Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on Feb 15, 2013
  1. @klacke

    spelling err

    klacke authored
Commits on Feb 12, 2013
  1. @capflam

    Fix typo in documentation

    capflam authored
Commits on Feb 11, 2013
  1. @capflam

    Refactor WebSockets and add support of optional callback functions

    capflam authored
    Main changes:
      * Fix some bugs about UTF-8 encoding and messages fragmentation
      * Add support of optional callback functions
      * Add support of many startup options
      * Add support of outgoing fragmented messages
      * Add a websocket testsuite
    
                                     - * -
    *** bug fixes ***
    
    First of all, an huge part of yaws_websocket.erl was rewritten to fix bugs
    about the messages fragmentation and the UTF-8 encoding of incoming text
    messages:
    
      * UTF-8 encoding
        before, when a text message was fragmented, only the first frame was
        checked and partial UTF-8 sequences were not supported. Now, checks
        are done on each message part and a partial UTF-8 sequence at the end
        of a frame is accumulated and checked with the next frame (for basic
        callback only).
    
      * Messages fragmentation
        for basic callback modules, because of a buggy mapping between frames
        and messages, the messages fragmentation was almost unusable. To fix
        this, the message handling was rewritten.
    
    Now, all tests in the autobahn testsuite[1] pass successfully.
    
                                     - * -
    *** Optional callback functions ***
    
    Then, from an idea of François de Metz[2], yaws_websocket module was
    extended to support optional callback functions. See the documentation for
    details (www/websockets.yaws).
    
    Quickly, optional callback functions are:
    
      * Module:init/1           (for basic and advanced callback modules)
      * Module:terminate/2      (for basic and advanced callback modules)
      * Module:handle_open/2    (for basic and advanced callback modules)
      * Module:handle_info/2    (for basic and advanced callback modules)
      * Module:handle_message/2 (for basic callback modules only, used in place
                                 of Module:handle_message/1)
    
    Thanks to Pablo Vieytes[3] which added handle_info to optional callback
    functions.
                                     - * -
    *** Startup options ***
    
    To start a websocket process a script must return the following term from
    its out/1 function:
    
      {websocket, CallbackMod, Options}
    
    where 'Options' is a (possibly empty) proplist. Following parameters are
    supported:
    
      * {origin, Orig}
      * {callback, Type}
      * {keepalive, Boolean}
      * {keepalive_timeout, Tout}
      * {keepalive_grace_period, Time}
      * {drop_on_timeout, Boolean}
      * {close_timeout, Tout}
      * {close_if_unmasked, Boolean}
      * {max_frame_size, Int}
      * {max_message_size, Int}
      * {auto_fragment_message, Boolean}
      * {auto_fragment_threshold, Int}
    
    See the documentation for details (www/websockets.yaws).
    
                                     - * -
    *** Outgoing fragmented messages ***
    
    A callback module can now send fragmented messages to clients using the
    record #ws_frame{}:
    
     #ws_frame{fin     = true,  %% true | false
               rsv     = 0,
               opcode,          %% text | binary | continuation...
               payload = <<>>}. %% binary(), unmasked data
    
    --
    [1] http://autobahn.ws/testsuite
    [2] klacke#99
    [3] https://github.com/pvieytes
Commits on Jan 3, 2013
  1. @capflam
  2. @capflam

    Add access functions for #gconf{} and #sconf{} records

    capflam authored
    Applications may want to retrieve information in it. yaws:gconf_*/1 and
    yaws:sconf_*/1 should be used in preference to a direct access to reduce
    the dependence of your code on these records. So internal modifications
    could be done avoiding the need to update and recompile your application.
    
    Update www/internals.yaws accordingly and remove dependency on 'yaws.hrl'
    in examples and applications. Add unit tests to check #gconf{} and #sconf{}
    setup.
  3. @capflam
  4. @capflam

    Add support of the 'Vary' header in response

    capflam authored
    With this patch, Yaws will add 'Accept-Encoding' in 'Vary' header if the
    support of gzip compression is enabled or if the response is compressed.
    The 'Vary' header can be set using 'yaws:outh_set_vary(Fields)' or by
    returning '{header, {vary, Fields}}' from scripts (where Fields is a list
    of header names).
  5. @capflam

    Fix checks on the response content type when a charset is present

    capflam authored
    When we test if a response is compressible or not, or when 'Expires' and
    'Cache-Control' headers are set, the charset must be removed from the
    response content-type to only keep the response mime-type.
  6. @capflam

    Fix when 'Expires' and 'Cache-Control' headers are set

    capflam authored
    Because the content-type of the response may change many times during the
    request handling process, we must wait the #outh{} serialization to set it.
    
    Note: 'Last-modified' header is also managed in a same way because there is
    no good reason to set it before.
  7. @capflam
  8. @capflam

    Flush remaining data in case of 3xx redirect

    capflam authored
    When Yaws returns a 3xx response, if the client connection is kept alive,
    the remaining data must be flushed. Else the next request on the same
    connection cannot be handled.
  9. @capflam
  10. @capflam

    Keep info about the original request during a reentrant call

    capflam authored
    Some information must be preserved during a reentrant call. From the original
    request, we keep:
      * buffered data (Arg#arg.clidata) and the number of bytes read
      * the request state (Arg#arg.cont & Arg#arg.state)
  11. @capflam
  12. @capflam

    Make be possible to chain appmods

    capflam authored
    Before, all appmods were disabled during a reentrent call. So it was
    impossible to chain appmods. Now, it is possible. Only the current appmod
    is disabled for the next recursion (if we are inside an appmod of course).
    
