mirror/darkhttpd
1
0
Fork 0
mirror of https://github.com/emikulic/darkhttpd.git synced 2023-08-10 21:13:08 +03:00
Code Issues Projects Releases Wiki Activity
410 Commits 1 Branch 2 Tags 1.3 MiB
master
Commit Graph

103 Commits

Author SHA1 Message Date
André Kugland
defc1e8ce9
Custom headers with the CLI option --header (#28) 
These changes add a command-line option --header, e.g. --header 'Access-Control-Allow-Origin: *'.

Basic tests are included for this option.

When accepting the argument, a very simple sanitization is made, the string is required to contain ": ", and can’t contain a '\n' character. These checks are far from what is required to truly validate a HTTP header, but will at least detect simple mistakes and forbid the abuse of having arguments that include more than one header, or, worse, that include a body for the response (after "\r\n\r\n").

This should also close the Issue #16 and PR #27, I think, since CORS functionality can be obtained by specifying a custom header.
 2022-12-06 21:46:52 +11:00
Emil Mikulic
64b03a032e open_sockets.py: remove unused import. 2022-11-23 11:18:39 +11:00
Emil Mikulic
a88ecadafe fuzzer: take optional port number from environment variable. 
Makes it possible to run multiple fuzzer processes in parallel.
 2022-10-02 12:24:17 +11:00
Emil Mikulic
762956f1a8 Set running = 1 before entering the main loop. 
This is so the fuzzer can wait for it.
 2022-10-02 12:21:33 +11:00
Emil Mikulic
1eb6daa357 Fix crash when a file has a large (year 10,000+) mtime. 
https://bugzilla.redhat.com/show_bug.cgi?id=1893725
https://github.com/emikulic/darkhttpd/issues/21
 2022-10-02 11:50:02 +11:00
Emil Mikulic
1f166293b7 Update tests after adding slash to href for directories. 2022-10-02 11:38:12 +11:00
Emil Mikulic
1e4cddb6b6 Disable msan because it's not working. 
It looks like parts of dlent are not being unpoisoned.
 2022-10-02 11:34:56 +11:00
Emil Mikulic
3641c2f50f Dir listing: special-case ".." to come first. 
Suggested by: @frogtile

Fixes #14
 2022-01-19 20:10:50 +11:00
Emil Mikulic
f0ca481fd1 Make header parsing case insensitive. 
This makes darkhttpd more useful behind an HTTP2 reverse proxy,
because the HTTP2 headers are all lowercase.

