| Age | Commit message (Collapse) | Author |
|---|
|
Original commit message follows:
Before this commit `Content-Length: 4 2` was accepted as a valid
header and recorded as `parser->content_length = 42`. Now it is
a parse error that fails with error `HPE_INVALID_CONTENT_LENGTH`.
Downstream users that inspect `parser->content_length` and naively
parse the string value using `strtoul()` might get confused by the
discrepancy between the two values. Resolve that by simply not
letting it happen.
Fixes: https://github.com/nodejs-private/security/issues/178
PR-URL: https://github.com/nodejs-private/http-parser-private/pull/1
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
|
|
PR-URL: https://github.com/nodejs-private/http-parser-private/pull/1
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
|
|
Adds `2` as a return value of `on_headers_complete`, this mode will be
used to fix handling responses to `CONNECT` requests.
See: https://github.com/nodejs/node/pull/6198
PR-URL: https://github.com/nodejs/node/pull/6279
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
The upstream and dep were slightly out of sync due to the way the
recent security update had to be done. This brings the two back
into sync. This update includes a couple of fixed tests and a
performance related semver-patch update to the http method parsing.
PR-URL: https://github.com/nodejs/node/pull/5600
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
|
|
Fixes http-parser regression with IS_HEADER_CHAR check
Add test case for obstext characters (> 0x80) is header
PR-URL: https://github.com/nodejs/node/pull/5237
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
|
|
includes parsing improvements to ensure closer HTTP spec conformance
PR-URL: https://github.com/nodejs/node-private/pull/26
Reviewed-By: Rod Vagg <r@va.gg>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
|
significant updates:
* [[`777ba4eded`](https://github.com/nodejs/node/commit/777ba4eded)] - **src**: introduce `http_parser_url_init` (Fedor Indutny) [nodejs/http-parser#225](https://github.com/nodejs/http-parser/pull/225)
* [[`e557b62744`](https://github.com/nodejs/node/commit/e557b62744)] - **src**: support LINK/UNLINK (RFC 2068, draft-snell-link-method) (Olivier Mengué) [nodejs/http-parser#267](https://github.com/nodejs/http-parser/pull/267)
* [[`eb5e9928b4`](https://github.com/nodejs/node/commit/eb5e9928b4)] - **src**: support ACL (WebDAV, RFC3744, Section 8.1). (Ivan Enderlin) [joyent/http-parser#260](https://github.com/joyent/http-parser/pull/260)
* [[`8b1d652322`](https://github.com/nodejs/node/commit/8b1d652322)] - **src**: support BIND/REBIND/UNBIND (WebDAV, RFC5842) (Ivan Enderlin) [joyent/http-parser#242](https://github.com/joyent/http-parser/pull/242)
* [[`7d75dd7325`](https://github.com/nodejs/node/commit/7d75dd7325)] - **src**: support IPv6 Zone ID as per RFC 6874 (Tatsuhiro Tsujikawa) [joyent/http-parser#253](https://github.com/joyent/http-parser/pull/253)
PR-URL: https://github.com/nodejs/node/pull/3569
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
|
|
PR-URL: https://github.com/iojs/io.js/pull/1517
Reviewed-By: Brian White <mscdex@mscdex.net>
|
|
Commit 598efcbe ("deps: update http_parser to 2.4.1") introduced a
regression in HTTP Upgrade header handling.
Fixes: https://github.com/iojs/io.js/issues/627
PR-URL: https://github.com/iojs/io.js/pull/628
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
|
|
Fix: https://github.com/iojs/io.js/issues/588
PR-URL: https://github.com/iojs/io.js/pull/604
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
|
PR-URL: https://github.com/iojs/io.js/pull/397
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
|
|
The commit breaks windows build and brings some test failures that needs
to be debugged.
This reverts commit d790f612218bb34580bfbc6a11027d69b7c148fe.
|
|
PR-URL: https://github.com/iojs/io.js/pull/345
Reviewed-By: Rod Vagg <rod@vagg.org>
|
|
|
|
Main changes:
* Fixed content-length and chunk-size overflow test
|
|
Main changes:
* Added support for http statusMessage
|
|
Upgrade to joyent/http-parser@303c4e4. Changes:
* Do not accept PUN/GEM methods as PUT/GET.
* Further request method check strengthening.
