lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
personal/gstrauss/master
personal/stbuehler/ci-build
personal/stbuehler/fix-fdevent
personal/stbuehler/1.4.48-mod-proxy-fix
personal/stbuehler/cleanup-build
personal/stbuehler/mod-csrf
personal/stbuehler/mod-csrf-old
lighttpd-1.4.71
lighttpd-1.4.70
lighttpd-1.4.69
lighttpd-1.4.68
lighttpd-1.4.67
lighttpd-1.4.66
lighttpd-1.4.65
lighttpd-1.4.64
lighttpd-1.4.63
lighttpd-1.4.62
lighttpd-1.4.61
lighttpd-1.4.60
lighttpd-1.4.59
lighttpd-1.4.58
lighttpd-1.4.57
lighttpd-1.4.56
lighttpd-1.4.56-rc7
lighttpd-1.4.56-rc6
lighttpd-1.4.56-rc5
lighttpd-1.4.56-rc4
lighttpd-1.4.56-rc3
lighttpd-1.4.56-rc2
lighttpd-1.4.56-rc1
lighttpd-1.4.55
lighttpd-1.4.54
lighttpd-1.4.53
lighttpd-1.4.52
lighttpd-1.4.51
lighttpd-1.4.50
lighttpd-1.4.49
lighttpd-1.4.48
lighttpd-1.4.47
lighttpd-1.4.46
lighttpd-1.4.45
lighttpd-1.4.44
lighttpd-1.4.43
lighttpd-1.4.42
lighttpd-1.4.41
lighttpd-1.4.40
lighttpd-1.4.39
lighttpd-1.4.38
lighttpd-1.4.37
lighttpd-1.4.36
lighttpd-1.4.36--rc1
lighttpd-1.4.35
lighttpd-1.4.34
lighttpd-1.4.33
lighttpd-1.4.32
lighttpd-1.4.31
lighttpd-1.4.30
lighttpd-1.4.29
lighttpd-1.4.24
lighttpd-1.3.11
lighttpd-1.3.12
lighttpd-1.3.13
lighttpd-1.3.14
lighttpd-1.3.15
lighttpd-1.3.16
lighttpd-1.4.1
lighttpd-1.4.10
lighttpd-1.4.11
lighttpd-1.4.12
lighttpd-1.4.13
lighttpd-1.4.14
lighttpd-1.4.15
lighttpd-1.4.16
lighttpd-1.4.17
lighttpd-1.4.18
lighttpd-1.4.19
lighttpd-1.4.2
lighttpd-1.4.20
lighttpd-1.4.21
lighttpd-1.4.22
lighttpd-1.4.23
lighttpd-1.4.25
lighttpd-1.4.26
lighttpd-1.4.27
lighttpd-1.4.28
lighttpd-1.4.3
lighttpd-1.4.4
lighttpd-1.4.5
lighttpd-1.4.6
lighttpd-1.4.7
lighttpd-1.4.8
lighttpd-1.4.9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '66624b375b'
${ noResults }
lighttpd1.4/tests
History
Glenn Strauss 61f85d14ee [core] reject WS following header field-name (fixes #2985) 
reject whitespace following request header field-name and before colon
Such whitespace is forbidden in RFC 7230 Section 3.2.4.

strict header parsing is enabled by default in lighttpd.  However,
if explicitly disabled in lighttpd.conf, lighttpd will continue to
accept (and re-format) such field-names before passing to any backend.
  UNSAFE: server.http-parseopts = ( "header-strict" => "disable" )
  This is NOT RECOMMENDED since doing so disables other protections
  provided by lighttpd strict http header parsing.

(thx fedormixalich)

x-ref:
  stricter request header parsing
  https://redmine.lighttpd.net/issues/2985
 		3 years ago
..
docroot [tests] some test config cleanup 5 years ago
404-handler.conf [tests] some test config cleanup 5 years ago
CMakeLists.txt [tests] t/test_keyvalue 5 years ago
LightyTest.pm [tests] has_feature() helper func 4 years ago
Makefile.am [tests] some test config cleanup 5 years ago
SConscript [tests] some test config cleanup 5 years ago
cachable.t [core] support weak etags with If-None-Match 4 years ago
cleanup.sh [scons] various improvements 8 years ago
condition.conf [tests] some test config cleanup 5 years ago
core-404-handler.t [core] server.error-handler new directive for error pages (fixes #2702) 7 years ago
core-condition.t [core] never evaluate else branches until the previous branches are aready (fixes #2598) 7 years ago
core-keepalive.t - change s/// separator that it doesn't confuse vim 16 years ago
core-request.t [core] behavior change: stricter URL normalization 4 years ago
core-response.t [core] buffer_append_string_encoded() uc hex 5 years ago
core-var-include.t - change s/// separator that it doesn't confuse vim 16 years ago
fastcgi-10.conf [tests] more test config cleanup 5 years ago
fastcgi-responder.conf [tests] some test config cleanup 5 years ago
fcgi-auth.c [tests] test coverage for issues (#321, #322) 7 years ago
fcgi-responder.c [tests] FCGI_Finish() final request before exit 6 years ago
lighttpd.conf [tests] some test config cleanup 5 years ago
lighttpd.htpasswd [mod_auth] skip blank lines and comment lines (fixes #2327) 7 years ago
lighttpd.user moved everything below trunk/ and added branches/ and tags/ 19 years ago
lowercase.conf [tests] more test config cleanup 5 years ago
lowercase.t - change s/// separator that it doesn't confuse vim 16 years ago
meson.build [tests] t/test_keyvalue 5 years ago
mod-auth.conf [tests] some test config cleanup 5 years ago
mod-auth.t [tests] some test config cleanup 5 years ago
mod-cgi.t [core] consolidate dynamic handler response parse 6 years ago
mod-compress.conf [tests] some test config cleanup 5 years ago
mod-compress.t mod_compress: match partial+full content-type (fixes #1552) 14 years ago
mod-extforward.conf [tests] some test config cleanup 5 years ago
mod-extforward.t [mod_extforward] support Forwarded HTTP Extension (#2703) 6 years ago
mod-fastcgi.t [tests] more test config cleanup 5 years ago
mod-proxy.t [core] behavior change: stricter URL normalization 4 years ago
mod-scgi.t [tests] reduce time waiting for backends to start 6 years ago
mod-secdownload.conf [tests] some test config cleanup 5 years ago
mod-secdownload.t [tests] skip mod-secdownload HMAC-SHA1,HMAC-SHA256 4 years ago
mod-setenv.t [mod_setenv] directives to overwrite/remove hdrs (fixes #650, fixes #2295) 6 years ago
mod-ssi.t [mod_ssi] more flexible quoting (fixes #1768) 7 years ago
mod-userdir.t [mod_user] add test cases to check handling of encoded ~ as %7E (#2124) 10 years ago
prepare.sh [tests] some test config cleanup 5 years ago
proxy.conf [tests] more test config cleanup 5 years ago
request.t [core] reject WS following header field-name (fixes #2985) 3 years ago
run-tests.pl Fix request parser to handle packets with splitted \r\n\r\n (fixes #2105) 14 years ago
scgi-responder.c [mod_scgi] tests/mod-scgi.t unit tests 6 years ago
scgi-responder.conf [tests] some test config cleanup 5 years ago
symlink.t mark testcase executable 15 years ago
var-include-sub.conf [tests] search for perl in PATH instead of /usr/bin; whitespace + test config cleanups 8 years ago
var-include.conf [tests] some test config cleanup 5 years ago
wrapper.sh Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file 12 years ago