| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-08-17 | ubus: increase maximum ubus request size to 64KB | Jo-Philipp Wich | |
| Signed-off-by: Jo-Philipp Wich <jo@mein.io> | |||
| 2019-06-16 | uhttpd: Fix multiple format string problems | Hauke Mehrtens | |
| After format string checks were activated in libubox the compiler started to complain about multiple missuses in uhttpd. This fixes the format strings without changing the behavior. blobmsg_get_string() just checks if the parameter is not NULL and then calls blobmsg_data() and casts the result. I think non of these problem is security relevant. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> | |||
| 2015-03-11 | fixes for json 0.12 | John Crispin | |
| Signed-off-by: John Crispin <blogic@openwrt.org> | |||
| 2015-01-25 | ubus: don't make uhttpd_plugin symbol constant | Jo-Philipp Wich | |
| uhttpd modifies the list_head member of the uhttpd_plugin struct when loading a plugin, therefore we cannot make it const, otherwise we trigger a security violation if uhttpd is built with RelRO support. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> | |||
| 2014-06-10 | ubus: add CORS header support | Jo-Philipp Wich | |
| In order to support cross-domain AJAX requests to the /ubus endpoint we need to implement the Cross-Origin Resource Sharing (CORS) spec in the ubus plugin. - Implement a new option "-X" to enable CORS support in ubus - Implement rudimentary support for "OPTIONS" HTTP requests - Implement essential CORS headers the ubus plugin The current CORS response headers merely reflect the request headers sent by the client, this way any requesting origin is automatically allowed. Cross-domain cookies (Access-Control-Allow-Credentials) are unconditionally enabled. Restricting permitted origins and toggle the credential accepting can be made configurable in a future commit to allow more fine grained control over permitted AJAX clients. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> | |||
| 2013-11-27 | ubus: remove indentation and whitespace from JSON responses to conserve a ↵ | Jo-Philipp Wich | |
| bit of bandwidth | |||
| 2013-11-21 | uhttpd: fix crashes in the ubus plugin | Felix Fietkau | |
| The ubus plugin calls blocking ubus functions that loop back into uloop_run. Protect the client data structure with refcounting to ensure that the outer uloop_run call does not clean up the data that the inner uloop_run call is still processing. Signed-off-by: Felix Fietkau <nbd@openwrt.org> | |||
| 2013-09-13 | ubus: use "ubus_rpc_session" instead of "sid" attribute name when querying ↵ | Jo-Philipp Wich | |
| session.access | |||
| 2013-09-13 | ubus: deny requests with a "ubus_rpc_session" toplevel attribute to prevent ↵ | Jo-Philipp Wich | |
| injecting different SIDs | |||
| 2013-08-08 | ubus: pass current session id as ubus_rpc_session attribute to any called ↵ | Jo-Philipp Wich | |
| procedure | |||
| 2013-08-07 | ubus: move sid into the params array of the json-rpc request to avoid ↵ | Jo-Philipp Wich | |
| information leakage via the post url | |||
| 2013-08-07 | ubus: use per-request blob buffer to fetch list results, fixes global buffer ↵ | Jo-Philipp Wich | |
| corruption with concurrent requests | |||
| 2013-06-21 | ubus: fix handling of empty JSON-RPC batches | Felix Fietkau | |
| Signed-off-by: Felix Fietkau <nbd@openwrt.org> | |||
| 2013-06-08 | ubus: duplicate request buffer to avoid memory corruption with multiple requests | Jo-Philipp Wich | |
| 2013-06-08 | ubus: use half of the script timeout as timeout for acl lookup call | Jo-Philipp Wich | |
| 2013-06-05 | ubus: implement list method to enumerate objects and signatures | Jo-Philipp Wich | |
| 2013-05-30 | ubus: clear the right timeout on rpc connection teardowns | Felix Fietkau | |
| Signed-off-by: Felix Fietkau <nbd@openwrt.org> | |||
| 2013-05-30 | ubus: fix script timeout unit (seconds, not milliseconds) | Felix Fietkau | |
| Signed-off-by: Felix Fietkau <nbd@openwrt.org> | |||
| 2013-01-26 | ubus: use a default sid if authentication is disabled | Jo-Philipp Wich | |
| 2013-01-25 | ubus: pass json rpc arguments to called ubus functions | Jo-Philipp Wich | |
| 2013-01-25 | ubus: add option to not authenticate ubus requests | Jo-Philipp Wich | |
| 2013-01-25 | ubus: remove session api from plugin and check access via ubus call to let ↵ | Jo-Philipp Wich | |
| other services provide the session api | |||
| 2013-01-13 | relicense to ISC | Felix Fietkau | |
| Signed-off-by: Felix Fietkau <nbd@openwrt.org> | |||
| 2013-01-13 | rework the ubus plugin to support JSON-RPC 2.0 | Felix Fietkau | |
| 2013-01-07 | ubus: split out session handling code into ubus-session.c | Felix Fietkau | |
| 2013-01-07 | fix typo | Felix Fietkau | |
| 2013-01-07 | fix prefix lookup | Felix Fietkau | |
| 2013-01-07 | add ubus support | Felix Fietkau | |
 |
index : openwrt/uhttpd | |
| OpenWrt uhttpd |
| summaryrefslogtreecommitdiff |