0
0
mirror of https://github.com/nodejs/node.git synced 2024-12-01 16:10:02 +01:00
Commit Graph

392 Commits

Author SHA1 Message Date
cjihrig
804e7aa9ab lib: use const to define constants
This commit replaces a number of var statements throughout
the lib code with const statements.

PR-URL: https://github.com/iojs/io.js/pull/541
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-01-21 16:21:31 -05:00
isaacs
3e1b1dd4a9 Remove excessive copyright/license boilerplate
The copyright and license notice is already in the LICENSE file.  There
is no justifiable reason to also require that it be included in every
file, since the individual files are not individually distributed except
as part of the entire package.
2015-01-12 15:30:28 -08:00
Ben Noordhuis
21130c7d6f lib: turn on strict mode
Turn on strict mode for the files in the lib/ directory.  It helps
catch bugs and can have a positive effect on performance.

PR-URL: https://github.com/node-forward/node/pull/64
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
2014-11-22 17:23:30 +01:00
Ben Noordhuis
299cf84490 lib: unexport http.parsers
Unexport the http.parsers freelist.  It was originally exported by Ryan
in commit 0003c701 but the commit log doesn't mention why and it's never
been documented.  It's unclear if there are any users.

The lifecycle of parser objects changed recently and it seems better to
not let people shoot themselves in the foot so easily.

If it turns out there are actually users, we can always re-export it
again - probably under a slightly different name, to force people to
update their code to the new way of things.

Reviewed-by: Trevor Norris <trev.norris@gmail.com>
2014-09-05 09:34:43 -07:00
Brian White
03e9f84933 lib: remove unused variables
Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-06-11 20:41:12 -07:00
Nathan Rajlich
d6bbb19f1d http, https: don't depend on globalAgent
For the `request()` and `get()` functions. I could never
really understand why these two functions go through agent
first... Especially since the user could be passing `agent: false`
or a different Agent instance completely, in which `globalAgent`
will be completely bypassed.

Moved the relevant logic from `Agent#request()` into the
`ClientRequest` constructor.

Incidentally, this commit fixes #7012 (which was the original
intent of this commit).
2014-02-26 13:18:54 -08:00
Ben Noordhuis
610022851a http: expose supported methods
Expose the list of supported HTTP methods as a property on the 'http'
module object.

Fixes #6422.
2013-10-28 13:35:34 +01:00
Brian White
6d842897c5 lib: remove unused variables and functions 2013-08-15 17:19:17 -07:00
isaacs
32fdae2ca3 http: Fix overlooked agent.globalAgent export
Noticed by @bnoordhuis in https://github.com/joyent/node/pull/5991#discussion_r5575946
2013-08-05 12:33:19 -07:00
isaacs
40e92650bb http: Add agent.get/request methods 2013-07-09 22:31:11 -07:00
Ben Noordhuis
7124387b34 http: don't escape request path, reject bad chars
Commit 38149bb changes http.get() and http.request() to escape unsafe
characters. However, that creates an incompatibility with v0.10 that
is difficult to work around: if you escape the path manually, then in
v0.11 it gets escaped twice. Change lib/http.js so it no longer tries
to fix up bad request paths, simply reject them with an exception.

The actual check is rather basic right now. The full check for illegal
characters is difficult to implement efficiently because it requires a
few characters of lookahead. That's why it currently only checks for
spaces because those are guaranteed to create an invalid request.

