Commit Graph

50316 Commits

Author SHA1 Message Date
Adrien Destugues
080f5d5f5d ProtocolListener test: fix build.
* I'm not sure what this is supposed to test...
2014-06-09 14:42:22 +02:00
Adrien Destugues
0e79d0efbc Disable tracing unless built in debug mode. 2014-06-09 14:12:56 +02:00
Adrien Destugues
3af9a2cac2 Make HttpRequest tests use the test framework
* Use httpbin.org as a server, rather than a local machine.
* Also add an HTTPS version
2014-06-09 14:11:15 +02:00
Adrien Destugues
f38d4d4510 Rename url directory to "service"
* All "services kit" tests will move there.
2014-06-09 11:18:00 +02:00
Adrien Destugues
1cbab031fd More relaxing of cookie-setting rules
* Allow non-secure page to set (but not read) secure cookies
* Allow pages to set cookies for subdomains (but not access them)
2014-06-09 11:17:49 +02:00
Adrien Destugues
d888718621 HttpTime: don't try to parse timezone
* Cookies sometimes come with the UTC timezone, or no tz info at all.
* No other timezone seems to be used

This allows better matching of cookies which would otherwise be kept
only as session cookies.
2014-06-09 11:10:19 +02:00
Adrien Destugues
744bfa6270 Convert existing cookie test to test framework
* The remaining stress-test is a benchmark, and has no success/failure
result. Leave it this way for now.
2014-06-09 11:08:16 +02:00
Adrien Destugues
f7e7eeba4a Limit cookie value size to 4096 bytes.
Too big cookies will make most web servers reject requests.
2014-06-09 08:50:29 +02:00
Stefano Ceccherini
056b2e33e5 ifconfig: fail with a warning if called on a non-existent interface. 2014-06-08 18:59:00 +02:00
Jessica Hamilton
a0b864f0e4 BString: fix possible infinite loop in _DoReplace 2014-06-08 04:37:16 +12:00
Jérôme Duval
2f32fd1dde wchar.h & string.h: use _GNU_SOURCE instead of __USE_GNU. 2014-06-07 11:22:38 +02:00
Jérôme Duval
a3b79608f9 search.h: fix typo.
* Thanks diger for noticing.
2014-06-07 10:54:15 +02:00
autonielx
b0e9612fc4 Update translations from Pootle 2014-06-07 06:19:20 +02:00
Jessica Hamilton
5700f5fcc3 libroot.so: update glibc's e_pow.S on x86. Fixes #9962 2014-06-07 09:33:15 +12:00
John Scipione
5fe7d79d30 Terminal: Fix crash when changing window size
... try 2 without a spurious \

sorry for the noise.

From the commits list (Ingo) <<-EOF

> Terminal crashes because fView is not connected to App Server when
> this is called so calling fView->GetMouse() is not allowed.

The interesting questions therefore are:

1) Why is the view not attached?
2) Why is it in the hyper link state?

1) is because the BTabView removes the non-selected tabs instead of just
   hiding them.

The reason for 2) is that the tab was opened with Cmd+T (the bug is not
reproducible when the tab is opened via menu item). Pressing Cmd causes
hyper link state to be entered and switching to the new tab will leave
the view in that state due to 1).

Possible solutions:

* TermView::_VisibleTextBufferChanged(): Call state hook only when attached
  to window. All other occurrences are safe as they are in BView hooks.

* Leave the hyper link state when the view is detached from the window. A
  new dummy state could be active as long as the view is not attached, though
  using DefaultState would be harmless as well.

EOF

I chose solution 2 using DefaultState rather than creating a new dummy state.

Thanks Ingo.

Fixes #10902
2014-06-06 15:28:36 -04:00
John Scipione
0bdf33686c Revert "Terminal: Fix crash when changing window size."
This reverts commit d3657dc2bc.
2014-06-06 15:27:20 -04:00
John Scipione
d3657dc2bc Terminal: Fix crash when changing window size.
From the commits list (Ingo) <<-EOF

> Terminal crashes because fView is not connected to App Server when
> this is called so calling fView->GetMouse() is not allowed.

The interesting questions therefore are:

1) Why is the view not attached?
2) Why is it in the hyper link state?

1) is because the BTabView removes the non-selected tabs instead of just
   hiding them.

The reason for 2) is that the tab was opened with Cmd+T (the bug is not
reproducible when the tab is opened via menu item). Pressing Cmd causes
hyper link state to be entered and switching to the new tab will leave
the view in that state due to 1).

