| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The setuid/setgid syscalls requires root capabilities but if the kernel
supports unprivileged user namespace then the child process has the full
set of capabilities in the new namespace, then we can allow setting "user"
and "group" in such cases (this is a common security use case).
Tests were added to ensure user gets meaningful error messages for
uid/gid mapping misconfigurations.
|
|
Name and value in each header are 0-terminated, so additional 2 bytes
should be allocated for them. There were several attempts to add these
2 bytes to headers in language modules, but some modules weren't updated.
Also, adding these 2 bytes is specific to the implementation which may be
changed later, so extending this mechanics to modules may cause errors.
|
|
This field was intended for MIME type lookup by file extension when serving
static files, but this use case is too narrow; only a fraction of requests
targets static content, and the URI presumably isn't rewritten. Moreover,
current implementation uses the entire filename for MIME type lookup if the
file has no extension.
Instead of extracting filenames and extensions when parsing requests, it's
easier to obtain them right before serving static content; this behavior is
already implemented. Thus, we can drop excessive logic from parser.
|
|
In theory, all space characters in request target must be encoded; however,
some clients may violate the specification. For the sake of interoperability,
Unit supports unencoded space characters.
Previously, if there was a space character before the extension or arguments
parts, those parts weren't recognized. Also, quoted symbols and complex
target weren't detected after a space character.
|
|
|
|
|
|
|
|
The nxt_murmur_hash2() generated 4-byte hash that was stored in uintptr_t,
which was 8 bytes long on 64-bit systems. At each iteration, it took the
previous key and hashed it again.
The problem was that it took only the first 4 bytes of the key, and these
4 bytes were always zero on 64-bit big-endian system. That resulted in
equal keys at each iteration.
The bug was discovered on IBM/S390x.
|
|
Library now used in all language modules.
Old 'nxt_app_*' code removed.
See src/test/nxt_unit_app_test.c for usage sample.
|
|
Allowing characters up to 0xFF doesn't conflict with RFC 7230.
Particularly, this make it possible to pass unencoded UTF-8 data
through HTTP headers, which can be useful.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
According to RFC 7230 only printable 7-bit ASCII characters are allowed
in field values.
|
|
This closes #82 issue on GitHub.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
