| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Derivatives of Core::Object should be constructed through
ClassName::construct(), to avoid handling ref-counted objects with
refcount zero. Fixing the visibility means that misuses like this are
more difficult.
|
|
When we receive HTTP payloads, we have to ensure that the number of
bytes read is *at most* the value specified in the Content-Length
header.
However, we did not use the correct value when calculating the truncated
size of the last payload. `m_buffered_size` does not store the total
number of bytes received, but rather the number of bytes that haven't
been read from us.
This means that if some data has already been read from us,
`m_buffered_size` is smaller than `m_received_size`. Because of this, we
ended up resizing the `payload` ByteBuffer to a larger size than its
contents. This garbage data was then read by consumers, producing this
warning when executing scripts:
> Extension byte 0xdc in 1 position after first byte 0xdc doesn't make
> sense.
|
|
|
|
Used these commands to test it:
printf 'HTTP/1.0 200 OK\r\n%s\r\n\r\n%s' 'Content-Length: 4' \
'well hello friends!' | nc -lN 0.0.0.0 8000
pro http://0.0.0.0:8000
|
|
This way we can save some calculations, but more importantly this will
also be needed in next commits. :P
|
|
(Actually, this also needs a Content-Encoding header, as response
streaming is disabled then. It didn't fit in the title.)
We were creating too small buffer -- instead of assigning the total
received buffer size, we were using the Content-Length value.
As you can see, the m_buffered_size might now exceed the Content-Length
value, but that will be handled in next commits, regardless if
the response can be streamed or not. :^)
Here's a minimal code that caused crash before:
printf 'HTTP/1.0 200 OK\r\n%s\r\n%s\r\n\r\n%s' \
'Content-Encoding: anything' 'Content-Length: 3' \
':^)AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA' | nc -lN 0.0.0.0 8000
pro http://0.0.0.0:8000
|
|
|
|
If we don't quit, the underlying socket won't get a chance to do much
other than nothing while we spin in read_while_data_available().
Fixes some possible RS spin (especially seen in Google's cookie consent
page).
|
|
Apparently discord likes to feed us headers as big as 6KiB, so clearly
there are large headers out there in the wild.
For reference, Apache's limit is 8KiB, and IIS's limit is 16KiB (this
limit is not defined by the spec, so nothing can stop a server from
sending massive headers - sadly)
|
|
This ultimately makes the sockets not spin while unused (particularly in
the 10s shutdown period that RequestServer's cache has).
|
|
|
|
|
|
Our previous behaviour of treating the original invalid compressed body
as the decompressed response is quite silly, if the headers and response
doesn't match up, the job has failed.
|
|
If the server responds with this header, we _must_ close the connection,
as the server is allowed to ignore the socket and not respond to
anything past that response.
Fixes some RequestServer spins.
|
|
The callback should be called as soon as the connection is established,
and if we actually set the callback when it already is, we expect it to
be called immediately.
|
|
This makes connections (particularly TLS-based ones) do the handshaking
stuff only once.
Currently the cache is configured to keep at most two connections evenly
balanced in queue size, and with a grace period of 10s after the last
queued job has finished (after which the connection will be dropped).
|
|
|
|
Our current way of signalling a missing port with m_port == 0 was
lacking, as 0 is a valid port number in URLs.
|
|
|
|
Only one place used this argument and it was to hold on to a strong ref
for the object. Since we already do that now, there's no need to keep
this argument around since this can be easily captured.
This commit contains no changes.
|
|
Previously the system would assume the socket was connected after the
file descriptor became writeable. Just because the fd is signaled as
ready for output does not necessarily indicate the socket is connected.
Instead, we should check the status of the socket with SO_ERROR and
handle successes/errors accordingly.
|
|
...unless it has already been done.
Otherwise we'd be spinning in RequestServer waiting for more read
events.
|
|
It's alright for this function to be called multiple times, as it quits
early when a partial flush doesn't empty the download buffer.
Relax the assertion to having scheduled "did_finish()" only once.
|
|
There's no reason to manually call it on TLS close, the HTTP reading
logic is smart enough to handle connection closes transparently.
Fixes #8211.
|
|
This patch adds two new static methods to HttpRequest.
get_http_basic_authentication_header generates a "Authorization" header
from a given URL, where as parse_http_basic_authentication_header parses
an "Authorization" header into username and password.
|
|
This adds a reason_phrase() getter and a static reason_phrase_for_code()
to the HttpResponse class.
