Its purpose is not only undocumented, it's also unknown (to me
and Russ, at least) and leads to complexity, bugs and
confusion.
R=golang-dev, adg, rsc
CC=golang-dev
https://golang.org/cl/5213043
This adds http.MaxBytesReader, similar to io.LimitReader,
but specific to http, and for preventing a class of DoS
attacks.
This also makes the 10MB ParseForm limit optional (if
not already set by a MaxBytesReader), documents it,
and also adds "PUT" as a valid verb for parsing forms
in the request body.
Improves issue 2093 (DoS protection)
Fixes#2165 (PUT form parsing)
R=golang-dev, adg
CC=golang-dev
https://golang.org/cl/4921049
ParseMediaType previously documented that it always returned
a non-nil map, but also documented that it returned a nil map
to signal an error.
That is confusing, contradictory and not Go-like.
Now it returns (mediatype string, params map, os.Error).
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/4867054
This is just moving the URL code from package http into its own package,
which has been planned for a while.
Besides clarity, this also breaks a nascent dependency cycle the new template
package was about to introduce.
Add a gofix module, url, and use it to generate changes outside http and url.
Sadness about the churn, gladness about some of the naming improvements.
R=dsymonds, bradfitz, rsc, gustavo, r
CC=golang-dev
https://golang.org/cl/4893043
ServeMux depends on having a URL
in order to mux. It might be that the right
fix is to have CONNECT handlers just not
look at URL.
««« original CL description
http: do not parse req.URL for CONNECT
CONNECT's argument is not a URL.
R=golang-dev, bradfitz, rsc
CC=golang-dev
https://golang.org/cl/4808044
»»»
TBR=bradfitz
CC=golang-dev
https://golang.org/cl/4798046
Change the signature of Split to have no count,
assuming a full split, and rename the existing
Split with a count to SplitN.
Do the same to package bytes.
Add a gofix module.
R=adg, dsymonds, alex.brainman, rsc
CC=golang-dev
https://golang.org/cl/4661051
As rsc suggested after change 58a6bdac3d12 was committed, we
now read the first byte of Request.Body when the
Request.ContentLength is 0 to disambiguate between a truly
zero-length body and a body of unknown length where the user
didn't set the ContentLength field.
This was also causing the reverse proxy problem where incoming
requests (which always have a body, of private type http.body,
even for 0-lengthed requests) were being relayed to the http
Transport for fetching, which was serializing the request as a
chunked request (since ContentLength was 0 and Body was
non-nil)
Fixes#1999
R=golang-dev, kevlar
CC=golang-dev
https://golang.org/cl/4628063
This is a core API change.
1) gofix misc src
2) Manual adjustments to the following files under src/pkg:
gob/decode.go
rpc/client.go
os/error.go
io/io.go
bufio/bufio.go
http/request.go
websocket/client.go
as well as:
src/cmd/gofix/testdata/*.go.in (reverted)
test/fixedbugs/bug243.go
3) Implemented gofix patch (oserrorstring.go) and test case (oserrorstring_test.go)
Compiles and runs all tests.
R=r, rsc, gri
CC=golang-dev
https://golang.org/cl/4607052
Previously Request and Response had redundant fields for
Referer, UserAgent, and cookies which caused confusion and
bugs. It also didn't allow us to expand the package over
time, since the way to access fields would be in the Headers
one day and promoted to a field the next day. That would be
hard to gofix, especially with code ranging over Headers.
After a discussion on the mail package's design with a similar
problem, we've designed to make the Headers be the source of
truth and add accessors instead.
Request:
change: Referer -> Referer()
change: UserAgent -> UserAgent()
change: Cookie -> Cookies()
new: Cookie(name) *Cookie
new: AddCookie(*Cookie)
Response:
change: Cookie -> Cookies()
Cookie:
new: String() string
R=rsc
CC=golang-dev
https://golang.org/cl/4620049
It was always a weird interface but I didn't know what I
was doing at the time. rsc questioned me about it then
but didn't press on it during review. Then adg bugged me
about it too recently.
So clean it up. It parallels the Writer struct too.
R=golang-dev, r, rsc
CC=golang-dev
https://golang.org/cl/4602063
Via Russ Ross' bug report on golang-nuts, it was not possible
to send an HTTP request with a zero length body with either a
Content-Length (it was stripped) or chunking (it wasn't set).
This means Go couldn't upload 0-length objects to Amazon S3.
(which aren't as silly as they might sound, as S3 objects can
have key/values associated with them, set in the headers)
Amazon further doesn't supported chunked uploads. (not Go's
problem, but we should be able to let users set an explicit
Content-Length, even if it's zero.)
To fix the ambiguity of an explicit zero Content-Length and
the Request struct's default zero value, users need to
explicit set TransferEncoding to []string{"identity"} to force
the Request.Write to include a Content-Length: 0. identity is
in RFC 2616 but is ignored pretty much everywhere. We don't
even then serialize it on the wire, since it's kinda useless,
except as an internal sentinel value.
The "identity" value is then documented, but most users can
ignore that because NewRequest now sets that.
And adds more tests.
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/4603041
This replaces most the map[string][]string usage with
a new Values type name, with the usual methods.
It also changes client.PostForm to take a Values, rather
than a map[string]string, closing a TODO in the code.
R=rsc
CC=golang-dev
https://golang.org/cl/4532123
Also some cleanup, removing redundant code. Make more
things use NewRequest. Add some tests, docs.
R=golang-dev, adg, rsc
CC=golang-dev
https://golang.org/cl/4561047
A user pointed out that Go didn't work with their
corp proxy, always throwing 400 Bad Request errors.
Looking at the RFC 2616, Host is always required,
even with proxies.
The old code assumed that writing an absolute URL
in the first line of an HTTP request implied
that the Host header was no longer necessary.
Double-checked behavior with curl.
R=golang-dev, dsymonds
CC=golang-dev
https://golang.org/cl/4539075
NewRequest will save a lot of boilerplate code.
This also updates some docs on Request.Write and
adds some tests.
R=rsc, petar-m, r
CC=golang-dev
https://golang.org/cl/4406047
Also adds some tests for Issue 900 which was the reason
the current URL parsing is broken. (the previous fix
was wrong)
R=rsc, adg, dangabrad, bradfitzwork
CC=golang-dev
https://golang.org/cl/3910042
