1
0
mirror of https://github.com/esp8266/Arduino.git synced 2025-10-25 18:38:07 +03:00
Commit Graph

149 Commits

Author SHA1 Message Date
Alessio Leoncini
03f1a540ca Added constant time string comparison to avoid possible time-based attacks. (#3836)
* Added constant time strings comparison to avoid possible time-based attacks

* Fixed data types

* Fixed indentation

* Moved string comnparison in constant time to String class; modified function body to assure constant time comparison despite compiler optimizations

* Removed wrong code

* Fixed error and prevented compiler optimization to delete u1 local variable

* Avoid timing attacks on string comparison

* Minor

* changed counter names, removed else
2017-11-21 01:56:05 -03:00
Christian Schuster
e71ec77a00 minimize number of exit paths in ESP8266WebServer::handleClient (#2557) 2017-10-22 13:58:53 +08:00
Christian Schuster
2fbc619569 allocate HTTPUpload struct on demand (#2557) 2017-10-22 13:58:53 +08:00
James Stanley
2abbc36da4 Put WiFi into station mode in examples (#3731) 2017-10-22 13:53:01 +08:00
Ahmed El Sharnoby
eebc5ec593 Digest Authentication in Webserver Library (#3053)
* Add Digest Auth

* Check for Opaque and Nonce

* Remove Serial Debug and fix Indentation

* Added example sketch with documentation,Fixed indentation and Defaults

* Digest Authentication minor changes + new padded 32 digit random function

* update license to public domain

* renaming functions
2017-09-18 05:31:32 -05:00
probonopd
1843030b8a Allow for double quotes in boundary (#3455)
as per https://tools.ietf.org/html/rfc2046#section-5.1.1
2017-09-12 07:41:54 -05:00
teejaydub
3b60f75635 Fix to parse parameters in the URL of a POST with empty content. (#3398) 2017-08-07 19:04:03 +03:00
Earle F. Philhower, III
85be0f300a Move MIME type table into PROGMEM to save RAM (#3475)
The extension -> MIME type routine uses lots of constant strings which end
up in the RODATA segment of RAM.  Refactor the comparison to use a table of
strings stored in PMMEM instead, freeing ~370 bytes for the heap.
2017-08-07 15:44:30 +03:00
Stephan Schreiber
f5b6e16474 Fixed: urlDecode done before parsing args (#2956) 2017-08-01 12:54:31 +03:00
wuweixin
0fa34430e6 ESP8266WebServer: add application/json content type 2017-05-15 18:38:24 +08:00
Chris Mullins
72ed29ad5f allow for overridable value for HTTP_UPLOAD_BUFLEN 2017-05-01 05:33:20 -05:00
Rodion Kvashnin
2126146e20 Fix warnings (#2881)
* Suppressed -Wunused-parameter and -Wunused-function by casting to void unused identifiers.

* Explicit initialization of all fields to suppress -Wmissing-field-initializers.

* Fixed signed/unsigned integer comparison.

* memset initialization of structs.

* More -Wunused-parameter fixes.
2017-01-31 10:07:59 +03:00
Me No Dev
4897e0006b match headers using equalsIgnoreCase (#2474)
Should fix: https://github.com/esp8266/Arduino/issues/2131
2016-09-02 11:49:14 +03:00
Clemens Kirchgatterer
4dc4e75216 allow F() to be used for uri parameter (#2319) 2016-07-26 18:23:14 +08:00
Me No Dev
0d996ab75e fix plain post content containing special chars being parsed as arguments (#2241)
this solution actually keeps the content as is, as long as it's text
(does not contain zeroes)
2016-07-07 00:59:26 +03:00
Me No Dev
e7a529eb45 Fix missing separator between get and post arguments (#2222)
* fix urlDecode points

Fixes:

https://github.com/esp8266/Arduino/issues/1989
https://github.com/esp8266/Arduino/issues/2198

* Add missing separator between get and plain post arguments
2016-07-04 09:08:31 +03:00
Me No Dev
af06847f4a fix urlDecode points (#2212)
Fixes:
https://github.com/esp8266/Arduino/issues/1989
https://github.com/esp8266/Arduino/issues/2198
2016-07-01 02:37:15 +03:00
Me No Dev
6390cf6bd6 Chunked encoding (#2199)
* Add chunked encoding

example:
```cpp
  server.on("/chunked", HTTP_GET, [](){
    server.send(200, "text/html", String());
    server.sendContent("<!DOCTYPE html><html><head><title>Chunked
Test</title></head><body>");
    server.sendContent("<p>Chunk 1</p>");
    server.sendContent("<p>Chunk 2</p>");
    server.sendContent("<p>Chunk 3</p>");
    server.sendContent("<p>Chunk 4</p>");
    server.sendContent("<p>Chunk 5</p>");
    server.sendContent("<p>Chunk 6</p>");
    server.sendContent("</html>");
    server.sendContent("");//end of chunked
  });
```

* update examples, keep setContentLength and add bool _chunked

* fix wrong session id

* set _chunked to false earlier for cases where users use only sendContent
2016-06-28 14:35:12 +08:00
Ivan Grokhotkov
8db4dcea42 WifiClient::write refactoring (second attempt) (#2177)
* WiFiClient: use DataSource for writes

