mirror of
https://github.com/emikulic/darkhttpd.git
synced 2023-08-10 21:13:08 +03:00
defc1e8ce9
These changes add a command-line option --header, e.g. --header 'Access-Control-Allow-Origin: *'. Basic tests are included for this option. When accepting the argument, a very simple sanitization is made, the string is required to contain ": ", and can’t contain a '\n' character. These checks are far from what is required to truly validate a HTTP header, but will at least detect simple mistakes and forbid the abuse of having arguments that include more than one header, or, worse, that include a body for the response (after "\r\n\r\n"). This should also close the Issue #16 and PR #27, I think, since CORS functionality can be obtained by specifying a custom header. |
||
|---|---|---|
| .. | ||
| fuzz_testcases | ||
| bench.c | ||
| checker | ||
| clang-warns | ||
| cppcheck | ||
| fuzz_llvm_make_safe_uri.c | ||
| fuzz_llvm.sh | ||
| fuzz_socket.cc | ||
| fuzz_socket.sh | ||
| Makefile | ||
| open_sockets.py | ||
| run-tests | ||
| test_auth.py | ||
| test_custom_headers.py | ||
| test_forward_all.py | ||
| test_forward_https.py | ||
| test_forward.py | ||
| test_make_safe_uri.c | ||
| test_mimemap.py | ||
| test_no_listing.py | ||
| test_server_id.py | ||
| test_timeout.py | ||
| test.py | ||
| warns | ||