|
|
|
|
Conflicts:
AUTHORS
ChangeLog
LICENSE
Makefile
deps/http_parser/test.c
deps/npm/AUTHORS
deps/npm/html/api/bin.html
deps/npm/html/api/bugs.html
deps/npm/html/api/commands.html
deps/npm/html/api/config.html
deps/npm/html/api/deprecate.html
deps/npm/html/api/docs.html
deps/npm/html/api/edit.html
deps/npm/html/api/explore.html
deps/npm/html/api/help-search.html
deps/npm/html/api/init.html
deps/npm/html/api/install.html
deps/npm/html/api/link.html
deps/npm/html/api/load.html
deps/npm/html/api/ls.html
deps/npm/html/api/npm.html
deps/npm/html/api/outdated.html
deps/npm/html/api/owner.html
deps/npm/html/api/pack.html
deps/npm/html/api/prefix.html
deps/npm/html/api/prune.html
deps/npm/html/api/publish.html
deps/npm/html/api/rebuild.html
deps/npm/html/api/restart.html
deps/npm/html/api/root.html
deps/npm/html/api/run-script.html
deps/npm/html/api/search.html
deps/npm/html/api/shrinkwrap.html
deps/npm/html/api/start.html
deps/npm/html/api/stop.html
deps/npm/html/api/submodule.html
deps/npm/html/api/tag.html
deps/npm/html/api/test.html
deps/npm/html/api/uninstall.html
deps/npm/html/api/unpublish.html
deps/npm/html/api/update.html
deps/npm/html/api/version.html
deps/npm/html/api/view.html
deps/npm/html/api/whoami.html
deps/npm/html/doc/README.html
deps/npm/html/doc/adduser.html
deps/npm/html/doc/bin.html
deps/npm/html/doc/bugs.html
deps/npm/html/doc/build.html
deps/npm/html/doc/bundle.html
deps/npm/html/doc/cache.html
deps/npm/html/doc/changelog.html
deps/npm/html/doc/coding-style.html
deps/npm/html/doc/completion.html
deps/npm/html/doc/config.html
deps/npm/html/doc/deprecate.html
deps/npm/html/doc/developers.html
deps/npm/html/doc/disputes.html
deps/npm/html/doc/docs.html
deps/npm/html/doc/edit.html
deps/npm/html/doc/explore.html
deps/npm/html/doc/faq.html
deps/npm/html/doc/folders.html
deps/npm/html/doc/help-search.html
deps/npm/html/doc/help.html
deps/npm/html/doc/index.html
deps/npm/html/doc/init.html
deps/npm/html/doc/install.html
deps/npm/html/doc/json.html
deps/npm/html/doc/link.html
deps/npm/html/doc/list.html
deps/npm/html/doc/npm.html
deps/npm/html/doc/outdated.html
deps/npm/html/doc/owner.html
deps/npm/html/doc/pack.html
deps/npm/html/doc/prefix.html
deps/npm/html/doc/prune.html
deps/npm/html/doc/publish.html
deps/npm/html/doc/rebuild.html
deps/npm/html/doc/registry.html
deps/npm/html/doc/removing-npm.html
deps/npm/html/doc/restart.html
deps/npm/html/doc/root.html
deps/npm/html/doc/run-script.html
deps/npm/html/doc/scripts.html
deps/npm/html/doc/search.html
deps/npm/html/doc/semver.html
deps/npm/html/doc/shrinkwrap.html
deps/npm/html/doc/star.html
deps/npm/html/doc/start.html
deps/npm/html/doc/stop.html
deps/npm/html/doc/submodule.html
deps/npm/html/doc/tag.html
deps/npm/html/doc/test.html
deps/npm/html/doc/uninstall.html
deps/npm/html/doc/unpublish.html
deps/npm/html/doc/update.html
deps/npm/html/doc/version.html
deps/npm/html/doc/view.html
deps/npm/html/doc/whoami.html
deps/npm/lib/npm.js
deps/npm/man/man1/npm.1
deps/npm/man/man3/npm.3
deps/npm/node_modules/fstream-npm/fstream-npm.js
deps/npm/node_modules/fstream-npm/node_modules/fstream-ignore/package.json
deps/npm/node_modules/fstream-npm/package.json
deps/npm/node_modules/node-gyp/LICENSE
deps/npm/node_modules/node-gyp/lib/build.js
deps/npm/node_modules/node-gyp/lib/install.js
deps/npm/node_modules/node-gyp/node_modules/ansi/package.json
deps/npm/node_modules/node-gyp/node_modules/glob/package.json
deps/npm/node_modules/node-gyp/package.json
deps/npm/package.json
deps/uv/test/test-fs.c
deps/v8/src/regexp-macro-assembler-tracer.cc
deps/v8/src/version.cc
src/node_version.h
src/platform_sunos.cc
test/simple/test-net-write-after-close.js
wscript
|
|
|
|
|
|
|
|
|
|
|
|
Hoist common settings into common.gypi.
Restrict v8's common.gypi to v8 projects.
Ensure v8 doesn't use /MP in debug builds.
Add basic settings for other platforms.
Make uv import common.gypi properly.
Remove LTCG warning.
|
|
MSVS settings don't actually need to be guarded by conditions. gyp will do
the right thing.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Squashed commit of ca128f7dcd28cbcfba154c8577ed54d4aa71dd02 with
contributions from Mark Constable (markc@renta.net) and Daniel Gröber
(darklord@darkboxed.org).
|
|
|
|
|
|
|
|
|
|
|
|
support for
- long messages
- spaces in header fields
|
|
|
|
|
|
|
|
|
|
http://github.com/ry/node/issues#issue/77
|
|
|
|
Now at version 6f72c780f0a237a775150a9963bcdf5299685cde
|
|
Fixes, among other things, a header overflow attack.
|
|
|
|
Fixes \n problem that psanford <pms.mail@gmail.com> reported.
|
|
|
