Pass the Authorization header to CGI if not of type Basic. This will
make it possible for CGI to verify authorization headers of type
Bearer <token>.
function old new delta
handle_incoming_and_exit 2370 2379 +9
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Today for gzipped content httpd is using a header with name
Transfer-Length. However I can't find a header with that name in the
standards. Instead use Content-Length.
function old new delta
.rodata 157940 157936 -4
send_headers 980 939 -41
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-45) Total: -45 bytes
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Set up environment variables before running the CGI script.
The variables will be named HTTP_<filtered_name> where the <filtered_name>
is the header name capitalized and all characters not matching
[a-z] | [A-Z] | [0-9] replaced with '_'.
function old new delta
http_response 80 88 +8
http_response_type 20 22 +2
send_headers 718 715 -3
parse_conf 1481 1478 -3
get_line 128 110 -18
cgi_io_loop_and_exit 599 569 -30
send_cgi_and_exit 882 738 -144
handle_incoming_and_exit 2793 2592 -201
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/6 up/down: 10/-399) Total: -389 bytes
text data bss dec hex filename
982178 485 7296 989959 f1b07 busybox_old
981675 485 7296 989456 f1910 busybox_unstripped
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The proxying is documented as follows:
P:/url:[http://]hostname[:port]/new/path
Howeverm urlcopy is not a true copy anymore when it is fdprint'ed
to proxy_fd, this is because percent_decode_in_place() is called
after the copy is created.
This breaks reverse proxying all URIs containing percent
encoded spaces, e.g. - because a decoded URI will be printed out
to proxy_fd instead of the original.
The fix keeps the logic in place to canonicalize the uri first,
before reverse proxying (one could argue that the uri
should be proxied completely unaltered, except for the prefix
rewrite).
function old new delta
handle_incoming_and_exit 2752 2792 +40
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Instead, simply don't send this header.
On Mon, Apr 2, 2018 at 8:17 PM, xisd <xisd-dev@riseup.net> wrote:
> I had some trouble using busybox httpd to serve a static website and I
> thought the issue might be of interest.
>
> My problem is related to something that seem quite common for static
> site generator : the use of html files without the '.html' extension
> (it is called 'clean url'...)
>
> Most web server guess that these files are html and display them like
> any other .html files.
>
> From what I understood, the MIME type for files without extension in
> busybox htttp default settings is 'application/octet-stream', and
> because of that 'clean url' pages are not displayed.
>
> It is only trouble because I wanted to deploy my website on freshly
> installed linux without editing any configuration.
>
> The default MIME setting make sense to me as it is, I just thought that
> might be worth mentioning since the use of 'clean url' seem to be a
> common practice for static sites generators (the one I use is callled
> 'yellow' (https://github.com/datenstrom/yellow))
>
> Here is a link for the related issue on github :
> https://github.com/datenstrom/yellow/issues/317
function old new delta
send_headers 702 718 +16
send_headers_and_exit 23 20 -3
handle_incoming_and_exit 2794 2791 -3
send_file_and_exit 772 756 -16
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/3 up/down: 16/-22) Total: -6 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
We were strdup'ing "Cookie: foo" every time we saw it.
function old new delta
handle_incoming_and_exit 2733 2821 +88
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Redundant help texts (one which only repeats the description)
are deleted.
Descriptions and help texts are trimmed.
Some config options are moved, even across menus.
No config option _names_ are changed.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When httpd proxies a request to another server, it first creates
an AF_INET socket, then resolves the server name to a sockaddr,
then connects to it. This fails if the server name resolves to
an IPv6 address.
This patch ensures that the socket is created with the correct
address family (AF_INET6 if the server resolves to an IPv6 address
and AF_INET otherwise).
Signed-off-by: Laurent Bercot <ska-dietlibc@skarnet.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
While at it, fix a pathological case where it is not fine:
-r REALM with some 8-kbyte long REALM would overflow the buffer.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Busybox already uses sendfile in httpd. This patch proposes to use it
globally to copy data between file descriptors.
It speeds up the copying on slow systems a lot - below are the times needed
to copy a 450Mb file with and without this option enabled on a BeagleBone
Black:
sendfile:
user 0m0.000s
sys 0m8.170s
read/write 4k:
user 0m0.470s
sys 0m16.300s
function old new delta
bb_full_fd_action 394 474 +80
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Fron bug report:
If a CGI or proxied connection is rudely aborted (SIG_{KILL,BUS,SEGV})
then httpd will spin madly the poll loop in:
networking/httpd.c:1080
cgi_io_loop_and_exit()
Upon investigation I found that pfd[0].revents == 0x0018 (POLLHUP|POLLERR),
which leads to empty read, but the pfd[0].fd (STDIN_FILENO) is left open,
and in the FD list given to poll() which immediately returns to once
again inform the loop of (POLLHUP|POLLERR) condition of pfd[0].fd.
This continues until pfd[FROM_CGI].revents != 0
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
HTTP standard doesn't allow it and no sane clients should ever use it.
function old new delta
handle_incoming_and_exit 2795 2785 -10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
When built with "sendfile" support, httpd was unable to send large files
(>2 GB) in one single connection, terminating it before the full file
has been sent.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
