diff options
author | Kirilll Zaborsky <[email protected]> | 2015-09-24 15:19:52 +0300 |
---|---|---|
committer | Henrik Nord <[email protected]> | 2015-10-13 12:37:50 +0200 |
commit | 3b28f0d9bbc9e5745fb95e48e6daf9179461116b (patch) | |
tree | b53abb3936d8918722544fdb5c70b036214e9665 /lib/inets/doc | |
parent | 60be19014474a39d9b611ef7749bffa1f6096bc1 (diff) | |
download | otp-3b28f0d9bbc9e5745fb95e48e6daf9179461116b.tar.gz otp-3b28f0d9bbc9e5745fb95e48e6daf9179461116b.tar.bz2 otp-3b28f0d9bbc9e5745fb95e48e6daf9179461116b.zip |
inets: scheme validation fun for http_uri
http_uri:parse_scheme function should allow checking
scheme of URIs otherwise it could be easily abused to
reach limit number of atoms in the VM
Diffstat (limited to 'lib/inets/doc')
-rw-r--r-- | lib/inets/doc/src/http_uri.xml | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/lib/inets/doc/src/http_uri.xml b/lib/inets/doc/src/http_uri.xml index 47c40da96a..64e6c7a6cc 100644 --- a/lib/inets/doc/src/http_uri.xml +++ b/lib/inets/doc/src/http_uri.xml @@ -117,7 +117,8 @@ <v>Options = [Option]</v> <v>Option = {ipv6_host_with_brackets, boolean()} | {scheme_defaults, scheme_defaults()} | - {fragment, boolean()}]</v> + {fragment, boolean()} | + {schema_validation_fun, fun()}]</v> <v>Result = {Scheme, UserInfo, Host, Port, Path, Query} | {Scheme, UserInfo, Host, Port, Path, Query, Fragment}</v> <v>UserInfo = user_info()</v> @@ -141,6 +142,16 @@ <p>If the fragment option is <c>true</c>, the URI fragment is returned as part of the parsing result, otherwise it is ignored.</p> + <p>Scheme validation fun is to be defined as follows: + + <code> +fun(SchemeStr :: string()) -> + valid | {error, Reason :: term()}. + </code> + + It is called before scheme string gets converted into scheme atom and + thus possible atom leak could be prevented</p> + <marker id="encode"></marker> </desc> </func> |