otp.git/lib/inets/src/http_client, branch KennethL-patch-1 Mirror of Erlang/OTP repository. inets: Eliminate race condition 2017-11-17T08:35:12+00:00 Ingela Anderton Andin ingela@erlang.org 2017-11-14T07:53:01+00:00 6eba2a32f2585bfd1d94fa1066167901213d0408 Only run test case for http as the socket manipulation done by the test case requires much more manipulation to work for https. However, that this test case started failing constantly instead of sporadically is proof that this change is a good thing. 
Only run test case for http as the socket manipulation done by the test case
requires much more manipulation to work for https. However, that this test case
started failing constantly instead of sporadically is proof that this change
is a good thing.
[#ERL-407]: Fix httpc misbehaviour based on RFC7230, section 3.3.3 2017-10-29T20:26:42+00:00 Hamidreza Soleimani hamidreza.s@gmail.com 2017-10-29T13:33:02+00:00 70a813c20a829ed47feb6a4b2e7b0332adac6c4f If a message is received with both a Transfer-Encoding and a Content-Length header field, it might indicate an attempt to perform request smuggling or response splitting and must be handled as an error in default mode (not relaxed mode). Bug report: https://bugs.erlang.org/browse/ERL-407 
If a message is received with both a Transfer-Encoding and a
Content-Length header field, it might indicate an attempt to
perform request smuggling or response splitting and must be
handled as an error in default mode (not relaxed mode).

Bug report: https://bugs.erlang.org/browse/ERL-407
inets: Correct guard test 2017-10-26T14:46:57+00:00 Ingela Anderton Andin ingela@erlang.org 2017-10-26T14:34:15+00:00 05390c5a5a0b0657166d5c3c10e1a055cfe66e88 Guard test for error case was not updated to handle httpc stream concept properly. 
Guard test for error case was not updated to handle httpc stream concept
properly.
Update copyright year 2017-06-14T13:36:21+00:00 Hans Nilsson hans@erlang.org 2017-06-14T13:36:21+00:00 43718d3b81d7f3d08e25047e22d579801bbe5044 






inets: httpc - Gracefull normal shutdown
2017-05-30T09:29:03+00:00

Ingela Anderton Andin
ingela@erlang.org

2017-05-30T09:29:03+00:00

8fe699b8ca17a3e9e1a3cd1821e112b9983a74ae












Fix httpc timeout for redirects
2017-05-23T06:44:03+00:00

Johannes Weißl
jargon@molb.org

2017-05-14T21:35:37+00:00

fb4c7f27d050a167335a4274327cf1f8d8cc9aba

Probably since 6153ba7 (OTP R13B04) the httpc timeout setting does not
work for redirects (when autoredirect is true). With this patch a new
timer is started for the new (redirected) requests. This means that a
simple redirected request could return after 2*timeout milliseconds.

This is the first part to fix https://bugs.erlang.org/browse/ERL-420





Probably since 6153ba7 (OTP R13B04) the httpc timeout setting does not
work for redirects (when autoredirect is true). With this patch a new
timer is started for the new (redirected) requests. This means that a
simple redirected request could return after 2*timeout milliseconds.

This is the first part to fix https://bugs.erlang.org/browse/ERL-420







Update copyright year
2017-05-04T13:42:21+00:00

Raimo Niskanen
raimo@erlang.org

2017-05-04T13:42:21+00:00

83e20c62057ebc1d8064bf57b01be560cd244e1d












Merge branch 'maint'
2017-04-04T15:18:22+00:00

Ingela Anderton Andin
ingela@erlang.org

2017-04-04T14:44:13+00:00

fbe1980e5ca85e516648420e0fed0d00b20a0529

Conflicts:
	OTP_VERSION
	erts/vsn.mk
	lib/crypto/c_src/crypto.c
	lib/crypto/src/crypto.erl
	lib/ssh/src/ssh.erl





Conflicts:
	OTP_VERSION
	erts/vsn.mk
	lib/crypto/c_src/crypto.c
	lib/crypto/src/crypto.erl
	lib/ssh/src/ssh.erl







Omit port from Host header on redirect to well-known port
2017-03-17T08:35:49+00:00

Bram Verburg
bram.verburg@voltone.net

2017-03-17T08:35:49+00:00

a13e73d70d2af0a686701a3c8b16b82b664abd19

ERL-316, as part of 19.3, adds the port number to the Host header
upon automatic redirection. The port number is included even if it
is a well-known port (80, 443). This is different from the
behaviour of most HTTP clients, as well as httpc's own for new
requests.

The added port number can lead to problems such as this one, where
the request signature assumes the client will not send the :443
suffix on redirection to an https URL:
https://github.com/nerves-project/nerves/issues/96

I was unable to add a test case, since that would require a server
on a well-known port, but I manually verified that the GitHub/S3
signing issue was indeed resolved with this patch.





ERL-316, as part of 19.3, adds the port number to the Host header
upon automatic redirection. The port number is included even if it
is a well-known port (80, 443). This is different from the
behaviour of most HTTP clients, as well as httpc's own for new
requests.

The added port number can lead to problems such as this one, where
the request signature assumes the client will not send the :443
suffix on redirection to an https URL:
https://github.com/nerves-project/nerves/issues/96

I was unable to add a test case, since that would require a server
on a well-known port, but I manually verified that the GitHub/S3
signing issue was indeed resolved with this patch.







Fix typos: lenght -> length
2017-03-01T17:34:50+00:00

Myron Marston
myron.marston@gmail.com

2017-03-01T17:34:50+00:00

eb437db9e7df90d5e72d6314ee7c49cbde77135a