Possible solutions:

* TermView::_VisibleTextBufferChanged(): Call state hook only when attached
  to window. All other occurrences are safe as they are in BView hooks.

* Leave the hyper link state when the view is detached from the window. A
  new dummy state could be active as long as the view is not attached, though
  using DefaultState would be harmless as well.

EOF

I chose solution 2 using DefaultState rather than creating a new dummy state.

Thanks Ingo.

Fixes #10902
2014-06-06 15:14:15 -04:00
Adrien Destugues
7f1f341e5f Forgot to commit changes to the header. 2014-06-06 19:11:03 +02:00
Adrien Destugues
cb7d1c5ecd Add some more tests for cookies
Also derived from Opera test suite.
* Fix nbsp instead of space in some tests (I shouldn't have copypasted
these...)
* Add most of the advanced tests from Opera. This exposed several bugs
in the cookie code (all fixed) as well as strptime and strtol (tickets
opened)
* All the cookie2 tests are skipped. I didn't find any use of it on the
internets, so it doesn't seem useful to implement it.
* The last two tests sets are still missing. I'll add them next week.
2014-06-06 18:42:11 +02:00
Adrien Destugues
550f5b1c95 Fix some issues detected by the testsuite
* An empty "expires" field results in a session cookie, rather than
rejecting the cookie altogether
* A page can set a cookie it is not allowed to access (for example in a
subdirectory of where the page is located). Separate IsValidForUrl and
_CanBeSetFromUrl to perform the appropriate checks in each case.
* Limit cookie path to 4096 characters. As a result of the previous
change, a page would be allowed to set a cookie with an aribrarily long
subpath, wasting disk space and RAM by growing hte cookie jar.
* Don't allow path with . or .. elements. These are a source of
confusion and are not needed.
* Reset the cookie fields when parsing failed. This does not matter when
using the cookie jar, but is useful when working directly with
BNetworkCookie.
2014-06-06 16:53:50 +02:00
Adrien Destugues
fed9b96e26 Better handling of parse errors in HttpTime
strptime can return non-NULL values even if it only parsed part of the
string. This was sometimes making us use the wrong format. Now we try
all formats and checks how much of the string strptime managed to parse.
We stop when it has parsed a big enough part of it.
2014-06-06 16:49:11 +02:00
Adrien Destugues
6ac7ba848b Sort cookies by path length (longest first)
* This makes sure the most specific cookies are sent first, matching
what other browsers do.
2014-06-06 16:48:15 +02:00
Adrien Destugues
4e14963b73 CID 1108421: BUrl constructor missing initializers. 2014-06-06 08:04:16 +02:00
czeidler
76207e934d Add gcc4 ALE package. 2014-06-06 10:58:54 +12:00
Stephan Aßmus
3df9235571 HttpRequest.h: Fixed some formatting 2014-06-06 00:23:48 +02:00
Stephan Aßmus
5eba63a680 UrlContext: Improved comment 2014-06-06 00:23:47 +02:00
Stephan Aßmus
cb1a99c5f0 HttpHeaders: Small code refactorings
Also check BList::Add() for success when adding a BHttpHeader.
2014-06-06 00:23:47 +02:00
Stephan Aßmus
79852c5551 HttpHeaders: Check assigning self in operator=() 2014-06-06 00:23:46 +02:00
John Scipione
7a214200ed Revert "TermViewStates: Check if fView is NULL before using it."
This reverts commit b84955c738.
2014-06-05 18:02:44 -04:00
John Scipione
4bf5fb9252 Revert "Fix #10902 Terminal crashes setting window size."
This reverts commit 4c8d238716.
2014-06-05 18:02:33 -04:00
John Scipione
5443e035e8 DiskUsage: Open file/folder on cmd-click, zoom on regular click. 2014-06-05 17:55:42 -04:00
John Scipione
eef00544a4 DiskUsage: Style fixes. 2014-06-05 17:52:00 -04:00
John Scipione
4c8d238716 Fix #10902 Terminal crashes setting window size.
Terminal crashes because fView is not connected to App Server when
this is called so calling fView->GetMouse() is not allowed. We could
perhaps check to make sure that fView is connected to App Server by
checking that fView->Window() != NULL, but, a better way to handle this
is to grab the already set fLastClickPoint variable from fView
which eliminates the need to grab the current mouse position again.
Worst case scenario is that fLastClickPoint hasn't been set in which
case Terminal won't find anything to highlight or unhighlight.

