Age | Commit message (Collapse) | Author |
|
Allow `cowboy_router:compile` to handle colon characters within
path segments, rather than exiting with `badarg`. This is allowed
via RFC 7230 2.7 -> [RFC 3986 3.3](https://tools.ietf.org/html/rfc3986#section-3.3):
```
segment = *pchar
segment-nz = 1*pchar
segment-nz-nc = 1*( unreserved / pct-encoded / sub-delims / "@" )
; non-zero-length segment without any colon ":"
pchar = unreserved / pct-encoded / sub-delims / ":" / "@"
```
|
|
Cases where a request body was involved could sometimes
fail depending on timing. Also fix all of the old
http_SUITE tests.
|
|
|
|
Found more bugs! Unfortunately no fix for them in this commit.
|
|
|
|
Bad chunk sizes used to be accepted and could result in
a badly parsed body or a timeout. They are now properly
rejected.
Chunk extensions now have a hard limit of 129 characters.
I haven't heard of anyone using them and Cowboy does not
provide an interface for them, but we can always increase
or make configurable if it ever becomes necessary (but
I honestly doubt it).
Also a test from the old http suite could be removed. Yay!
|
|
|
|
|
|
|
|
|
|
|
|
The Cowboy behavior has changed a little and gives more
accurate error responses now. And in some cases, successes.
|
|
|
|
|
|
|
|
They have equivalents in req_SUITE.
|
|
They are now cowboy:start_clear/3 and cowboy:start_tls/3.
The NumAcceptors argument can be specified via the
num_acceptor transport option. Ranch has been updated
to 1.4.0 to that effect.
|
|
Putting them in the correct test suite, with the proper
documentation etc.
|
|
This commit changes Cowboy to follow RFC6585.
|
|
|
|
Correct expected return type from `no_call` to `undefined` in
if_modified_since when last_modified callback is not defined. Add an
http_SUITE test to catch regressions.
|
|
|
|
Breaking changes with previous commit. This is a very large change,
and I am giving up on making a single commit that fixes everything.
More commits will follow slowly adding back features, introducing
new tests and fixing the documentation.
This change contains most of the work toward unifying the interface
for handling both HTTP/1.1 and HTTP/2. HTTP/1.1 connections are now
no longer 1 process per connection; instead by default 1 process per
request is also created. This has a number of pros and cons.
Because it has cons, we also allow users to use a lower-level API
that acts on "streams" (requests/responses) directly at the connection
process-level. If performance is a concern, one can always write a
stream handler. The performance in this case will be even greater
than with Cowboy 1, although all the special handlers are unavailable.
When switching to Websocket, after the handler returns from init/2,
Cowboy stops the stream and the Websocket protocol takes over the
connection process. Websocket then calls websocket_init/2 for any
additional initialization such as timers, because the process is
different in init/2 and websocket_*/* functions. This however would
allow us to use websocket_init/2 for sending messages on connect,
instead of sending ourselves a message and be subject to races.
Note that websocket_init/2 is optional.
This is all a big change and while most of the tests pass, some
functionality currently doesn't. SPDY is broken and will be removed
soon in favor of HTTP/2. Automatic compression is currently disabled.
The cowboy_req interface probably still have a few functions that
need to be updated. The docs and examples do not refer the current
functionality anymore.
Everything will be fixed over time. Feedback is more than welcome.
Open a ticket!
|
|
Fixes #839 when 'Connection: Keep-Alive' wasn't sent in a HTTP/1.0
response. Now the usage of 'Connection' header is consistent with
current protocol version: when this header is not specified explicitly
in the response, HTTP/1.0 implies 'Connection: close' and HTTP/1.1
implies 'Connection: Keep-Alive'. So if current 'Connection' value
matches the default value of current protocol, we won't state obvious
fact in the response; and vice versa.
Amended to fix and improve tests, and revert the variable name
change from HTTP11Headers to StdHeaders. I think it's still good
to leave it as is because it's not really a standard header for
HTTP/1.0, and it's gone from HTTP/2 entirely.
|
|
This is a large commit.
The rfc7230 test suite adds many tests from the RFC7230 document.
Gun has been updated quite a bit recently, which broke the Cowboy
suites. This is now fixed with this commit.
A new hook onfirstrequest has been added. It was very useful during
debugging of the test suites.
The initial process code has changed a little; more changes are
expected with the switch to maps for options.
|
|
|
|
Now everywhere in Cowboy when we want to stop something we return
a 'stop' tuple instead of one of the many choices depending on
context that we had before.
This particular change affects middlewares, sub protocols and
REST handlers which were using 'halt' to stop processing.
|
|
|
|
This change simplifies a little more the sub protocols mechanism.
Aliases have been removed. The renaming of loop handlers as long
polling handlers has been reverted.
Plain HTTP handlers now simply do their work in the init/2
callback. There is no specific code for them.
Loop handlers now follow the same return value as Websocket,
they use ok to continue and shutdown to stop.
Terminate reasons for all handler types have been documented.
The terminate callback is now appropriately called in all cases
(or should be).
Behaviors for all handler types have been moved in the module
that implement them. This means that cowboy_handler replaces
the cowboy_http_handler behavior, and similarly cowboy_loop
replaces cowboy_loop_handler, cowboy_websocket replaces
cowboy_websocket_handler. Finally cowboy_rest now has the
start of a behavior in it and will have the full list of
optional callbacks defined once Erlang 18.0 gets released.
