1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-05 17:23:15 +02:00
Commit Graph

30 Commits

Author SHA1 Message Date
Trygve Aaberge ca07c03bf3 relay/api: combine request headers with the same name
If a request repeats the same header name multiple times, merge the
header values into a comma separated string. Previously, only the last
header specified would be used.

For header fields that are defined as a comma-separated list, a client
may choose to send it as multiple headers instead of one header with
comma-separated values. The specification says that these are
equivalent, so we can therefore join the headers into a comma-separated
string.

This is specified at https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.2
which says:

    A sender MUST NOT generate multiple header fields with the same field
    name in a message unless either the entire field value for that
    header field is defined as a comma-separated list [i.e., #(values)]
    or the header field is a well-known exception (as noted below).

    A recipient MAY combine multiple header fields with the same field
    name into one "field-name: field-value" pair, without changing the
    semantics of the message, by appending each subsequent field value to
    the combined field value in order, separated by a comma.  The order
    in which header fields with the same field name are received is
    therefore significant to the interpretation of the combined field
    value; a proxy MUST NOT change the order of these field values when
    forwarding a message.
2024-11-24 16:15:35 +01:00
Trygve Aaberge bd7c503e7b relay/api: support passing auth in sub protocol header
The API for connecting to WebSockets in browsers unfortunately doesn't
support setting any Authorization header. This means that before this
commit it was impossible to connect to the API relay from a web browser.
The only thing that can be set apart from the URL is the
Sec-WebSocket-Protocol header. Therefore this allows you to send the
auth token in this header.

This is a weird way to send auth, but it seems to be the best one that
makes it possible for browsers to connect. Kubernetes also does it this
way: https://github.com/kubernetes/kubernetes/pull/47740

Here is a post describing the different ways to make it possible for a
browser to authenticate against a websocket connection, and it also
recommends doing it this way:
https://stackoverflow.com/questions/4361173/http-headers-in-websockets-client-api/77060459#77060459

Note that when this header is used to pass auth, the client also needs
to specify the `api.weechat` sub protocol. This is because the client
and server have to agree on a sub protocol when this header is
specified, and in order to not send the fake protocol used for auth back
to the client, we require specifying the protocol `api.weechat`, which
the server then returns to the client. This is only necessary when the
Sec-WebSocket-Protocol header is used. If the Authorization header is
used for auth as before, nothing changes.
2024-11-24 16:00:25 +01:00
Josh Soref 2202cd9f85 spelling: zstd
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-09-28 21:22:56 +02:00
Sébastien Helleu fc197df056 relay/api: allow clients without authentication when no relay password is defined and option relay.network.allow_empty_password is on (issue #2158) 2024-07-20 15:57:56 +02:00
Sébastien Helleu 259615d436 relay/api: add field "request_id" in websocket frame (request and response) 2024-06-30 00:11:29 +02:00
Sébastien Helleu 1cacbde6b7 relay: remove check of NULL pointers before calling free functions 2024-06-30 00:11:00 +02:00
Sébastien Helleu f8d98bbd5e core: replace "%lx" by "%p" in dump of relay data 2024-06-14 18:10:18 +02:00
Sébastien Helleu 26fa0ea1b8 relay: enable websocket extension "permessage-deflate" with "api" relay only 2024-06-02 09:05:40 +02:00
Sébastien Helleu 5294249515 relay: fix compiler warning in call to snprintf
This fixes the following warning emitted by gcc:

