Commit Graph

467 Commits

Author SHA1 Message Date
The-EDev
37940d2cc0
fixed multiple definition problem and added test to make sure it doesn't
happen again
2022-02-23 06:00:00 +03:00
The-EDev
ac0c756209
clear new parser variables 2022-02-21 17:32:09 +03:00
The-EDev
4650b5ecde
formatting 2022-02-18 04:31:28 +03:00
The-EDev
9a876e9451
Made template render() function return a returnable instead of a string
Justification is for the content-type header to be set to HTML instead of
text.

Also added render_string() functions to replace the old methods.
2022-02-18 04:25:02 +03:00
Farook Al-Sammarraie
9db0e3b8fe
Merge branch 'master' into parser_optimization 2022-02-15 15:56:48 +03:00
Farook Al-Sammarraie
1c98bbb860
Merge branch 'master' into local-middleware 2022-02-14 22:17:19 +03:00
Vladislav Oleshko
b9dded57e8 Remove is_callable impl 2022-02-13 14:35:11 +03:00
Farook Al-Sammarraie
9b0f7fdb90
Update mustache.h 2022-02-11 18:26:26 +03:00
Farook Al-Sammarraie
ebef1caa08
Merge branch 'master' into master 2022-02-11 12:51:22 +03:00
Dominique Jacquel
787506350f Add unsafe/unsanitized load functions 2022-02-11 09:48:33 +00:00
The-EDev
4e2074dcb5
ran clang-format 2022-02-11 01:04:32 +03:00
The-EDev
9a7677bf1a
Applied changes from review
Also moved builtin_expect to utility.h (for use in sanitizer function)
2022-02-11 00:56:30 +03:00
Farook Al-Sammarraie
ab50fb3134
Merge branch 'master' into parser_optimization 2022-02-11 00:46:19 +03:00
The-EDev
9f6e099f10
fixed issue where content length was being set but body wasn't being sent 2022-02-09 20:57:12 +03:00
Vhuynh25
07a2422c63
changed output to null and changed warning message
also changed from <cmath> to <math.h>
2022-02-08 15:45:49 -08:00
Vhuynh25
7672f3a0f9
Merge branch 'CrowCpp:master' into master 2022-02-08 18:42:38 -05:00
Vladislav Oleshko
0b1eb12f60 Fix nonempty completion handler before middleware call 2022-02-08 21:15:25 +03:00
Vladislav Oleshko
80bc1cf00a Fix clang format 2022-02-08 20:18:49 +03:00
Vladislav Oleshko
4f4e12c91a Add CROW_MIDDLEWARES macro 2022-02-08 20:11:02 +03:00
The-EDev
dcd2b0c318
format 2022-02-08 19:22:09 +03:00
The-EDev
6ad068494f
sanitize load_text() path 2022-02-08 19:14:55 +03:00
The-EDev
155cf759eb
fixed issue where absolute unix paths were not sanitized 2022-02-08 19:11:46 +03:00
Vhuynh25
c44fec82bf
added space to match clang format 2022-02-06 11:58:41 -08:00
The-EDev
175b004c26
code formatting (also disabled formatting where not applicable) 2022-02-06 22:29:46 +03:00
The-EDev
75b100527f
Merge branch 'refs/heads/master' into parser_optimization 2022-02-05 18:35:01 +03:00
The-EDev
4cdde73388
Optimized HTTP parser
Also (likely) fixed problem with streaming without keeping connection
alive
Also fixed problem with multipart hanging on request
Also updated TODO entries to indicate Writer
2022-02-05 18:15:19 +03:00
Vhuynh25
781a40bee1
fixed clang format 2022-02-03 09:07:54 -08:00
Vladislav Oleshko
5d6db06706 Add local middleware after handlers to request handler 2022-02-02 17:37:19 +03:00
Vien Huynh
c21ae7ea3e change NaN output warning message 2022-02-01 16:40:07 -05:00
Vien Huynh
a134e2b9ff fixed NaN handling errors 2022-02-01 15:31:09 -05:00
Vladislav Oleshko
69e9ad9c1e Run clang format 2022-02-01 23:21:07 +03:00
Vladislav Oleshko
e60714c0b2 Separate middleware for handlers 2022-02-01 22:49:41 +03:00
Vien Huynh
9af906dc21 fixed JSON outputting NaN and infinite values 2022-01-30 23:43:30 -05:00
Farook Al-Sammarraie
9689688193
Merge branch 'master' into json-crash 2022-01-29 11:39:10 +03:00
Thomas Neumann
3569c93984 defend against excessive recursion in json::load
Passing a deeply nested JSON structure to json::load leads to a crash
due to stack overflow. We handle this now gracefully by limiting the
maximum nesting depth to 10,000.

