// FlushRelease flushes the response modifier and releases the resources
-// it returns the number of bytes written and the aggregated error
-// if there is any error (rule errors or write error), it will be returned
-func (rm *ResponseModifier) FlushRelease() (int, error) {
-	n := 0
-	if !rm.hijacked {
-		if rm.bodyModified {
-			h := rm.w.Header()
-			h.Set("Content-Length", rm.ContentLengthStr())
-			h.Del("Transfer-Encoding")
-			h.Del("Trailer")
-		}
-		rm.w.WriteHeader(rm.StatusCode())
-
-		if rm.bodyModified {
-			if content := rm.Content(); len(content) > 0 {
-				nn, werr := rm.w.Write(content)
-				n += nn
-				if werr != nil {
-					rm.errs.Addf("write error: %w", werr)
-				}
-				if err := http.NewResponseController(rm.w).Flush(); err != nil && !errors.Is(err, http.ErrNotSupported) {
-					rm.errs.Addf("flush error: %w", err)
-				}
-			}
-		}
-	}
-
-	// release the buffer and reset the pointers
-	if rm.buf != nil {
-		rm.bufPool.PutBuffer(rm.buf)
-		rm.buf = nil
-	}
-
-	// release the shared data
-	if rm.shared != nil {
-		rm.shared.Release()
-		rm.shared = nil
-	}
-
-	return n, rm.errs.Error()
-}

internal/route/rules/rules.go

@@ -7,6 +7,7 @@ import (
 
 	"github.com/quic-go/quic-go/http3"
 	"github.com/rs/zerolog/log"
+	httputils "github.com/yusing/goutils/http"
 	"golang.org/x/net/http2"
 
 	_ "unsafe"
@@ -91,7 +92,7 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 		}
 		if defaultRule.IsResponseRule() {
 			return func(w http.ResponseWriter, r *http.Request) {
-				rm := NewResponseModifier(w)
+				rm := httputils.NewResponseModifier(w)
 				defer func() {
 					if _, err := rm.FlushRelease(); err != nil {
 						logError(err, r)
@@ -101,12 +102,12 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 				up(w, r)
 				err := defaultRule.Do.exec.Handle(w, r)
 				if err != nil && !errors.Is(err, errTerminated) {
-					rm.AppendError(defaultRule, err)
+					appendRuleError(rm, &defaultRule, err)
 				}
 			}
 		}
 		return func(w http.ResponseWriter, r *http.Request) {
-			rm := NewResponseModifier(w)
+			rm := httputils.NewResponseModifier(w)
 			defer func() {
 				if _, err := rm.FlushRelease(); err != nil {
 					logError(err, r)
@@ -119,7 +120,7 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 				return
 			}
 			if !errors.Is(err, errTerminated) {
-				rm.AppendError(defaultRule, err)
+				appendRuleError(rm, &defaultRule, err)
 			}
 		}
 	}
@@ -138,7 +139,7 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 	defaultTerminates := isTerminatingHandler(defaultRule.Do.exec)
 
 	return func(w http.ResponseWriter, r *http.Request) {
-		rm := NewResponseModifier(w)
+		rm := httputils.NewResponseModifier(w)
 		defer func() {
 			if _, err := rm.FlushRelease(); err != nil {
 				logError(err, r)
@@ -157,7 +158,7 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 				err := defaultRule.Handle(w, r)
 				if err != nil {
 					if !errors.Is(err, errTerminated) {
-						rm.AppendError(defaultRule, err)
+						appendRuleError(rm, &defaultRule, err)
 					}
 					shouldCallUpstream = false
 				}
@@ -174,7 +175,7 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 					err := rule.Handle(w, r)
 					if err != nil {
 						if !errors.Is(err, errTerminated) {
-							rm.AppendError(rule, err)
+							appendRuleError(rm, &rule, err)
 						}
 						shouldCallUpstream = false
 						break
@@ -190,7 +191,7 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 				err := defaultRule.Handle(w, r)
 				if err != nil {
 					if !errors.Is(err, errTerminated) {
-						rm.AppendError(defaultRule, err)
+						appendRuleError(rm, &defaultRule, err)
 						return
 					}
 					shouldCallUpstream = false
@@ -212,7 +213,7 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 				err := rule.Handle(w, r)
 				if err != nil {
 					if !errors.Is(err, errTerminated) {
-						rm.AppendError(rule, err)
+						appendRuleError(rm, &rule, err)
 					}
 					return
 				}
@@ -222,12 +223,16 @@ func (rules Rules) BuildHandler(up http.HandlerFunc) http.HandlerFunc {
 		if isDefaultRulePost {
 			err := defaultRule.Handle(w, r)
 			if err != nil && !errors.Is(err, errTerminated) {
-				rm.AppendError(defaultRule, err)
+				appendRuleError(rm, &defaultRule, err)
 			}
 		}
 	}
 }
 
