| Age | Commit message (Collapse) | Author |
|---|
|
* peterdmv/inets/httpc-content-type/ERL-736/OTP-15339:
inets: Fix handling of 'Content-Type' (httpc)
Change-Id: I8c9f48d8474dba7a83e4ecba6b8146faffb559fc
|
|
'Content-Type' is sent when it is explicitly set as a header or
there is a non-empty body in the request.
Former implementation dropped the explicit 'Content-Type' when
the request had an empty body.
Change-Id: I00a9e4a5011f9d28c04c0dfc5fe1561b1ab7eb09
|
|
RFC7230 3.3.2
A sender MUST NOT send a 'Content-Length' header field in any message
that contains a 'Transfer-Encoding' header field.
Change-Id: I568fc65cafe3ab30baad56c002459ff74e4dbb28
|
|
* maint-20:
inets: Prepare for release
inets: Robust handling of 204, 304, 1xx responses
inets: Do not use chunked encoding with 1xx, 204, 304
Change-Id: Ia88eb1d217b46fb01b1d7544d9ef34788c87abbd
|
|
All 1xx (informational), 204 (no content), and 304 (not modified)
responses MUST NOT include a message-body, and thus are always
terminated by the first empty line after the header fields.
This implies that chunked encoding MUST NOT be used for these
status codes.
This commit updates the client to gracefully handle responses from
faulty server implementations that can send chunked encoded 204,
304 or 1xx responses.
Change-Id: I2dd502e28b3c6e121640083118fa5c3e479f5194
|
|
|
|
This is necessary to prevent an error when calling get_port inside
resolve_authority
|
|
|
|
When handling 301 redirects from http -> https on Erlang 21.0.1, the
following error is encountered:
```
8> Options = [].
9> httpc:request(head, {"http://rhye.org", []}, Options, []).
{error,{shutdown,{{error,{badmatch,443}},
[{httpc_response,resolve_uri,7,
[{file,"/usr/local/lib/erlang/lib/inets-7.0/src/http_client/httpc_response.erl"},
{line,431}]},
{httpc_response,redirect,2,
[{file,"/usr/local/lib/erlang/lib/inets-7.0/src/http_client/httpc_response.erl"},
{line,396}]},
{httpc_handler,handle_response,1,
[{file,"httpc_handler.erl"},{line,1052}]},
{httpc_handler,handle_info,2,
[{file,"httpc_handler.erl"},{line,283}]},
{gen_server,try_dispatch,4,
[{file,"gen_server.erl"},{line,637}]},
{gen_server,handle_msg,6,
[{file,"gen_server.erl"},{line,711}]},
{proc_lib,init_p_do_apply,3,
[{file,"proc_lib.erl"},{line,249}]}]}}}
```
This seems to be caused by the following code in `resolve_uri`:
```
resolve_uri(Scheme, Host, Port, Path, Query, URI, Map0) ->
case maps:is_key(scheme, URI) of
true ->
Port = get_port(URI)
```
The value of `Port` passed in to `resolve_uri` here is 80, since the
original URL is http. However, since the redirected URL is https, the
`get_port` call returns 443, which is not equal to 80, and crashes.
Assigning to a new variable seems to fix redirects.
|
|
|
|
This commit will make the close down sequence work as intended, and no
crash report will be generated. Alas such error corner cases are hard to
write automated test for.
|
|
- Add support for setting socket options per request.
- Add http_ipv6 test group.
Change-Id: Ia2aca37c0b5fe64a41995c79ae3399434b17ab8a
|
|
* maint:
inets: Fix broken httpc options handling
Change-Id: I9e44f0e53237a390048cab3aaf52ea0e1a5358a2
|
|
* peterdmv/httpc_delete_requests/ERL-536/OTP-15006:
inets: Fix broken handling of header Content-Type
Change-Id: I8d6f23d830961f71a198377351f14b0e97dcd44b
|
|
- Add support for setting socket options per request.
- Add http_ipv6 test group.
Change-Id: Ia2aca37c0b5fe64a41995c79ae3399434b17ab8a
|
|
Addresses https://github.com/erlang/otp/pull/1752#discussion_r177970060
|
|
Strict REST APIs does not accept HTTP requests that have no body
but still include a 'Content-Type' header. RFC7231 does not
forbid this corner case but as it causes interoperatbility
problems in client software we opt to not send the 'Content-Type'
header when the body is not present.
Change-Id: I36c43225fd156fb1b651037fcbe69b448665ec23
|
|
|
|
From https://tools.ietf.org/html/rfc7230#section-6.6
> A client that receives a "close" connection option MUST cease
sending requests on that connection and close the connection after
reading the response message containing the "close"; if additional
pipelined requests had been sent on the connection, the client
SHOULD NOT assume that they will be processed by the server.
