aboutsummaryrefslogtreecommitdiffstats
path: root/lib/inets/src
AgeCommit message (Collapse)Author
2012-01-05Merge branch 'bmk/inets/httpc/bad_keep_alive_mode/r14/OTP-9847' into ↵Micael Karlberg
bmk/inets/inets573_integration Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src
2012-01-05[inets/httpc] Add proper code change codeMicael Karlberg
Added proper code to handle code upgrade/downgrade. The manager and handler(s) are interdependant which makes it a bit tricky. OTP-9847
2012-01-04[inets/httpc] Add test caseMicael Karlberg
Add a test case verifying the session selection. Add some more use of the update_session function. Improved verbosity printouts. OTP-9847
2012-01-03[inets/httpc] Fix the selection of session for keep-alive modeMicael Karlberg
When selecting a session, the "state" of the session (specifically if the server has responded) was not taken into account. Attempting to fix this, a "state" field (actually available) has been added to the session record. OTP-9847
2011-12-20[ftp] Fails to open IPv6 connectionMicael Karlberg
Fails to open IPv6 connection due to badly formatted IPv6 address in EPRT command. The address part of the command incorrectly contained decimal elements instead of hexadecimal. Attila Rajmund Nohl OTP-9827
2011-11-10Commas and more commas...Micael Karlberg
2011-11-09[httpd] GET request with malformed header date causedMicael Karlberg
server crash (non-fatal) with no reply to client. Will now result in a reply with status code 400. OTP-9674 Merge branch 'bmk/inets/httpd/xss_with_bad_header_date/r14/OTP-9674' into bmk/inets/inets572_integration Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src
2011-11-09Initial merge from r13 topic branch. With minimal cleanup.Micael Karlberg
Merge branch 'bmk/inets/httpd/xss_with_bad_header_date/r13/OTP-9674' into bmk/inets/httpd/xss_with_bad_header_date/r14/OTP-9674 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_server/mod_responsecontrol.erl lib/inets/src/inets_app/inets.appup.src lib/inets/test/httpd_1_1.erl lib/inets/test/httpd_SUITE.erl lib/inets/test/httpd_mod.erl lib/inets/test/httpd_test_lib.erl lib/inets/vsn.mk
2011-11-09Aftermerge cleanup.Micael Karlberg
2011-11-09Initial merge from r13 topic branch. With minimal cleanup.Micael Karlberg
Merge branch 'bmk/inets/httpd/xss_when_erl_encoded/r13/OTP-9655' into bmk/inets/httpd/xss_when_erl_encoded/r14/OTP-9655 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/http_lib/http_uri.erl lib/inets/src/http_lib/http_util.erl lib/inets/src/http_server/httpd_file.erl lib/inets/src/http_server/httpd_request.erl lib/inets/src/http_server/httpd_request_handler.erl lib/inets/src/http_server/httpd_util.erl lib/inets/src/inets_app/inets.appup.src lib/inets/test/httpc_SUITE.erl lib/inets/test/httpd_SUITE.erl lib/inets/test/httpd_basic_SUITE.erl lib/inets/test/httpd_test_lib.erl lib/inets/vsn.mk
2011-11-01[httpd] GET request with malformed header date causedMicael Karlberg
server crash (non-fatal) with no reply to client. Will now result in a reply with status code 400. OTP-9674
2011-11-01Added versions 5.2, 5.1.3 and 5.1.2 again.Micael Karlberg
OTP-9655
2011-10-26Fixed HTML encode. First *try* to hex decode uri, and thenMicael Karlberg
do the actual html encode. OTP-9655
2011-10-26Skip catching hex decode failure.Micael Karlberg
OTP-9655
2011-10-26Fixed hex-decoding.Micael Karlberg
OTP-9655
2011-10-25Added release notes, appup and correct version.Micael Karlberg
OTP-9655
2011-10-25The XSS prevention methods used was confused if theMicael Karlberg
URL was encoded (hex-encoded). OTP-9655
2011-09-29Update copyright yearsBjörn-Egil Dahlberg
2011-09-23[httpc] Parsing of a cookie expire date should be more forgiving.Micael Karlberg
That is, if the parsing fails, the date should be ignored. Also added support for (yet another) date format: "Tue Jan 01 08:00:01 2036 GMT". OTP-9433 [httpc] Rewrote cookie parsing. Among other things solving cookie processing from www.expedia.com. OTP-9434 [httpd] Fix httpd directory traversal on Windows. Directory traversal was possible on Windows where backward slash is used as directory separator. Andr�s Veres-Szentkir�lyi. OTP-9561 Merge branch 'bmk/inets/inets571_integration' into dev
2011-09-19Merge branch 'bmk/inets/httpd/windows_dir_traversal/OTP-OTP-9561' into ↵Micael Karlberg
bmk/inets/inets571_integration Conflicts: lib/inets/doc/src/notes.xml
2011-09-19Merge branch 'dev' of super:otp into bmk/inets/inets571_integrationMicael Karlberg