Suggested by: @Hill-98

Fixes #15
 2022-01-19 20:01:32 +11:00
Emil Mikulic
1759a7a7d9 Add tests for --forward-https. 2021-08-22 13:18:36 +10:00
Emil Mikulic
9222bbc9d8 Improve make_safe_uri coverage. 2021-03-21 15:31:04 +11:00
Emil Mikulic
f3acb93b93 fuzz_llvm_make_safe_uri: get code from darkhttpd.c 2021-03-21 15:13:44 +11:00
Emil Mikulic
02b9908f71 Retire old developer scripts. 2021-03-21 15:06:57 +11:00
Emil Mikulic
d576efc9d8 warns: build with -std=c90. 2021-03-21 15:01:17 +11:00
Emil Mikulic
505223a9e5 Clean up after fuzzers. 2021-02-21 17:10:18 +11:00
Emil Mikulic
dc0fd7ecdc Don't include URL or method in default_reply. 2021-02-21 17:09:27 +11:00
Emil Mikulic
dd49204609 Add a fuzzer that runs the server in the background. 2021-01-18 00:25:02 +11:00
Emil Mikulic
b57eb17d47 More Python 3 updates. 2021-01-17 17:29:23 +11:00
Emil Mikulic
d39cc3849a test_auth: Add test for wrong auth. 2021-01-17 16:55:09 +11:00
Emil Mikulic
7e60a9b731 test_auth.py: Update to Python 3. 2021-01-17 16:52:47 +11:00
Emil Mikulic
3f236fd71b test.py: close sockets, more Python 3 cleanups. 2021-01-17 16:36:26 +11:00
Emil Mikulic
67c506b620 Convert test.py to Python 3. 
Unicode was a mistake.
 2021-01-17 16:29:41 +11:00
Emil Mikulic
598a47fe9d Add tests for --auth. 2020-07-01 21:22:17 +10:00
Emil Mikulic
47ba3fd7c7 -fno-omit-frame-pointer to get full backtraces in asan build. 2020-07-01 20:46:10 +10:00
Emil Mikulic
36ab416f73 Enable leak sanitizer. 2020-07-01 20:43:49 +10:00
Emil Mikulic
6c7fb762ac Adjust test: make_safe_uri no longer strips query params. 2020-07-01 20:15:03 +10:00
Emil Mikulic
5fc747a64e Add tests for fetching a file with a question mark in its name. 2020-07-01 20:15:03 +10:00
Emil Mikulic
9274bfbfe9 clang-warns: use clang in path by default. 2020-07-01 19:41:46 +10:00
Emil Mikulic
cbbaba25fb Add benchmark. 2018-12-11 00:42:52 +11:00
Emil Mikulic
ba63a6d60f Add test for --timeout. 2018-12-10 23:52:42 +11:00
Emil Mikulic
8207cf6b0f run-tests: try to use the default gcc and clang. 2018-12-10 23:35:31 +11:00
Emil Mikulic
6e8abe2324 run-tests: don't mix msan with ubsan. 
ubsan seems to be causing false positives for msan.
We already try ubsan together with asan.
 2018-12-10 23:34:56 +11:00
Emil Mikulic
7d0fc1d9f9 Clean more. 2018-12-10 23:34:34 +11:00
Emil Mikulic
e5ce7390c3 open_sockets: finer grained timing. 2018-12-10 21:03:17 +11:00
Emil Mikulic
dcb89f3d0f Add helper script for opening sockets until they run out. 2018-12-10 01:10:19 +11:00
Emil Mikulic
5f519fec8d Add make_safe_url_new() 
Contributed by: Bert Gijsbers
 2018-12-09 23:44:33 +11:00
Emil Mikulic
6b91b9dc05 Add LLVM fuzzer. 2018-12-09 23:13:17 +11:00
Emil Mikulic
6acf37e879 Build with warnings. 2016-01-28 01:06:08 +11:00
Emil Mikulic
485ebd1a20 Run tests under msan. 2016-01-28 00:41:34 +11:00
Emil Mikulic
26e7adea15 Add asan and ubsan to tests, watch stderr. 2016-01-24 16:39:32 +11:00
Emil Mikulic
ae676feaeb Add Makefile for tests and cleaning up. 2016-01-23 20:11:30 +11:00
Emil Mikulic
3478d24419 Make the output more obvious. 2016-01-23 20:10:10 +11:00
Emil Mikulic
112f1ccb92 Test builds with different defines. 2016-01-23 20:08:02 +11:00
Emil Mikulic
f913e17125 Rename "cover" to "run-tests" 2016-01-23 20:05:02 +11:00
Emil Mikulic
0ee2971740 Catch up to clang changes. 2016-01-14 00:57:42 +11:00
Emil Mikulic
853a6af62d Indent, add dir, allow inconclusive. 2016-01-11 00:32:15 +11:00
Emil Mikulic
1c5fdb5607 Escape URLs according to RFC3986. 
Previously, we weren't escaping parentheses when generating directory listings.

Pointed out by: Wijatmoko U. Prayitno
 2015-05-19 22:04:39 +10:00
Emil Mikulic
c4c0034242 Add --default-mimetype flag. 2015-05-19 21:40:26 +10:00
Emil Mikulic
e9aeaba7fe Add test for --no-listing. 2015-05-19 21:30:59 +10:00
Emil Mikulic
03a22661a0 Test keepalive. 2015-01-01 22:18:10 +11:00