| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
POSIX.1-2008 does not any locale-specific version of strcasecmp(3), so
conversions to lowercase depend on the system locale.
Since HTTP header fields must be checked without case sensitivity and
not depend on the system locale, a specialised function that forces the
"POSIX" locale is required.
|
| |
|
|
|
|
|
|
|
| |
POSIX.1-2008 does not any locale-specific version of strncasecmp(3), so
conversions to lowercase depend on the system locale.
Since HTTP header fields must be checked without case sensitivity and
not depend on the system locale, a specialised function that forces the
"POSIX" locale is required.
|
| |
|
|
|
|
|
| |
According to POSIX.1-2008, the behaviour is undefined if freelocale(3)
is called with an invalid object. [1]
[1]: https://pubs.opengroup.org/onlinepubs/9699919799/functions/freelocale.html
|
| |
|
|
|
| |
Once a given HTTP header from the list has been found, it makes no sense
to keep reading the rest from it.
|
| |
|
|
|
|
|
| |
Since libweb depends on dynstr, this dependency can be already available
on the system, and therefore the CFLAGS and LDFLAGS should be updated
according to pkg-config(1), rather than hardcoding them to the source
tree.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
The struct tm instance consumed by append_expire is provided by users
and could refer to any timezone, rather than GMT only.
According to Wikipedia [1], timezone abbreviations are either 3 or 4
characters long, or use numeric UTC offsets.
[1]: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#Time_zone_abbreviations
|
| |
|
|
|
|
|
| |
When the call to realloc(3) returns successfully, h->elem must be
updated immediately. Otherwise, a failed call to strdup(3) would cause
the caller to free h->elem at shutdown, but h->elem would still contain
a dangling pointer, and therefore cause undefined behaviour.
|
| |
|
|
|
|
| |
Users might want to know which HTTP operation (i.e., POST or PUT) and/or
resource is being requested before determining whether the request
should be accepted or not.
|
| |
|
|
|
|
| |
Otherwise, strftime(3) could return different strings depending on the
system configuration, and therefore return 0 if the resulting string
does not fit into buf.
|
| | |
|
| |
|
|
|
|
|
| |
So far, libweb had been arbitrarily appending a 1-year expiration date
to all HTTP cookies. While good enough for some contexts, libweb should
allow users to set up their own, if any, so this arbitary decision has
been eventually removed.
|
| |
|
|
|
|
|
| |
Without the fix, a malicious user could perform a large number of PUT
requests to any endpoint, regardless of being correct or not, so that
libweb would allocate a large number of temporary files without removing
them, eventually exhausting the system resources.
|
| | |
|
| |
|
|
|
|
|
|
| |
The free callback is meant to be executed whenever libweb fails to
execute something and let the user deallocate any pending memory.
However, the payload callback should deallocate user memory by itself on
failure, since relying on the free payload for this purpose is not
intuitive and fragile.
|
| |
|
|
|
| |
When one or more entries have been appended to a struct form instance,
but then an error occurs, those valid entries must be deallocated, too.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
So far, users had no way to free user-defined data allocated inside the
chunk/step function pointers whenever an error occurred.
Now, the free callback can be also used in conjunction with chunk/step,
so that user-defined data is now deallocated when the operation
finishes (in the case of chunk-encoded data) or an error occurs.
|
| | |
|
| |
|
|
|
|
| |
A new function pointer, namely chunk, has been added to struct
http_response so that library users can generate their message bodies
dynamically.
|
| |
|
|
|
|
|
|
|
| |
libweb calls listen(2) when setting up the HTTP server, and its backlog
argument was hardcoded to 10. While probably not an issue for some
applications, it can be too limiting for some others.
Therefore, it is desirable to allow library users to set up their own
limits. Otherwise, 10 is still chosen as a sane default.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct http_response did not provide users any void * that could be used
to maintain a state between calls to an asynchronous HTTP response.
On the other hand, the user pointer could not be used for this purpose,
since it is shared among all HTTP clients for a given struct handler
instance.
Moreover, the length callback was still not supporting this feature,
which in fact might be required by some users. Implementing this was
particularly challenging, as this broke the current assumption that
all bytes on a call to http_read were being processed.