    So if we have this configuration for appmods:
    
      appmods = </foo, foo> </bar, bar>
    
    When "/foo" is requested, the appmon "foo" is called. At this step, it is
    possible to call the appmod "bar" by returning {page, "/bar"}.
Commits on Dec 1, 2012
  1. @weisslj @vinoski

    Support multipart/form-data "name" with backslash at the end.

    weisslj authored vinoski committed
    Also add multipart/form-data tests ("name" with escaped characters).
Commits on Nov 29, 2012
  1. @capflam

    Merge pull request #133 from olgeni/tilde_injection_fix

    capflam authored
    Fix io:format call in yaws_compile.
  2. @olgeni

    Fix io:format call in yaws_compile.

    olgeni authored
    Basically, yaws_compile was unable to process items in some "unlucky"
    paths on Win32.
    
    NTFS may generate filenames in an MS-DOS compatible format if the
    original filename is not compatible with the legacy 8.3 notation;
    these filenames often contain tilde characters, which are inserted
    (unquoted) in the Format parameter of io:format by the string
    concatenation.
    
    These unquoted tilde characters are processed as usual, leading to
    a badarg error as the Data parameter is always an empty list.
  3. @capflam

    Fix compilation of mime_types.erl when working directory is not 'yaws'

    capflam authored
    When mime_types.erl is generated, we must check if it is done during a Yaws
    compilation or a Yaws startup. In the first case, we must use a relative
    path for includes. Else include_lib must be used.
    This issue was reported by Andrei Zavada and avoid a compile error when the
    working directory is not 'yaws'.
    
    The mechanisms to generate and compile this file have also changed.
    
    Then, to centralize calls to yaws_generated:is_local_install/0, following
    functions was added in yaws.erl:
      get_app_dir/0, get_src_dir/0, get_ebin_dir/0, get_priv_dir/0, get_inc_dir/0
Commits on Nov 28, 2012
  1. @vinoski

    skip sslaccept_tout_test for R15B03

    vinoski authored
    An SSL bug introduced in R15B03 makes the sslaccept_tout_test fail. The bug
    is explained here:
    
    http://erlang.org/pipermail/erlang-bugs/2012-November/003208.html
    http://erlang.org/pipermail/erlang-bugs/2012-November/003209.html
    
    Check the Erlang version and skip that test for R15B03.
Commits on Nov 20, 2012
  1. @capflam

    Take care to preserve the query-string in yaws_server:deliver_302/4

    capflam authored
    It is an old bug on the redirect made when the trailing slash is missing.
    The query-string was always missing from the redirect URL. So now, we add
    it explicitly.
Commits on Nov 15, 2012
  1. @capflam @vinoski

    Extend syntax of redirect block to allow an optional status code

    capflam authored vinoski committed
    Now, it is possible to change the HTTP status code used in redirect rules.
    Supported formats are:
    
       Path = URL
       Path = code
       Path = code URL
    
    * '==' syntax instead of '=' is always valid.
    * If no status code is defined, Yaws will perform a 302 redirect.
    * For 3xx status codes, the URL parameter must be present and will be used
      to build the new location.
    * For other status codes (1xx, 2xx, 4xx and 5xx), it can be omitted. In the
      absence of URL, Yaws will return a generic response with the specified
      status code. Otherwise, the URL parameter must be a relative URL and will
      be used to customize the response.
    
    For example:
    
      <redirect>
        /foo = http://yaws.hyber.org  # (1)
        /bar = 301 /foo               # (2)
        /baz = 404                    # (3)
        /qux = 403 /forbidden.yaws    # (4)
      </redirect>
    
    (1) do a 302 redirect on 'http://yaws.hyber.org/foo/...';
    (2) do a 301 redirect on 'scheme:host:port/bar/...'
    (3) return a generic 404 error
    (4) do a reentrant call to '/forbidden.yaws' by setting the status code
        to 403.
    
    Note: this new feature is fully compatible with older one.
Commits on Nov 9, 2012
  1. @klacke

    handle case with DOS attack towards pam login with embedded NUL chars…

    klacke authored
    … in username or password. The protocol cannot handle NUL chars and Yaws dies
  2. @capflam

    Remove invalid macro in yaws.hrl

    capflam authored
    ?sc_set_ssl is never used and rely on the undefined macro ?SC_SSL.
  3. @capflam

    Fix doc errors

    capflam authored
Commits on Oct 24, 2012
  1. @vinoski
Commits on Oct 23, 2012
  1. @vinoski
  2. @vinoski
  3. @leg0 @vinoski

    Fix bug #128 and add a new test case for it

    leg0 authored vinoski committed
  4. @vinoski

    ensure compatibility with Erlang R13B04

    vinoski authored
    For R13B04 compatibility, fix bare calls to integer_to_list and
    list_to_integer, and in yaws_davlock provide an alternative for pre-R14 for
    finding hwaddrs.
  5. @vinoski
  6. @vinoski
Commits on Oct 22, 2012
  1. @vinoski

    keep websocket errors from crashing gen_server

    vinoski authored
    Change websocket implementation to not stop abnormally or crash with noisy
    logs if errors occur.
  2. @vinoski
Commits on Oct 19, 2012
  1. @capflam

    Handle relative paths when Yaws is started in embedded mode

    capflam authored
    Now, following functions will throw an error if the docroot
    directory does not exist:
    
      * yaws_api:embedded_start_conf/1,2,3,4
      * yaws:start_embedded/1,2,3,4
      * yaws:add_server/2
      * yaws:create_sconf/2
Something went wrong with that request. Please try again.