Skip to content
Commits on Jun 13, 2013
  1. @capflam

    Keep the original request in #arg{} and check it against auth rules

    Because the request can be rewritten, it could be useful to backup the
    original one. Appmods or Yaws scripts could access it by reading the field
    orig_reg in #arg{}. For CGI scripts, the variable REQUEST_URI is now built
    using the original request (SCRIPT_NAME, PATH_INFO and QUERY_STRING could
    be used to know the info about the rewritten request, if needed).
    The original request is also checked against the authorization rules. So, if
    the request is rewritten, Yaws will check the original request and the
    rewritten one. Access must be granted for both urls to accept the request.
    capflam committed May 6, 2013
Commits on Feb 11, 2013
  1. @capflam

    Refactor WebSockets and add support of optional callback functions

    Main changes:
      * Fix some bugs about UTF-8 encoding and messages fragmentation
      * Add support of optional callback functions
      * Add support of many startup options
      * Add support of outgoing fragmented messages
      * Add a websocket testsuite
                                     - * -
    *** bug fixes ***
    First of all, an huge part of yaws_websocket.erl was rewritten to fix bugs
    about the messages fragmentation and the UTF-8 encoding of incoming text
      * UTF-8 encoding
        before, when a text message was fragmented, only the first frame was
        checked and partial UTF-8 sequences were not supported. Now, checks
        are done on each message part and a partial UTF-8 sequence at the end
        of a frame is accumulated and checked with the next frame (for basic
        callback only).
      * Messages fragmentation
        for basic callback modules, because of a buggy mapping between frames
        and messages, the messages fragmentation was almost unusable. To fix
        this, the message handling was rewritten.
    Now, all tests in the autobahn testsuite[1] pass successfully.
                                     - * -
    *** Optional callback functions ***
    Then, from an idea of François de Metz[2], yaws_websocket module was
    extended to support optional callback functions. See the documentation for
    details (www/websockets.yaws).
    Quickly, optional callback functions are:
      * Module:init/1           (for basic and advanced callback modules)
      * Module:terminate/2      (for basic and advanced callback modules)
      * Module:handle_open/2    (for basic and advanced callback modules)
      * Module:handle_info/2    (for basic and advanced callback modules)
      * Module:handle_message/2 (for basic callback modules only, used in place
                                 of Module:handle_message/1)
    Thanks to Pablo Vieytes[3] which added handle_info to optional callback
                                     - * -
    *** Startup options ***
    To start a websocket process a script must return the following term from
    its out/1 function:
      {websocket, CallbackMod, Options}
    where 'Options' is a (possibly empty) proplist. Following parameters are
      * {origin, Orig}
      * {callback, Type}
      * {keepalive, Boolean}
      * {keepalive_timeout, Tout}
      * {keepalive_grace_period, Time}
      * {drop_on_timeout, Boolean}
      * {close_timeout, Tout}
      * {close_if_unmasked, Boolean}
      * {max_frame_size, Int}
      * {max_message_size, Int}
      * {auto_fragment_message, Boolean}
      * {auto_fragment_threshold, Int}
    See the documentation for details (www/websockets.yaws).
                                     - * -
    *** Outgoing fragmented messages ***
    A callback module can now send fragmented messages to clients using the
    record #ws_frame{}:
     #ws_frame{fin     = true,  %% true | false
               rsv     = 0,
               opcode,          %% text | binary | continuation...
               payload = <<>>}. %% binary(), unmasked data
    [2] #99
    capflam committed Dec 10, 2012
Commits on Jul 10, 2012
  1. @capflam

    Refactor Set-Cookie/Cookie header parsing to follow RFC6265

    RFC6265 obsoletes RFC2965 and RFC2109. #setcookie{} and #cookie{} are
    changed to reflect this new RFC. So, yaws_api:parse_set_cookie/1 and
    yaws_api:parse_cookie/1 are refactored accordingly:
    * yaws_api:parse_set_cookie/1: Because RFC2109 and RFC2965 are still used,
      we try to be backward compatible with these old RFCs. So this function
      returns a #setcookie{} record when only one cookie is found else it returns
      a list of #setcookie{} records.
      in RFC2109 and RFC2965, cookies are separated by comma. So, comma is
      forbidden in 'path-av' and 'extension-av' except for double-quoted value.
      The parsing are not really strict because of the compatibility and can lead
      to unwanted behaviors.
      Old attributes (like 'Comment' or 'Port') are still parsed and can be
      found into #setcookie.extensions field.
    * yaws_api:parse_cookie/1: This function follows the RFC6265, so all cookie
      attributes (like '$Domain' or '$Path') are parsed like any other cookie.
    capflam committed Jul 9, 2012
Commits on Jul 4, 2012
  1. @capflam