The guide has been reorganized and should be easier to follow.
|
|
It was redundant with middlewares. Allows us to save a few operations
for every incoming requests.
|
|
Simplify the interface for most cowboy_req functions. They all return
a single value except the four body reading functions. The reply functions
now only return a Req value.
Access functions do not return a Req anymore.
Functions that used to cache results do not have a cache anymore.
The interface for accessing query string and cookies has therefore
been changed.
There are now three query string functions: qs/1 provides access
to the raw query string value; parse_qs/1 returns the query string
as a list of key/values; match_qs/2 returns a map containing the
values requested in the second argument, after applying constraints
and default value.
Similarly, there are two cookie functions: parse_cookies/1 and
match_cookies/2. More match functions will be added in future commits.
None of the functions return an error tuple anymore. It either works
or crashes. Cowboy will attempt to provide an appropriate status code
in the response of crashed handlers.
As a result, the content decode function has its return value changed
to a simple binary, and the body reading functions only return on success.
|
|
Only go for keep-alive if they submit a 'connection: keep-alive' header
in the request, keep behaviour the same otherwise.
The new RFC 7230 (http://tools.ietf.org/html/rfc7230#section-6.3)
states:
If the received protocol is HTTP/1.0, the "keep-alive" connection
option is present, the recipient is not a proxy, and the recipient
wishes to honor the HTTP/1.0 "keep-alive" mechanism, the
connection will persist after the current response;
Even though clients are discouraged from doing so in Appendix A.1.2
(http://tools.ietf.org/html/rfc7230#appendix-A.1.2)
|
|
This is a first step to improve the HTTP status codes returned
by Cowboy on crashes. We will tweak it over time.
Also fixes a small bug where two replies may have been sent
when using loop handlers under rare conditions.
|
|
422 is undefined for HTTP and interpreted as 400.
|
|
|
|
The options were added to allow developers to fix timeout
issues when reading large bodies. It is also a cleaner and
easier to extend interface.
This commit deprecates the functions init_stream, stream_body
and skip_body which are no longer needed. They will be removed
in 1.0.
The body function can now take an additional argument that is a
list of options. The body_qs, part and part_body functions can
too and simply pass this argument down to the body call.
There are options for disabling the automatic continue reply,
setting a maximum length to be returned (soft limit), setting
the read length and read timeout, and setting the transfer and
content decode functions.
The return value of the body and body_qs have changed slightly.
The body function now works similarly to the part_body function,
in that it returns either an ok or a more tuple depending on
whether there is additional data to be read. The body_qs function
can return a badlength tuple if the body is too big. The default
size has been increased from 16KB to 64KB.
The default read length and timeout have been tweaked and vary
depending on the function called.
The body function will now adequately process chunked bodies,
which means that the body_qs function will too. But this means
that the behavior has changed slightly and your code should be
tested properly when updating your code.
The body and body_qs still accept a length as first argument
for compatibility purpose with older code. Note that this form
is deprecated and will be removed in 1.0. The part and part_body
function, being new and never having been in a release yet, have
this form completely removed in this commit.
Again, while most code should work as-is, you should make sure
that it actually does before pushing this to production.
|
|
|
|
Adds a loop_handler test suite that runs all tests under HTTP, HTTPS,
SPDY each with and without the compress option enabled.
Fixes output filtering that used to filter more than it should have.
This forces us to parse the string sent by the emulator, which means
it's probably not perfect yet. But it should at least not hide errors
we want to see.
Fix a crash in the output filtering code that entirely disabled
output. Now when there is a crash the normal tty output is restored.
Handlers are now in test/handlers/ as they can be reused between
suites.
Only generate a single certificate for the whole ct run to speed
things up when we got many different test groups each needing
certificates.
|
|
|
|
|
|
|
|
Includes a variety of small changes that are a first step to
improving the test system heavily.
|
|
|
|
|
|
|
|
The old undocumented API is removed entirely.
While a documentation exists for the new API, it will not
be considered set in stone until further testing has been
performed, and a file upload example has been added.
The new API should be a little more efficient than the
old API, especially with smaller messages.
|
|
|
|
Previously if a loop handler received the timeout message from a
previous request on the same connection the socket would be set to
{active, once} incorrectly - when a socket packet was already in the
message queue. This second packet would not be added to the buffer
before a Handler:info/3 call if a user message was in the message
queue before both socket packets.
|
|
This is an undocumented workaround to disable chunks when using HTTP/1.1.
It can be used when the client advertises itself as HTTP/1.1 despite not
understanding the chunked transfer-encoding.
Usage can be found looking at the test for it. When activated, Cowboy
will still advertise itself as HTTP/1.1, but will send the body the same
way it would if it was HTTP/1.0.
|
|
Changes include:
* Much simplified route configuration.
* Etag generation is now enabled by default.
* Web mimetypes are now detected by default. A bigger list of
mimetypes can be detected without any additional library.
* Mimetypes can no longer be specified as a list. Copying this
list for new connections is too costy. You can easily convert
it into a function and pass that function to the handler instead.
* You can however specify a single hardcoded mimetype. Mostly
useful when serving a single file, like an index.html file,
to avoid extra operations.
* Specifying a path as a list of tokens is not possible anymore.
Use either a binary or a string.
* Using a private directory will not work if the application
was not started properly. Cowboy will not attempt to find
the location of this directory if the VM doesn't know it,
as this caused issues in some setups.
* Overall the code has been much simplified and clarified,
and of course has now been documented.
|