Also check to make sure that fView != NULL here for good measure.

Fixes #10902
2014-06-05 16:19:58 -04:00
John Scipione
b84955c738 TermViewStates: Check if fView is NULL before using it. 2014-06-05 16:19:24 -04:00
John Scipione
da80e3d9e2 TermViewStates: Style fixes 2014-06-05 16:19:24 -04:00
Stephan Aßmus
16b8886a59 HttpAuthentication: Check LockBuffer() success...
... in _H() MD5 digest method. Thanks to axeld
for the suggestion.
2014-06-05 21:43:35 +02:00
Jérôme Duval
f0e21afe06 openssl: security update
Fix for CVE-2014-0224
Fix for CVE-2014-0221
Fix for CVE-2014-0195
Fix for CVE-2014-3470
Fix for CVE-2014-0076
Fix for CVE-2010-5298
2014-06-05 19:31:48 +02:00
Adrien Destugues
295a23a4e3 Add some tests for cookies.
* Mostly extracted from Opera cookie testsuite.
* Shows one bug with parsing expiration date of cookies in
ExpirationTest.
2014-06-05 19:29:11 +02:00
Stephan Aßmus
258817720c HttpAuthentication: improvements and fixes
* BString::CopyInfo() takes length as second
   parameter, not the end-offset. This bug didn't
   have any effect, since BString clamps the length.
 * ',' is a comma, ':' is a colon.
 * When parsing "additionalData" in the loop for
   name=value pairs, an empty name is not useful,
   continue the loop early.
 * "value" may have the length 0, accessing it
   with value[0] would not lead to an access violation,
   since it just reads the terminating zero (I think),
   but it's nicer if the code makes it clear that
   value being empty is considered.
 * _H() was using a static buffer, in a heavily
   multi-threaded situation. I don't think this was
   healthy.
 * Implement the proposed optimization of using
   BString::LockBuffer(). Appending one char at a time
   is really bad for peformance. The Base64 encoding/decoding
   should really be rewritten as well for similar reasons.
2014-06-05 00:01:13 +02:00
Jérôme Duval
3331e9ac65 updates a few hybrid packages. 2014-06-04 18:31:23 +02:00
John Scipione
819863d8a9 Docs: Put a comma in Haiku, Inc. in the copyright. 2014-06-04 11:58:08 -04:00
John Scipione
daabbbe5f9 BRegion: Style fix, update parameter name
No functional change.

Trying to indentify each kind of object uniquely and consistently.

... update docs as well.
2014-06-04 11:58:07 -04:00
Adrien Destugues
cd805f6793 Remove some redundant fields
These were getting out of sync and causing trouble, and they are easy to
compute from existing information.

Fixes some problems detected by the testsuite where the user/password or
the host would sometime disappear from the URL.
2014-06-04 11:56:23 +02:00
Adrien Destugues
3fd76758ed Add some tests derived from Ruby Addressable
They have a very complete testsuite, but not all of it is relevant to
us. Pick some of the interesting tests for now.
2014-06-04 11:36:09 +02:00
Adrien Destugues
b5bde4ad81 Fix bugs identified by the testsuites
* Handle resolving . and .. in path properly
* Make the subtle distinction between empty and unset for the authority,
fragment and query.
2014-06-04 10:36:10 +02:00
Adrien Destugues
e29e0a0d2a Fix Url relative constructor.
Actually get the query from the base URL.
2014-06-04 08:22:13 +02:00
Jérôme Duval
1db8c51081 HaikuDevel: remove tiff headers 2014-06-04 07:37:28 +02:00
Jérôme Duval
2388fa71b8 openssl, tiff: provides hybrid packages for x86 2014-06-04 07:24:50 +02:00
John Scipione
d0d41a229a Add BRegion documentation.
Most was written by Stephan Aßmus, and Stefano Ceccherini.
(moved from Region.cpp)

Thank you both for your contributions.
2014-06-03 20:28:44 -04:00
John Scipione
44cee34013 BRegion: Style updates for documentation.
No functional changes intended.

* Updated copyright information.
* Reduced doxygen documentation down to a helpful summary
  in a regular comment, the documentation has been moved into
  the Haiku Book.
* Some parameter renaming for consistency and clarity.
* A few other style fixes.
2014-06-03 20:26:45 -04:00