Bump libweb to 0.3.0

The following commits fix a couple of security issues on libweb.

Because of afe0681c0b26bb64bad55d7e86770f346cfa043e, slcl had to be
updated to set up its struct http_cfg_post.

commit afe0681c0b26bb64bad55d7e86770f346cfa043e
Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com>
Date:   Mon Feb 19 23:00:56 2024 +0100

    Limit maximum multipart/form-data pairs and files

    A malicious user could inject an infinite number of empty files or
    key/value pairs into a request in order to exhaust the device's
    resources.

commit 9d9e0c2979f43297b2ebbf84f14f064f3f9ced0e
Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com>
Date:   Mon Feb 19 22:49:09 2024 +0100

    html.c: Avoid half-init objects on html_node_add_attr

    The previous implementation would leave half-initialised objects if one
    of the calls to strdup(3) failed. Now, n->attrs is only modified when
    all previous memory allocations were successful.

CMakeLists.txt

@@ -13,7 +13,7 @@ add_executable(${PROJECT_NAME}
 target_compile_options(${PROJECT_NAME} PRIVATE -Wall)
 target_compile_definitions(${PROJECT_NAME} PRIVATE _FILE_OFFSET_BITS=64)
 set(CMAKE_MODULE_PATH ${CMAKE_MODULE_PATH} ${CMAKE_CURRENT_LIST_DIR}/cmake)
-find_package(web 0.2.0)
+find_package(web 0.3.0)
 
 if(WEB_FOUND)
     find_package(dynstr 0.1.0)

libweb

@@ -1 +1 @@
-Subproject commit 6ceae16a20175edb77fb2ffab0d3d6648d011221
+Subproject commit b4930f72bb9026c5a0871f4fa4cabe20cb0e6a9f

main.c

@@ -2090,7 +2090,14 @@ int main(int argc, char *argv[])
     {
         .length = check_length,
         .tmpdir = tmpdir,
-        .user = a
+        .user = a,
+        .post =
+        {
+            /* Arbitrary limit. */
+            .max_files = 10000,
+            /* File upload only requires one pair. */
+            .max_pairs = 1
+        }
     };
 
     unsigned short outport;