+func appendRuleError(rm *httputils.ResponseModifier, rule *Rule, err error) {
+	rm.AppendError("rule: %s, error: %w", rule.Name, err)
+}
+
 func isTerminatingHandler(handler CommandHandler) bool {
 	switch h := handler.(type) {
 	case TerminatingCommand:

internal/route/rules/template.go

@@ -5,6 +5,8 @@ import (
 	"net/http"
 	"strings"
 	"unsafe"
+
+	httputils "github.com/yusing/goutils/http"
 )
 
 type templateString struct {
@@ -27,7 +29,7 @@ func (tmpl *templateString) ExpandVars(w http.ResponseWriter, req *http.Request,
 		return err
 	}
 
-	return ExpandVars(GetInitResponseModifier(w), req, tmpl.string, dstW)
+	return ExpandVars(httputils.GetInitResponseModifier(w), req, tmpl.string, dstW)
 }
 
 func (tmpl *templateString) ExpandVarsToString(w http.ResponseWriter, req *http.Request) (string, error) {
@@ -36,7 +38,7 @@ func (tmpl *templateString) ExpandVarsToString(w http.ResponseWriter, req *http.
 	}
 
 	var buf strings.Builder
-	err := ExpandVars(GetInitResponseModifier(w), req, tmpl.string, &buf)
+	err := ExpandVars(httputils.GetInitResponseModifier(w), req, tmpl.string, &buf)
 	if err != nil {
 		return "", err
 	}

internal/route/rules/var_bench_test.go

@@ -5,10 +5,12 @@ import (
 	"net/http/httptest"
 	"net/url"
 	"testing"
+
+	httputils "github.com/yusing/goutils/http"
 )
 
 func BenchmarkExpandVars(b *testing.B) {
-	testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+	testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 	testResponseModifier.WriteHeader(200)
 	testResponseModifier.Write([]byte("Hello, world!"))
 	testRequest := httptest.NewRequest("GET", "/", nil)

internal/route/rules/vars.go

@@ -8,6 +8,7 @@ import (
 	"regexp"
 	"strings"
 
+	httputils "github.com/yusing/goutils/http"
 	ioutils "github.com/yusing/goutils/io"
 )
 
@@ -15,7 +16,7 @@ import (
 
 type (
 	reqVarGetter  func(*http.Request) string
-	respVarGetter func(*ResponseModifier) string
+	respVarGetter func(*httputils.ResponseModifier) string
 )
 
 var reVar = regexp.MustCompile(`\$[\w_]+`)
@@ -36,7 +37,7 @@ func NeedExpandVars(s string) bool {
 }
 
 var (
-	voidResponseModifier = NewResponseModifier(httptest.NewRecorder())
+	voidResponseModifier = httputils.NewResponseModifier(httptest.NewRecorder())
 	dummyRequest         = http.Request{
 		Method: "GET",
 		URL:    &url.URL{Path: "/"},
@@ -50,7 +51,7 @@ func ValidateVars(s string) error {
 	return ExpandVars(voidResponseModifier, &dummyRequest, s, io.Discard)
 }
 
-func ExpandVars(w *ResponseModifier, req *http.Request, src string, dstW io.Writer) error {
+func ExpandVars(w *httputils.ResponseModifier, req *http.Request, src string, dstW io.Writer) error {
 	dst := ioutils.NewBufferedWriter(dstW, 1024)
 	defer dst.Close()
 

internal/route/rules/vars_dynamic.go

@@ -4,6 +4,8 @@ import (
 	"net/http"
 	"net/url"
 	"strconv"
+
+	httputils "github.com/yusing/goutils/http"
 )
 
 var (
@@ -14,31 +16,31 @@ var (
 	VarPostForm       = "postform"
 )
 
