aboutsummaryrefslogtreecommitdiffstats
path: root/lib/inets/src/http_lib
AgeCommit message (Collapse)Author
2018-03-14inets: fix scheme validation in http_uri:parse when binary URILuca Favatella
2018-03-07Merge branch 'maint'Péter Dimitrov
* maint: inets: work around http_uri:parse Dialyzer warning in uri_SUITE.erl:274 inets: refine types and doc of http_uri:parse options inets: export types documented for http_uri module Change-Id: Ifff539d8254cc86985f90978dd75a36616136c33
2018-03-06inets: work around http_uri:parse Dialyzer warning in uri_SUITE.erl:274Luca Favatella
Addresses https://github.com/erlang/otp/pull/1724#discussion_r172442753 Current `http_uri:parse/2` implementation intends that ["non-fun scheme_validation_fun works as no option passed"](https://github.com/erlang/otp/blob/OTP-20.2.4/lib/inets/test/uri_SUITE.erl#L271-L274).
2018-03-05inets: refine types and doc of http_uri:parse optionsLuca Favatella
2018-03-05inets: export types documented for http_uri moduleLuca Favatella
Also: * Reuse type `inet:port_number()` in `http_uri` code and doc; * Do not imply that http_uri module can properly handle UTF-8 encoded binaries, while it can't. * Enrich function specifications in http_uri module; * Fix http_uri doc re missing type definition for `Scheme`.
2017-11-15inets: Fix http content injection bug in httpcPéter Dimitrov
- uri_string module used for parsing URIs. - Removed url_encode option as only valid URIs shall be handled by the http client. - The client rejects URIs that are not compliant with RFC 3986. Change-Id: I0a5b9766f6463a9802e0b02b445a2c4c91f02236
2017-09-06inets: Restore old behavior when parsing "+"Péter Dimitrov
"+" is part of sub-delims according to RFC 3986 and shall not be converted to space.
2017-06-14Update copyright yearHans Nilsson
2017-05-05add binary string support to http_uri functionsTristan Sloughter
2017-05-04Update copyright yearRaimo Niskanen
2017-03-17Omit port from Host header on redirect to well-known portBram Verburg
ERL-316, as part of 19.3, adds the port number to the Host header upon automatic redirection. The port number is included even if it is a well-known port (80, 443). This is different from the behaviour of most HTTP clients, as well as httpc's own for new requests. The added port number can lead to problems such as this one, where the request signature assumes the client will not send the :443 suffix on redirection to an https URL: https://github.com/nerves-project/nerves/issues/96 I was unable to add a test case, since that would require a server on a well-known port, but I manually verified that the GitHub/S3 signing issue was indeed resolved with this patch.
2016-12-07Update copyright-yearErlang/OTP
2016-10-04Replace ref() with reference() in inets filesKostis Sagonas
This supersedes PR #1185 (submitted by @KrzysiekJ) that changed all occurrences of ref() with reference() in inets files. However, there is little point in having these types only in comments. So, these types are now exposed as type declarations for the record fields they appear. While at it, uncommented more commented out type declarations and declared types for records defined in the affected modules and header files. Some type-unfriendly and obsolete code related to supporting code ungrades with a really old OTP release was also removed.
2016-03-15update copyright-yearHenrik Nord
2016-01-29Merge branch 'ia/maint/inets/mod_alias/OTP-13248' into maint-18Erlang/OTP
* ia/maint/inets/mod_alias/OTP-13248: inets: Prepare for release inets: Traverse all aliases looking for the longest match inets: Use re instead of inets_regexp # Conflicts: # lib/inets/vsn.mk
2016-01-28inets: Use re instead of inets_regexpIngela Anderton Andin
2015-11-27inets: Add warning header in "chunk trailer" when mod_esi callback times out ↵Ingela Anderton Andin
or fails Also remove legacy debug macros and add help function httpd_util:error_log/2 to avoid code duplication.
2015-11-15inets: Allow whitespace after HTTP chunk againJohannes Weißl
Before 77acb47 http:request/1 could parse server responses with whitespace after the HTTP chunk size (some embedded legacy devices still do this). This patch restores this functionality.
2015-11-13Merge branch 'maint-18' into maintZandra
2015-11-11inets: Do not use internal or shell convenience functions in applicationIngela Anderton Andin
ssl:start/[1,2] is a shell convenience function and should not be called by other applications. inet_db:start is an internal function that we should not have to call. This was done for legacy reasons and is no longer needed.
2015-11-11Inets: Clean up codeIngela Anderton Andin
Remove point less instructions looking for return values, that in most cases no long exist, of which the result would anyhow be ignored
2015-11-11inets: httpd - Add possibility to specify socket options for HTTPIngela Anderton Andin
Was already possible for HTTPS. Also remove use of legacy option inet6fb4. IPv6 standard moved away from beeing able to fallback to IPv4 so this option makes little sense, will use inet (Ipv4) as default instead of inet6fb4.