2011-09-19Fixed release notes, version and cosmetics in source.Micael Karlberg
2011-09-19Merge branch 'va/http-win-dir-traversal' into ↵Micael Karlberg
bmk/inets/httpd/windows_dir_traversal/OTP-OTP-9561
2011-09-15Fix more misspellings of compatibilityTuncer Ayaz
2011-09-15Fix misspelling of keptTuncer Ayaz
2011-09-15Updated http-server to make sure URLs in error-messagesMicael Karlberg
are URL-encoded. Added support in http-client to use URL-encoding. Also added the missing include directory for the inets application. OTP-8940 [httpd] Prevent XSS in error pages. Prevent user controlled input from being interpreted as HTML in error pages by encoding the reserved HTML characters. Michael Santos OTP-9124
2011-09-08[httpc] Rewrote cookie parsing. Among other things solvingMicael Karlberg
cookie processing from www.expedia.com. OTP-9434
2011-09-06[httpc] Parsing of a cookie expire date should be more forgiving.Micael Karlberg
That is, if the parsing fails, the date should be ignored. Also added support for (yet another) date format: "Tue Jan 01 08:00:01 2036 GMT" OTP-9433
2011-08-26Fix httpd directory traversal on WindowsAndrás Veres-Szentkirályi
Although the validation in httpd_request works well on platforms using forward slash as directory separator, on Windows systems, this protection can be circumvented using URLs containing backslashes. This way, any file accessible to the user running the server (even those outside the document root) can be read through HTTP. This commit solves the problem by expanding the list of path separators to '/\\'.
2011-08-25Typofix in httpd_file:handle_error messageAndrás Veres-Szentkirályi
2011-06-17Corrected appup-file (missing ',').Micael Karlberg
2011-06-15[httpc|httpd] Added support for IPv6 with ssl.Micael Karlberg
OTP-5566 Merge branch 'bmk/inets/handle_ipv6_with_ssl2/OTP-5566' into bmk/inets/inets57_integration2 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src lib/inets/test/inets_test_lib.erl
2011-06-15Uppdated appup-file.Micael Karlberg
2011-06-15Stopping httpc client...Micael Karlberg
2011-06-15Clients started stand-alone not properly handled.Micael Karlberg
OTP-9365
2011-06-15Temporary solution for profile_name stuff. What about Pids???Micael Karlberg
2011-06-15SSL with IPv6 now works "in principle".Micael Karlberg
2011-06-15[httpc] Remove unnecessary usage of iolist_to_binary whenMicael Karlberg
processing body (for PUT and POST). Filipe David Manana OTP-9317 Merge branch 'bmk/inets/httpc/remove_unnecessary_iolist_to_binary_usage2/OTP-9317' into bmk/inets/inets57_integration2 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src
2011-06-15[httpc] Remove unnecessary usage of iolist_to_binary whenMicael Karlberg
processing body (for PUT and POST). Filipe David Manana OTP-9317
2011-06-15[ftp] FTP client doesn't work with IPv6 host.Micael Karlberg
Attila Rajmund Nohl OTP-9342 Merge branch 'bmk/inets/ftp/does_not_handle_ipv6/OTP-9342' into bmk/inets/inets57_integration2 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src
2011-05-30Peer/sockname resolv doesn't work with IPv6 addrs in HTTP.Micael Karlberg
OTP-9343
2011-05-27OTP-9342: FTP client doesn't work with IPv6Micael Karlberg
OTP-9342: IpFamily config option was not handled OTP-9342: Release notes remain... OTP-9342: <credit>attila rajmund nohl</credit>
2011-05-20Update copyright yearsBjörn-Egil Dahlberg
2011-05-12Calling gen_tcp:connect with option {ip, {127,0,0,1}} results in an exit withMicael Karlberg
reason badarg. Neither SSL nor INETS catches this, resulting in crashes with incomprehensible reasons. OTP-9289
2011-05-11Fixed httpc manager crashIngela Anderton Andin
httpc manager crashes.When a request results in a retry, the request id will be "reused" in the previous implementation a race condition could occur causing the manager to crash. This is now avoided by using proc_lib:init_ack and gen_server:enter_loop to allow more advanced initialization of httpc_handlers without blocking the httpc_manger and eliminating extra processes that can cause race conditions.
2011-04-19Updated appup file.Micael Karlberg
2011-04-19Default ssl kind changed to essl (from ossl).Micael Karlberg
2011-04-12Proper release notes.Micael Karlberg
2011-04-06Accepting file descriptors (fd) in the config forMicael Karlberg
socket type ip_comm.
2011-03-28A slightly more usefull debug printout (including httpd services).Micael Karlberg