It also changes the class to use east const style.
|
|
This percent encodes/decodes the request URI when creating or parsing
raw HTTP requests. This is necessary because AK::URL now contains
percent decoded data, meaning we have to re-encode it for creating
raw requests.
|
|
|
|
This was added in #4831, but it didn't account for extra newlines after
the response (seems like some servers like to do this).
|
|
When the path component of the request URL was empty we'd end up
sending requests like "GET HTTP/1.1" (note the missing /). This
ensures that we always send a path.
|
|
Nobody seems to use this particular feature, in fact there were some
bugs which were uncovered by removing operator bool.
|
|
...instead of doing so immediately.
This makes RequestServer not spin as much when its client isn't fast
enough to empty the download pipe.
It also has the nice benefit of allowing multiple downloads to happen
at the same time without one blocking the other too much.
|
|
|
|
We had some inconsistencies before:
- Sometimes "The", sometimes "the"
- Sometimes trailing ".", sometimes no trailing "."
I picked the most common one (lowecase "the", trailing ".") and applied
it to all copyright headers.
By using the exact same string everywhere we can ensure nothing gets
missed during a global search (and replace), and that these
inconsistencies are not spread any further (as copyright headers are
commonly copied to new files).
|
|
This makes it more symmetrical with adopt_own() (which is used to
create a NonnullOwnPtr from the result of a naked new.)
|
|
SPDX License Identifiers are a more compact / standardized
way of representing file license information.
See: https://spdx.dev/resources/use/#identifiers
This was done with the `ambr` search and replace tool.
ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
|
|
Fixes #6302.
|
|
Fixes an issue where LibHTTP would incorrectly detect an end of stream
when it runs out of TLS application data between the chunk body and its
ending CRLF.
|
|
|
|
This commit removes the only 3rd party library (and its usages)
in serenity: puff, which is used for deflate decompression. and
replaces it with the existing original serenity implementation
in LibCompress. :^)
|
|
(...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED)
Since all of these checks are done in release builds as well,
let's rename them to VERIFY to prevent confusion, as everyone is
used to assertions being compiled out in release.
We can introduce a new ASSERT macro that is specifically for debug
checks, but I'm doing this wholesale conversion first since we've
accumulated thousands of these already, and it's not immediately
obvious which ones are suitable for ASSERT.
|
|
Replacement made by `find Kernel Userland -name '*.h' -o -name '*.cpp' | sed -i -Ee 's/dbgln\b<(\w+)>\(/dbgln_if(\1, /g'`
|
|
|
|
This was done with the following script:
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/dbgln<debug_([a-z_]+)>/dbgln<\U\1_DEBUG>/' {} \;
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/if constexpr \(debug_([a-z0-9_]+)/if constexpr \(\U\1_DEBUG/' {} \;
|
|
It would be tempting to uncomment these statements, but that won't work
with the new changes.
This was done with the following commands:
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec awk -i inplace '$0 !~ /\/\/#define/ { if (!toggle) { print; } else { toggle = !toggle } } ; $0 ~/\/\/#define/ { toggle = 1 }' {} \;
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec awk -i inplace '$0 !~ /\/\/ #define/ { if (!toggle) { print; } else { toggle = !toggle } } ; $0 ~/\/\/ #define/ { toggle = 1 }' {} \;
|
|
This was done with the help of several scripts, I dump them here to
easily find them later:
awk '/#ifdef/ { print "#cmakedefine01 "$2 }' AK/Debug.h.in
for debug_macro in $(awk '/#ifdef/ { print $2 }' AK/Debug.h.in)
do
find . \( -name '*.cpp' -o -name '*.h' -o -name '*.in' \) -not -path './Toolchain/*' -not -path './Build/*' -exec sed -i -E 's/#ifdef '$debug_macro'/#if '$debug_macro'/' {} \;
done
# Remember to remove WRAPPER_GERNERATOR_DEBUG from the list.
awk '/#cmake/ { print "set("$2" ON)" }' AK/Debug.h.in
|
|
This was accidentally put behind a debug flag.
Fixes #5080
|
|
These changes are arbitrarily divided into multiple commits to make it
easier to find potentially introduced bugs with git bisect.
|
|
|
