xavi/libweb/http.c, branch chunk

WIP chunk encoding

2025-10-07T10:43:25+00:00

Fix design issues with async responses, add async example

2025-10-06T13:51:00+00:00

struct http_response did not provide users any void * that could be used to maintain a state between calls to an asynchronous HTTP response. On the other hand, the user pointer could not be used for this purpose, since it is shared among all HTTP clients for a given struct handler instance. Moreover, the length callback was still not supporting this feature, which in fact might be required by some users. Implementing this was particularly challenging, as this broke the current assumption that all bytes on a call to http_read were being processed. Now, since a client request can only be partially processed because of the length callback, http_read must take this into account so that the remaining bytes are still available for future calls, before reading again from the file descriptor.

Implement async HTTP responses

2025-09-24T10:33:35+00:00

Sometimes, library users cannot return a HTTP response as soon as the request is received, or the operations that are required to generate it can take a long time. In order to solve this, libweb adds a new member to struct http_response, namely step, which must be assigned to a function whenever a HTTP response should be generated in a non-blocking manner. Leaving the function pointer as null will fall back to the default behaviour.

http.c: Always set SameSite=Strict to cookies

2025-09-23T14:28:44+00:00

This cookie attribute allows to mitigate CSRF attacks, while not requiring the server to store additional data. [1] [1]: https://owasp.org/www-community/SameSite

Implement HTTP byte serving

2024-11-10T23:04:39+00:00

This commit allows the HTTP server to return partial content to clients, rather than returning the whole resource. This can be particularly useful for applications such as audio/video playback or showing large PDF files. Notes: - Applications must not care about partial contents i.e., if a valid user request was made, applications must still return HTTP status 200 ("OK"), as usual. The HTTP server will then translate the status code to 206 ("Partial Content") if required.

http.c: Always call ctx_to_payload

2024-10-04T13:16:52+00:00

Defining each struct http_payload manually had the risk of missing some member on the initializer. This was in fact the case for `n_headers` and `headers`, which were only assigned by ctx_to_payload, and therefore some specific HTTP requests would mistakenly not reflect such information to users.

http.c: Avoid isspace(3) in get_boundary

2024-10-04T13:15:16+00:00

According to POSIX.1-2008, this function is sensitive to the system locale, which might then have different definitions for a whitespace character. Therefore, it is safer to only check against ' ' so as to remove such a dependency.

http.c: Fix ending boundaries not followed by CRLF

2024-08-22T00:27:34+00:00

According to RFC 2046, section 5.1.1, end boundaries might not be followed by CRLF. However, so far libweb naively relied on this behaviour as major implementations, such as cURL, Chromium or Gecko always add the optional CRLF, whereas Dillo does not.

http.c: Accept double quotes on boundaries

2024-08-22T00:27:34+00:00

"multipart/form-data"-encoded POST requests might use double quotes for their boundaries. While this is required when invalid characters are otherwise used (e.g.: ':'), some web clients always insert double quotes. Additionally, according to RFC 2046 section 5.1.1, the boundary parameter consists of 1 to 70 characters, but libweb was not imposing such restrictions.

http.c: Remove unneeded parameter

2024-08-22T00:27:34+00:00

This parameter was rendered obsolete after the following commit: commit b0accd099fa8c5110d4c3c68830ad6fd810ca3ec Author: Xavier Del Campo Romero Date: Fri Nov 24 00:52:50 2023 +0100 http.c: Unify read operations