Age | Commit message (Collapse) | Author |
|
New function set_last_streamid/1 sets the last accepted stream ID
to the last known remote stream ID. Frames with a remote stream ID
greater than this are thereafter discarded by frame/2, which returns
{ok, Http2Machine} for such frames.
|
|
We must not remove all domain attributes when we find an
empty domain attribute, we must only ignore this one particular
cookie-av. (RFC6265bis 5.3.3)
|
|
LH: I've updated the code to include enable_connect_protocol
conditionally depending on the endpoint.
|
|
And explain that browsers may be more strict over TCP vs TLS.
|
|
They are currently optional to avoid doing a breaking change
but should become mandatory (perhaps with a default value of
undefined) in Cowlib 3.0.
|
|
Table only needs to be resized if the current size exceeds the new
max size, regardless of current max size.
|
|
Correction to cow_hpack:encode/2,3 according to RFC 7541, 4.3. Entry
Eviction When Dynamic Table Size Changes.
This change also corrects the handling of inserting entries larger than
the max size, which shall result in an empty table, according to 4.4.
in the same RFC.
Fixes #101, #103.
|
|
Chromium and Firefox have both begun using "Lax" as the
default for non-Secure cookies.
|
|
|
|
When EOS is found within the string the decoding must fail.
When the final padding is > 7 bit in length the decoding must
fail as well.
|
|
|
|
|
|
Also do minor fixes to cow_cookie:parse_cookie/1. There
is a potential incompatibility from these changes, because
now a header "Cookie: foo" will be translated to a cookie
with an empty name and value "foo", instead of cookie name
"foo" and empty value. Also cookie names starting with $
are no longer ignored.
These fixes are necessary for the cookies test suite from
Web platform tests to work, and match the upcoming cookie
RFC.
|
|
The error was appropriate for server mode, but not for client
mode, because the server does not send the preface sequence.
|
|
|
|
|
|
There's no shift to be done for the first value.
|
|
|
|
|
|
|
|
This in turn leads to a small performance improvement.
|
|
|
|
|
|
|
|
|
|
This provides a small but noticeable improvement so it's
probably worth doing.
|
|
|
|
The previous naive implementation ended up not benefitting
from binary match context reuse because it was matching on
bit boundaries (and not bytes). This new implementation
matches a byte at a time.
The result is almost twice faster when decoding the examples
from the HPACK RFC (before/after):
cow_hpack:decode_huffman in 0.250666s
cow_hpack:decode_huffman in 0.133743s
|
|
|
|
|
|
Fits better since we are dealing with a single template at a time.
|
|
Implements RFC6570 level 4.
|
|
|
|
|
|
Implements draft-ietf-httpbis-header-structure-14.
|
|
|
|
|
|
|
|
It's supposed to be a map, not a proplist.
|
|
|
|
|
|
|
|
|
|
The better solution is to use the ensure_window functions,
if updating the window is necessary.
|
|
This controls how large the window should be before we are
willing to send data. We of course always send data when
the data we need to send is lower than the current window.
This is both an optimization and a fix for the data dribble
denial of service vulnerability (CVE-2019-9511).
|
|
The function can be used to restrict how big all the
buffers of a single connection can get.
|
|
It's not a big gain and causes issues when forgetting to update
the list. Maybe it can be added back again at a later time.
|
|
|
|
|
|
When a final empty frame was queued and the data sent made
the window go to 0 and the remote end didn't increase the
window anymore, the final empty frame could get stuck in
the queue and never sent.
Also ensure that we never queue empty non-final data.
|