Notes on tests:
* The new tests are added only in group sim_http and not sim_https
because the same test approach appears to be not valid because when
processing the first response the server already sent data (> 0) for
the TLS/SSL handshake;
* The order of tests is relevant as it appears some test cases leave
reusable sessions behind.
|
|
|
|
|
|
... i.e. references to `connect_failed` and `send_failed`, unused
since 5d32eaf750 .
|
|
|
|
* maint:
inets: Prepare for release
inets: Skip http_unix_socket test group on Windows
inets: Add unix domain socket support to httpc
Change-Id: I4c3a3d6e4fbbdf82e4e2e7d30b84510f9c286c68
|
|
Change-Id: I44fe2670e36884e09600d17dd71b1e86b9ee75fa
|
|
* maint:
inets: Prepare for release
inets: Fix httpc crash on keep-alive connections
Change-Id: If066f788c3fcb8b5c5a943892d3c03c201590e40
|
|
- Set gen_server call timeout to infinity in httpc_handler.
- Add new testcase 'slow_connection'.
Change-Id: Id11b54c588e1d66b9ebba4da5dbfe5e9bee1f1ee
|
|
|
|
Fixed handling of URL paths that contain space (%20) characters.
Change-Id: Ic09691e35c70ee005af7637a6ec3ae588097bec1
|
|
* peterdmv/inets/autoredirect/ERL-333/OTP-14729:
inets: Add support for URI-references in Location
|
|
* peterdmv/inets/http_content_injection/ERL-456/OTP-14726:
inets: Fix http content injection bug in httpc
|
|
Only run test case for http as the socket manipulation done by the test case
requires much more manipulation to work for https. However, that this test case
started failing constantly instead of sporadically is proof that this change
is a good thing.
|
|
- uri_string module used for parsing URIs.
- Removed url_encode option as only valid URIs shall be handled
by the http client.
- The client rejects URIs that are not compliant with RFC 3986.
Change-Id: I0a5b9766f6463a9802e0b02b445a2c4c91f02236
|
|
RFC 2616 requires an absolute URI in 'Location' header field for
redirects. RFC 7231 obsoleted RFC 2616 and allows URI-references.
Updated httpc_response to support URI-references, based on the
URI resolution algorithm defined by RFC 3986 (5.2.2. Transform
References).
Change-Id: I42227d32f458b6e7a60d55b40407c4092e69b222
|
|
If a message is received with both a Transfer-Encoding and a
Content-Length header field, it might indicate an attempt to
perform request smuggling or response splitting and must be
handled as an error in default mode (not relaxed mode).
Bug report: https://bugs.erlang.org/browse/ERL-407
|
|
Guard test for error case was not updated to handle httpc stream concept
properly.
|
|
|
|
|
|
Probably since 6153ba7 (OTP R13B04) the httpc timeout setting does not
work for redirects (when autoredirect is true). With this patch a new
timer is started for the new (redirected) requests. This means that a
simple redirected request could return after 2*timeout milliseconds.
This is the first part to fix https://bugs.erlang.org/browse/ERL-420
|
|
|
|
Conflicts:
OTP_VERSION
erts/vsn.mk
lib/crypto/c_src/crypto.c
lib/crypto/src/crypto.erl
lib/ssh/src/ssh.erl
|
|
ERL-316, as part of 19.3, adds the port number to the Host header
upon automatic redirection. The port number is included even if it
is a well-known port (80, 443). This is different from the
behaviour of most HTTP clients, as well as httpc's own for new
requests.
The added port number can lead to problems such as this one, where
the request signature assumes the client will not send the :443
suffix on redirection to an https URL:
https://github.com/nerves-project/nerves/issues/96
I was unable to add a test case, since that would require a server
on a well-known port, but I manually verified that the GitHub/S3
signing issue was indeed resolved with this patch.
|
|
|
|
Input should be checked and httpc_handler process shall terminate
gracefully on errors so that user process will in hang in gen_server:call.
|
|
Remove dead code and redundant debug macros. Better to use tracing for
debugging.
|
|
Correct chunk decoding by adding missing argument to match.
The symptom was that chunk decoding sometimes failed depending on
stream data arrival timing.
|
|
RFC2616 Sect 14.23: The Host request-header field specifies the
Internet host AND port number.
|
|
|
|
|
|
Proxies want absolut URIs, but once a TLS tunnel is set up
it is like talking direct to the server.
|