2015-11-11inets: Remove debug macros that mimic call traceIngela Anderton Andin
2015-11-11inets: Improve max header size handlingIngela Anderton Andin
The chunked length header should be checked as well as headers present in the chunk trailer part, ignored extensions are counted as header bytes. Also the decode trailer function will stop as soon as the header size is exceed, when that happens.
2015-11-11inets: Terminate gracfully when an invalid chunked length header is encounteredIngela Anderton Andin
Also use integer_to_list/2 and list_to_integer/2 instead of reimplementing it.
2015-10-27Merge branch 'scrapinghub/http_uri_scheme_validation' into maintHenrik Nord
* scrapinghub/http_uri_scheme_validation: inets: scheme validation fun for http_uri OTP-13071
2015-10-13inets: scheme validation fun for http_uriKirilll Zaborsky
http_uri:parse_scheme function should allow checking scheme of URIs otherwise it could be easily abused to reach limit number of atoms in the VM
2015-10-13inets: fix suppport of HTTP headers with obs-foldKirilll Zaborsky
httpc should not fail when response contains (now deprecated) multiline HTTP headers constructed with obs-folds. And as RFC7230 specifies user agent should replace obs-folds with spaces.
2015-09-10inets: httpd - Mend broken fd optionIngela Anderton Andin
2015-06-18Change license text to APLv2Bruce Yinhe
2015-02-03Merge branch 'maint-17' into maintZandra Hird
2015-01-29inets: httpd - Sanity check of content-length headerIngela Anderton Andin
Gracefully handle invalid content-lenght headers instead of crashing in list_to_integer.
2015-01-02Properly parse URI fragmentsAnthony Ramine
This fixes a bug in httpc where redirection URIs could lead to bad requests if they contained fragments.
2014-05-23inets: httpd - Reject incorrect large request lines earlyIngela Anderton Andin
2014-01-13inets: Remove log message as it causes more harm than use at the momentIngela Anderton Andin
2013-08-23Merge branch 'maint-r15' into maint-r16Fredrik Gustafsson
Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_transport.erl lib/inets/src/inets_app/inets.appup.src lib/inets/vsn.mk lib/ssl/doc/src/notes.xml lib/ssl/src/ssl.appup.src lib/ssl/src/ssl.erl lib/ssl/src/ssl_internal.hrl lib/ssl/src/tls_connection.erl lib/ssl/vsn.mk
2013-08-21[inets, ssl]: make log_alert configurable as option in ssl, SSLLogLevel ↵Fredrik Gustafsson
added as option to inets conf file
2013-06-12Update copyright yearsBjörn-Egil Dahlberg
2013-05-20Remove http_chunk:decode/4 as it is no longer usedMasatake Daimon
http_chunk:decode/4, the side-effecting chunk decoder, was only used by httpc_handler:handle_http_body/2 but now it's completely unused.
2013-03-02Fix http_request:http_headers/1 to send content-length when length is zeroCA Meijer
In R16B01, the http_request:http_headers/1 function removes the content-length field from the HTTP headers if the content length is zero. This results in some (perhaps many) HTTP servers rejecting POSTs and PUTs without data with a 411 status word. From RFC2616, section 14.13: "Any Content-Length greater than or EQUAL to zero is a valid value".
2013-02-20inets httpd: Handle ipfamily option correctly when listning to port 0Ingela Anderton Andin
2013-02-18inets: Improve ssl handlingIngela Anderton Andin
httpc: CTfy test suite httpd: Simplify ssl configuration OTP-10846
2012-08-31Update copyright yearsBjörn-Egil Dahlberg
2012-06-05Update to work with whitespace in exec pathLukas Larsson
OTP-10106 OTP-10107
2012-03-15[inets] The module http_uri now officially supportedMicael Karlberg
The module http_uri now officially supported. Also, the http_uri:parse/1,2 function has been extended with more scheme support and a way to provide your own scheme info. OTP-9983
2012-03-14[inets] Initial proposal of module http_uriMicael Karlberg
This version of the module was provided by Johan Tj�der. It adds support for more methods (more than http and https). OTP-9983
2011-11-15Merge branch 'maint-r14'Micael Karlberg
Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_uri.erl lib/inets/src/inets_app/inets.appup.src lib/inets/vsn.mk
2011-11-09Initial merge from r13 topic branch. With minimal cleanup.Micael Karlberg
Merge branch 'bmk/inets/httpd/xss_when_erl_encoded/r13/OTP-9655' into bmk/inets/httpd/xss_when_erl_encoded/r14/OTP-9655 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_uri.erl lib/inets/src/http_lib/http_util.erl lib/inets/src/http_server/httpd_file.erl lib/inets/src/http_server/httpd_request.erl lib/inets/src/http_server/httpd_request_handler.erl lib/inets/src/http_server/httpd_util.erl lib/inets/src/inets_app/inets.appup.src lib/inets/test/httpc_SUITE.erl lib/inets/test/httpd_SUITE.erl lib/inets/test/httpd_basic_SUITE.erl lib/inets/test/httpd_test_lib.erl lib/inets/vsn.mk
2011-10-26Skip catching hex decode failure.Micael Karlberg
OTP-9655
2011-10-26Fixed hex-decoding.Micael Karlberg
OTP-9655