Age | Commit message (Collapse) | Author |
|
server crash (non-fatal) with no reply to client. Will now
result in a reply with status code 400.
OTP-9674
Merge branch 'bmk/inets/httpd/xss_with_bad_header_date/r14/OTP-9674' into bmk/inets/inets572_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
Merge branch 'bmk/inets/httpd/xss_with_bad_header_date/r13/OTP-9674' into bmk/inets/httpd/xss_with_bad_header_date/r14/OTP-9674
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/http_server/mod_responsecontrol.erl
lib/inets/src/inets_app/inets.appup.src
lib/inets/test/httpd_1_1.erl
lib/inets/test/httpd_SUITE.erl
lib/inets/test/httpd_mod.erl
lib/inets/test/httpd_test_lib.erl
lib/inets/vsn.mk
|
|
Merge branch 'bmk/inets/httpd/xss_when_erl_encoded/r13/OTP-9655' into bmk/inets/httpd/xss_when_erl_encoded/r14/OTP-9655
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/http_lib/http_uri.erl
lib/inets/src/http_lib/http_util.erl
lib/inets/src/http_server/httpd_file.erl
lib/inets/src/http_server/httpd_request.erl
lib/inets/src/http_server/httpd_request_handler.erl
lib/inets/src/http_server/httpd_util.erl
lib/inets/src/inets_app/inets.appup.src
lib/inets/test/httpc_SUITE.erl
lib/inets/test/httpd_SUITE.erl
lib/inets/test/httpd_basic_SUITE.erl
lib/inets/test/httpd_test_lib.erl
lib/inets/vsn.mk
|
|
server crash (non-fatal) with no reply to client. Will
now result in a reply with status code 400.
OTP-9674
|
|
OTP-9655
|
|
bmk/inets/inets571_integration
Conflicts:
lib/inets/doc/src/notes.xml
|
|
|
|
are URL-encoded. Added support in http-client to use
URL-encoding. Also added the missing include directory
for the inets application.
OTP-8940
[httpd] Prevent XSS in error pages.
Prevent user controlled input from being interpreted
as HTML in error pages by encoding the reserved HTML
characters.
Michael Santos
OTP-9124
|
|
cookie processing from www.expedia.com.
OTP-9434
|
|
That is, if the parsing fails, the date should be ignored.
Also added support for (yet another) date format: "Tue Jan 01 08:00:01 2036 GMT"
OTP-9433
|
|
OTP-5566
Merge branch 'bmk/inets/handle_ipv6_with_ssl2/OTP-5566' into bmk/inets/inets57_integration2
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
lib/inets/test/inets_test_lib.erl
|
|
|
|
OTP-9365
|
|
|
|
processing body (for PUT and POST).
Filipe David Manana
OTP-9317
Merge branch 'bmk/inets/httpc/remove_unnecessary_iolist_to_binary_usage2/OTP-9317' into bmk/inets/inets57_integration2
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
processing body (for PUT and POST).
Filipe David Manana
OTP-9317
|
|
Attila Rajmund Nohl
OTP-9342
Merge branch 'bmk/inets/ftp/does_not_handle_ipv6/OTP-9342' into bmk/inets/inets57_integration2
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
|
|
|
|
|
|
OTP-9343
|
|
reason badarg. Neither SSL nor INETS catches this, resulting in crashes
with incomprehensible reasons.
OTP-9289
|
|
|
|
|
|
bmk/inets/inet56_integration
OTP-9202
|
|
the inets file).
|
|
OTP-9158
|
|
OTP-9157
|
|
bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
'bmk/inets/httpd/make_mod_esi_deliver_accept_binary_data/OTP-9123' into bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
into bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
Conflicts:
lib/inets/doc/src/notes.xml
Fixed release notes after merge.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also fixed some of the documentation (types).
|
|
|
|
|
|
|
|
OTP-8739 [httpc] If a request times out (not connect timeout), the
handler process exited (normal) but neglected to inform
the manager process. For this reason, the manager did not
clean up the request table, resulting in a memory leak.
Also the manager did not create a monitor for the handler,
so in an unforseen handler crash, this could also create
a memory leak.
OTP-8741 The service tftp was spelled wrong in documentation and
in some parts of the code. It should be tftp.
OTP-8742 [httpc] Replaced the old http client api module (http) with
the new, httpc in the users guide.
|
|
OTP-8609 [httpc] Made cookie handling more case insensitive.
OTP-8610 [httpc|httpd] Some netscape cookie dates are given with
a 2-digit year (e.g. 06 = 2006).
OTP-8624 [httpd] Added support (again) for the documented debugging
features. See the User's Guide Configuration chapter for
more info.
|
|
OTP-8542 [httpc] Memory leak plugged. The profile manager never cleaned
up in its handler database. This meant that with each new
request handler, another entry was created that was never
deleted. Eventually the request id counter (used as a key)
would wrap, but the machine would most likely run out of
memory before that happened.
OTP-8607 [httpc] https requests with default port not handled properly.
Jebu Ittiachen.
|
|
OTP-8508 [httpc] Badly formated error reason for errors occuring
during initial connec to a servert. Also, the possible error
reasons was not properly documented.
OTP-8509 [httpd] Issues with ESI erl_script_timeout. </p> *) The
"erl_script_timeout" config option is ducumented as a number
of seconds. But when parsing the config, in the new format
(not a config file), it was handled as if in number of
milliseconds. *) When the erl-script-timeout time was
exceeded, the server incorrectly marked the answer as sent,
thereby leaving client hanging (with an incomplete answer).
This has been changed, so that now the socket will be closed.
|
|
OTP-8564: Update deeprication status.
OTP-8573: Inets mod_alias URL rewrite.
|
|
OTP-8610: Some netscape cookie dates are given with a 2-digit year.
|
|
OTP-8607: https default port not handled
|