Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2020-11-17 | HTTP parser: allowed more characters in header field names. | Valentin Bartenev | 1 | -24/+43 | |
Previously, all requests that contained in header field names characters other than alphanumeric, or "-", or "_" were rejected with a 400 "Bad Request" error response. Now, the parser allows the same set of characters as specified in RFC 7230, including: "!", "#", "$", "%", "&", "'", "*", "+", ".", "^", "`", "|", and "~". Header field names that contain only these characters are considered valid. Also, there's a new option introduced: "discard_unsafe_fields". It accepts boolean value and it is set to "true" by default. When this option is "true", all header field names that contain characters in valid range, but other than alphanumeric or "-" are skipped during parsing. When the option is "false", these header fields aren't skipped. Requests with non-valid characters in header field names according to RFC 7230 are rejected regardless of "discard_unsafe_fields" setting. This closes #422 issue on GitHub. | |||||
2020-04-16 | Using malloc/free for the http fields hash. | Max Romanov | 1 | -22/+4 | |
This is required due to lack of a graceful shutdown: there is a small gap between the runtime's memory pool release and router process's exit. Thus, a worker thread may start processing a request between these two operations, which may result in an http fields hash access and subsequent crash. To simplify issue reproduction, it makes sense to add a 2 sec sleep before exit() in nxt_runtime_exit(). | |||||
2019-11-14 | Initial proxy support. | Igor Sysoev | 1 | -0/+1 | |
2019-09-30 | HTTP parser: removed unused "exten" field. | Valentin Bartenev | 1 | -21/+2 | |
This field was intended for MIME type lookup by file extension when serving static files, but this use case is too narrow; only a fraction of requests targets static content, and the URI presumably isn't rewritten. Moreover, current implementation uses the entire filename for MIME type lookup if the file has no extension. Instead of extracting filenames and extensions when parsing requests, it's easier to obtain them right before serving static content; this behavior is already implemented. Thus, we can drop excessive logic from parser. | |||||
2019-09-30 | HTTP parser: normalization of paths ending with "." or "..". | Valentin Bartenev | 1 | -8/+28 | |
Earlier, the paths were normalized only if there was a "/" at the end, which is wrong according to section 5.2.4 of RFC 3986 and hypothetically may allow to the directory above the document root. | |||||
2019-09-17 | HTTP parser: fixed parsing of target after literal space character. | Valentin Bartenev | 1 | -2/+18 | |
In theory, all space characters in request target must be encoded; however, some clients may violate the specification. For the sake of interoperability, Unit supports unencoded space characters. Previously, if there was a space character before the extension or arguments parts, those parts weren't recognized. Also, quoted symbols and complex target weren't detected after a space character. | |||||
2019-09-16 | HTTP parser: removed unused "plus_in_target" flag. | Valentin Bartenev | 1 | -22/+1 | |
2019-09-16 | HTTP parser: removed unused "exten_start" and "args_start" fields. | Valentin Bartenev | 1 | -29/+29 | |
2019-09-16 | Configuration: added ability to access object members with slashes. | Valentin Bartenev | 1 | -4/+26 | |
Now URI encoding can be used to escape "/" in the request path: GET /config/listeners/unix:%2Fpath%2Fto%2Fsocket/ | |||||
2019-08-16 | Improving response header fields processing. | Max Romanov | 1 | -19/+4 | |
Fields are filtered one by one before being added to fields list. This avoids adding and then skipping connection-specific fields. | |||||
2019-05-30 | Added routing based on header fields. | Igor Sysoev | 1 | -4/+0 | |
2019-03-11 | Style. | Andrey Zelenkov | 1 | -1/+1 | |
2018-07-03 | HTTP parser: relaxed checking of fields values. | Valentin Bartenev | 1 | -2/+1 | |
Allowing characters up to 0xFF doesn't conflict with RFC 7230. Particularly, this make it possible to pass unencoded UTF-8 data through HTTP headers, which can be useful. | |||||
2018-06-25 | Removed '\r' and '\n' artifact macros. | Igor Sysoev | 1 | -1/+1 | |