…/relay-http.c:1207:32: warning: ‘%s’ directive output may be truncated writing up to 1023 bytes into a region of size 64 [-Wformat-truncation=]
 1207 |                               "%s[%d bytes data]",
      |                                ^~
 1208 |                               str_header,
      |                               ~~~~~~~~~~
…/relay-http.c:1207:31: note: directive argument in the range [1, 2147483647]
 1207 |                               "%s[%d bytes data]",
      |                               ^~~~~~~~~~~~~~~~~~~
…/relay-http.c:1206:21: note: ‘snprintf’ output between 15 and 1047 bytes into a destination of size 64
 1206 |                     snprintf (raw_message, length_raw,
      |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 1207 |                               "%s[%d bytes data]",
      |                               ~~~~~~~~~~~~~~~~~~~~
 1208 |                               str_header,
      |                               ~~~~~~~~~~~
 1209 |                               *ptr_body_size);
      |                               ~~~~~~~~~~~~~~~
2024-05-24 21:08:10 +02:00
Sébastien Helleu 25e3a631b9 relay/api: reply to preflight request OPTIONS received from browsers (CORS)
This adds the support of Cross-Origin Resource Sharing (CORS) in the relay HTTP
API.
2024-05-05 11:08:37 +02:00
Sébastien Helleu 9c3eda660d relay: remove check of NULL pointers before calling relay_websocket_deflate_free() (issue #865) 2024-04-26 21:23:39 +02:00
Sébastien Helleu ba97a39565 relay: remove check of NULL pointers before calling relay_http_response_free() (issue #865) 2024-04-26 21:22:49 +02:00
Sébastien Helleu 7af01a56ca plugins: remove check of NULL pointers before calling weechat_string_dyn_free() (issue #865) 2024-04-26 08:53:22 +02:00
Sébastien Helleu 9a5a1fb300 plugins: remove check of NULL pointers before calling weechat_string_free_split() (issue #865) 2024-04-26 08:53:22 +02:00
Sébastien Helleu 0b2d9bcb9b plugins: remove check of NULL pointers before calling weechat_hashtable_free() (issue #865) 2024-04-26 08:53:22 +02:00
Sébastien Helleu 7ee57af8e3 relay: remove check of NULL pointers before calling free() (issue #865) 2024-04-25 20:59:24 +02:00
Sébastien Helleu 4baf0e8526 relay: add final '\0' in body when parsing HTTP response
This fixes tests on Debian GNU/Hurd.
2024-04-24 21:24:51 +02:00
Sébastien Helleu 90b855e1aa relay: add connection to remote (issue #2066)
Connection to remote:

- handshake: offer support for all supported hash algorithms
- network connect with a socket
- upgrade to websocket and authenticate with remote (password/TOTP)
- check websocket response
- get list of buffers (not used yet)

Note: connection to remote with TLS or a proxy is not yet supported.
2024-04-07 13:18:13 +02:00
Sébastien Helleu c2343ecb74 relay: add functions to parse HTTP response (issue #2066) 2024-04-07 13:16:50 +02:00
Sébastien Helleu 965beb37de core: fix print of pointer values 2024-04-01 21:08:52 +02:00
Sébastien Helleu 6d549d0da9 relay/api: rename "salt" to "timestamp" 2024-02-26 12:56:44 +01:00
Sébastien Helleu 0f30a4e020 relay: move functions to get URL parameters from api to relay-http.c, add tests 2024-02-18 23:13:20 +01:00
Sébastien Helleu 820a3e8767 relay: free ws_deflate when http request is freed 2024-02-03 11:30:35 +01:00
Sébastien Helleu 3f902dba28 relay: check that request is not NULL before compressing data (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu de72fe1db5 relay/api: fix send of responses 400 and 404 in case of error (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu 89aeb03a13 relay: remove request from some function arguments (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu 83567fd871 relay: allow password hash authentication in api relay, add option relay.network.time_window (issue #2066) 2024-02-01 21:39:23 +01:00
Sébastien Helleu f126255d6a core: add support of base64url in encode/decode functions (issue #2066) 2024-02-01 21:39:21 +01:00
Sébastien Helleu 6cfb31c306 relay: add support of websocket extension "permessage-deflate" (closes #1549)
This extension is used to compress and decompress websocket frames (using
the DEFLATE algorithm, with zlib).
2024-02-01 21:38:53 +01:00
Sébastien Helleu 8971fc069a relay: add "api" protocol (HTTP REST API) (issue #2066) 2024-02-01 21:38:49 +01:00