Age | Commit message (Collapse) | Author |
|
If a message is received with both a Transfer-Encoding and a
Content-Length header field, it might indicate an attempt to
perform request smuggling or response splitting and must be
handled as an error in default mode (not relaxed mode).
Bug report: https://bugs.erlang.org/browse/ERL-407
|
|
Guard test for error case was not updated to handle httpc stream concept
properly.
|
|
|
|
|
|
Probably since 6153ba7 (OTP R13B04) the httpc timeout setting does not
work for redirects (when autoredirect is true). With this patch a new
timer is started for the new (redirected) requests. This means that a
simple redirected request could return after 2*timeout milliseconds.
This is the first part to fix https://bugs.erlang.org/browse/ERL-420
|
|
|
|
Conflicts:
OTP_VERSION
erts/vsn.mk
lib/crypto/c_src/crypto.c
lib/crypto/src/crypto.erl
lib/ssh/src/ssh.erl
|
|
ERL-316, as part of 19.3, adds the port number to the Host header
upon automatic redirection. The port number is included even if it
is a well-known port (80, 443). This is different from the
behaviour of most HTTP clients, as well as httpc's own for new
requests.
The added port number can lead to problems such as this one, where
the request signature assumes the client will not send the :443
suffix on redirection to an https URL:
https://github.com/nerves-project/nerves/issues/96
I was unable to add a test case, since that would require a server
on a well-known port, but I manually verified that the GitHub/S3
signing issue was indeed resolved with this patch.
|
|
|
|
Input should be checked and httpc_handler process shall terminate
gracefully on errors so that user process will in hang in gen_server:call.
|
|
Remove dead code and redundant debug macros. Better to use tracing for
debugging.
|
|
Correct chunk decoding by adding missing argument to match.
The symptom was that chunk decoding sometimes failed depending on
stream data arrival timing.
|
|
RFC2616 Sect 14.23: The Host request-header field specifies the
Internet host AND port number.
|
|
|
|
|
|
Proxies want absolut URIs, but once a TLS tunnel is set up
it is like talking direct to the server.
|
|
* ingela/inets/httpc/ERL-253:
inets: httpc improve error handling
|
|
This supersedes PR #1185 (submitted by @KrzysiekJ) that changed
all occurrences of ref() with reference() in inets files.
However, there is little point in having these types only in comments.
So, these types are now exposed as type declarations for the record
fields they appear. While at it, uncommented more commented out type
declarations and declared types for records defined in the affected
modules and header files.
Some type-unfriendly and obsolete code related to supporting code
ungrades with a really old OTP release was also removed.
|
|
Handler process should exit normal if manager process has been terminated
|
|
- The behavior of httpc:request when autoredirect = true is not correct
according to the latest update in RFC-7231. This patch corrects the
autoredirect behavior.
|
|
* henrik/update-copyrightyear:
update copyright-year
|
|
* FabioBatSilva/httpc-delete-body/PR-972/OTP-13383:
inets: Add DELETE Body to client
remove whitespaces
|
|
This is a quick fix to make this option work.
We will revisit this and clean up httpc option handling later.
Also adding regression tests.
|
|
|
|
|
|
|
|
|
|
httpc should fill SNI extenstion for HTTPS requests sent through
CONNECT tunnel to provide proper access to websites using SNI
|
|
Without this fix, httpc:request/1 crashes the httpc_handler when an
invalid chunked length header is encountered (since 77acb47):
=ERROR REPORT==== 14-Nov-2015::17:19:30 ===
** Generic server <0.651.0> terminating
** Last message in was {tcp,#Port<0.5714>,
<<"HTTP/1.1 200 ok\r\nTransfer-Encoding:chunked\r\n\r\nåäö\r\n">>}
** When Server state == {state,
[...]
** Reason for termination ==
** {bad_return_value,{error,{chunk_size,"åäö"}}}
|
|
httpc should work properly if streaming option {self, once} is
chosen and the corresponding response does not get streamed.
|
|
httpc_handler should respond with correct and complete
responses seeing non-streamed status codes i.e. codes
other than 200 or 206.
|
|
* ia/pr/800/OTP-12984:
inets: Forward connection errors with https proxy
|
|
|
|
httpc should return meaningful error reason disregarding whether
it is being used with http proxy or not
|
|
httpc_handler should react properly to cancel requests even
when the request to be cancelled was already finished
but httpc_manager did not get notified about that yet
|
|
|
|
If the socket is closed by the peer do not try to close it again.
Solves OTP-11845
|
|
httpc_handler should set correct address of the connected host
and not ignore proxy option of the profile while
sending requests taken out of keep-alive queue
|
|
httpc_handler should respond with proper {stop, Reason, State}
message when sending request from keep-alive queue fails
|
|
* erlang/pr/741:
Minor misprints
|
|
|
|
The new module is backwards compatible.
|
|
|
|
|
|
|
|
httpc_cookie should parse cookies with empty values
and no attributes set in the 'Set-Cookie' headers.
|
|
|
|
Parsing invalid 'Set-Cookie' header would make httpc crash.
This commit filters invalid 'Set-Cookie' headers so that httpc wouldn't try to parse them.
|
|
httpc_handler should be stopped when sending requests returns error
because of a closed connection and `tcp_closed` message could not be
catched (see http://erlang.org/pipermail/erlang-bugs/2007-May/000346.html )
otherwise it will lead to process leak.
|
|
* scrapinghub/update_session_original_stacktrace:
inets: Return correct stacktrace on session updating failure
|