Age | Commit message (Collapse) | Author |
|
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
lib/inets/test/httpc_cookie_SUITE.erl
lib/inets/vsn.mk
|
|
That is, if the parsing fails, the date should be ignored.
Also added support for (yet another) date format:
"Tue Jan 01 08:00:01 2036 GMT".
OTP-9433
[httpc] Rewrote cookie parsing. Among other things solving
cookie processing from www.expedia.com.
OTP-9434
[httpd] Fix httpd directory traversal on Windows.
Directory traversal was possible on Windows where
backward slash is used as directory separator.
Andr�s Veres-Szentkir�lyi.
OTP-9561
Merge branch 'bmk/inets/inets571_integration' into dev
|
|
Conflicts:
erts/aclocal.m4
erts/include/internal/ethread_header_config.h.in
|
|
bmk/inets/inets571_integration
Conflicts:
lib/inets/doc/src/notes.xml
|
|
|
|
|
|
bmk/inets/httpd/windows_dir_traversal/OTP-OTP-9561
|
|
|
|
|
|
[httpc] Deprecated interface module <c>http</c> has been removed.
It has (long) been replaced by http client interface module httpc.
OTP-9359
[httpc|httpd] The old ssl implementation (based on OpenSSL),
has been deprecated. The config option that specified usage of
this version of the ssl app, *ossl*, has been removed.
OTP-9522
|
|
cookie processing from www.expedia.com.
OTP-9434
|
|
That is, if the parsing fails, the date should be ignored.
Also added support for (yet another) date format: "Tue Jan 01 08:00:01 2036 GMT"
OTP-9433
|
|
The ossl option is no longer valid since the old ssl (OpenSSL
based ssl variant) has been removed from the ssl app.
OTP-9522
|
|
Although the validation in httpd_request works well on platforms using
forward slash as directory separator, on Windows systems, this
protection can be circumvented using URLs containing backslashes.
This way, any file accessible to the user running the server (even
those outside the document root) can be read through HTTP. This commit
solves the problem by expanding the list of path separators to '/\\'.
|
|
|
|
It has (long) been replaced by http client interface module httpc.
OTP-9359
|
|
|
|
OTP-5566
Merge branch 'bmk/inets/handle_ipv6_with_ssl2/OTP-5566' into bmk/inets/inets57_integration2
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
lib/inets/test/inets_test_lib.erl
|
|
|
|
|
|
OTP-9365
|
|
|
|
|
|
processing body (for PUT and POST).
Filipe David Manana
OTP-9317
Merge branch 'bmk/inets/httpc/remove_unnecessary_iolist_to_binary_usage2/OTP-9317' into bmk/inets/inets57_integration2
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
processing body (for PUT and POST).
Filipe David Manana
OTP-9317
|
|
Attila Rajmund Nohl
OTP-9342
Merge branch 'bmk/inets/ftp/does_not_handle_ipv6/OTP-9342' into bmk/inets/inets57_integration2
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
OTP-9343
|
|
OTP-9342: IpFamily config option was not handled
OTP-9342: Release notes remain...
OTP-9342: <credit>attila rajmund nohl</credit>
|
|
|
|
reason badarg. Neither SSL nor INETS catches this, resulting in crashes
with incomprehensible reasons.
OTP-9289
|
|
httpc manager crashes.When a request results in a retry, the request
id will be "reused" in the previous implementation a race condition
could occur causing the manager to crash. This is now avoided by using
proc_lib:init_ack and gen_server:enter_loop to allow more advanced
initialization of httpc_handlers without blocking the httpc_manger
and eliminating extra processes that can cause race conditions.
|
|
|
|
|
|
|
|
socket type ip_comm.
|
|
|
|
OTP-9158
|
|
OTP-9157
|
|
bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
'bmk/inets/httpd/make_mod_esi_deliver_accept_binary_data/OTP-9123' into bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
into bmk/inets/inet56_integration
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
|
|
Fixed appup file (not updated).
Fixed application version.
|
|
Conflicts:
lib/inets/doc/src/notes.xml
Fixed release notes after merge.
|
|
When a mod_esi request times out, the code to send a timeout response
was incorrect and generated an internal server error as well as an invalid
response line.
|
|
|
|
Prevent user controlled input from being interpreted
as HTML in error pages by encoding the reserved HTML
characters.
|
|
|
|
bmk/inets/httpd/prevent_xss_in_error_pages/OTP-9124
|
|
|
|
bmk/inets/httpd/make_mod_esi_deliver_accept_binary_data/OTP-9123
|