-type dynamicVarGetter func(args []string, w *ResponseModifier, req *http.Request) (string, error)
+type dynamicVarGetter func(args []string, w *httputils.ResponseModifier, req *http.Request) (string, error)
 
 var dynamicVarSubsMap = map[string]dynamicVarGetter{
-	VarHeader: func(args []string, w *ResponseModifier, req *http.Request) (string, error) {
+	VarHeader: func(args []string, w *httputils.ResponseModifier, req *http.Request) (string, error) {
 		key, index, err := getKeyAndIndex(args)
 		if err != nil {
 			return "", err
 		}
 		return getValueByKeyAtIndex(req.Header, key, index)
 	},
-	VarResponseHeader: func(args []string, w *ResponseModifier, req *http.Request) (string, error) {
+	VarResponseHeader: func(args []string, w *httputils.ResponseModifier, req *http.Request) (string, error) {
 		key, index, err := getKeyAndIndex(args)
 		if err != nil {
 			return "", err
 		}
 		return getValueByKeyAtIndex(w.Header(), key, index)
 	},
-	VarQuery: func(args []string, w *ResponseModifier, req *http.Request) (string, error) {
+	VarQuery: func(args []string, w *httputils.ResponseModifier, req *http.Request) (string, error) {
 		key, index, err := getKeyAndIndex(args)
 		if err != nil {
 			return "", err
 		}
-		return getValueByKeyAtIndex(GetSharedData(w).GetQueries(req), key, index)
+		return getValueByKeyAtIndex(httputils.GetSharedData(w).GetQueries(req), key, index)
 	},
-	VarForm: func(args []string, w *ResponseModifier, req *http.Request) (string, error) {
+	VarForm: func(args []string, w *httputils.ResponseModifier, req *http.Request) (string, error) {
 		key, index, err := getKeyAndIndex(args)
 		if err != nil {
 			return "", err
@@ -50,7 +52,7 @@ var dynamicVarSubsMap = map[string]dynamicVarGetter{
 		}
 		return getValueByKeyAtIndex(req.Form, key, index)
 	},
-	VarPostForm: func(args []string, w *ResponseModifier, req *http.Request) (string, error) {
+	VarPostForm: func(args []string, w *httputils.ResponseModifier, req *http.Request) (string, error) {
 		key, index, err := getKeyAndIndex(args)
 		if err != nil {
 			return "", err

internal/route/rules/vars_static.go

@@ -7,6 +7,7 @@ import (
 	"strings"
 
 	"github.com/yusing/godoxy/internal/route/routes"
+	httputils "github.com/yusing/goutils/http"
 )
 
 const (
@@ -87,9 +88,9 @@ var staticReqVarSubsMap = map[string]reqVarGetter{
 }
 
 var staticRespVarSubsMap = map[string]respVarGetter{
-	VarRespContentType: func(resp *ResponseModifier) string { return resp.Header().Get("Content-Type") },
-	VarRespContentLen:  func(resp *ResponseModifier) string { return resp.ContentLengthStr() },
-	VarRespStatusCode:  func(resp *ResponseModifier) string { return strconv.Itoa(resp.StatusCode()) },
+	VarRespContentType: func(resp *httputils.ResponseModifier) string { return resp.Header().Get("Content-Type") },
+	VarRespContentLen:  func(resp *httputils.ResponseModifier) string { return resp.ContentLengthStr() },
+	VarRespStatusCode:  func(resp *httputils.ResponseModifier) string { return strconv.Itoa(resp.StatusCode()) },
 }
 
 func stripFragment(s string) string {

internal/route/rules/vars_test.go

@@ -10,6 +10,7 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/require"
+	httputils "github.com/yusing/goutils/http"
 )
 
 func TestExtractArgs(t *testing.T) {
@@ -214,7 +215,7 @@ func TestExpandVars(t *testing.T) {
 	testRequest.PostForm = postFormData
 
 	// Create response modifier with headers
-	testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+	testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 	testResponseModifier.Header().Set("Content-Type", "text/html")
 	testResponseModifier.Header().Set("X-Custom-Resp", "resp-value")
 	testResponseModifier.WriteHeader(200)
@@ -483,7 +484,7 @@ func TestExpandVars(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			var out strings.Builder
-			err := ExpandVars(testResponseModifier, testRequest, tt.input, &out)
+			err := ExpandVars(httputils.NewResponseModifier(httptest.NewRecorder()), testRequest, tt.input, &out)
 
 			if tt.wantErr {
 				require.Error(t, err)
@@ -501,11 +502,11 @@ func TestExpandVars_Integration(t *testing.T) {
 		testRequest.Header.Set("User-Agent", "curl/7.68.0")
 		testRequest.RemoteAddr = "10.0.0.1:54321"
 