Fixes #5474.
2013-05-15 22:53:29 +02:00
Timothy J Fontaine
951e0b69fa http: split Client into _http_client.js 2013-04-17 00:08:28 +02:00
Timothy J Fontaine
6717fdccb4 http: move Server and ServerResponse out 2013-04-17 00:08:28 +02:00
Timothy J Fontaine
dc9f97b7b9 http: move OutgoingMessage into it's own file 2013-04-17 00:08:28 +02:00
Timothy J Fontaine
bb56489f21 http: move parsers into _http_common.js 2013-04-17 00:08:28 +02:00
Timothy J Fontaine
5909a9c9bd http: move IncomingMessage into its own file 2013-04-17 00:08:28 +02:00
Timothy J Fontaine
62e4f89765 http: split Agent into its own file 2013-04-17 00:08:28 +02:00
Ben Noordhuis
38149bb048 http: escape unsafe characters in request path
Make http.request() and friends escape unsafe characters in the request
path. That is, a request for '/foo bar' is now escaped as '/foo%20bar'.

Before this commit, the path was used as-is in the request status line,
creating an invalid HTTP request ("GET /foo bar HTTP/1.1").

Fixes #4381.
2013-04-12 16:27:50 -07:00
isaacs
e4b716efaa http: Support write(data, 'hex')
We were assuming that any string can be concatenated safely to
CRLF.  However, for hex, base64, or binary encoded writes, this
is not the case, and results in sending the incorrect response.

An unusual edge case, but certainly a bug.
2013-04-08 09:33:56 -07:00
isaacs
88686aa410 http: Remove legacy ECONNRESET workaround code
Fix #5179
2013-04-03 10:18:42 -07:00
isaacs
234fb122bb http client: Ensure socket cleanup on response end
If an http response has an 'end' handler that throws, then the socket
will never be released back into the pool.

Granted, we do NOT guarantee that throwing will never have adverse
effects on Node internal state.  Such a guarantee cannot be reasonably
made in a shared-global mutable-state side-effecty language like
JavaScript.  However, in this case, it's a rather trivial patch to
increase our resilience a little bit, so it seems like a win.

There is no semantic change in this case, except that some event
listeners are removed, and the `'free'` event is emitted on nextTick, so
that you can schedule another request which will re-use the same socket.
From the user's point of view, there should be no detectable difference.

Closes #5107
2013-04-02 20:34:08 +04:00
isaacs
d62cf59dc1 http: Don't hot-path end() for large buffers
The benefits of the hot-path optimization below start to fall off when
the buffer size gets up near 128KB, because the cost of the copy is more
than the cost of the extra write() call.  Switch to the write/end method
at that point.

Heuristics and magic numbers are awful, but slow http responses are
worse.

Fix #4975
2013-03-14 08:04:59 -07:00
isaacs
327b6e3e1d stream: Don't emit 'end' unless read() called
This solves the problem of calling `readable.pipe(writable)` after the
readable stream has already emitted 'end', as often is the case when
writing simple HTTP proxies.

The spirit of streams2 is that things will work properly, even if you
don't set them up right away on the first tick.

This approach breaks down, however, because pipe()ing from an ended
readable will just do nothing.  No more data will ever arrive, and the
writable will hang open forever never being ended.

However, that does not solve the case of adding a `on('end')` listener
after the stream has received the EOF chunk, if it was the first chunk
received (and thus, length was 0, and 'end' got emitted).  So, with
this, we defer the 'end' event emission until the read() function is
called.

Also, in pipe(), if the source has emitted 'end' already, we call the
cleanup/onend function on nextTick.  Piping from an already-ended stream
is thus the same as piping from a stream that is in the process of
ending.

Updates many tests that were relying on 'end' coming immediately, even
though they never read() from the req.

Fix #4942
2013-03-10 11:08:22 -07:00
koichik
c9a4ec9c63 http: ServerRequest does not timeout after 'end'
Fixes #4967
2013-03-10 20:14:43 +09:00
isaacs
e2400f88d8 http: Do not setTimeout a not-yet-existent socket
Fixes #4967
2013-03-10 18:34:41 +09:00
hc
5757ce48b4 http: check if incoming parser has already been freed
Fix #4948

This adds a check before setting the incoming parser
to null. Under certain circumstances it'll already be set to
null by freeParser().