    Fix parse_set_cookie/1 and format_set_cookie/1 functions

    1. According to the RFCs 2109 and 2965, multiple cookies can be set in a
    single 'Set-Cookie' header. So, yaws_api:parse_set_cookie/1 now returns a
    list of #setcookie{} records. If no cookie was found or if an error occurred,
    it returns []. The parsing is also improved.
    Note that this fix breaks the compatibility with previous versions.
    2. In yaws_api:format_set_cookie/1, options are now always formated as
    3. 2 new functions are added, yaws_api:parse_cookie/1 and
    yaws_api:format_cookie/1, to parse and format 'Cookie' headers. To let these
    functions to work, the #cookie{} record was introduced.
    Documentation and testsuite are updated accordingly.
    capflam committed Jul 4, 2012
Commits on Apr 11, 2012
  1. @vinoski
Commits on Dec 18, 2011
  1. @jbothma @vinoski

    update WebSockets implementation to support RFC 6455

    This change allows websocket connections to be set up between browsers
    and the yaws server. RFC 6455 for WebSocket connections is supported,
    in addition to the hybi working group RFC drafts 10 to 17.
    The quickest way to try this out is by compiling yaws as usual, then
    visiting /websockets_example.yaws at the default local installation
    host. This can be done using Google Chrome 14+, Firefox 7+ or any
    other browser supporting WebSocket version 8 or above. Information
    about getting started with WebSockets using this implementation is
    given in /websockets.yaws.
    This drops support for the older draft RFCs, specifically those of the
    hixie working group which were previously supported by yaws but are
    significantly different from the hybi working group's specification.
    The interface for using WebSocket with yaws has changed
    somewhat. Instead of spawning a websocket owner process which
    maintains a server loop such as that shown in the old
    websockets_endpoint.yaws, the application developer now implements a
    callback module such as those in src/basic_echo_callback.erl or
    src/advanced_echo_callback.erl -- the difference being that the
    advanced callback style is only necessary if you need advanced
    features of WebSocket such as fragmented messages. One suggested way
    to deploy your callback module and its dependencies is as part of an
    application in an OTP release, with yaws as a dependency. Rebar can be
    used to build the dependencies, fetch and build yaws, and create a
    release which will ensure the modules are in the path of the runtime
    Most behaviour tested by the Autobahn test suite 0.43 pass when
    configured to connect to the /websockets_autobahn_endpoint.yaws and
    /websockets_example_endpoint.yaws over an unencrypted
    connection. Significantly, websocket connection closing is not
    implemented and the socket is left to be cleaned up by the Runtime
    System when either the connection is lost or the owning processes
    dies. Secondly, certain cases where websocket frames are fragmented
    within UTF-8 code points cause the check for valid text type messages
    to incorrectly fail the connection.
    Subprotocols are not currently supported.
    Augment yaws.tex with a new WebSocket Protocol chapter (Steve
    jbothma committed with vinoski Sep 30, 2011
Commits on May 24, 2011
  1. @capflam @vinoski

    arg_rewrite mods can now return HTTP responses (capflam)

    Module used to rewrite arg records can now return any HTTP
    response. This can be used to redirect requests or to return an
    error. To do so, such a module must set the element #arg.state using
    the record #rewrite_response{}. The record #rewrite_response{}
    contains 3 elements:
      status: any valid HTTP status code
      headers: a list of {header, H}
      content: an iolist
    For example, to do an unconditional redirect to,
    you can use the module simple_redir_mod.erl:
      arg_rewrite(Arg) ->
        L = "",
        H = [{header, {location, L}}],
        RwResp = #rewrite_response{status=301, headers=H}
    capflam committed with vinoski May 3, 2011
Commits on Apr 20, 2011
  1. @vinoski

    major trailing whitespace cleanup

    Remove trailing whitespace in all .erl and .hrl files in the
    If you're an emacs user, you can easily see trailing whitespace using
    settings like these in your ~/.emacs file:
    (setq-default show-trailing-whitespace t)
    (set-face-background 'trailing-whitespace "slate gray")
    You can also delete trailing whitespace automatically when you save
    your Erlang sources by setting the emacs before-save-hook in your
    ~/.emacs file like this:
    (add-hook 'before-save-hook
              '(lambda () (if (eq major-mode 'erlang-mode)
    vinoski committed Apr 19, 2011
Commits on Oct 21, 2010
  1. @lefant @vinoski

    add implementation of X-Forwarded-For header (Fabian Linzberger)