-		testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+		testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 		testResponseModifier.WriteHeader(200)
 
 		var out strings.Builder
-		err := ExpandVars(testResponseModifier, testRequest,
+		err := ExpandVars(httputils.NewResponseModifier(httptest.NewRecorder()), testRequest,
 			"$req_method $req_url $status_code User-Agent=$header(User-Agent)",
 			&out)
 
@@ -516,7 +517,7 @@ func TestExpandVars_Integration(t *testing.T) {
 	t.Run("with query parameters", func(t *testing.T) {
 		testRequest := httptest.NewRequest("GET", "http://example.com/search?q=test&page=1", nil)
 
-		testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+		testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 
 		var out strings.Builder
 		err := ExpandVars(testResponseModifier, testRequest,
@@ -530,13 +531,13 @@ func TestExpandVars_Integration(t *testing.T) {
 	t.Run("response headers", func(t *testing.T) {
 		testRequest := httptest.NewRequest("GET", "/", nil)
 
-		testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+		testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 		testResponseModifier.Header().Set("Cache-Control", "no-cache")
 		testResponseModifier.Header().Set("X-Rate-Limit", "100")
 		testResponseModifier.WriteHeader(200)
 
 		var out strings.Builder
-		err := ExpandVars(testResponseModifier, testRequest,
+		err := ExpandVars(httputils.NewResponseModifier(httptest.NewRecorder()), testRequest,
 			"Status: $status_code, Cache: $resp_header(Cache-Control), Limit: $resp_header(X-Rate-Limit)",
 			&out)
 
@@ -569,7 +570,7 @@ func TestExpandVars_RequestSchemes(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+			testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 			var out strings.Builder
 			err := ExpandVars(testResponseModifier, tt.request, "$req_scheme", &out)
 			require.NoError(t, err)
@@ -582,7 +583,7 @@ func TestExpandVars_UpstreamVariables(t *testing.T) {
 	// Upstream variables require context from routes package
 	testRequest := httptest.NewRequest("GET", "/", nil)
 
-	testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+	testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 
 	// Test that upstream variables don't cause errors even when not set
 	upstreamVars := []string{
@@ -609,7 +610,7 @@ func TestExpandVars_NoHostPort(t *testing.T) {
 	testRequest := httptest.NewRequest("GET", "/", nil)
 	testRequest.Host = "example.com" // No port
 
-	testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+	testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 
 	t.Run("req_host without port", func(t *testing.T) {
 		var out strings.Builder
@@ -631,7 +632,7 @@ func TestExpandVars_NoRemotePort(t *testing.T) {
 	testRequest := httptest.NewRequest("GET", "/", nil)
 	testRequest.RemoteAddr = "192.168.1.1" // No port
 
-	testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+	testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 
 	t.Run("remote_host without port", func(t *testing.T) {
 		var out strings.Builder
@@ -650,7 +651,7 @@ func TestExpandVars_NoRemotePort(t *testing.T) {
 
 func TestExpandVars_WhitespaceHandling(t *testing.T) {
 	testRequest := httptest.NewRequest("GET", "/test", nil)
-	testResponseModifier := NewResponseModifier(httptest.NewRecorder())
+	testResponseModifier := httputils.NewResponseModifier(httptest.NewRecorder())
 
 	var out strings.Builder
 	err := ExpandVars(testResponseModifier, testRequest, "$req_method $req_path", &out)

internal/serialization/serialization.go

@@ -21,6 +21,22 @@ import (
 
 type SerializedObject = map[string]any
 
+// ToSerializedObject converts a map[string]VT to a SerializedObject.
+func ToSerializedObject[VT any](m map[string]VT) SerializedObject {
+	so := make(SerializedObject, len(m))
+	for k, v := range m {
+		so[k] = v
+	}
+	return so
+}
+
+func init() {
+	strutils.SetJSONMarshaler(sonic.Marshal)
+	strutils.SetJSONUnmarshaler(sonic.Unmarshal)
+	strutils.SetYAMLMarshaler(yaml.Marshal)
+	strutils.SetYAMLUnmarshaler(yaml.Unmarshal)
+}
+
 type MapUnmarshaller interface {
 	UnmarshalMap(m map[string]any) gperr.Error
 }

socket-proxy/go.mod

@@ -1,6 +1,6 @@
 module github.com/yusing/godoxy/socketproxy
 
-go 1.25.4
+go 1.25.5
 
 exclude github.com/yusing/goutils v0.4.2