backup/EWF
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,464 Commits 23 Branches 50 Tags
e4fcc863ca636e8943df5d4cfd1cb0c84cba4ee5
Commit Graph

2464 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jocelyn Fiat
e4fcc863ca Updated image locations 2018-09-27 21:05:54 +02:00
Javier Velilla
7c8d6b9eef Updated path to Application execution png file 2018-09-27 15:58:09 -03:00
Jocelyn Fiat
a97eb4b062 Added missing dependencies. 2018-05-30 19:27:04 +02:00
Jocelyn Fiat
bd5aba3db6 Updated Windows DOS script to build the libfcgi binary lib files. 2018-05-30 17:30:05 +02:00
Jocelyn Fiat
d43c4edb7d Updated the default rescue response (i.e when exception or bad internal error occurs). 
Factorized the implementation in WGI_RESCUE_EXECUTION, and now by redefining the `WGI_EXECUTION.execute_rescue (...)` procedure, it is possible to have a custom response on such rescued execution.
 2018-05-30 17:28:24 +02:00
Jocelyn Fiat
9cdd676417 Fixed HTTP_HEADER.put_raw_header (..) by ignoring any empty line of the argument value. 
(note: "%R" is considered as empty line here.)
 2018-05-30 17:25:04 +02:00
Jocelyn Fiat
cb273c3176 Updated to compile with upcoming EiffelStudio 18.05 (with and without ssl). 2018-05-28 17:21:11 +02:00
Jocelyn Fiat
ec7d504502 Fixed EOL. 2018-05-28 16:18:59 +02:00
Jocelyn Fiat
7ed1e815b0 Updated to compile with upcoming EiffelStudio 18.05 . 2018-05-28 16:11:24 +02:00
Jocelyn Fiat
da2e26f697 Renamed the fcgi executable. 2018-04-26 11:58:00 +02:00
Jocelyn Fiat
bc169d6b26 Fixed remaining issues with docker setup. 2018-04-26 10:58:01 +02:00
Jocelyn Fiat
cf2f0f09fa Updated container files. 2018-04-24 15:13:47 +02:00
Jocelyn Fiat
207a109e44 Updated to match docker expectation. 2018-04-24 10:36:20 +02:00
Jocelyn Fiat
2f2e2067ba Added an example to run the debug app with apache2+libfcgi inside a docker container. 2018-04-23 22:13:07 +02:00
Jocelyn Fiat
7aa7bf1ab2 Updated travis CI config. 
Updated install dos script to include wsf_security.
 2018-02-13 18:49:14 +01:00
Jocelyn Fiat
8e8c3602c6 Allow (websocket) upgrade even without persistent connection for normal http request. 
(note: this allows to use websocket in single-threaded mode, and avoid the keep-alive-timeout delay before websocket begins its execution)
 2018-02-13 18:39:47 +01:00
Jocelyn Fiat
ffd7dd8540 Improved WSF download response implementation. 
- Do not set Transfer-Encoding to binary for download response.
- Use WSF_RESPONSE.put_file_content (...)
 2018-02-05 21:02:23 +01:00
Jocelyn Fiat
947c94644e Apply win32 workaround only on Windows 32bits. 2018-02-02 22:43:50 +01:00
Jocelyn Fiat
6a779797a5 Removed a few obsolete calls. 
Updated tests/all.ecf to include a few missing libraries.
 2018-02-02 22:40:18 +01:00
Jocelyn Fiat
7b0ccc0aec Merge branch 'develop' 2018-01-29 22:16:57 +01:00
Jocelyn Fiat
74001fe674 Properly JSON encode null character as \u0000 . 2018-01-29 22:13:03 +01:00
Jocelyn Fiat
c7eb12ad8e Return NotFound response for "/favicon.ico" request instead of returning wrong plain text response. 2017-12-18 19:15:19 +01:00
Jocelyn Fiat
36eeff9285 Fixed the websocket example to also work for remote client. 
(i.e not from the same machine).
 2017-12-18 14:52:09 +01:00
Jocelyn Fiat
e9292b3eac Reverted last change as error_message on curl is not available for 17.05. 2017-12-01 12:05:01 +01:00
Jocelyn Fiat
30625d460f Added curl error message to the response error message (in addition to just the curl error code). 2017-11-30 20:08:58 +01:00
Jocelyn Fiat
24eb0a4002 Updated changelog 2017-11-30 15:05:54 +01:00
Jocelyn Fiat
7d738a164d Added missing comments. 2017-11-30 14:54:46 +01:00
Jocelyn Fiat
1037256ea6 Refactored using an abstraction WSF_PROTECTION. 
