| Age | Commit message (Collapse) | Author |
|---|
|
When calling cowboy_req:reply/4 with a body a crash will occur
resulting in a 500 response. When calling cowboy_req:stream_reply/2,3
and then attempting to send a body a crash will occur.
|
|
100 is very low for current deployments. 1000 is more
appropriate as a default value.
|
|
We could get stuck in passive mode under certain conditions
(fast and non-busy machine and perhaps other environment factors).
|
|
This resulted in a badarith error due to the current flow being
set to infinity when the body has been fully read. A test case
has been added reproducing the issue.
|
|
The flow control is now only set to infinity when we are
skipping the request body of the stream that is being
terminated. This fixes a bug where it was set to infinity
while reading a subsequent request's body, leading to a
crash.
The timeout is no longer reset on stream termination.
Timeout handling is already done when receiving data
from the socket and doing a reset on stream termination
was leading to the wrong timeout being set or the right
timeout being reset needlessly.
|
|
This reduces the number of times we need to ask for more packets,
and as a result we get a fairly large boost in performance,
especially with HTTP/1.1.
Unfortunately this makes Cowboy require at least Erlang/OTP 21.3+
because the ssl application did not have active,N. For simplicity
the version required will be Erlang/OTP 22+.
In addition this change improves hibernate handling in
cowboy_websocket. Hibernate will now work for HTTP/2 transport
as well, and stray or unrelated messages will no longer cancel
hibernate (the process will handle the message and go back into
hibernation).
Thanks go to Stressgrid for benchmarking an early version of this
commit: https://stressgrid.com/blog/cowboy_performance_part_2/
|
|
It has been deprecated in OTP and the new way is available
on all supported OTP versions.
|
|
|
|
We now stop reading from the socket unless asked to,
when we reach the request body. The option
initial_stream_flow_size controls how much data
we read without being asked, as an optimization.
We may also have received additional data along
with the request headers.
This commit also reworks the timeout handling for HTTP/1.1
because the stray timeout message was easily reproducible
after implementing the flow control. The issue should be
gone for good this time.
|
|
|
|
|
|
While the protocol does not allow sending data before
receiving a successful Websocket upgrade response, we
do not want to discard that data if it does come in.
|
|
Now both HTTP/1.1 and HTTP/2 follow the documented format.
HTTP/1.1 was including an extra element containing the
StreamID before, which was unnecessary because it is also
given as argument to the callback.
HTTP/2 early_error will now include headers in its PartialReq.
|
|
|
|
|
|
Fix a case where Cowboy was waiting for more data that simply
did not come. Now Cowboy will generate an error immediately
when a header line has no colon separator.
These test cases come from known request smuggling attack
vectors. Cowboy was not vulnerable to any of them.
|
|
|
|
|
|
It allows disabling the chunked transfer-encoding. It
can also be disabled on a per-request basis, although
it will be ignored for responses that are not streamed.
|
|
This allows requests that expect to run longer to do so
without impacting the configuration of other requests.
|
|
Also changes the behavior to disable buffering by default, so
that the default works in all cases, including server-sent events.
|
|
It's OK to send it when set explicitly, as it can be set
to what the representation's size would have been.
|
|
|
|
It is now possible to stream one or more sendfile tuples.
A simple example of what can now be done would be for
example to build a tar file on the fly using the sendfile
syscall for sending the files, or to support Range requests
with more than one range with the sendfile syscall.
When using cowboy_compress_h unfortunately we have to read
the file in order to send it. More options will be added
at a later time to make sure users don't read too much
into memory. This is a new feature however so existing
code is not affected.
Also rework cowboy_http's data sending to be flatter.
|
|
|
|
Currently the compression threshold is set to 300 and hardcoded in the
codebase. There are cases where it make sense to allow this to be
configured, for instance when you want to enforce all responses to be
compressed regarldess of their size.
|
|
|
|
|
|
Depend on Ranch master for now since it isn't in any release yet.
|
|
|
|
|
|
This commit reworks the logging that Cowboy does via
error_logger to make the module that will do the actual
logging configurable.
The logger module interface must be the same as logger
and lager: a separate function per log level with the
same log levels they support.
The default behavior remains to call error_logger,
although some messages were downgraded to warnings
instead of errors. Since error_logger only supports
three different log levels, some messages may get
downgraded/upgraded depending on what the original
log level was to make them compatible with error_logger.
The {log, Level, Format, Args} command was also
added to stream handlers. Stream handlers should
use this command to log messages because it allows
writing a stream handler to intercept some of those
messages and extract information or block them as
necessary.
The logger option only applies to Cowboy itself,
not to the messages Ranch logs, so more work remains
to be done in that area.
|
|
|
|
If content-length is set in the response headers
we can skip chunked transfer-encoding.
|
|
|
|
|
|
|
|
|
|
|
|
This should reduce the amount of noise in RabbitMQ.
|
|
We now flush messages that are specific to cowboy_http only.
Stream handlers should also flush their own specific messages
if necessary, although timeouts will be flushed regardless
of where they originate from.
Also renames the http_SUITE to old_http_SUITE to distinguish
new tests from old tests. Most old tests need to be removed
or converted eventually as they're legacy tests from Cowboy 1.0.
|
|
Currently cowboy assumes that idle_timeout or request_timeout is
a number and always starts timers. Similar situation takes place
in case of preface_timeout for http2. This commit adds case for
handling infinity as a timeout, allowing to not start mentioned
timers.
|
|
|
|
|
|
|
|
Cases where a request body was involved could sometimes
fail depending on timing. Also fix all of the old
http_SUITE tests.
|
|
The option controls how much body we accept to skip for HTTP/1.1
connections when the user code did not consume the body fully.
It defaults to 1MB.
|
|
Also make sure the header is sent for all types of early_error
that result in the closing of the connection.
|
|
|
|
It's safer than allow it with the wrong behavior.
|
