aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2017-12-06Fix 408 not sending connection: close for HTTP/1.1Loïc Hoguin
Also make sure the header is sent for all types of early_error that result in the closing of the connection.
2017-12-06Add more rfc7231 testsLoïc Hoguin
2017-12-06Properly handle OPTIONS * requestsLoïc Hoguin
Support for these was broken during the development of Cowboy 2.0. It is now fixed and better handled than it ever was.
2017-12-06Also disable the TRACE method entirelyLoïc Hoguin
2017-12-06Disable the CONNECT method completelyLoïc Hoguin
It's safer than allow it with the wrong behavior.
2017-12-04Add an rfc7231 test suite, fix an HTTP/2 bug with HEADLoïc Hoguin
In some cases there could be a body sent as a response to a HEAD request when using HTTP/2. This has been corrected.
2017-11-30Fix HTTP/2 pushLoïc Hoguin
2017-11-29Don't send chunked bodies when the method is HEADLoïc Hoguin
2017-11-29Don't include a content-length in 204 responsesLoïc Hoguin
2017-11-29Reject absolute URIs with no authority componentsLoïc Hoguin
2017-11-29Reject absolute URIs with userinfo components in HTTP/1.1Loïc Hoguin
2017-11-29Fix a test descriptionLoïc Hoguin
2017-11-29Fix many rfc7230 tests that were echoing the URILoïc Hoguin
2017-11-29Reject whitespace before/after HTTP/1.1 header names properlyLoïc Hoguin
2017-11-29Fix a broken test case in the rfc7540 suiteLoïc Hoguin
2017-11-29Don't send a GOAWAY frame on close when the h2 preface is invalidLoïc Hoguin
2017-11-29Fix an intermittent test failure in the rfc7540 suiteLoïc Hoguin
2017-11-29Remove two warnings in test suitesLoïc Hoguin
2017-11-29Add nowarn_export_all to all test suitesLoïc Hoguin
2017-11-29Ignore stray HTTP/2 stream messages that we expectLoïc Hoguin
2017-11-29Add many rfc7540 tests, improve detection of malformed requestsLoïc Hoguin
2017-11-27Add more flow control tests to rfc7540 and fix related issuesLoïc Hoguin
2017-11-27Add more rfc7540 tests along with their respective fixesLoïc Hoguin
2017-11-27Fix a few rfc7540 testsLoïc Hoguin
Cowboy takes a few shortcuts to avoid wasting resources when there is a protocol error. The RFC wants us to send a different error depending on the state of the stream at the time of the error, and for us to maintain the connection in cases where we would have to spend valuable resources to decode headers. In all these cases Cowboy will simply close the connection with an appropriate error.
2017-11-27Don't send the response immediately when using h2specLoïc Hoguin
In some cases we were sending a response faster than h2spec was sending us the test case data, resulting in the request being processed successfully instead of failing as expected.
2017-11-26Fix an rfc7230 testLoïc Hoguin
2017-11-24Add more tests to the rfc7230 suiteLoïc Hoguin
A few more bugs detected. I'm at the end of the list. I need to do a second reading, implement what I can, fix what I can and then the suite should be complete.
2017-11-24Add a few more rfc7230 testsLoïc Hoguin
A few seems to highlight more bugs. They have no fix yet.
2017-11-24Add more tests to the rfc7230 suiteLoïc Hoguin
Found more bugs! Unfortunately no fix for them in this commit.
2017-11-23Move the pipeline test to the rfc7230 suiteLoïc Hoguin
2017-11-22Add more rfc7230 tests and better handle bad chunk sizesLoïc Hoguin
Bad chunk sizes used to be accepted and could result in a badly parsed body or a timeout. They are now properly rejected. Chunk extensions now have a hard limit of 129 characters. I haven't heard of anyone using them and Cowboy does not provide an interface for them, but we can always increase or make configurable if it ever becomes necessary (but I honestly doubt it). Also a test from the old http suite could be removed. Yay!
2017-11-20Add more rfc7230 tests and improve transfer-encodingLoïc Hoguin
It's worth noting that transfer-encoding now takes precedence over content-length as recommended by the RFC, so that when both headers are sent we only care about transfer-encoding and explicitly remove content-length from the headers.
2017-11-20Add a test for early errors that occur on the request-lineLoïc Hoguin
2017-11-20Queue HTTP/2 trailers when there's still data in the bufferLoïc Hoguin
2017-11-20Improve trailers test when no te header is sentLoïc Hoguin
2017-11-20Fix compression when trailers are sentLoïc Hoguin
2017-11-20Remove a useless todoLoïc Hoguin
2017-11-20Add more rfc7230 testsLoïc Hoguin
Also fixes the handling of the max_headers option for HTTP/1.1. It is now a strict limit and not dependent on whether data is already in the buffer.
2017-11-19Remove another test from the old http suiteLoïc Hoguin
2017-11-19Move tests from old http suite to rfc7230 suiteLoïc Hoguin
2017-11-19The static suite's large file is not created on WindowsLoïc Hoguin
2017-11-19Add AUTO_CI_WINDOWS variableLoïc Hoguin
2017-11-18Remove duplicate /echo/body_qs tests from the old suiteLoïc Hoguin
2017-11-17Remove duplicate static handler tests from the old suiteLoïc Hoguin
2017-11-17Move ci.erlang.mk to TEST_DEPSLoïc Hoguin
2017-11-17Disable the tracer suite when compiled nativelyLoïc Hoguin
2017-11-17Initialize trace patterns only onceLoïc Hoguin
They are global for the node for all future call trace flags, so it's not necessary to set them repeatedly with every request. Doing it once at startup also ensures we can't have race conditions when the user wants to change which trace patterns should be used (because requests are concurrent and patterns end up overwriting themselves repeatedly), and makes this changing of trace patterns much more straightforward: the user can just define the ones they want. The default function traces everything. In addition I have also added the tracer_flags option to make the trace flags configurable, excluding the tracer pid.
2017-11-17Tweak the MakefileLoïc Hoguin
2017-11-15Add preliminary support for trailers in responsesLoïc Hoguin
This depends on changes in Cowlib that are only available on master.
2017-11-13Don't supervise the tracer processLoïc Hoguin
If we do then we end up killing the tracer after the stream terminates and this is not what we want. This prevents us from getting useful information from requests that are still ongoing (when they run concurrently) and completely prevents us from tracing Websocket handlers. I'm not the biggest fan of having unsupervised modules but if this is properly documented there should be no problem.