Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge 0.11->trunk | Kim Alvefur | 2021-02-27 | 1 | -3/+3 |
|\ | |||||
| * | mod_http: Restore ip field for requests without proxies | Kim Alvefur | 2021-02-27 | 1 | -2/+2 |
| | | | | | | | | | | 8603011e51fe optimized out more than just the loop, leaving the .ip field blank when the request wasn't from a proxy. | ||||
| * | mod_http: Fix trusted proxies check (thanks buildbot) | Kim Alvefur | 2021-02-18 | 1 | -1/+1 |
| | | | | | | | | | | is_trusted_proxy() is only in trunk, I dun goofed when I rebased 8603011e51fe from trunk. | ||||
* | | mod_http: Improve message for missing 'route' | Kim Alvefur | 2021-02-23 | 1 | -1/+1 |
| | | | | | | | | | | This was the late night early draft text, thought I had amended this but apparently I forgot. | ||||
* | | mod_http: Warn if app is missing 'route' | Kim Alvefur | 2021-02-21 | 1 | -1/+7 |
| | | | | | | | | | | | | | | | | | | | | Makes no sense to have a http module with no handlers Would have helped me when I accidentally module:provides("http", { GET = handler; }) | ||||
* | | mod_http: Allow modifying CORS header list via :provides API | Kim Alvefur | 2019-12-30 | 1 | -1/+11 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E.g. module:provides("http", { cors = { headers = { Accept = true; Expect = false; }; }; route = { ... }; }); Case might be weird. | ||||
* | | mod_http: Allow setting the CORS credentials flag via :provides API | Kim Alvefur | 2019-12-30 | 1 | -1/+9 |
| | | | | | | | | | | | | | | | | | | | | | | E.g. module:provides("http", { cors = { credentials = true; }; route = { ... }; }); | ||||
* | | mod_http: Optimize proxy IP check | Kim Alvefur | 2021-02-18 | 1 | -0/+3 |
| | | | | | | | | | | No need to do a subnet match comparison to see if two IP addresses match exactly. | ||||
* | | mod_http: Consider x-forwarded-proto from trusted proxies | Kim Alvefur | 2021-02-18 | 1 | -0/+4 |
| | | | | | | | | | | | | | | Should be better than setting consider_{bosh,websocket}_secure as that may end up causing actually insecure requests to be considered secure. Doing it here, as with IP, should make this apply to all HTTP modules. | ||||
* | | Merge 0.11->trunk | Kim Alvefur | 2021-02-18 | 1 | -1/+1 |
|\| | |||||
| * | mod_http: Skip IP resolution in non-proxied case | Kim Alvefur | 2021-02-18 | 1 | -1/+1 |
| | | | | | | | | | | Skips doing the whole get_ip_from_request() dance if the request isn't from a proxy at all, even if the client sent the header for some reason. | ||||
* | | mod_http: Silence warnings when running under prosodyctl | Matthew Wild | 2020-09-11 | 1 | -2/+4 |
| | | |||||
* | | mod_http: Add way to signal that a module supports streaming uploads | Kim Alvefur | 2020-08-01 | 1 | -1/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #726 API: module:provides("http", { streaming_uploads = true; route = { PUT = function (event) event.request.body_sink = io.tmpfile(); return true; end } }) | ||||
* | | net.http.parser: Allow specifying sink for large request bodies | Kim Alvefur | 2020-08-01 | 1 | -0/+9 |
| | | | | | | | | | | | | | | This enables uses such as saving uploaded files directly to a file on disk or streaming parsing of payloads. See #726 | ||||
* | | mod_http: Support CIDR for trusted proxies. | Boris Grozev | 2020-06-10 | 1 | -1/+16 |
| | | |||||
* | | mod_http: Tell luacheck to ignore the long comment lines | Kim Alvefur | 2020-05-14 | 1 | -0/+1 |
| | | |||||
* | | mod_http: Add documentation to the non-obvious logic of get_ip_from_request | Jonas Schäfer | 2020-05-14 | 1 | -0/+7 |
| | | | | | | | | Because docs are good. | ||||
* | | mod_net_multiplex: Add support for using ALPN | Kim Alvefur | 2019-11-29 | 1 | -0/+1 |
| | | | | | | | | | | | | | | Potentially a bit more efficient since it can jump to the selected protocol on connect instead of waiting for some data to look at. Adds a 'protocol' field to net providers for this purpose. | ||||
* | | mod_http: Log served URLs at 'info' level | Kim Alvefur | 2019-11-29 | 1 | -1/+1 |
| | | | | | | | | | | | | These are similar to the "activated service" messages from portmanager and similarily useful for the service admin to know even if they're not debugging anything. | ||||
* | | mod_http: Soften dependency on mod_http_errors | Kim Alvefur | 2019-11-16 | 1 | -1/+3 |
