summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-08-19uhttpd: add manifest supportAdrian Panella
Add "text/cache-manifest" mimetype support to enable the possibility of using Application Cache. Signed-off-by: Adrian Panella <ianchi74@outlook.com>
2017-07-09file: fix basic auth regressionJo-Philipp Wich
Previous refactoring of the basic auth handling code broke the logic in such a way that basic auth was only performed if a client sent an Authorization header in its request, but it was never prompted for by the server. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-02file: remove unused "auth" member from struct path_infoJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-02proc: expose HTTP_AUTH_USER and HTTP_AUTH_PASSJo-Philipp Wich
Mimic other web servers like Nginx or Apache and expose the parsed basic auth information as HTTP_AUTH_USER and HTTP_AUTH_PASS environment variables to CGI processes. This also restores login-from-basic-auth functionality in LuCI. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-02auth: store parsed username and passwordJo-Philipp Wich
Store the parsed username and password information as HTTP headers in the clients header blob buffer for later use by proc.c Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-07-02proc: do not declare empty process variablesJo-Philipp Wich
If a HTTP header variable has no corresponding value, then do not set it to the empty string but to NULL, so that cgi.c will later skip it when setting up the process environment. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-26uhttpd: Add TCP_FASTOPEN supportRosen Penev
Provides a small speedup when resuming the connection. Signed-off by: Rosen Penev <rosenp@gmail.com>
2016-10-25lua: ensure that PATH_INFO starts with a slashJo-Philipp Wich
When calculating the matching prefix length, make sure to not take the trailing slash into account in order to ensure that the resulting PATH_INFO string always starts with a slash. This ensures that an url like "/foo" against the matching prefix "/" or "/foo/bar" against "/foo/" result in "/foo" and "/bar" respectively. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-25utils: add proper handling of "/" special case in uh_path_match()Jo-Philipp Wich
The special prefix of "/" should match any url by definition but the final assertion which ensures that the matched prefix ends in '\0' or '/' is causing matches against the "/" prefix to fail. Add some extra code to handle this special case to implemented the expected behaviour. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2016-10-25cgi: allow conf.cgi_docroot_path to be NULLJo-Philipp Wich
The check_cgi_path() function would segfault if we ever support running uhttpd without any CGI prefix. Add a check to prevent running uh_patch_match() when the prefix is unset. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2016-10-06file: re-run json handler script after file fallback redirectFelix Fietkau
This allows the request handler to add extra headers to the response even in the redirect case. Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-27cmake: Find libubox/usock.hFlorian Fainelli
Add a CMake FIND_PATH and INCLUDE_DIRECTORIES searching for libubox/usock.h. Some external toolchains which do not include standard locations would fail to find the header otherwise. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2016-06-16file: add support for disabling cache related precondition checks via handlersFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-16uhttpd: add support for adding arbitrary headers via handler scriptsFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2015-11-08file: on redirect, only send content-length header when not using chunked ↵Felix Fietkau
transfer Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-11-08handler: only send content-length header when not using chunked transferFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-11-08handler: add support for overriding redirect status code + messageFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-11-08handler: rename set_uri to rewriteFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-11-08add support for handling redirects via a scriptFelix Fietkau
In a json_script file you can specify rules for rewriting the URL or redirecting the browser either unconditionally, or as a fallback where it would otherwise print a 404 error Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-11-06main: sort getopt charactersFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-10-20fix the alias supportJohn Crispin
the path compare return code was not honoured properly Signed-off-by: John Crispin <blogic@openwrt.org>
2015-10-17add a -y parameter for cgi-bin redirectsJohn Crispin
this allows an alias entry inside the root folder point at a cgi-bin script -y foo=bar will redirect /foo to /cgi-bin/bar Signed-off-by: John Crispin <blogic@openwrt.org>
2015-10-08fix chunked transfer encoding in keepalive modeJo-Philipp Wich
The two commits 5162e3b0ee7bd1d0fd6e75e1ca7993a1834b5291 "allow request handlers to disable chunked reponses" and 618493e378e2239f0d30902e47adfa134e649fdc "file: disable chunked encoding for file responses" broke the chunked transfer encoding handling for proc responses in keep-alive connections that followed a file response with http status 204 or 304. The effect of this bug is that cgi responses following a 204 or 304 one where sent neither in chunked encoding nor with a content-length header, causing browsers to stall until the keep alive timeout was reached. Fix the logic flaw by inverting the chunk prevention flag in the client state and by testing the chunked encoding preconditions every time instead of once upon client (re-)initialization. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-09-24uhttpd: fix wrong header file inclusion for PRI* constant definitionsAndrej Krpic
