2760b24d8f
Updated ecf files to newer schema 1-20-0 .
2020-02-27 18:06:40 +01:00
135d65c68e
Better CGI handler
...
- improvement related to current directory for the execution of the CGI script,
- and updated SCRIPT_NAME, to the path info is correctly computed.
2020-02-26 22:47:25 +01:00
8760152441
Fixed value of SERVER_PORT for secure connection (i.e https:// ), by default it is 443 .
...
this was fooling WSF_REQUEST.absolute_url (...) .
2020-02-26 22:46:50 +01:00
49881b6429
Better handling for directory default index response (for instance index.html) for case like "/subdir" which is now redirected to "/subdir/" so relative url are correctly handled.
2020-02-26 22:46:03 +01:00
c76e1a785c
Added rfc3339 implementation to HTTP_DATE.
2020-02-26 22:34:18 +01:00
791b19a86e
Use to_string_8 instead of as_string_8 in this case.
2020-02-26 22:33:25 +01:00
98452e13e2
Improved feed library:
...
- Added missing link to FEED.
- Closer to ATOM validation, especially for xhtml content.
- Closer to RSS2 specification.
- Removed unwanted conversion from STRING_32 to STRING_8. (fixing feed generation when dealing with Unicode content).
2020-02-26 22:32:24 +01:00
5ac7ce7483
Initial support for client certificates LibCurl implementation
2020-02-26 22:15:23 +01:00
5df220beef
Removed redefinitions that violates VDRS(4).
2019-05-30 16:21:53 +02:00
5ff361af54
Simplified proxy example, no more proxy.conf file.
...
Added forwarding case based on server name.
2019-01-24 11:19:05 +01:00
d4bbdea5e4
Removed unneeded redefine.
2019-01-23 23:50:26 +01:00
8260336d6c
Added support for X-Forwarded-For .., and Forwarded header, for the simple proxy implementation.
...
Also added the possibility to "keep" the original host name.
Updated related example.
2019-01-23 23:46:35 +01:00
1c58674523
Updated notes for JWS.
2018-11-16 19:35:34 +01:00
7cfe0cc5ed
Removed obsolete v0 code.
2018-11-16 19:31:41 +01:00
4f8341e04e
Updated JWT library with class descriptions and better features names.
...
JWT library fixed to use agorithms names in upper case.
Updated README.
2018-11-16 19:28:46 +01:00
7f36e539f1
Accepts string general in html_encoded_string.
2018-11-16 19:28:05 +01:00
8241c0209a
Updated JWT README content.
2018-10-29 15:17:31 +01:00
45179b58a3
Fixed custom error creation, do not create default message, otherwise the info will be duplicated in error output.
2018-10-29 15:14:28 +01:00
a8a3ca5b97
typo.
2018-10-29 13:15:32 +01:00
7c6fe5a04a
Added HTTP_COOKIE.set_expiration_from_max_age, to add the "Expiration:" based on the max-age value.
2018-10-29 13:15:14 +01:00
c8e2009638
Use double quotes only when needed for put_content_type_with_parameters.
2018-10-29 13:11:19 +01:00
627ec7aefc
removed unneeded inheritance.
2018-10-29 13:04:46 +01:00
e7087bcbc1
Added missing WSF_TIMEOUT_UTILITIES file.
2018-10-29 12:19:36 +01:00
ed3ad962d1
Updated a few classes from http_client to use nanoseconds as timeout precision.
...
Fixed typo in comments.
2018-10-29 12:15:20 +01:00
d3e865cf6c
Fixed setting of socket.timeout in httpd (was not currently set before).
...
Adopted the nanoseconds timeout precision
- in config file added support for ns, us, ms, s timeout precision (without indication, it uses `seconds` precision).
2018-10-29 11:27:26 +01:00
9fcd30b4e1
removed useless JWT_ENCODER
2018-10-17 14:25:56 +02:00
0baa05cf63
JWT: updated to make JWT algorithm support more flexible, and simple to extend with specific algorithm.
2018-10-17 11:00:20 +02:00
a97eb4b062
Added missing dependencies.
2018-05-30 19:27:04 +02:00
bd5aba3db6
Updated Windows DOS script to build the libfcgi binary lib files.
2018-05-30 17:30:05 +02:00
d43c4edb7d
Updated the default rescue response (i.e when exception or bad internal error occurs).
...
Factorized the implementation in WGI_RESCUE_EXECUTION, and now by redefining the `WGI_EXECUTION.execute_rescue (...)` procedure, it is possible to have a custom response on such rescued execution.