Now, since a client request can only be partially processed because of
the length callback, http_read must take this into account so that the
remaining bytes are still available for future calls, before reading
again from the file descriptor.
|
| |
|
|
|
| |
This new interface allows library users to parse
application/x-www-form-urlencoded data conveniently.
|
| | |
|
| |
|
|
|
| |
The former implementation required redundant code for every new
directory.
|
| |
|
|
|
| |
This replacement can come in handy for library users dealing with
multi-line user-generated content.
|
| |
|
|
|
| |
Among other reasons, this function can be useful to sanitize
user-generated content before assigning it do a node.
|
| |
|
|
|
| |
It is not required to do so. Otherwise, nodes with many siblings could
lead to a very deep call stack for no reason.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sometimes, library users cannot return a HTTP response as soon as the
request is received, or the operations that are required to generate it
can take a long time.
In order to solve this, libweb adds a new member to struct
http_response, namely step, which must be assigned to a function
whenever a HTTP response should be generated in a non-blocking manner.
Leaving the function pointer as null will fall back to the default
behaviour.
|
| |
|
|
|
|
|
| |
This cookie attribute allows to mitigate CSRF attacks, while not
requiring the server to store additional data. [1]
[1]: https://owasp.org/www-community/SameSite
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit allows the HTTP server to return partial content to clients,
rather than returning the whole resource. This can be particularly
useful for applications such as audio/video playback or showing large
PDF files.
Notes:
- Applications must not care about partial contents i.e., if a valid
user request was made, applications must still return HTTP status 200
("OK"), as usual. The HTTP server will then translate the status code to
206 ("Partial Content") if required.
|
| |
|
|
|
|
|
|
|
| |
Defining each struct http_payload manually had the risk of missing some
member on the initializer.
This was in fact the case for `n_headers` and `headers`, which were only
assigned by ctx_to_payload, and therefore some specific HTTP requests
would mistakenly not reflect such information to users.
|
| |
|
|
|
|
|
|
|
| |
According to POSIX.1-2008, this function is sensitive to the system
locale, which might then have different definitions for a whitespace
character.
Therefore, it is safer to only check against ' ' so as to remove such a
dependency.
|
| | |
|
| |
|
|
|
|
|
| |
Future commits would allow user-defined callbacks to write zero, one or
more bytes to a file descriptor. If zero bytes were written, server_poll
must avoid to always point to the same server_client, so that other
requests from other server_client instances can still be handled.
|
| | |
|
| |
|
|
|
| |
libweb is meant to be silent during normal operation, thus only printing
to stderr on errors.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far, libweb installed a signal handler so as to handle SIGTERM,
SIGPIPE and SIGINT signals so that processes would not have to care
about such details.
However, it is not advisable for libraries to install signal handlers,
as signals are handled on a per-process basis. The previous approach
would be incompatible if several instances of the library were allocated
by the same process.
Unfortunately, this has the undesired side effect of adding the
boilerplate code into the process.
|
| |
|
|
|
|
|
| |
According to RFC 2046, section 5.1.1, end boundaries might not be
followed by CRLF. However, so far libweb naively relied on this
behaviour as major implementations, such as cURL, Chromium or Gecko
always add the optional CRLF, whereas Dillo does not.
|
| |
|
|
|
|
|
|
|
|
|
| |
"multipart/form-data"-encoded POST requests might use double quotes for
their boundaries. While this is required when invalid characters are
otherwise used (e.g.: ':'), some web clients always insert double
quotes.
Additionally, according to RFC 2046 section 5.1.1, the boundary
parameter consists of 1 to 70 characters, but libweb was not imposing
such restrictions.
|
| |
|
|
|
|
|
|
|
|
| |
This parameter was rendered obsolete after the following commit:
commit b0accd099fa8c5110d4c3c68830ad6fd810ca3ec
Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com>
Date: Fri Nov 24 00:52:50 2023 +0100
http.c: Unify read operations
|
| | |
|
| |
|
|
|
|
|
| |
For some unknown reason, ctx_free was only called by update_lstate, but
this is not the only function that modifies a struct ctx instance. Since
struct ctx is related to read operations, ctx_free must instead be
called whenever http_read fails.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
p->f is a FILE *, so it is invalid to check against negative values.
This bug was introduced when p->fd, a file descriptor, was replaced with
p->f, a FILE *, by the following commit:
commit b0accd099fa8c5110d4c3c68830ad6fd810ca3ec
Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com>
Date: Fri Nov 24 00:52:50 2023 +0100
http.c: Unify read operations
|
| | |
|
| |
|
|
| |
It was accidentally bumped to 0.2.0 during libweb's 0.2.0 release.
|
| |
|
|
|
|
| |
A malicious user could inject an infinite number of empty files or
key/value pairs into a request in order to exhaust the device's
resources.
|
| |
|
|
|
|
| |
The previous implementation would leave half-initialised objects if one
of the calls to strdup(3) failed. Now, n->attrs is only modified when
all previous memory allocations were successful.
|
