Previously, if an http.Handler didn't fully consume a
Request.Body before returning and the request and the response
from the handler indicated no reason to close the connection,
the server would read an unbounded amount of the request's
unread body to advance past the request message to find the
next request's header. That was a potential DoS.
With this CL there's a threshold under which we read
(currently 256KB) in order to keep the connection in
keep-alive mode, but once we hit that, we instead
switch into a "Connection: close" response and don't
read the request body.
Fixes#2093 (along with number of earlier CLs)
R=golang-dev, dsymonds
CC=golang-dev
https://golang.org/cl/5268043
The current code will panic if an invalid
request (one with a nil URL) is passed to
the doFollowingRedirects function.
Also, remove a redundant nil Header check.
R=bradfitz
CC=golang-dev
https://golang.org/cl/5270046
Its purpose is not only undocumented, it's also unknown (to me
and Russ, at least) and leads to complexity, bugs and
confusion.
R=golang-dev, adg, rsc
CC=golang-dev
https://golang.org/cl/5213043
This implements a replacer for when all old strings are single
bytes, but new values are not.
BenchmarkHTMLEscapeNew 1000000 1090 ns/op
BenchmarkHTMLEscapeOld 1000000 2049 ns/op
R=rsc
CC=golang-dev
https://golang.org/cl/5176043
When all old & new string values are single bytes,
byteReplacer is now used, instead of the generic
algorithm.
BenchmarkGenericMatch 10000 102519 ns/op
BenchmarkByteByteMatch 1000000 2178 ns/op
fast path, when nothing matches:
BenchmarkByteByteNoMatch 1000000 1109 ns/op
comparisons to multiple Replace calls:
BenchmarkByteByteReplaces 100000 16164 ns/op
comparison to strings.Map:
BenchmarkByteByteMap 500000 5454 ns/op
R=rsc
CC=golang-dev
https://golang.org/cl/5175050
clean up duplicate environment for CGI.
overriding former by latter.
On windows, When there are duplicated environments like following,
SCRIPT_FILENAME=c:/progra~1/php/php-cgi.exe
SCRIPT_FILENAME=/foo.php
CreateProcess use first entry.
If make cgi.Handle like following,
cgih = cgi.Handler{
Path: "c:/strawberry/perl/bin/perl.exe",
Dir: "c:/path/to/webroot",
Root: "c:/path/to/webroot",
Args: []string{"foo.php"},
Env: []string{"SCRIPT_FILENAME=foo.php"},
}
http/cgi should behave "SCRIPT_FILENAME is foo.php".
But currently, http/cgi is set duplicate environment entries.
So, browser show binary dump of "php-cgi.exe" that is specified indented
SCRIPT_FILENAME in first entry.
This change clean up duplicates, and use latters.
R=golang-dev, bradfitz, bradfitz
CC=golang-dev
https://golang.org/cl/5010044
Weekday is redundant information for a Time structure.
When parsing a time with a weekday specified, it can create an
incorrect Time value.
When parsing a time without a weekday specified, people
expect the weekday to be set.
Fix all three problems by computing the weekday on demand.
This is hard to gofix, since we must change the type of the node.
Since uses are rare and existing code will be caught by the compiler,
there is no gofix module here.
Fixes#2245.
R=golang-dev, bradfitz, rsc
CC=golang-dev
https://golang.org/cl/4974077
Most web frameworks allow ; as a synonym for &,
following a recommendation in some versions of
the HTML specification. Do the same.
Remove overuse of Split.
Move ParseQuery tests from package http to package url.
Fixes#2210.
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/4973062
My theory is that suse has larger TCP buffer sizes
by default. I now check over 100MB, rather than over 2MB.
100MB is ~halfway between the 1MB limit and the 200MB
request that's attempted.
R=golang-dev, dsymonds
CC=golang-dev
https://golang.org/cl/4926048
The kludge is targeted at broken web browsers
like Chrome and IE, but it gets in the way of
sending 400 or 500-series error results with
formatted bodies in response to AJAX requests
made by pages executing in those browsers.
Now the AJAX cases will work and Chrome
and IE will be as broken with Go servers as
they are with all the other servers.
Fixes#2169.
R=bradfitz, dsymonds
CC=golang-dev
https://golang.org/cl/4930047
This adds http.MaxBytesReader, similar to io.LimitReader,
but specific to http, and for preventing a class of DoS
attacks.
This also makes the 10MB ParseForm limit optional (if
not already set by a MaxBytesReader), documents it,
and also adds "PUT" as a valid verb for parsing forms
in the request body.
Improves issue 2093 (DoS protection)
Fixes#2165 (PUT form parsing)
R=golang-dev, adg
CC=golang-dev
https://golang.org/cl/4921049
ParseMediaType previously documented that it always returned
a non-nil map, but also documented that it returned a nil map
to signal an error.
That is confusing, contradictory and not Go-like.
Now it returns (mediatype string, params map, os.Error).
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/4867054
This is just moving the URL code from package http into its own package,
which has been planned for a while.
Besides clarity, this also breaks a nascent dependency cycle the new template
package was about to introduce.
Add a gofix module, url, and use it to generate changes outside http and url.
Sadness about the churn, gladness about some of the naming improvements.
R=dsymonds, bradfitz, rsc, gustavo, r
CC=golang-dev
https://golang.org/cl/4893043
Fixes#2140.
The http.DefaultTransport's RoundTrip method leaves the http.Request object
in an altered state after performing the round trip. This patch removes
the header from the Request before returning to the client.
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/4857041
calling filepath.FromSlash(x) make invalid character to serve file.
Fixes#2128
R=golang-dev, alex.brainman, rsc
CC=golang-dev
https://golang.org/cl/4810064
serveFile was using absolute redirects, which didn't work under StripPrefix.
Now it uses relative redirects.
R=golang-dev, rsc, bradfitz
CC=golang-dev, kevlar
https://golang.org/cl/4789042