aboutsummaryrefslogtreecommitdiffstats
path: root/lib/inets/src
AgeCommit message (Collapse)Author
2011-12-09Update copyright yearsBjörn-Egil Dahlberg
2011-12-05Fix typo in mod_responsecontrol.erlTuncer Ayaz
2011-11-23Merge branch 'bmk/inets/dialyzer_fixes/OTP-9736' into ↵Micael Karlberg
bmk/inets/inets58_integration2
2011-11-23Fixed acceptor exit warnings (detected by dialyzer).Micael Karlberg
Also fixed cookie_header/3 and updated documented accordingly. Also added documentation for undocumented URI parse option.
2011-11-22Merge branch 'bmk/inets/httpd/bad_msg_size/OTP-9733' into ↵Micael Karlberg
bmk/inets/inets58_integration2
2011-11-22[httpd] Sometimes entries in the transfer log was written with the messageMicael Karlberg
size as list of numbers. This list was actually the size as a string, e.g. "123", written with the control sequence ~w. This has now been corrected so that any string is converted to an integer (if possible). OTP-9733
2011-11-21Various minor dialyzer related cleanup.Micael Karlberg
2011-11-16[httpd] Fix logging of content length in mod_log.Micael Karlberg
Garrett Smith OTP-9715 Merge branch 'gs/mod_log-fix' into bmk/inets/httpd/content_len_in_mod_log/OTP-9715
2011-11-15Merge branch 'maint-r14'Micael Karlberg
Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_uri.erl lib/inets/src/inets_app/inets.appup.src lib/inets/vsn.mk
2011-11-10Commas and more commas...Micael Karlberg
2011-11-09[httpd] GET request with malformed header date causedMicael Karlberg
server crash (non-fatal) with no reply to client. Will now result in a reply with status code 400. OTP-9674 Merge branch 'bmk/inets/httpd/xss_with_bad_header_date/r14/OTP-9674' into bmk/inets/inets572_integration Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src
2011-11-09Initial merge from r13 topic branch. With minimal cleanup.Micael Karlberg
Merge branch 'bmk/inets/httpd/xss_with_bad_header_date/r13/OTP-9674' into bmk/inets/httpd/xss_with_bad_header_date/r14/OTP-9674 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_server/mod_responsecontrol.erl lib/inets/src/inets_app/inets.appup.src lib/inets/test/httpd_1_1.erl lib/inets/test/httpd_SUITE.erl lib/inets/test/httpd_mod.erl lib/inets/test/httpd_test_lib.erl lib/inets/vsn.mk
2011-11-09Aftermerge cleanup.Micael Karlberg
2011-11-09Initial merge from r13 topic branch. With minimal cleanup.Micael Karlberg
Merge branch 'bmk/inets/httpd/xss_when_erl_encoded/r13/OTP-9655' into bmk/inets/httpd/xss_when_erl_encoded/r14/OTP-9655 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_uri.erl lib/inets/src/http_lib/http_util.erl lib/inets/src/http_server/httpd_file.erl lib/inets/src/http_server/httpd_request.erl lib/inets/src/http_server/httpd_request_handler.erl lib/inets/src/http_server/httpd_util.erl lib/inets/src/inets_app/inets.appup.src lib/inets/test/httpc_SUITE.erl lib/inets/test/httpd_SUITE.erl lib/inets/test/httpd_basic_SUITE.erl lib/inets/test/httpd_test_lib.erl lib/inets/vsn.mk
2011-11-01[httpd] GET request with malformed header date causedMicael Karlberg
server crash (non-fatal) with no reply to client. Will now result in a reply with status code 400. OTP-9674
2011-11-01Added versions 5.2, 5.1.3 and 5.1.2 again.Micael Karlberg
OTP-9655
2011-10-26Fixed HTML encode. First *try* to hex decode uri, and thenMicael Karlberg
do the actual html encode. OTP-9655
2011-10-26Skip catching hex decode failure.Micael Karlberg
OTP-9655
2011-10-26Fixed hex-decoding.Micael Karlberg
OTP-9655
2011-10-25Added release notes, appup and correct version.Micael Karlberg
OTP-9655
2011-10-25The XSS prevention methods used was confused if theMicael Karlberg
URL was encoded (hex-encoded). OTP-9655
2011-10-18Make it possible to compile with an R14B compiler.Micael Karlberg
2011-10-18[httpc] Wrong Host header in IPv6 HTTP requests.Micael Karlberg
When a URI with a IPv6 host is parsed, the brackets that encapsulates the nnn is removed. This value is then supplied as the host header. This can cause problems with some servers. A workaround for this is to use headers_as_is and provide the host header with the requst call To solve this a new option has been added, ipv6_host_with_brackets. This option specifies if the host value of the host header shall include the branckets or not. By default, it does not (as before). OTP-9628
2011-10-12Make return from the parse function conform with:Micael Karlberg
{error, Reason} | {ok, ParsedURL}
2011-10-11Merge branch 'master' of super:otp into bmk/inets/inets58_integrationMicael Karlberg
2011-10-07Add callback specs to tftp module following internet documentationStavros Aronis
2011-10-07Add callback specs to inets_service module following possibly deprecated ↵Stavros Aronis
comments
2011-09-29Merge branch 'dev' into majorBjörn-Egil Dahlberg
* dev: Update copyright years
2011-09-29Update copyright yearsBjörn-Egil Dahlberg
2011-09-24Fix logging of content length in mod_logGarrett Smith
mod_log uses content length from response headers when logging transfer length, which is a string. It needs to be converted to an integer when logged.
