aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)Author
2017-12-13Fix Dialyzer warningsLoïc Hoguin
2017-12-12Don't badmatch on HTTP/2 preface's Transport:sendLoïc Hoguin
Send errors produce annoying logs and we notice the connection is gone later on anyway.
2017-12-12Fix HTTP/1.1 pipeliningLoïc Hoguin
Cases where a request body was involved could sometimes fail depending on timing. Also fix all of the old http_SUITE tests.
2017-12-08Add the few remaining tests to the rfc7231 test suiteLoïc Hoguin
2017-12-07Add more rfc7231 tests and a new max_skip_body_length optionLoïc Hoguin
The option controls how much body we accept to skip for HTTP/1.1 connections when the user code did not consume the body fully. It defaults to 1MB.
2017-12-06Send a 426 when Websocket is required and client didn't upgradeLoïc Hoguin
2017-12-06Fix 408 not sending connection: close for HTTP/1.1Loïc Hoguin
Also make sure the header is sent for all types of early_error that result in the closing of the connection.
2017-12-06Properly handle OPTIONS * requestsLoïc Hoguin
Support for these was broken during the development of Cowboy 2.0. It is now fixed and better handled than it ever was.
2017-12-06Also disable the TRACE method entirelyLoïc Hoguin
2017-12-06Disable the CONNECT method completelyLoïc Hoguin
It's safer than allow it with the wrong behavior.
2017-12-04Add an rfc7231 test suite, fix an HTTP/2 bug with HEADLoïc Hoguin
In some cases there could be a body sent as a response to a HEAD request when using HTTP/2. This has been corrected.
2017-11-30Fix HTTP/2 pushLoïc Hoguin
2017-11-29Don't send chunked bodies when the method is HEADLoïc Hoguin
2017-11-29Don't include a content-length in 204 responsesLoïc Hoguin
2017-11-29Reject absolute URIs with no authority componentsLoïc Hoguin
2017-11-29Reject absolute URIs with userinfo components in HTTP/1.1Loïc Hoguin
2017-11-29Reject whitespace before/after HTTP/1.1 header names properlyLoïc Hoguin
2017-11-29Don't send a GOAWAY frame on close when the h2 preface is invalidLoïc Hoguin
2017-11-29Ignore stray HTTP/2 stream messages that we expectLoïc Hoguin
2017-11-29Add many rfc7540 tests, improve detection of malformed requestsLoïc Hoguin
2017-11-27Add more flow control tests to rfc7540 and fix related issuesLoïc Hoguin
2017-11-27Add more rfc7540 tests along with their respective fixesLoïc Hoguin
2017-11-27Fix a few rfc7540 testsLoïc Hoguin
Cowboy takes a few shortcuts to avoid wasting resources when there is a protocol error. The RFC wants us to send a different error depending on the state of the stream at the time of the error, and for us to maintain the connection in cases where we would have to spend valuable resources to decode headers. In all these cases Cowboy will simply close the connection with an appropriate error.
2017-11-22Add more rfc7230 tests and better handle bad chunk sizesLoïc Hoguin
Bad chunk sizes used to be accepted and could result in a badly parsed body or a timeout. They are now properly rejected. Chunk extensions now have a hard limit of 129 characters. I haven't heard of anyone using them and Cowboy does not provide an interface for them, but we can always increase or make configurable if it ever becomes necessary (but I honestly doubt it). Also a test from the old http suite could be removed. Yay!
2017-11-20Add more rfc7230 tests and improve transfer-encodingLoïc Hoguin
It's worth noting that transfer-encoding now takes precedence over content-length as recommended by the RFC, so that when both headers are sent we only care about transfer-encoding and explicitly remove content-length from the headers.
2017-11-20Add a test for early errors that occur on the request-lineLoïc Hoguin
2017-11-20Queue HTTP/2 trailers when there's still data in the bufferLoïc Hoguin
2017-11-20Fix compression when trailers are sentLoïc Hoguin
2017-11-20Remove a useless todoLoïc Hoguin
2017-11-20Add more rfc7230 testsLoïc Hoguin
Also fixes the handling of the max_headers option for HTTP/1.1. It is now a strict limit and not dependent on whether data is already in the buffer.
2017-11-17Initialize trace patterns only onceLoïc Hoguin
They are global for the node for all future call trace flags, so it's not necessary to set them repeatedly with every request. Doing it once at startup also ensures we can't have race conditions when the user wants to change which trace patterns should be used (because requests are concurrent and patterns end up overwriting themselves repeatedly), and makes this changing of trace patterns much more straightforward: the user can just define the ones they want. The default function traces everything. In addition I have also added the tracer_flags option to make the trace flags configurable, excluding the tracer pid.
