| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Users might want to know which HTTP operation (i.e., POST or PUT) and/or
resource is being requested before determining whether the request
should be accepted or not.
|
| |
|
|
|
|
|
|
|
| |
libweb calls listen(2) when setting up the HTTP server, and its backlog
argument was hardcoded to 10. While probably not an issue for some
applications, it can be too limiting for some others.
Therefore, it is desirable to allow library users to set up their own
limits. Otherwise, 10 is still chosen as a sane default.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
A malicious user could inject an infinite number of empty files or
key/value pairs into a request in order to exhaust the device's
resources.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Even if libweb already parses some common headers, such as
Content-Length, some users might find it interesting to inspect which
headers were received from a request.
Since HTTP/1.1 does not define a limit on the number of maximum headers
a client can send, for security reasons a maximum value must be provided
by the user. Any extra headers shall be then discarded by libweb.
An example application showing this new feature is also provided.
|
|
|
It was found out there was another project of the same name around
(https://git.sr.ht/~strahinja/slweb/), also related to website
generation.
In order to avoid confusion, a new name has been chosen for this
project. Surprisingly, libweb was not in use by any distributions
(according to https://repology.org and AUR index), and it should
reflect well the intention behind this project i.e., being a library
to build web-related stuff.
|
