simon/tiny_httpd
1
0
Fork 0
mirror of https://github.com/c-cube/tiny_httpd.git synced 2026-03-07 21:37:57 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
574 commits 20 branches 20 tags 11 MiB
Commit graph

20 commits

Author SHA1 Message Date
Simon Cruanes
ba19880d75
hardening bugfixes
Some checks failed
github pages / deploy (push) Has been cancelled
Details
build / build (4.13.x, ubuntu-latest) (push) Has been cancelled
Details
build / build (4.14.x, ubuntu-latest) (push) Has been cancelled
Details
build / build (5.03.x, ubuntu-latest) (push) Has been cancelled
Details 
* fix: use realpath to validate filesystem paths against traversal

- add string_prefix helper to check path containment
- compute root_canonical once per add_vfs_ call
- use realpath only for filesystem (on_fs=true), keeping simple
  contains_dot_dot check for VFS
- paths are already URL-decoded by Route.rest_of_path_urlencoded

* fix: add header size limits to prevent memory exhaustion

add optional limits to Headers.parse_:
- max_headers: 100 (default)
- max_header_size: 16KiB per header (default)
- max_total_size: 256KiB total (default)

returns 431 status code when limits exceeded per RFC 6585.
 2026-02-10 19:57:21 -05:00
Simon Cruanes
f3461cfd21
detail in example 2025-03-21 08:37:16 -04:00
Simon Cruanes
a86eac85bf
add a HEAD endpoint to echo 2024-12-25 10:59:32 -05:00
Simon Cruanes
731dd7de51
add a form to echo.ml for manual testing 2024-12-03 10:13:33 -05:00
Simon Cruanes
ec3dec6b72
wip: bugfixes 2024-02-26 16:28:31 -05:00
Simon Cruanes
86f1b9025d
add optional dependency on logs 2024-01-23 23:32:20 -05:00
Simon Cruanes
7b094b55ad
many fixes 2023-07-11 11:31:06 -04:00
Simon Cruanes
e1f0c58065 echo examples: add alice endpoint; use eio_posix 2023-06-23 17:58:11 -04:00
Simon Cruanes
04f17262b6
example: add super stupid http auth endpoints to echo.ml 
the endpoint /protected requires user:foobar login to see the content.
 2023-06-20 23:04:44 -04:00
Simon Cruanes
0908d71e19
ocamlformat 2023-05-23 17:40:18 -04:00
Simon Cruanes
6706589c62
increase test coverage to include vfs and <pre> 2022-03-17 22:35:13 -04:00
Simon Cruanes
533a42a661 details 2022-03-16 20:40:38 -04:00
Simon Cruanes
759995b9d5
add a VFS in examples/echo.ml 2022-03-03 22:14:44 -05:00
craff
51be9c0c8f real fix in echo! 2021-12-15 20:19:42 -10:00
craff
ffc18a5617 fix in echo 2021-12-15 20:13:32 -10:00
craff
672e33c827 detailed time in echo example 2021-12-15 18:18:52 -10:00
craff
4770e3e729 Timing start of request 2021-12-15 18:14:17 -10:00
Simon Cruanes
7685505f28
example: update echo to provide a /stats/ endpoint using a middleware 2021-12-15 16:27:28 -05:00
Simon Cruanes
ba31534551
feat: pass buf_size in many places, set default buf_size to 16kb 2021-12-12 17:06:46 -05:00
Simon Cruanes
c8982c8836
move echo from src/examples/ to examples/ 2021-12-11 10:02:24 -05:00
Renamed from src/examples/echo.ml (Browse further)