chore: spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

.github/actions/spelling/expect.txt

@@ -341,7 +341,6 @@ xff
 XForwarded
 XNG
 XOB
-XOriginal
 XReal
 yae
 YAMLTo

docs/docs/CHANGELOG.md

@@ -12,7 +12,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 
 <!-- This changes the project to: -->
-- Added a missing link to the Caddy installation environment in the installation documentation.
+
 - Downstream consumers can change the default [log/slog#Logger](https://pkg.go.dev/log/slog#Logger) instance that Anubis uses by setting `opts.Logger` to your slog instance of choice ([#864](https://github.com/TecharoHQ/anubis/issues/864)).
 - The [Thoth client](https://anubis.techaro.lol/docs/admin/thoth) is now public in the repo instead of being an internal package.
 - [Custom-AsyncHttpClient](https://github.com/AsyncHttpClient/async-http-client)'s default User-Agent has an increased weight by default ([#852](https://github.com/TecharoHQ/anubis/issues/852)).
@@ -40,13 +40,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Bump AI-robots.txt to version 1.39
 - Add a default block rule for Huawei Cloud.
 - Add a default block rule for Alibaba Cloud.
-- Add X-Request-URI support so that Subrequest Authentication has path support.
 
 ### Security-relevant changes
 
 #### Fix potential double-spend for challenges
 
-Anubis operates by issuing a challenge and having the client present a solution for that challenge. Challenges are identified by a unique UUID, which is stored in the database.
+Anubis operates by issuing a challenge and having the client present a solution for that challenge. Challenges are identified by a unique UUID, which is tored in the database.
 
 The problem is that a challenge could potentially be used twice by a dedicated attacker making a targeted attack against Anubis. Challenge records did not have a "spent" or "used" field. In total, a dedicated attacker could solve a challenge once and reuse that solution across multiple sessions in order to mint additional tokens.
 

docs/docs/admin/frameworks/wordpress.mdx

@@ -1,6 +1,6 @@
-# WordPress
+# Wordpress
 
-WordPress is the most popular blog engine on the planet.
+Wordpress is the most popular blog engine on the planet.
 
 ## Using a multi-site setup with Anubis
 
@@ -27,7 +27,7 @@ flowchart LR
     US --> |whatever you're doing| B
 ```
 
-WordPress may not realize that the underlying connection is being done over HTTPS. This could lead to a redirect loop in the `/wp-admin/` routes. In order to fix this, add the following to your `wp-config.php` file:
+Wordpress may not realize that the underlying connection is being done over HTTPS. This could lead to a redirect loop in the `/wp-admin/` routes. In order to fix this, add the following to your `wp-config.php` file:
 
 ```php
 if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
@@ -36,4 +36,4 @@ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROT
 }
 ```
 
-This will make WordPress think that your connection is over HTTPS instead of plain HTTP.
+This will make Wordpress think that your connection is over HTTPS instead of plain HTTP.

docs/docs/admin/installation.mdx

@@ -178,7 +178,6 @@ Alternatively here is a key generated by your browser:
 To get Anubis filtering your traffic, you need to make sure it's added to your HTTP load balancer or platform configuration. See the [environments category](/docs/category/environments) for detailed information on individual environments.
 
 - [Apache](./environments/apache.mdx)
-- [Caddy](./environments/caddy.mdx)
 - [Docker compose](./environments/docker-compose.mdx)
 - [Kubernetes](./environments/kubernetes.mdx)
 - [Nginx](./environments/nginx.mdx)

lib/policy/checker.go

@@ -102,13 +102,6 @@ func NewPathChecker(rexStr string) (checker.Impl, error) {
 }
 
 func (pc *PathChecker) Check(r *http.Request) (bool, error) {
-	originalUrl := r.Header.Get("X-Original-URI")
-	if originalUrl != "" {
-		if pc.regexp.MatchString(originalUrl) {
-			return true, nil
-		}
-	}
-
 	if pc.regexp.MatchString(r.URL.Path) {
 		return true, nil
 	}

lib/policy/checker_test.go

@@ -198,96 +198,3 @@ func TestHeaderExistsChecker(t *testing.T) {
 		})
 	}
 }
-
-func TestPathChecker_XOriginalURI(t *testing.T) {
-	tests := []struct {
-		name          string
-		regex         string
-		xOriginalURI  string
-		urlPath       string
-		headerKey     string
-		expectedMatch bool
-		expectError   bool
-	}{
-		{
-			name:          "X-Original-URI matches regex (with trailing space - current typo)",
-			regex:         "^/api/.*",
-			xOriginalURI:  "/api/users",
-			urlPath:       "/different/path",
-			headerKey:     "X-Original-URI",
-			expectedMatch: true,
-			expectError:   false,
-		},
-		{
-			name:          "X-Original-URI doesn't match, falls back to URL.Path",
-			regex:         "^/admin/.*",
-			xOriginalURI:  "/api/users",
-			urlPath:       "/admin/dashboard",
-			headerKey:     "X-Original-URI",
-			expectedMatch: true,
-			expectError:   false,
-		},
-		{
-			name:          "Neither X-Original-URI nor URL.Path match",
-			regex:         "^/admin/.*",
-			xOriginalURI:  "/api/users",
-			urlPath:       "/public/info",
-			headerKey:     "X-Original-URI ",
-			expectedMatch: false,
-			expectError:   false,
-		},
-		{
-			name:          "Empty X-Original-URI, URL.Path matches",
-			regex:         "^/static/.*",
-			xOriginalURI:  "",
-			urlPath:       "/static/css/style.css",
-			headerKey:     "X-Original-URI",
-			expectedMatch: true,
-			expectError:   false,
-		},
-		{
-			name:          "Complex regex matching X-Original-URI",
-			regex:         `^/api/v[0-9]+/(users|posts)/[0-9]+$`,
-			xOriginalURI:  "/api/v1/users/123",
-			urlPath:       "/different",
-			headerKey:     "X-Original-URI",
-			expectedMatch: true,
-			expectError:   false,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			// Create the PathChecker
-			pc, err := NewPathChecker(tt.regex)
-			if err != nil {
-				if !tt.expectError {
-					t.Fatalf("NewPathChecker() unexpected error: %v", err)
-				}
-				return
-			}
-
-			if tt.expectError {
-				t.Fatal("NewPathChecker() expected error but got none")
-			}
-
-			req, err := http.NewRequest("GET", "http://example.com"+tt.urlPath, nil)
-			if err != nil {
-				t.Fatalf("Failed to create request: %v", err)
-			}
-
-			if tt.xOriginalURI != "" {
-				req.Header.Set(tt.headerKey, tt.xOriginalURI)
-			}
-
-			match, err := pc.Check(req)
-			if err != nil {
-				t.Fatalf("Check() unexpected error: %v", err)
-			}
-
-			if match != tt.expectedMatch {
-				t.Errorf("Check() = %v, want %v", match, tt.expectedMatch)
-			}
-		})
-	}
-}

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "@techaro/anubis",
-  "version": "1.22.0-pre1",
+  "version": "1.21.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@techaro/anubis",
-      "version": "1.22.0-pre1",
+      "version": "1.21.3",
       "license": "ISC",
       "dependencies": {
         "@aws-crypto/sha256-js": "^5.2.0"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@techaro/anubis",
-  "version": "1.22.0-pre1",
+  "version": "1.21.3",
   "description": "",
   "main": "index.js",
   "scripts": {