2017-11-15Add preliminary support for trailers in responsesLoïc Hoguin
This depends on changes in Cowlib that are only available on master.
2017-11-13Don't supervise the tracer processLoïc Hoguin
If we do then we end up killing the tracer after the stream terminates and this is not what we want. This prevents us from getting useful information from requests that are still ongoing (when they run concurrently) and completely prevents us from tracing Websocket handlers. I'm not the biggest fan of having unsupervised modules but if this is properly documented there should be no problem.
2017-11-13Fix packet being dropped when using switch_protocolLoïc Hoguin
This only happens if the switch takes too long, and should not happen unless a spawned process refuses to shut down immediately.
2017-11-10Keep the state returned by the tracer callbackLoïc Hoguin
It was mistakenly discarded.
2017-11-03Add a terminate event to the tracer and more testsLoïc Hoguin
2017-11-01Don't crash when cowboy_clock is not runningLoïc Hoguin
This can happen normally when Cowboy is restarted, for example. Instead of failing requests when that happens, we degrade gracefully and do a little more work to provide the current date header.
2017-11-01Add {switch_handler, Module} return value to cowboy_restLoïc Hoguin
Also {switch_handler, Module, Opts}. Allows switching to a different handler type. This is particularly useful for processing most of the request with cowboy_rest and then streaming the response body using cowboy_loop.
2017-11-01Update Cowlib to 2.0.1 and fix OTP 20.1+ Websocket compressionLoïc Hoguin
Unfortunately compression will be disabled for 20.1, 20.1.1 and 20.1.2. In additiona I do not recommend 20.1.3 due to issues inflating some specific sizes.
2017-11-01Fix two edge cases for cowboy_req:stream_bodyLoïc Hoguin
Sending data of size 0 with the fin flag set resulted in nothing being sent to the client and still considering the response to be finished for HTTP/1.1. For both HTTP/1.1 and HTTP/2, the final chunk of body that is sent automatically by Cowboy at the end of a response that the user did not properly terminate was not passing through stream handlers. This resulted in issues like compression being incorrect. Some tests still fail under 20.1.3. They are due to recent zlib changes and should be fixed in a future patch release. Unfortunately it does not seem to be any 20.1 version that is safe to use for Cowboy, although some will work better than others.
2017-10-31Fix another warningLoïc Hoguin
2017-10-31Add some todosLoïc Hoguin
2017-10-31Add informational responses to metricsLoïc Hoguin
2017-10-30Handle expect: 100-continue request headersLoïc Hoguin
The 100 continue response will only be sent if the client has not sent the body yet (at all), if the connection is HTTP/1.1 or above and if the user has not sent it yet. The 100 continue response is sent when the user calls read_body and it is cowboy_stream_h's responsibility to send it. This means projects that don't use the cowboy_stream_h stream handler will need to handle the expect header themselves (but that's okay because they might have different considerations than normal Cowboy).
2017-10-29Add cowboy_req:inform/2,3Loïc Hoguin
User code can now send as many 1xx responses as necessary.
2017-10-27Add cowboy_tracer_h stream handlerLoïc Hoguin
Another experimental stream handler. It enables tracing for the connection process and any children processes based on the matching of the request. It can be used to do ad-hoc tracing by sending a specific header, path, method or other. It is meant to be used both for tests and production. Some configuration scenarios are NOT safe for production, beware. It's important to understand that, at this time, tracing is enabled on the scale of the entire connection including any future request processes. Keep this in mind when trying to use it in production. The only way to stop tracing is by having the callback function exit (by calling exit/1 explicitly). This can be done after a certain number of events for example. Tracing can generate a lot of events, so it's a good idea to stop after a small number of events (between 1000 and 10000 should be good) and to avoid tracing the whole world. Documentation will follow at a later time.
2017-10-25Introduce cowboy_req:sock/1 and cowboy_req:cert/1Loïc Hoguin
To obtain the local socket ip/port and the client TLS certificate, respectively.
2017-10-23Fix a bug in HTTP/2 where connection gets closed prematurelyLoïc Hoguin
When the user code was sending a response fully without reading the request body, the connection could get closed when receiving DATA frames for that body. We now ask the client to stop sending data via a NO_ERROR RST_STREAM, and linger any stream that has been reset so that we can skip any pending frames from that stream. This fixes a number of intermittent failures in req_SUITE, which now passes reliably. In addition a small number of rfc7540_SUITE test cases have been corrected as they were incorrect.
2017-10-22Ensure stream terminate is called when switching protocolsLoïc Hoguin
2017-10-21Fix sending of final chunk in HTTP/1.1Loïc Hoguin
I broke this when fixing stream handlers earlier.