2018-04-10 | HTTP parser: saving partial method. | Valentin Bartenev | 1 | -0/+4 | |
This is useful for log purposes. | |||||
2018-04-10 | HTTP parser: saving unsupported version. | Valentin Bartenev | 1 | -0/+1 | |
This is useful for log purposes. | |||||
2018-04-10 | HTTP parser: correct "target" for partial or invalid request line. | Valentin Bartenev | 1 | -0/+4 | |
2018-04-05 | Style. | Valentin Bartenev | 1 | -2/+2 | |
2018-04-04 | Style: capitalized letters in hexadecimal literals. | Valentin Bartenev | 1 | -13/+13 | |
2018-03-15 | HTTP parser: excluding leading and trailing tabs from field values. | Valentin Bartenev | 1 | -2/+5 | |
As required by RFC 7230. | |||||
2018-03-15 | HTTP parser: allowing tabs in field values as per RFC 7230. | Valentin Bartenev | 1 | -13/+21 | |
2018-03-15 | HTTP parser: restricting allowed characters in fields values. | Valentin Bartenev | 1 | -1/+2 | |
According to RFC 7230 only printable 7-bit ASCII characters are allowed in field values. | |||||
2018-03-15 | HTTP parser: fixed parsing of field values ending with space. | Valentin Bartenev | 1 | -8/+10 | |
This closes #82 issue on GitHub. | |||||
2018-01-25 | HTTP parser: simplified nxt_http_parse_field_value(). | Valentin Bartenev | 1 | -15/+11 | |
There's no need in loop after 4ac474b68658. Found by Coverity (CID 259713). | |||||
2018-01-24 | HTTP parser: restricting control chars in header fields values. | Valentin Bartenev | 1 | -3/+1 | |
This also fixes an infinite loop here (found with honggfuzz). | |||||
2018-01-15 | Checking for major HTTP version. | Valentin Bartenev | 1 | -13/+23 | |
2018-01-15 | Improved HTTP version representation. | Valentin Bartenev | 1 | -14/+10 | |
2018-01-15 | HTTP parser: improved error reporting. | Valentin Bartenev | 1 | -18/+18 | |
2018-01-09 | HTTP parser: allowing underscore in header field names. | Valentin Bartenev | 1 | -1/+1 | |
2017-12-27 | HTTP parser: introduced nxt_http_parse_fields(). | Valentin Bartenev | 1 | -0/+17 | |
2017-12-26 | HTTP parser: fixed memory overflow in the collisions test. | Valentin Bartenev | 1 | -0/+1 | |
The level hash uses the NULL value as the indicator of a free entry in a bucket. So, inserting a NULL value breaks the hash and can lead to a bucket overflow. In case of the collision counter, the value wasn't initialized, since it's not needed for the purpose of checking collisions. As a result, it might contain any garbage from the stack and in some rare cases the value was NULL. Now the value is initilized. | |||||
2017-12-25 | HTTP parser: reworked header fields handling. | Valentin Bartenev | 1 | -286/+259 | |
2017-12-08 | HTTP parser: improved detection of corrupted request line. | Valentin Bartenev | 1 | -1/+43 | |
2017-12-08 | HTTP parser: slightly improved readability of code. | Valentin Bartenev | 1 | -103/+101 | |
As suggested by Igor Sysoev. | |||||
2017-07-05 | Complex target parser copied from NGINX. | Max Romanov | 1 | -1/+336 | |
nxt_app_request_header_t fields renamed: - 'path' renamed to 'target'. - 'path_no_query' renamed to 'path' and contains parsed value. | |||||
2017-06-27 | Applied nxt_pointer_to() and nxt_value_at() where possible. | Valentin Bartenev | 1 | -1/+1 | |
2017-06-20 | HTTP parser: reduced memory consumption of header fields list. | Valentin Bartenev | 1 | -59/+77 | |
2017-06-20 | Using new memory pool implementation. | Igor Sysoev | 1 | -4/+3 | |
2017-06-13 | HTTP parser: decoupled header fields processing. | Valentin Bartenev | 1 | -157/+170 | |
2017-06-09 | HTTP parser: fixed handling header fields with missing colon. | Valentin Bartenev | 1 | -1/+3 | |
2017-05-31 | HTTP parser: changed style of a comment. | Valentin Bartenev | 1 | -4/+4 | |
As requested by Igor. | |||||
2017-05-10 | Added missing "fall through" comments to make GCC 7 happy. | Valentin Bartenev | 1 | -0/+3 | |
2017-04-25 | HTTP parser: fixed minimum length optimization in headers hash. | Valentin Bartenev | 1 | -4/+7 | |
2017-03-08 | More optimizations of HTTP parser. | Valentin Bartenev | 1 | -103/+63 | |
SSE 4.2 code removed, since loop unrolling gives better results. | |||||
2017-03-01 | HTTP parser. | Valentin Bartenev | 1 | -0/+889 | |
2017-03-01 | Removed legacy HTTP parser. | Valentin Bartenev | 1 | -595/+0 | |