Test case:

https://github.com/nst/JSONTestSuite/blob/master/test_parsing/n_structure_100000_opening_arrays.json
2022-01-25 08:48:36 +01:00
Thomas Neumann
2a77083524 fix const correctness in template_t
Without locking we can safely share only const objects between threads.
crow::mustache::template_t will typically be loaded once and then
reused many times across threads. Unfortunately the render() method
was not marked as const, even though it is const is practice. This commit
adds the missing const annotations to the methods involved.
2022-01-24 20:41:29 +01:00
Thomas Neumann
74e5fa8c87 improve sanitize_filename
The old implementation allocated a new string for every invocation, and
repeatedly scanned the string for occurences of the various Windows device
names. This commits resizes the original string instead if needed, and
detects all devices with a single pass.
2022-01-24 08:08:20 +01:00
Thomas Neumann
15085a9f95 avoid memory allocation in base64decode
Every single call to base64decode allocates a mapping table for all
base64 characters. This is quite wasteful, as the map is in fact static.
We could use a static variable here, but that would have unpleasant consequences
if we ever encounter input with non-valid base64 characters (which
implicitly modifies the map).

The number of character ranges for base64 is quite low (3, plus 4 exceptions),
thus we can simply check that explicitly in code instead of using a dynamic hash table.
2022-01-24 07:24:34 +01:00
The-EDev
e688cbd18e
Fixed another vulnerability in mustache file loading
and made the file sanitizer a copy-less function
2022-01-11 21:48:51 +03:00
The-EDev
0a16021442
Fix vulnrabilities in mustache and static 2022-01-11 20:27:41 +03:00
The-EDev
7aee13eee9
Changed the way concurrency is used
(it actually reflects the thread count properly)
2021-12-23 05:39:39 +03:00
The-EDev
77758e6241
Have concurrency represent the actual number threads used 2021-12-20 11:04:55 +03:00
Farook Al-Sammarraie
fa77468a88
Formatting 2021-12-17 09:45:50 +03:00
Farook Al-Sammarraie
0ef48e82bb
Fixed scoping issue
introduced by initializing `execute_result`
2021-12-17 09:30:58 +03:00
Farook Al-Sammarraie
790e34cea8
Merge branch 'master' into mustache_lambdas 2021-12-17 09:08:24 +03:00
Farook Al-Sammarraie
cca1d54ce5
took repeated code out of the if else statement 2021-12-17 09:07:46 +03:00
Farook Al-Sammarraie
ddc1f18a1e
Merge branch 'master' into issue-302 2021-12-17 08:11:57 +03:00
Mosolov Sergey
d59cda5677 Fixes issue 302
https://github.com/CrowCpp/Crow/issues/302
Escape only the invisible characters from 0 to 31 inclusive
Motivation: do not escape UTF8 encoding bytes
2021-12-17 08:47:00 +04:00
Navid Jalali
8de7ec2123 Missing inline specifier in http_status_str function definition fixed 2021-12-16 19:41:03 +03:30
Farook Al-Sammarraie
97baca78da
Merge branch 'master' into parser_upgrade 2021-12-16 12:53:24 +03:00