Otherwise this will cause node to crash as it tries to set
null on something that is already null.
2013-03-09 08:46:44 -08:00
isaacs
632b7d8750 Revert "http: check if incoming parser has already been freed"
This reverts commit 9f4c3b0d45.
2013-03-08 14:35:00 -08:00
hheennrryy@gmail.com
9f4c3b0d45 http: check if incoming parser has already been freed
Fix #4948

This adds a check before setting the incoming parser
to null. Under certain circumstances it'll already be set to
null by freeParser().

Otherwise this will cause node to crash as it tries to set
null on something that is already null.
2013-03-08 14:14:58 -08:00
isaacs
d258fb0212 http: More useful setTimeout API on server
This adds the following to HTTP:

* server.setTimeout(msecs, callback)
  Sets all new connections to time out after the specified time, at
  which point it emits 'timeout' on the server, passing the socket as an
  argument.
  In this way, timeouts can be handled in one place consistently.
* req.setTimeout(), res.setTimeout()
  Essentially an alias to req/res.socket.setTimeout(), but without
  having to delve into a "buried" object.  Adds a listener on the
  req/res object, but not on the socket.
* server.timeout
  Number of milliseconds before incoming connections time out.
  (Default=1000*60*2, as before.)

Furthermore, if the user sets up their own timeout listener on either
the server, the request, or the response, then the default behavior
(destroying the socket) is suppressed.

Fix #3460
2013-03-06 12:43:48 -08:00
Eugene Girshov
25ba971f41 http: fix multiple timeout events
Fixed up slightly by @isaacs so as not to miss 'timeout' events in some
cases.
2013-03-06 10:45:37 -08:00
Ben Noordhuis
2d51036fb9 Merge remote-tracking branch 'origin/v0.8'
Conflicts:
	doc/api/http.markdown
	test/simple/test-crypto.js
2013-03-02 23:13:35 +01:00
Trevor Norris
75305f3bab events: add check for listeners length
Ability to return just the length of listeners for a given type, using
EventEmitter.listenerCount(emitter, event). This will be a lot cheaper
than creating a copy of the listeners array just to check its length.
2013-03-01 17:36:47 -08:00
Ben Noordhuis
f26362e938 http: use socket.once, not socket.on
Register the 'close' event listener with .once(), not .on().

It doesn't matter in the grand scheme of things because the listener
doesn't keep references to any heavy-weight objects but using .once()
for a oneshot listener is something of a best practice.
2013-03-01 13:11:40 +01:00
isaacs
88644eaa2d stream: There is no _read cb, there is only push
This makes it so that `stream.push(chunk)` is the only way to signal the
end of reading, removing the confusing disparity between the
callback-style _read method, and the fact that most real-world streams
do not have a 1:1 corollation between the "please give me data" event,
and the actual arrival of a chunk of data.

It is still possible, of course, to implement a `CallbackReadable` on
top of this.  Simply provide a method like this as the callback:

    function readCallback(er, chunk) {
      if (er)
        stream.emit('error', er);
      else
        stream.push(chunk);
    }

However, *only* fs streams actually would behave in this way, so it
makes not a lot of sense to make TCP, TLS, HTTP, and all the rest have
to bend into this uncomfortable paradigm.
2013-02-28 17:38:17 -08:00
Ben Noordhuis
cb87920ba9 Merge remote-tracking branch 'origin/v0.8'
Conflicts:
	AUTHORS
	ChangeLog
	deps/uv/src/unix/pipe.c
	lib/http.js
	src/node_version.h
2013-02-28 16:58:24 +01:00
Ben Noordhuis
d4a297ccb0 http: fix case in 505 response status line
Fixes #4850.
2013-02-26 15:18:40 +01:00
isaacs
b0e7dbf2c0 http: Do not free the wrong parser on socket close
This appears to fix #4673.  That bug is very hard to reproduce, so it's
hard to tell for certain, but this approach is more correct anyway.

