Age | Commit message (Collapse) | Author |
|
|
|
socket type ip_comm.
|
|
|
|
OTP-9158
|
|
OTP-9157
|
|
bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
When a mod_esi request times out, the code to send a timeout response
was incorrect and generated an internal server error as well as an invalid
response line.
|
|
|
|
This change allows for more efficient delivery of large amounts of
data through the mod_esi interface when the handling process has that
data in binary format. It avoids the need to convert to list and the
extra memory involved in passing that list between processes.
|
|
Prevent user controlled input from being interpreted as HTML in error
pages by encoding the reserved HTML characters. The reserved character
set should be safe for displaying data within the body of HTML pages
as outlined here:
http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
Previously, weird URLs were URI encoded in the error page. This worked
quite well but the URL would be displayed in the HTML in percent encoded
format. There was also a check for URIs that were already escaped (by
the browser) that would fail if the browser sent an URI containing a
"%", e.g.:
w3m "http://localhost:8080/<b>foo</b>?%"
Also encode the HTTP method and version, since it's possible they may be
manipulated:
<b>FOO</b> /index.html HTTP/1.0
GET /index.html <b>foo</b>/1.0
Encode the static messages to prevent characters from being interpreted
as HTML such as "heavy load (>~w processes)".
|
|
HTTPD header file install "fixed". That is, the include files in the
include dir are installed in the include dir (by the Makefile in the
src/inets_app). New wrapper header files (with the same names
httpd.hrl and mod_auth.hrl) has been created in the src/http_server
dir (which in turn is installed in the src/http_server dir by the
Makefile in the src/http_server dir).
|
|
Internal server error is only used for emfile and enfile all
other errors are treated as 404 file not found, except 403 eacces.
|
|
added missing include directory.
|
|
OTP-8564: Update deeprication status.
OTP-8573: Inets mod_alias URL rewrite.
|
|
OTP-8610: Problem processing netscape cookies - date
OTP-8624: Documented debug options not handled
|
|
|
|
OTP-8351, OTP-8359 & OTP-8371.
|
|
|