    * Add x_forwarded_for_log_proxy_whitelist global config parameter and
      parsing for it.
    * Add x_forwarded_for header in record definition and collection
      (based on code by Chris Double he mentions on
    * For yaws_server:maybe_access_log/3: if originating IP is present in
      x_forwarded_for_log_proxy_whitelist, log last IP found in
      x-forwarded-for header instead of originating IP
    lefant committed with vinoski Oct 6, 2010
Commits on Jul 10, 2009
  1. cgi support

    committed Jul 10, 2009
Commits on Feb 13, 2009
  1. cleaned up the redirect feature. It was poorly implemented and poorly…

    … documented. This fix is backwards compatible for users using redirect in confd.conf. However, it is NOT backwards compatible for embedded users that specify the redirect_map explicitly in their #sconf{} records. The required changes for embedded users should be evident from the code. The new required format is documented in the code where #sconf{} is defined
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Feb 13, 2009
Commits on Sep 12, 2008
  1. added redirect_self to yaws_api

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Sep 12, 2008
Commits on Dec 1, 2007
  1. tabs cleanup

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Dec 1, 2007
Commits on Feb 23, 2007
  1. @jonhen
Commits on Sep 20, 2006
  1. added the client IP address to the #arg record

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Sep 20, 2006
Commits on Mar 16, 2004
  1. Removed the atoms in parse_post and parse query, backwards incompatib…

    …le change updateed wiki and mail for this, added a backwards_compat_flag to gconf put gconf and sconf in the dictionary as opposed to passing them around as args reworked url_type so there are no more flat lists, removed the list_to_atom call for the spec cache.
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Mar 16, 2004
Commits on Mar 13, 2004
  1. ""

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Mar 13, 2004
Commits on Mar 10, 2004
  1. postvar bug by hal snyder, added yaws_api:query_url/1 added the id su…

    …pport and removed the uid stuff, added -j to control trace of a running daemon, bugfixes in the logger,
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Mar 10, 2004
Commits on Feb 8, 2004
  1. @carsten3347

    Support for `Content-Encoding: deflate' using zlib.

    This feature has to be turned on in the server part of yaws.conf
    (`deflate = true').
    Still experimental and for static files only.  Cached files are
    compressed just once.  Large files are compressed on the fly, and only
    if the mime type makes it seem wothwhile (see
    yaws_server:compressible_mime_type).  No docs so far.
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    carsten3347 committed Feb 8, 2004
Commits on Dec 17, 2003
  1. postvar(), queryvar(), ssi docs

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Dec 17, 2003
  2. ssi include with var expansion + docs

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Dec 17, 2003
Commits on Dec 15, 2003
  1. first almost working vsn of revproxy

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Dec 15, 2003
Commits on Dec 5, 2003
  1. Added set cookie parser

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    Johan Bevemyr committed Dec 5, 2003
Commits on Aug 25, 2003
  1. @carsten3347

    comment to arg record field `pathinfo'

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    carsten3347 committed Aug 25, 2003
Commits on Jul 16, 2003
  1. @carsten3347

    Added CGI and PHP support.

    Also for a request like
    with xxx being one of `yaws', `cgi' or `php' and being a plain
    file, /a/b/ is called with Arg#arg.pathinfo, respectively the
    environment variable PATH_INFO, set to `/d/e'.
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    carsten3347 committed Jul 16, 2003
Commits on Jul 12, 2003
  1. Added the field server_path, which will store the parsed and normaliz…

    …ed path of the request string. This is in preparation for some significant clean-ups of the yaws_server.erl code.
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    Leon Smith committed Jul 12, 2003
Commits on Nov 20, 2002
  1. parse_url

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Nov 20, 2002
Commits on Nov 18, 2002
  1. Added #args.appmod_prepath which contains the path in front

    of <appmod><appmoddata>
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    Tobbe Tornquist committed Nov 18, 2002
Commits on Nov 7, 2002
  1. ""

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Nov 7, 2002
Commits on Oct 16, 2002
Commits on Oct 15, 2002
  1. fixed tilde username expansion it didn't work, also made thta a confi…

    …gurable in the config file. Added appmods a mechanism whereby an application can fake directory hierachys. Useful for applications that deliver
    content which isn't html. Many browsers doesn;t (read IE) don't respect the
    Content-Disposition: header, rather they just use the filename extension to
    determini which plugin to to render a file
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Oct 15, 2002
Commits on Oct 6, 2002
  1. wrote the shopppingcart example

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Oct 6, 2002
Commits on Sep 17, 2002
  1. cache_refresh to 0 if debug, added a cookie_session-server for persis…

    …tant cookie sessions
    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    committed Sep 17, 2002
Commits on Sep 13, 2002
Commits on Aug 23, 2002
  1. added cont and state to this yaws_api.hrl

    git-svn-id: 9fbdc01b-0d2c-0410-bfb7-fb27d70d8b52
    Seah Hinde committed Aug 23, 2002
Something went wrong with that request. Please try again.