| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
POSIX.1-2008 does not any locale-specific version of strcasecmp(3), so
conversions to lowercase depend on the system locale.
Since HTTP header fields must be checked without case sensitivity and
not depend on the system locale, a specialised function that forces the
"POSIX" locale is required.
|
| |
|
|
|
|
|
|
|
| |
POSIX.1-2008 does not any locale-specific version of strncasecmp(3), so
conversions to lowercase depend on the system locale.
Since HTTP header fields must be checked without case sensitivity and
not depend on the system locale, a specialised function that forces the
"POSIX" locale is required.
|
| |
|
|
|
|
| |
Users might want to know which HTTP operation (i.e., POST or PUT) and/or
resource is being requested before determining whether the request
should be accepted or not.
|
| |
|
|
|
|
|
| |
So far, libweb had been arbitrarily appending a 1-year expiration date
to all HTTP cookies. While good enough for some contexts, libweb should
allow users to set up their own, if any, so this arbitary decision has
been eventually removed.
|
| |
|
|
|
|
| |
A new function pointer, namely chunk, has been added to struct
http_response so that library users can generate their message bodies
dynamically.
|
| |
|
|
|
|
|
|
|
| |
libweb calls listen(2) when setting up the HTTP server, and its backlog
argument was hardcoded to 10. While probably not an issue for some
applications, it can be too limiting for some others.
Therefore, it is desirable to allow library users to set up their own
limits. Otherwise, 10 is still chosen as a sane default.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
struct http_response did not provide users any void * that could be used
to maintain a state between calls to an asynchronous HTTP response.
On the other hand, the user pointer could not be used for this purpose,
since it is shared among all HTTP clients for a given struct handler
instance.
Moreover, the length callback was still not supporting this feature,
which in fact might be required by some users. Implementing this was
particularly challenging, as this broke the current assumption that
all bytes on a call to http_read were being processed.
Now, since a client request can only be partially processed because of
the length callback, http_read must take this into account so that the
remaining bytes are still available for future calls, before reading
again from the file descriptor.
|
| |
|
|
|
| |
This new interface allows library users to parse
application/x-www-form-urlencoded data conveniently.
|
| |
|
|
|
| |
Among other reasons, this function can be useful to sanitize
user-generated content before assigning it do a node.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Sometimes, library users cannot return a HTTP response as soon as the
request is received, or the operations that are required to generate it
can take a long time.
In order to solve this, libweb adds a new member to struct
http_response, namely step, which must be assigned to a function
whenever a HTTP response should be generated in a non-blocking manner.
Leaving the function pointer as null will fall back to the default
behaviour.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit allows the HTTP server to return partial content to clients,
rather than returning the whole resource. This can be particularly
useful for applications such as audio/video playback or showing large
PDF files.
Notes:
- Applications must not care about partial contents i.e., if a valid
user request was made, applications must still return HTTP status 200
("OK"), as usual. The HTTP server will then translate the status code to
206 ("Partial Content") if required.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far, libweb installed a signal handler so as to handle SIGTERM,
SIGPIPE and SIGINT signals so that processes would not have to care
about such details.
However, it is not advisable for libraries to install signal handlers,
as signals are handled on a per-process basis. The previous approach
would be incompatible if several instances of the library were allocated
by the same process.
Unfortunately, this has the undesired side effect of adding the
boilerplate code into the process.
|
| |
|
|
|
|
| |
A malicious user could inject an infinite number of empty files or
key/value pairs into a request in order to exhaust the device's
resources.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notes:
- Since curl would use the "Expect: 100-continue" header field for PUT
operations, this was a good operation to fix the existing issues in its
implementation.
Breaking changes:
- expect_continue is no longer exclusive to struct http_post. Now, it
has been moved into struct http_payload and it is up to users to check
it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some applications might set up a struct handler object to listen on any
port i.e., 0, but still need a way to determine which port number was
eventually selected by the implementation.
Therefore, handler_listen has been reduced to the server initialization
bit, whereas the main loop has been split into its own function, namely
handler_loop.
Because of these changes, it no longer made sense for libweb to write
the selected port to standard output, as this is something now
applications can do on their own.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Even if libweb already parses some common headers, such as
Content-Length, some users might find it interesting to inspect which
headers were received from a request.
Since HTTP/1.1 does not define a limit on the number of maximum headers
a client can send, for security reasons a maximum value must be provided
by the user. Any extra headers shall be then discarded by libweb.
An example application showing this new feature is also provided.
|
| |
|
|
|
| |
So far, it was not possible callers to distinguish between decoding
errors, as caused by ill-formed input, from fatal errors.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It was found out there was another project of the same name around
(https://git.sr.ht/~strahinja/slweb/), also related to website
generation.
In order to avoid confusion, a new name has been chosen for this
project. Surprisingly, libweb was not in use by any distributions
(according to https://repology.org and AUR index), and it should
reflect well the intention behind this project i.e., being a library
to build web-related stuff.
|
| | |
|
| |
|
|
|
| |
This shall be replaced with more meaningful man pages for all functions
in slweb.
|
| |
|
|
|
|
|
|
|
| |
application/x-www-form-urlencoded-data is (or should be) always text, so
it is preferrable to define struct http_post member "data" as a null-
terminated string.
For applications already making this assumption, this change should now
remove the need for string duplication.
|
| |
|
|
|
| |
Whereas slcl, the project where slweb started, ignored this field, some
applications might require it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now, slweb accepts requests such as:
--boundary
Content-Disposition: form-data; name="field1"
value1
--boundary
Content-Disposition: form-data; name="field2"
value2
--boundary
Content-Disposition: form-data; name="field3"; filename="example.txt"
The following breaking changes have been introduced:
Member "dir" from struct http_post was a leftover from the days where
slcl and slweb were one project. It did not make sense for slweb, since
it should not decide which Content-Disposition names are allowed. In
other words, "dir" was only relevant in the scope of slcl.
Member "n" from struct http_post used to have two meanings:
- The length of a URL-encoded request.
- The number of files on a multipart/form-data request.
Since "npairs" had to be introduced to struct http_post, it did not make
sense to keep this dual meaning any more. Therefore, "n" has been
restricted to the former, whereas a new member, called "nfiles", has
been introduced for the latter.
|
| |
|
|
|
| |
Port numbers are unsigned by definition. Fortunately, this was a minor
issues since server_init was doing an implicit cast to unsigned short.
|
|
|
Since slweb is meant as a library, it is advisable to keep public header
files under their own directory in order to avoid name clashing i.e.,
#include "something.h"
Now becomes:
#include "slweb/something.h"
|
