[tests] adjust outdated opt in tests/lighttpd.conf

adjust outdated setting in tests/lighttpd.conf

(modern pdf clients properly handle range requests)

[tests] quickly exit tests/request.t if GET / fail

quickly exit tests/request.t if "GET /" fails, without running further
tests. Also, attempt to shutdown test server so that it is not left
running

[tests] quickly exit tests/request.t if GET / fail

quickly exit tests/request.t if "GET /" fails, without running further
tests. Also, attempt to shutdown test server so that it is not left
running on platforms which use different signals (e.g. Windows)

show more ...

[tests] fix "deflate" tests for added zlib header

[multiple] remove deprecated modules

remove deprecated modules:
mod_evasive
mod_secdownload
mod_uploadprogress
mod_usertrack

These scheduled lighttpd behavior changes have been announced ov

[multiple] remove deprecated modules

remove deprecated modules:
mod_evasive
mod_secdownload
mod_uploadprogress
mod_usertrack

These scheduled lighttpd behavior changes have been announced over
the past year:

* Continue gradual deprecation of "mini-application" lighttpd modules
for which mod_magnet lua implementations are better and more flexible.
Please post on lighttpd forums to share feedback if you use these modules.
Forums: https://redmine.lighttpd.net/projects/lighttpd/boards

* Deprecated: mod_evasive has been removed.
mod_evasive can be replaced by mod_magnet and a few lines of lua:
Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_evasive
https://wiki.lighttpd.net/AbsoLUAtion#Fight-DDoS
https://wiki.lighttpd.net/AbsoLUAtion#Mod_Security

* Deprecated: mod_secdownload has been removed.
mod_secdownload can be replaced by mod_magnet and a few lines of lua:
Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_secdownload
mod_secdownload historically uses insecure MD5 though SHA1, SHA256 available

* Deprecated: mod_uploadprogress has been removed.
mod_uploadprogress can be replaced by mod_magnet and a few lines of lua:
Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_uploadprogress

* Deprecated: mod_usertrack has been removed.
mod_usertrack can be replaced by mod_magnet and a few lines of lua:
Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_usertrack
mod_usertrack historically uses insecure MD5.

show more ...

[tests] able to run tests when built w/o pcre

perl test framework now runs most tests even when lighttpd has been
built without pcre support, though some tests which rely on regex
are skipped (tests

[tests] able to run tests when built w/o pcre

perl test framework now runs most tests even when lighttpd has been
built without pcre support, though some tests which rely on regex
are skipped (tests/core-condition.t)

show more ...

[core] permit env w/ blank value (fix regression)

(thx Lars Bingchong)

empty env var must be set to blank string and not left unset
(regression in lighttpd 1.4.56 - lighttpd 1.4.64)

x-ref:
https

[core] permit env w/ blank value (fix regression)

(thx Lars Bingchong)

empty env var must be set to blank string and not left unset
(regression in lighttpd 1.4.56 - lighttpd 1.4.64)

x-ref:
https://stackoverflow.com/a/52913064/1338888

show more ...

[tests] mod_ssi tests moved to src/t/test_mod_ssi

remove mod_ssi Perl tests now performed by src/t/test_mod_ssi

[tests] t/test_mod_indexfile

also remove some now-redundant tests from request.t
and reduce scripts and directories under tests
(because automake is sloooow and the fewer dirs, the better)

[tests] combine *.t using tests/lighttpd.conf

combine tests/*.t using tests/lighttpd.conf into tests/request.t

Platforms which are horrifically slow starting processes (e.g. Windows)
take much more

[tests] combine *.t using tests/lighttpd.conf

combine tests/*.t using tests/lighttpd.conf into tests/request.t

Platforms which are horrifically slow starting processes (e.g. Windows)
take much more time to start and stop lighttpd many times for
independent *.t instances run through the Perl Test::More framework

show more ...

[tests] t/test_mod_staticfile

move some tests from tests/request.t to src/t/test_mod_staticfile.c

[tests] mv tests from request.t to test_request.c

move some tests from tests/*.t to src/t/test_request.c

[tests] use generated date in HTTP If conditionals

replace hard-coded date in HTTP If conditional tests

x-ref:
"Make tests pass after 2035"
https://github.com/lighttpd/lighttpd1.4/pull/106

git

[tests] use generated date in HTTP If conditionals

replace hard-coded date in HTTP If conditional tests

x-ref:
"Make tests pass after 2035"
https://github.com/lighttpd/lighttpd1.4/pull/106

github: closes #106

show more ...