2011-09-23Merge branch 'major' of super:otp into bmk/inets/inets58_integrationMicael Karlberg
2011-09-23Merge branch 'dev' into majorMicael Karlberg
Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src lib/inets/test/httpc_cookie_SUITE.erl lib/inets/vsn.mk
2011-09-23Merge branch 'major' of super:otp into bmk/inets/inets58_integrationMicael Karlberg
2011-09-23[httpc] Parsing of a cookie expire date should be more forgiving.Micael Karlberg
That is, if the parsing fails, the date should be ignored. Also added support for (yet another) date format: "Tue Jan 01 08:00:01 2036 GMT". OTP-9433 [httpc] Rewrote cookie parsing. Among other things solving cookie processing from www.expedia.com. OTP-9434 [httpd] Fix httpd directory traversal on Windows. Directory traversal was possible on Windows where backward slash is used as directory separator. Andr�s Veres-Szentkir�lyi. OTP-9561 Merge branch 'bmk/inets/inets571_integration' into dev
2011-09-20Merge branch 'dev' into majorHenrik Nord
Conflicts: erts/aclocal.m4 erts/include/internal/ethread_header_config.h.in
2011-09-19Merge branch 'bmk/inets/httpd/windows_dir_traversal/OTP-OTP-9561' into ↵Micael Karlberg
bmk/inets/inets571_integration Conflicts: lib/inets/doc/src/notes.xml
2011-09-19Merge branch 'dev' of super:otp into bmk/inets/inets571_integrationMicael Karlberg
2011-09-19Fixed release notes, version and cosmetics in source.Micael Karlberg
2011-09-19Merge branch 'va/http-win-dir-traversal' into ↵Micael Karlberg
bmk/inets/httpd/windows_dir_traversal/OTP-OTP-9561
2011-09-19[ftpc] Add a config option to specify a data connect timeout.Micael Karlberg
That is how long the ftp client will wait for the server to connect to the data socket. If this timeout occurs, an error will be returned to the caller and the ftp client process will be terminated. OTP-9545
2011-09-15Fix more misspellings of compatibilityTuncer Ayaz
2011-09-15Fix misspelling of keptTuncer Ayaz
2011-09-15Updated http-server to make sure URLs in error-messagesMicael Karlberg
are URL-encoded. Added support in http-client to use URL-encoding. Also added the missing include directory for the inets application. OTP-8940 [httpd] Prevent XSS in error pages. Prevent user controlled input from being interpreted as HTML in error pages by encoding the reserved HTML characters. Michael Santos OTP-9124
2011-09-09Merge branch 'bmk/inets/inets58_integration' into majorMicael Karlberg
[httpc] Deprecated interface module <c>http</c> has been removed. It has (long) been replaced by http client interface module httpc. OTP-9359 [httpc|httpd] The old ssl implementation (based on OpenSSL), has been deprecated. The config option that specified usage of this version of the ssl app, *ossl*, has been removed. OTP-9522
2011-09-08[httpc] Rewrote cookie parsing. Among other things solvingMicael Karlberg
cookie processing from www.expedia.com. OTP-9434
2011-09-06[httpc] Parsing of a cookie expire date should be more forgiving.Micael Karlberg
That is, if the parsing fails, the date should be ignored. Also added support for (yet another) date format: "Tue Jan 01 08:00:01 2036 GMT" OTP-9433
2011-09-05Removed the ossl config option (from both client and server).Micael Karlberg
The ossl option is no longer valid since the old ssl (OpenSSL based ssl variant) has been removed from the ssl app. OTP-9522
2011-08-26Fix httpd directory traversal on WindowsAndrás Veres-Szentkirályi
Although the validation in httpd_request works well on platforms using forward slash as directory separator, on Windows systems, this protection can be circumvented using URLs containing backslashes. This way, any file accessible to the user running the server (even those outside the document root) can be read through HTTP. This commit solves the problem by expanding the list of path separators to '/\\'.
2011-08-25Typofix in httpd_file:handle_error messageAndrás Veres-Szentkirályi
2011-08-05[httpc] Deprecated interface module http has been removed.Micael Karlberg
It has (long) been replaced by http client interface module httpc. OTP-9359