2018-05-30 17:28:24 +02:00
9cdd676417
Fixed HTTP_HEADER.put_raw_header (..) by ignoring any empty line of the argument value.
...
(note: "%R" is considered as empty line here.)
2018-05-30 17:25:04 +02:00
cb273c3176
Updated to compile with upcoming EiffelStudio 18.05 (with and without ssl).
2018-05-28 17:21:11 +02:00
7ed1e815b0
Updated to compile with upcoming EiffelStudio 18.05 .
2018-05-28 16:11:24 +02:00
8e8c3602c6
Allow (websocket) upgrade even without persistent connection for normal http request.
...
(note: this allows to use websocket in single-threaded mode, and avoid the keep-alive-timeout delay before websocket begins its execution)
2018-02-13 18:39:47 +01:00
Jocelyn Fiat
ffd7dd8540
Improved WSF download response implementation.
...
- Do not set Transfer-Encoding to binary for download response.
- Use WSF_RESPONSE.put_file_content (...)
2018-02-05 21:02:23 +01:00
Jocelyn Fiat
947c94644e
Apply win32 workaround only on Windows 32bits.
2018-02-02 22:43:50 +01:00
Jocelyn Fiat
6a779797a5
Removed a few obsolete calls.
...
Updated tests/all.ecf to include a few missing libraries.
2018-02-02 22:40:18 +01:00
Jocelyn Fiat
74001fe674
Properly JSON encode null character as \u0000 .
2018-01-29 22:13:03 +01:00
Jocelyn Fiat
e9292b3eac
Reverted last change as error_message on curl is not available for 17.05.
2017-12-01 12:05:01 +01:00
Jocelyn Fiat
30625d460f
Added curl error message to the response error message (in addition to just the curl error code).
2017-11-30 20:08:58 +01:00
Jocelyn Fiat
7d738a164d
Added missing comments.
2017-11-30 14:54:46 +01:00
Jocelyn Fiat
1037256ea6
Refactored using an abstraction WSF_PROTECTION.
...
This protection could be implemented with a regular expression,
or using another solution (as manual parsing).
Also, when a protection detects an issue, instead of returning empty string,
it returns Void. If the value is a multiple string value, if an item is detected for an issue,
the returned multiple string value is now Void.
This abstraction will allow to return either Void, or a "corrected" value,
for instance the string value, without the detected "<script..>..</script>" text.
TODO: improve the WSF_PROTECTION_REGEXP to allow replacement strategy.
2017-11-27 15:44:19 +01:00
Jocelyn Fiat
4d79bba04b
Merge branch 'ewf_xss'
2017-11-23 11:50:47 +01:00
jvelilla
5de024923e
Updated xss support.
...
Added a new library wsf_security.
Updated test cases to cover protections policy.
Added a simple filter using an XSS implementation with WSF_XSS_REQUEST, but
it's possible to build custom filters and request using different protection patterns.
2017-11-22 17:22:02 -03:00
jvelilla
8b90241986
Moved XSS protection to WSF_EXTENSION.
...
Updated code to protect meta_variables.
Fixed typos.
Updated ecf's to use 1-16-0.
2017-11-13 15:06:02 -03:00
Jocelyn Fiat
603bedf71d
Reverted change that made WSF_URI_FILTER_HANDLER and WSF_URI_TEMPLATE_FILTER_HANDLER inheriting from WSF_EXECUTE_FILTER_HANDLER as it breaks existing projects using EiffelWeb.
2017-11-13 18:58:29 +01:00
Jocelyn Fiat
e83f5654d8
Updated NOTIFICATION_SMTP_MAILER to follow the EiffelNet EMAIL design.
2017-11-13 12:29:16 +01:00
jvelilla
25446cac12
Initial import WSF XSS protection.
...
Added an utility class to get safe query and form parameters.
Added a new WSF_XSS_REQUEST to use safe parameters.
Added a filter WSF_XSS_FILTER using WSF_XSS_REQUEST.
Added test cases
Signed-off-by: jvelilla <javier.hector@gmail.com >
2017-11-10 10:37:32 -03:00
Jocelyn Fiat
830adbe10c
Fixed response handlers compilation.
2017-11-07 23:52:42 +01:00
Jocelyn Fiat
6ca3cca88b
Reverted change that made WSF_URI_HANDLER and WSF_URI_TEMPLATE_HANDLER inheriting from WSF_EXECUTE_HANDLER, as it breaks existing project using EiffelWeb.
2017-11-07 23:05:22 +01:00
