* Make HTTP server test data easier to examine
* Add HTTP server parameter tests containing & and =
* Fix URL parameter decoding in web server
The parameters string needs to be first split on & and =, and URL
decoding on parts done after that. Otherwise URL encoded & and = within
parameter names and values cause incorrect splitting.
* Added constant time strings comparison to avoid possible time-based attacks
* Fixed data types
* Fixed indentation
* Moved string comnparison in constant time to String class; modified function body to assure constant time comparison despite compiler optimizations
* Removed wrong code
* Fixed error and prevented compiler optimization to delete u1 local variable
* Avoid timing attacks on string comparison
* Minor
* changed counter names, removed else
* Add Digest Auth
* Check for Opaque and Nonce
* Remove Serial Debug and fix Indentation
* Added example sketch with documentation,Fixed indentation and Defaults
* Digest Authentication minor changes + new padded 32 digit random function
* update license to public domain
* renaming functions
The extension -> MIME type routine uses lots of constant strings which end
up in the RODATA segment of RAM. Refactor the comparison to use a table of
strings stored in PMMEM instead, freeing ~370 bytes for the heap.
* Suppressed -Wunused-parameter and -Wunused-function by casting to void unused identifiers.
* Explicit initialization of all fields to suppress -Wmissing-field-initializers.
* Fixed signed/unsigned integer comparison.
* memset initialization of structs.
* More -Wunused-parameter fixes.
* WiFiClient: use DataSource for writes
* ESP8266WebServer: delegate writing to WiFiClient
* ESP8266WebServer: set write timeout before sending content
Fix handling of case when Content-Length is 0.
Change do {} while() loop into while(){} so that we don't wait 1000ms for data in case Content-Length is 0.
Also fix handling of cases when malloc or realloc return null.
If there is a delay before data becomes available on a new connection
then the handler function blocks for up to 1 second, and there's another
wait on connection close for up to 2 seconds.
This doesn't make the whole server process asynchronous (there is another
delay between headers/data) but it helps when there are other events
that need attention while handling web requests.
This is needed since when the content-length header is not sent the clients will
wait for data anyways. Sending a content length of zero will tell the client not
to expect any content and it will close the connection immediately.
