mirror of
https://github.com/c-cube/tiny_httpd.git
synced 2026-03-07 21:37:57 -05:00
ba19880d75
* fix: use realpath to validate filesystem paths against traversal - add string_prefix helper to check path containment - compute root_canonical once per add_vfs_ call - use realpath only for filesystem (on_fs=true), keeping simple contains_dot_dot check for VFS - paths are already URL-decoded by Route.rest_of_path_urlencoded * fix: add header size limits to prevent memory exhaustion add optional limits to Headers.parse_: - max_headers: 100 (default) - max_header_size: 16KiB per header (default) - max_total_size: 256KiB total (default) returns 431 status code when limits exceeded per RFC 6585.
41 lines
897 B
Text
41 lines
897 B
Text
(lang dune 3.2)
|
|
(name tiny_httpd)
|
|
(generate_opam_files true)
|
|
|
|
(authors c-cube)
|
|
(maintainers c-cube)
|
|
(version 0.19)
|
|
(source (github c-cube/tiny_httpd))
|
|
(homepage https://github.com/c-cube/tiny_httpd/)
|
|
(license MIT)
|
|
|
|
(package
|
|
(name tiny_httpd)
|
|
(synopsis "Minimal HTTP server using threads")
|
|
(tags (http thread server tiny_httpd http_of_dir simplehttpserver))
|
|
(depopts
|
|
logs
|
|
magic-mime
|
|
(mtime (>= 2.0)))
|
|
(depends
|
|
seq
|
|
base-threads
|
|
result
|
|
hmap
|
|
(iostream (>= 0.2))
|
|
(ocaml (>= 4.13))
|
|
(odoc :with-doc)
|
|
(logs :with-test)
|
|
(conf-libcurl :with-test)
|
|
(ptime :with-test)
|
|
(qcheck-core (and (>= 0.9) :with-test))))
|
|
|
|
(package
|
|
(name tiny_httpd_camlzip)
|
|
(synopsis "Interface to camlzip for tiny_httpd")
|
|
(depends
|
|
(tiny_httpd (= :version))
|
|
(camlzip (>= 1.06))
|
|
(iostream-camlzip (>= 0.2.1))
|
|
(logs :with-test)
|
|
(odoc :with-doc)))
|