* ESP8266WebServer: delegate writing to WiFiClient

* ESP8266WebServer: set write timeout before sending content
2016-06-23 17:47:18 +08:00
Ivan Grokhotkov
35fd2ccd52 Make ESP8266WebServer::urlDecode public (#1419) 2016-06-13 15:17:17 +08:00
shiro
dbef28d394 add "include <ESP8266WiFi.h>" to ESP8266WebServer.h (#2094) 2016-06-06 12:21:01 +08:00
Ivan Grokhotkov
7450dd39ca ESP8266WebServer: save RAM by moving response strings to flash (#1732) 2016-04-18 10:43:00 +03:00
Ivan Grokhotkov
f6516b004f ESP8266WebServer: fix handling of empty POST
Fix handling of case when Content-Length is 0.
Change do {} while() loop into while(){} so that we don't wait 1000ms for data in case Content-Length is 0.
Also fix handling of cases when malloc or realloc return null.
2016-04-18 10:33:10 +03:00
Górász Péter
b72cf2cdcf if data loss, exit 2016-04-13 08:20:07 +02:00
Peter
41bd7af07e slow client/network read fix 2016-04-11 16:36:37 +02:00
gpepe
502c45c157 Update Parsing.cpp 2016-04-08 04:40:51 +02:00
gpepe
3a95fb5a94 Update Parsing.cpp 2016-04-07 23:32:04 +02:00
gpepe
8c675236c7 Update Parsing.cpp
Complete read POST/GET request.
2016-04-07 22:22:16 +02:00
Ivan Grokhotkov
00429e833d Merge pull request #1772 from gmag11/patch-2
Add more file types handling
2016-03-24 00:59:49 +03:00
Ivan Grokhotkov
67107ba19f Merge pull request #1771 from gmag11/patch-1
Update index.html
2016-03-24 00:59:27 +03:00
Ivan Grokhotkov
a14ae347e4 Fix buffer overflow in ESP8266WebServer::authenticate (#1790) 2016-03-18 23:33:35 +03:00
gmag11
18d984a9aa Add more file types handling
Add correct handling for *.json *.h *.html and *.ico
2016-03-14 14:00:57 +01:00
gmag11
9f2e173e84 Update index.html
Fix context menu due to wrong variable name "event" --> "e"
2016-03-14 13:57:07 +01:00
Marvin Roger
e23e4d90da Add font MIME types, fix #1601
As per http://stackoverflow.com/a/10864297
2016-03-05 14:38:02 +01:00
Assaf Inbal
728e2dfae9 Added 'text/cache-manifest' content type 2016-02-08 06:58:19 +02:00
Charles
4036e3a436 Changed header() to have string parameter instead of const char * 2016-02-03 13:48:35 +01:00
Charles
c74a7703d2 Changed Arg hasArg hasHeader from const char * to String
This permet calling these with const char *, String or PGM_P type
parameter
2016-02-03 12:04:03 +01:00
Charles
090c3e3533 Added arg_P hasArg_P and hasHeader_P
Added arg_P hasArg_P and hasHeader_P to be able to test arg from string
stored in flash
2016-02-03 05:29:21 +01:00
Ivan Grokhotkov
ecdbda8796 Merge pull request #1401 from lp0/webserver-async1
WebServer: handle initial read/close timeouts asynchronously
2016-01-18 20:45:41 +03:00
Simon Arlott
d099404eb8 WebServer: handle initial read/close timeouts asynchronously
If there is a delay before data becomes available on a new connection
then the handler function blocks for up to 1 second, and there's another
wait on connection close for up to 2 seconds.

This doesn't make the whole server process asynchronous (there is another
delay between headers/data) but it helps when there are other events
that need attention while handling web requests.
2016-01-10 15:50:34 +00:00
Assaf Inbal
9e61e60b0c A content length of zero should also be sent
This is needed since when the content-length header is not sent the clients will
wait for data anyways. Sending a content length of zero will tell the client not
to expect any content and it will close the connection immediately.
2016-01-10 08:11:40 +02:00
Markus Sattler
2b23b005aa allow control of enabling debug and debug level from IDE 2016-01-02 12:25:39 +01:00
Ivan Grokhotkov
2d70b36212 Fix warning due to lack of virtual destructor 2015-12-23 10:13:41 +03:00
Markus Sattler
55afeba174 see #1167
add close and stop as alias
2015-12-10 12:02:49 +01:00
Me No Dev
4ca084e628 Merge remote-tracking branch 'esp8266/master' into www-basic-auth 2015-11-30 15:00:50 +02:00
Me No Dev
12c71aa899 memory housekeeping 2015-11-30 15:00:47 +02:00
Ivan Grokhotkov
1b49c58cdb Merge pull request #1112 from me-no-dev/www-basic-auth
Add HTTP Basic Auth to WebServer and libb64 (base64) to core
2015-11-30 12:56:36 +03:00
Ivan Grokhotkov
9e930e5d34 Fix link-time dependency of ESP8266WebServer on SPIFFS (#862) 2015-11-30 12:20:15 +03:00
Me No Dev
0c6e11b4ea Merge branch 'master' into www-basic-auth 2015-11-30 10:50:53 +02:00
Ivan Grokhotkov
a6e01b8d27 Fix handling of / to load index.htm (#1085)
Thanks @sticilface
2015-11-30 08:43:08 +03:00