aboutsummaryrefslogtreecommitdiffstats
path: root/lib/inets/test
AgeCommit message (Collapse)Author
2011-03-11[httpd] Prevent XSS in error pages.Micael Karlberg
Prevent user controlled input from being interpreted as HTML in error pages by encoding the reserved HTML characters.
2011-02-22inets: prevent XSS in error pagesMichael Santos
Prevent user controlled input from being interpreted as HTML in error pages by encoding the reserved HTML characters. The reserved character set should be safe for displaying data within the body of HTML pages as outlined here: http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet Previously, weird URLs were URI encoded in the error page. This worked quite well but the URL would be displayed in the HTML in percent encoded format. There was also a check for URIs that were already escaped (by the browser) that would fail if the browser sent an URI containing a "%", e.g.: w3m "http://localhost:8080/<b>foo</b>?%" Also encode the HTTP method and version, since it's possible they may be manipulated: <b>FOO</b> /index.html HTTP/1.0 GET /index.html <b>foo</b>/1.0 Encode the static messages to prevent characters from being interpreted as HTML such as "heavy load (>~w processes)".
2011-02-17Update ipv6 testcase to be skipped if no ipv6 hosts are definedLukas Larsson
2011-02-17Update ftp suite to take config from ct:get_configLukas Larsson
2011-02-17Rename Suite Callback to Common Test HookLukas Larsson
2011-02-17Update and add cover spec files to work with common_testLukas Larsson
2011-02-17Update all test specsLukas Larsson
2011-02-17Fix formatting for inetsLukas Larsson
2011-02-17Add init_per_suite and end_per_suiteLukas Larsson
2011-02-17Add ts_install_scb to suite/0Lukas Larsson
2011-02-17Update inets tests to conform with common_test standardLukas Larsson
2011-02-17Update all fin_per_testcase to end_per_testcase.Lukas Larsson
2011-02-17Updated test cases to work with ts conversion algorithmLukas Larsson
2010-12-02Teach inet_test_lib to understand enetunreachPatrik Nyblom
2010-12-01Merge branch 'ia/ssl/test-improvments' into devIngela Anderton Andin
2010-11-29More IPv6 fixing. This time in actual code (in the client).Micael Karlberg
2010-11-29URL-encoding - add support in client and more usage in server. AlsoIngela Anderton Andin
added missing include directory.
2010-11-10New behaviour for ipv6 machines.Micael Karlberg
As the web-server uses the option ipfamily with value, inet6fb4, so should the client. Also some make cleanup (testing for TAR.exclude in data dirs before using). Header in vsn.mk file also missing for some reason!
2010-08-25Merge branch 'maint-r13' into devBjörn Gustavsson
* maint-r13: snmp: Patch 1130 inets: Patch 1129 ssh: Patch 1127 ssh: Patch 1126 Conflicts: lib/inets/doc/src/notes.xml lib/inets/src/inets_app/inets.appup.src lib/inets/vsn.mk lib/snmp/vsn.mk lib/ssh/doc/src/notes.xml lib/ssh/src/ssh.appup.src lib/ssh/vsn.mk
2010-08-23inets: Patch 1129Micael Karlberg
OTP-8739 [httpc] If a request times out (not connect timeout), the handler process exited (normal) but neglected to inform the manager process. For this reason, the manager did not clean up the request table, resulting in a memory leak. Also the manager did not create a monitor for the handler, so in an unforseen handler crash, this could also create a memory leak. OTP-8741 The service tftp was spelled wrong in documentation and in some parts of the code. It should be tftp. OTP-8742 [httpc] Replaced the old http client api module (http) with the new, httpc in the users guide.
2010-08-20inets: Patch 1122Micael Karlberg
OTP-8609 [httpc] Made cookie handling more case insensitive. OTP-8610 [httpc|httpd] Some netscape cookie dates are given with a 2-digit year (e.g. 06 = 2006). OTP-8624 [httpd] Added support (again) for the documented debugging features. See the User's Guide Configuration chapter for more info.
2010-06-08OTP-7907: [httpc|httpd] - Now allow the use of the "new" ssl.Micael Karlberg
OTP-8564: Update deprecated status. OTP-8573: Inets mod_alias URL rewrite.
2010-06-07OTP-7907: Allow the use of the "new" ssl (essl).Micael Karlberg
OTP-8564: Update deeprication status. OTP-8573: Inets mod_alias URL rewrite.
2010-05-27OTP-8609: Made cookie handling more case insensitive.Micael Karlberg
OTP-8610: Some netscape cookie dates are given with a 2-digit year.
2010-02-13OTP-8431: Fix error handling of httpc_manager and its starter processMicael Karlberg
OTP-8431: [email protected]
2010-01-19OTP-8016 [httpc] Several more or less critical fixes: * Initial callMicael Karlberg
between the httpc manager and request handler was synchronous. When the manager starts a new request handler, this is no longer a synchronous operation. Previously, the new request handler made the connection to the server and issuing of the first request (the reason for starting it) in the gen_server init function. If the connection for some reason "took some time", the manager hanged, leaving all other activities by that manager also hanging. As a side-effect of these changes, some modules was also renamed, and a new api module, httpc, has been introduced (the old module, http, is *not* removed, but is now just wrapper for httpc).
2010-01-15OTP-8016, OTP-8056, OTP-8103, OTP-8106, OTP-8312, OTP-8315, OTP-8327, OTP-8349,Micael Karlberg
OTP-8351, OTP-8359 & OTP-8371.
2010-01-14OTP-8016, OTP-8056, OTP-8103, OTP-8106, OTP-8312, OTP-8315, OTP-8327, OTP-8349,Micael Karlberg
OTP-8351, OTP-8359 & OTP-8371.
2010-01-13OTP-8016, OTP-8056, OTP-8103, OTP-8106, OTP-8312, OTP-8315, OTP-8327, OTP-8349,Micael Karlberg
OTP-8351, OTP-8359 & OTP-8371.
2010-01-13OTP-8016, OTP-8056, OTP-8103, OTP-8106, OTP-8312, OTP-8315, OTP-8327, OTP-8349,Micael Karlberg
OTP-8351, OTP-8359 & OTP-8371.