httpserver: missing query string in request info

[KawaiiZapic]

lws_http_get_uri_and_method does not include the query string of request, we need use lws_hdr_copy(wsi, bufsize, WSI_TOKEN_HTTP_URI_ARGS) to get the query string.

[saghul]

Nice one, thank you! Did you check if hash parameters are copied correctly?

[KawaiiZapic]

Nice one, thank you! Did you check if hash parameters are copied correctly?

The hash part don't sent to server, we don't need to handle it.

[KawaiiZapic]

And I think an error should be thrown when the pathname or query or something is too long, the current behavior is just ignoring the over-limit part, in some edge cases, this may cause some confusion.

[saghul]

We could compute the necessary length and always dynamically allocate it?

[KawaiiZapic]

We could compute the necessary length and always dynamically allocate it?

That will cause some security problems, attacker can send a large payload to comsume all memory on server.
IMHO we would better have a configuable limit of header size and body size.

Usually, 2048 bytes header should enough for most case, the problem is url being truncated without any notice.

[saghul]

Fair enough. That's what we have right now though, which I guess it's reasonable.

Let's fix it if / when we run into real world problems?

[KawaiiZapic]

Fair enough. That's what we have right now though, which I guess it's reasonable.

Let's fix it if / when we run into real world problems?

That's ok.