This protection could be implemented with a regular expression,
    or using another solution (as manual parsing).
  Also, when a protection detects an issue, instead of returning empty string,
    it returns Void. If the value is a multiple string value, if an item is detected for an issue,
    the returned multiple string value is now Void.
  This abstraction will allow to return either Void, or a "corrected" value,
    for instance the string value, without the detected "<script..>..</script>" text.
  TODO: improve the WSF_PROTECTION_REGEXP to allow replacement strategy.
 2017-11-27 15:44:19 +01:00
Jocelyn Fiat
4d79bba04b Merge branch 'ewf_xss' 2017-11-23 11:50:47 +01:00
jvelilla
5de024923e Updated xss support. 
Added a new library wsf_security.
Updated test cases to cover protections policy.
Added a simple filter using an XSS implementation with WSF_XSS_REQUEST, but
it's possible to build custom filters and request using different protection patterns.
 2017-11-22 17:22:02 -03:00
jvelilla
8b90241986 Moved XSS protection to WSF_EXTENSION. 
Updated code to protect meta_variables.
Fixed typos.
Updated ecf's to use 1-16-0.
 2017-11-13 15:06:02 -03:00
Jocelyn Fiat
da1c0b8545 Fixed typo in script. 2017-11-13 19:01:16 +01:00
Jocelyn Fiat
603bedf71d Reverted change that made WSF_URI_FILTER_HANDLER and WSF_URI_TEMPLATE_FILTER_HANDLER inheriting from WSF_EXECUTE_FILTER_HANDLER as it breaks existing projects using EiffelWeb. 2017-11-13 18:58:29 +01:00
Jocelyn Fiat
5fedad7f2e Updated Changelog. 2017-11-13 12:31:19 +01:00
Jocelyn Fiat
e83f5654d8 Updated NOTIFICATION_SMTP_MAILER to follow the EiffelNet EMAIL design. 2017-11-13 12:29:16 +01:00
jvelilla
25446cac12 Initial import WSF XSS protection. 
Added an utility class to get safe query and form parameters.
Added a new WSF_XSS_REQUEST to use safe parameters.
Added a filter WSF_XSS_FILTER using WSF_XSS_REQUEST.
Added test cases

Signed-off-by: jvelilla <javier.hector@gmail.com>
 2017-11-10 10:37:32 -03:00
Jocelyn Fiat
ccff084642 Updated travis CI config to use install script. 2017-11-08 10:20:50 +01:00
Jocelyn Fiat
830adbe10c Fixed response handlers compilation. 2017-11-07 23:52:42 +01:00
Jocelyn Fiat
e6d998953e Updated changelog. 2017-11-07 23:17:39 +01:00
Jocelyn Fiat
6ca3cca88b Reverted change that made WSF_URI_HANDLER and WSF_URI_TEMPLATE_HANDLER inheriting from WSF_EXECUTE_HANDLER, as it breaks existing project using EiffelWeb. 2017-11-07 23:05:22 +01:00
Jocelyn Fiat
f91a676f41 fixed obsolete v0 wsf_extension ecf file. 2017-11-04 22:44:27 +01:00
Jocelyn Fiat
1c75e11e34 removed unused local variable. 2017-11-03 18:54:46 +01:00
Jocelyn Fiat
b5b4fa6b2f added develop branch for CI 2017-11-03 18:06:47 +01:00
Jocelyn Fiat
211fc425a3 Added handler to add support for CGI scripts. 
Added a new tool `httpd` which is a basic httpd server product (with file server and CGI handler).
 2017-11-03 18:00:39 +01:00
Jocelyn Fiat
95cebe26bb Added routing condition mapping. 
Added WSF_EXECUTE_HANDLER as common ancestor for handler with `execute (WSF_REQUEST, WSF_RESPONSE) ..` routine.
Made more flexible a few routine by accepting ITERABLE instead of ARRAY, and READABLE_STRING_GENERAL when possible.
 2017-11-03 17:59:10 +01:00
Jocelyn Fiat
f770c236d5 Improved support for absolute url passed tp HTTP_REQUEST_SESSION . 2017-10-27 19:24:52 +02:00
Jocelyn Fiat
503e5f7915 Merge branch 'master' into v1 2017-10-26 10:23:33 +02:00
Jocelyn Fiat
39f01e95fd Use single ecf file. 2017-10-26 10:19:56 +02:00
Jocelyn Fiat
c725159d7e Merge branch 'master' into with_compression 2017-10-26 10:13:27 +02:00
Jocelyn Fiat
e66f1cf7be updated changelog 2017-10-24 17:51:55 +02:00