[core] RFC 7233 Range handling for non-streaming

RFC 7233 Range handling for all non-streaming responses,
including (non-streaming) dynamic responses

(previously Range responses handled only for st

[core] RFC 7233 Range handling for non-streaming

RFC 7233 Range handling for all non-streaming responses,
including (non-streaming) dynamic responses

(previously Range responses handled only for static files)

show more ...

[tests] consolidate some tests/ content

[tests] remove FastCGI test dependency on PHP

[core] coalesce nearby ranges in Range requests

Range requests must be HTTP/1.1 or later (not HTTP/1.0)

[core] update HTTP status codes list from IANA

[core] reject WS following header field-name (fixes #2985)

reject whitespace following request header field-name and before colon
Such whitespace is forbidden in RFC 7230 Section 3.2.4.

strict head

[core] reject WS following header field-name (fixes #2985)

reject whitespace following request header field-name and before colon
Such whitespace is forbidden in RFC 7230 Section 3.2.4.

strict header parsing is enabled by default in lighttpd. However,
if explicitly disabled in lighttpd.conf, lighttpd will continue to
accept (and re-format) such field-names before passing to any backend.
UNSAFE: server.http-parseopts = ( "header-strict" => "disable" )
This is NOT RECOMMENDED since doing so disables other protections
provided by lighttpd strict http header parsing.

(thx fedormixalich)

x-ref:
stricter request header parsing
https://redmine.lighttpd.net/issues/2985

show more ...

[core] http_status_append()

[core] security: use-after-free invalid Range req

(thx Marcus Wengelin)

[tests] test_request unit tests

unit tests for request processing
collect existing request processing tests from Perl tests/*.t
(test_request.c runs *much* more quickly than Perl tests/*.t)

[core] fix POST with chunked request body (fixes #2854)

(thx the_jk)

x-ref:
"chunked transfer encoding in request body only works for tiny chunks"
https://redmine.lighttpd.net/issues/2854

[core] support Expect: 100-continue with HTTP/1.1 (fixes #377, #1017, #1953, #2438)

support Expect: 100-continue with HTTP/1.1 requests

Ignore config option server.reject-expect-100-with-417;
serve

[core] support Expect: 100-continue with HTTP/1.1 (fixes #377, #1017, #1953, #2438)

support Expect: 100-continue with HTTP/1.1 requests

Ignore config option server.reject-expect-100-with-417;
server.reject-expect-100-with-417 will be removed in a future release.

x-ref:
"Incorrect handling of the 100 (Continue) Status"
https://redmine.lighttpd.net/issues/377
"'Expect' header gives HTTP error 417"
https://redmine.lighttpd.net/issues/1017
"Improve DAV support to be able to handle git as a client"
https://redmine.lighttpd.net/issues/1953
"Change server.reject-expect-100-with-417 from flag to regular expression matching the URL"
https://redmine.lighttpd.net/issues/2438

show more ...

[core] support Transfer-Encoding: chunked req body (fixes #2156)

support Transfer-Encoding: chunked request body in conjunction with
server.stream-request-body = 0

dynamic handlers will still ret

[core] support Transfer-Encoding: chunked req body (fixes #2156)

support Transfer-Encoding: chunked request body in conjunction with
server.stream-request-body = 0

dynamic handlers will still return 411 Length Required if
server.stream-request-body = 1 or 2 (!= 0)
since CGI-like env requires CONTENT_LENGTH be set
(and mod_proxy currently sends HTTP/1.0 requests to backends,
and Content-Length recommended for robust interaction with backend)

x-ref:
"request: support Chunked Transfer Coding for HTTP PUT"
https://redmine.lighttpd.net/issues/2156

show more ...

[tests] add cleanup.sh to cmake test runs, reset SLOWREQUEST in request.t

From: Stefan Bühler <[email protected]>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2932 152afb58-ed

[tests] add cleanup.sh to cmake test runs, reset SLOWREQUEST in request.t

From: Stefan Bühler <[email protected]>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2932 152afb58-edef-0310-8abb-c4023f1b3aa9

show more ...