summaryrefslogtreecommitdiff
path: root/usr.sbin/httpd/server_http.c
AgeCommit message (Expand)Author
2019-05-08The QUERY_STRING macro is not actually URL encoded, so fix the manual.Theo Buehler
2019-05-08Set the REQUEST_URI CGI variable to the requested URI and query stringTheo Buehler
2019-05-08spacingReyk Floeter
2019-05-03Add a "forwarded" log format that extends the "combined" log formatTheo Buehler
2019-02-10log X509 peer's cert subject name when tls client authentication is used,Sebastian Benoit
2018-12-04Check maxrequestbody when we found the right server / location.Florian Obser
2018-11-04isalpha(3) requires an unsigned char value (or -1).Philip Guenther
2018-10-15Omit HSTS headers over unencrypted connections, per RFC 6797.Anthony J. Bentley
2018-10-11Backout my previous commit:Sebastian Benoit
2018-10-01Only send 408 Timeout responses when we have seen at least part of aSebastian Benoit
2018-09-07Do not send a Content-Length header for 1xx and 204 status codes sinceFlorian Obser
2018-06-20Add support for simple one-off internal rewrites.Reyk Floeter
2018-06-15Fix 304 Not Modified response: don't send a body, use the correct MIME type.Reyk Floeter
2018-06-11The http_query is already url_encoded; don't encode it twice.Reyk Floeter
2018-04-06After processing of a range request httpd would never close theFlorian Obser
2017-12-14set Location header for 307 and 308 status codesSebastian Benoit
2017-05-15Avoid a crash servicing requests when a server is configured withJonathan Gray
2017-03-16Expand $HTTP_HOST in redirects.Florian Obser
2017-03-10Sync from relayd: DELETE can have a body.Reyk Floeter
2017-02-07Improve parsing of the HTTP request lineReyk Floeter
2017-02-02Fix support for HTTP pipelining by handling all requests in the buffer.Reyk Floeter
2017-01-31Reimplement httpd's support for byte ranges.Reyk Floeter
2017-01-31The variable clt_done is used in too many places.Reyk Floeter
2016-08-26Replace the static env variables with a single global variable.Rafael Zalamena
2016-07-27According to RFC 7231 4.3.7, OPTIONS may have body. "Although thisReyk Floeter
2016-05-27Return "400 Bad Request" instead of "500 Server Internal Error" forKenneth R Westerback
2016-05-22makes sure the value of the asprintf buffer is zeroed on errorJoerg Jung
2016-03-08Set content charset for auto index generated page.Florian Obser
2016-02-11Back out previous; requested by jung@Tim van der Molen
2016-02-11Include the server port number in the common and combined logs. This is usefulTim van der Molen
2015-12-07No need to check for NULL before free().mmcc
2015-12-03Remove unnecessary NULL checks before free().Reyk Floeter
2015-10-13Plug a leak.Sunil Nimmagadda
2015-10-13Pass unsigned chars to ctype functions.Reyk Floeter
2015-09-07Fix a regression that was introduced with server.c r1.64: Do NOT freeReyk Floeter
2015-08-21The WebDAV MOVE method was not included in the switch statementReyk Floeter
2015-08-20Change httpd(8) to use C99-style fixed-width integers (uintN_t insteadReyk Floeter
2015-07-31repair hsts header output, wrong format strings caused brokenSebastian Benoit
2015-07-29backout the previous: it broke wordpress somehow.Reyk Floeter
2015-07-29Read fcgi response records until we have the whole http header and canFlorian Obser
2015-07-23The realm in authenticate directive of config file isn't escaped for '"' char.Sebastien Marie
2015-07-19For the completeness of HSTS, add the non-standard preload option.Reyk Floeter
2015-07-18Allow to change the default media type globally or per-location,Reyk Floeter
2015-07-18Implement HTTP Strict Transport Security (HSTS).Florian Obser
2015-07-16spacingReyk Floeter
2015-07-15Escape the message in server_log() as well.Reyk Floeter
2015-07-15For some values like the User-Agent, use vis(3) instead of url_encode().Reyk Floeter
2015-07-15Simplify the error path of the previous commit: by using ret = -1 byReyk Floeter
2015-07-15httpd don't sanitize variables before putting them in logs. It is possible forsemarie
2015-06-23escape the matched substrings before using it in expansion.semarie