Hat-tip: @dougwilson
2013-02-25 09:06:46 -08:00
isaacs
f9a0140ef1 http: Handle hangup writes more gently 2013-02-22 10:35:07 -08:00
isaacs
09b1212254 http: Add fixme comment about ECONNRESET handling 2013-02-18 10:38:37 -08:00
isaacs
d75e39794b Merge remote-tracking branch 'ry/v0.8' into master
Conflicts:
	AUTHORS
	ChangeLog
	lib/http.js
	src/node_version.h
	test/simple/test-http-header-response-splitting.js
2013-02-18 10:21:08 -08:00
isaacs
987338fe31 http: Do not let Agent hand out destroyed sockets
Fix #4373
2013-02-14 16:03:40 -08:00
isaacs
c9dcf5718c http: Raise hangup error on destroyed socket write
Prior to v0.10, Node ignored ECONNRESET errors in many situations.
There *are* valid cases in which ECONNRESET should be ignored as a
normal part of the TCP dance, but in many others, it's a very relevant
signal that must be heeded with care.

Exacerbating this problem, if the OutgoingMessage does not have a
req.connection._handle, it assumes that it is in the process of
connecting, and thus buffers writes up in an array.

The problem happens when you reuse a socket between two requests, and it
is destroyed abruptly in between them.  The writes will be buffered,
because the socket has no handle, but it's not ever going to GET a
handle, because it's not connecting, it's destroyed.

The proper fix is to treat ECONNRESET correctly.  However, this is a
behavior/semantics change, and cannot land in a stable branch.

Fix #4775
2013-02-14 16:03:40 -08:00
Bert Belder
255bc945c2 http: protect against response splitting attacks
This patch is a back-port of 3c293ba.
Closes #4696
2013-02-07 14:39:47 +01:00
isaacs
faf78604ca http: Don't dump twice 2013-01-28 08:54:08 -08:00
Ben Noordhuis
4a7a98fd0a http: close connection on 204 and chunked encoding
This is similar to commit 2cbf458 but this time for 204 No Content
instead of 304 Not Modified responses.

When the user sends a 204 response with a Transfer-Encoding: chunked
header, suppress sending the zero chunk and force the connection to
close.
2013-01-24 11:23:36 +01:00
Ben Noordhuis
2cbf4586df http: close connection on 304 and chunked encoding
Force the connection to close when the response is a 304 Not Modified
and the user has set a "Transfer-Encoding: chunked" header.

RFC 2616 mandates that 304 responses MUST NOT have a body but node.js
used to send out a zero chunk anyway to accommodate clients that don't
have special handling for 304 responses.

It was pointed out that this might confuse reverse proxies to the point
of creating security liabilities, so suppress the zero chunk and force
the connection to close.
2013-01-23 01:47:24 +01:00
isaacs
3d7818fc42 Merge remote-tracking branch 'ry/v0.8' into master
Conflicts:
	AUTHORS
	ChangeLog
	src/node_version.h
	test/simple/test-buffer.js
2013-01-18 12:58:16 -08:00
Alexandr Emelin
eef0ccbcaf http: fix duplicate var initialization
IncomingMessage function contained duplicate initialization
of this._pendings. Line with one of those expressions has been
removed.
2013-01-16 17:10:14 +01:00
Ben Noordhuis
f3e78bd3c2 http: fix "Cannot call method 'emit' of null"
Fix the following exception:

  http.js:974
    this._httpMessage.emit('close');
                      ^
  TypeError: Cannot call method 'emit' of null
      at Socket.onServerResponseClose (http.js:974:21)
      at Socket.EventEmitter.emit (events.js:124:20)
      at net.js:421:10
      at process._tickCallback (node.js:386:13)
      at process._makeCallback (node.js:304:15)

Fixes #4586.
2013-01-14 17:28:32 +01:00
isaacs
dc0c524ce6 http: Set _dumped=false initially
The better to keep the IncomingMessage class isomorphic and avoid
creating additional hidden classes.
2013-01-10 18:16:43 -08:00