| | | | | | | | | | | | | This allows disabling mod_http_errors by adding it to moduless_disabled and ensures mod_http loads even if the error pages aren't as pretty. | ||||
* | | mod_http: Unhook CORS related event handlers | Kim Alvefur | 2019-10-10 | 1 | -3/+10 |
| | | | | | | | | | | | | | | Prevents CORS related handlers from being left over on reload. BC: `mod_http.apps[app_name][event_name]` is now a table instead of the main handler function. | ||||
* | | mod_http: Add support for configuring CORS Access-Control-Allow-Credentials | Matthew Wild | 2019-09-11 | 1 | -2/+6 |
| | | |||||
* | | core.certmanager: Do not ask for client certificates by default | Kim Alvefur | 2019-03-10 | 1 | -3/+0 |
| | | | | | | | | | | | | Since it's mostly only mod_s2s that needs to request client certificates it makes some sense to have mod_s2s ask for this, instead of having eg mod_http ask to disable it. | ||||
* | | mod_http: Determine CORS methods to whitelist from actual methods used | Kim Alvefur | 2019-01-17 | 1 | -2/+9 |
| | | |||||
* | | mod_http: Set up to handle OPTIONS | Kim Alvefur | 2019-01-18 | 1 | -0/+7 |
| | | | | | | | | | | Lower priority to allow http modules to handle it themselves, should they wish to | ||||
* | | mod_http: Solve CORS problems once and for all | Kim Alvefur | 2018-10-04 | 1 | -0/+19 |
|/ | | | | | | | This blindly allows any cross-site requests. Future work should add an API to allow each HTTP app some influence over this for each HTTP path | ||||
* | mod_http: Move normalize_path to util.http | Kim Alvefur | 2018-10-14 | 1 | -10/+1 |
| | |||||
* | Merge 0.10->trunk | Kim Alvefur | 2018-10-14 | 1 | -3/+7 |
|\ | |||||
| * | mod_http: Make sure path from http_external_url always ends with a slash ↵ | Kim Alvefur | 2018-10-14 | 1 | -3/+7 |
| | | | | | | | | (fixes #1183) | ||||
* | | mod_http: Support global HTTP modules | Kim Alvefur | 2018-09-21 | 1 | -5/+16 |
| | | | | | | | | Such modules simply ignore the Host header and always handle the same path. | ||||
* | | Revert 2dc7490899ae::5d6b252bc36f: Unfinished and broken | Kim Alvefur | 2018-09-21 | 1 | -12/+2 |
| | | |||||
* | | mod_http: Hook the host-less event if hooked from a global module | Kim Alvefur | 2018-09-21 | 1 | -1/+5 |
| | | |||||
* | | net.http.server: Move handling of hosts to mod_http | Kim Alvefur | 2018-09-21 | 1 | -1/+7 |
| | | | | | | | | | | Now an event like `GET /path` is fired at first, and mod\_http dispatches the old `GET host/path` events. | ||||
* | | mod_http: Rename argument to avoid name clash with outer scope [luacheck] | Kim Alvefur | 2018-07-06 | 1 | -3/+3 |
| | | |||||
* | | mod_http: Rename loop variable to avoid name clash [luacheck] | Kim Alvefur | 2018-07-06 | 1 | -2/+2 |
| | | |||||
* | | mod_http: Rename loop variable to avoid name clash [luacheck] | Kim Alvefur | 2018-07-06 | 1 | -2/+2 |
| | | |||||
* | | mod_http: Silecence harmless warnings | Kim Alvefur | 2018-07-06 | 1 | -2/+2 |
| | | |||||
* | | mod_http: Pass util.events object to API, fixes traceback | Kim Alvefur | 2018-03-16 | 1 | -1/+1 |
| | | |||||
* | | mod_http: Set request.ip on all HTTP requests (moves code out of mod_bosh) ↵ | Kim Alvefur | 2018-03-15 | 1 | -0/+25 |
| | | | | | | | | (fixes #540) | ||||
* | | Merge 0.10->trunk | Kim Alvefur | 2017-01-26 | 1 | -5/+1 |
|\| | |||||
| * | util.sslconfig: Remvoe flag merging for 'verify' as this is more of a ↵ | Kim Alvefur | 2017-01-26 | 1 | -5/+1 |
| | | | | | | | | tri-state field than a set of options | ||||
* | | Merge 0.10->trunk | Kim Alvefur | 2016-08-18 | 1 | -0/+3 |
|\| | |||||
| * | Merge 0.9->0.10 | Kim Alvefur | 2016-08-18 | 1 | -0/+3 |
| |\ | |||||
| | * | mod_http: Allow configuring http parser size limits | Kim Alvefur | 2016-08-18 | 1 | -0/+3 |
| | | | |||||
* | | | mod_http: Fix indentation in redir_handler | Emmanuel Gil Peyrot | 2016-07-24 | 1 | -3/+3 |
| | | | |||||
* | | | Update every link to the documentation to use HTTPS | Emmanuel Gil Peyrot | 2016-04-16 | 1 | -1/+1 |
| | | | |||||
* | | | plugins/mod_http: Keep query string over automatic redirects | daurnimator | 2016-02-15 | 1 | -0/+3 |
| | | | |||||
* | | | Backout unintentional commit ed5440a6ef7f | Matthew Wild | 2015-12-03 | 1 | -1/+7 |
| | | | |||||
* | | | Merge 0.10->trunk | Matthew Wild | 2015-12-03 | 1 | -7/+1 |
|/ / | |||||
* | | Merge 0.9->0.10 (third time lucky) | Matthew Wild | 2015-03-27 | 1 | -0/+8 |
|\| |