Signed-off-by: Andrej Krpic <ak77@tnode.com>
2015-09-07file: fix processing POST data for deferred requestsFelix Fietkau
Fixes https://dev.openwrt.org/ticket/20458 Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2015-08-17cgi: Support passing X-HTTP-Method-Override header.Karl Palsson
As uhttpd doesn't currently support PUT/DELETE/PATCH, allow passing the commonly used X-HTTP-Method-Override header to CGI scripts. This is an optional "protocol specific metadata" variable as per rfc 3875 section 4.1.18. Signed-off-by: Karl Palsson <karlp@remake.is>
2015-05-30client: use 307 instead of 302 for HTTPS redirectsJo-Philipp Wich
Use the 307 code to force agents to retain the original request method. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-05-30proc: add HTTPS environment variableJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-05-30add support for enforcing HTTPSJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-05-30file: disable chunked encoding for file responsesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-05-30allow request handlers to disable chunked reponsesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-03-28properly handle return codesJohn Crispin
Signed-off-by: John Crispin <blogic@openwrt.org>
2015-03-11fixes for json 0.12John Crispin
Signed-off-by: John Crispin <blogic@openwrt.org>
2015-01-25lua: don't make uhttpd_plugin symbol constantJo-Philipp Wich
uhttpd modifies the list_head member of the uhttpd_plugin struct when loading a plugin, therefore we cannot make it const, otherwise we trigger a security violation if uhttpd is built with RelRO support. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-01-25file: explicitely cast st_mtime to uint64_t when generating ETagJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-01-25ubus: don't make uhttpd_plugin symbol constantJo-Philipp Wich
uhttpd modifies the list_head member of the uhttpd_plugin struct when loading a plugin, therefore we cannot make it const, otherwise we trigger a security violation if uhttpd is built with RelRO support. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-01-18Build with largefile supportJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-12-22uhttpd: Fix possible memory leaks when generating directory listingAndrej Krpic
scandir() call requires free() of each returned dirent structure and parent list. Code constructing HTML response of directory listing is missing a call to free in some cases. Signed-off-by: Andrej Krpic <ak77@tnode.com>
2014-10-27mimetypes: add json and jsonp (distinct from js)Karl Palsson
.js files are being transferred as text/javascript, which, although obsolete by RFC 4329 is most backward compatible. .json and .jsonp are both transferred as application/octet-stream however, causing warnings on the console for some browsers, even though it works just fine. Add the mimetypes for .json as per RFC 4627 and .jsonp as per RFC4329 (As jsonp _is_ javascript) Signed-off-by: Karl Palsson <karlp@remake.is>
2014-10-27file: do not emit Content-Length header for 304/412 responsesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-10-27utils: do not emit eof chunk for 204/304 responsesJo-Philipp Wich
According to RFC2616 10.2.5 and 10.3.5, 204 and 304 responses MUST NOT contain any message body, therfore do not emit an EOF chunk for such responses. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-10-27client: store http code of last emitted responseJo-Philipp Wich
Certain response types (notably 204 and 304) require a slightly different handling like emitting the response body entirely, therfore record the last code to act on it in the appropriate places. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-09-03lua: fix error reporting when Lua handler cannot be compiledJo-Philipp Wich
Reported-by: Sebastian Apel <sebastian.apel@gmx.de> Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-09-03main: use proper variable when warning about unsupported featuresJo-Philipp Wich
Reported-by: Sebastian Apel <sebastian.apel@gmx.de> Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-09-03file: invoke error handler in 403 case as wellJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-06-10ubus: add CORS header supportJo-Philipp Wich
In order to support cross-domain AJAX requests to the /ubus endpoint we need to implement the Cross-Origin Resource Sharing (CORS) spec in the ubus plugin. - Implement a new option "-X" to enable CORS support in ubus - Implement rudimentary support for "OPTIONS" HTTP requests - Implement essential CORS headers the ubus plugin The current CORS response headers merely reflect the request headers sent by the client, this way any requesting origin is automatically allowed. Cross-domain cookies (Access-Control-Allow-Credentials) are unconditionally enabled. Restricting permitted origins and toggle the credential accepting can be made configurable in a future commit to allow more fine grained control over permitted AJAX clients. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2014-06-08cgi: add _GNU_SOURCE define to fix build error on muslFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-04-08fix handling of / as cgi prefixFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-03-22main: strdup command line arguments that are modifiedFelix Fietkau
This ensures that the process will show the correct command line in ps Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2014-03-22cgi: compare the physical path instead of the url to detect quirky urlsFelix Fietkau
Signed-off-by: Felix Fietkau <nbd@openwrt.org>