Skip to content

Commit

Permalink
release: 9.1.1
Browse files Browse the repository at this point in the history
  • Loading branch information
ShogunPanda committed Sep 13, 2023
1 parent ddb1950 commit 4333cc5
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 3 deletions.
2 changes: 1 addition & 1 deletion CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
cmake_minimum_required(VERSION 3.5.1)
cmake_policy(SET CMP0069 NEW)

project(llhttp VERSION 9.1.0)
project(llhttp VERSION 9.1.1)
include(GNUInstallDirs)

set(CMAKE_C_STANDARD 99)
Expand Down
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -361,6 +361,8 @@ Normally `llhttp` would error when a CR is not followed by LF when terminating t
request line, the status line, the headers or a chunk header.
With this flag only a CR is required to terminate such sections.
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
### `void llhttp_set_lenient_optional_cr_before_lf(llhttp_t* parser, int enabled)`
Enables/disables lenient handling of line separators.
Expand Down
29 changes: 27 additions & 2 deletions include/llhttp.h
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

#define LLHTTP_VERSION_MAJOR 9
#define LLHTTP_VERSION_MINOR 1
#define LLHTTP_VERSION_PATCH 0
#define LLHTTP_VERSION_PATCH 1

#ifndef INCLUDE_LLHTTP_ITSELF_H_
#define INCLUDE_LLHTTP_ITSELF_H_
Expand Down Expand Up @@ -809,7 +809,7 @@ void llhttp_set_lenient_keep_alive(llhttp_t* parser, int enabled);
* avoid request smuggling.
* With this flag the extra value will be parsed normally.
*
* **Enabling this flag can pose a security issue since you will be exposed to
* **Enabling this flag can pose a security issue since you will be exposed to
* request smuggling attacks. USE WITH CAUTION!**
*/
LLHTTP_EXPORT
Expand Down Expand Up @@ -852,6 +852,19 @@ void llhttp_set_lenient_data_after_close(llhttp_t* parser, int enabled);
LLHTTP_EXPORT
void llhttp_set_lenient_optional_lf_after_cr(llhttp_t* parser, int enabled);

/*
* Enables/disables lenient handling of line separators.
*
* Normally `llhttp` would error when a LF is not preceded by CR when terminating the
* request line, the status line, the headers, a chunk header or a chunk data.
* With this flag only a LF is required to terminate such sections.
*
* **Enabling this flag can pose a security issue since you will be exposed to
* request smuggling attacks. USE WITH CAUTION!**
*/
LLHTTP_EXPORT
void llhttp_set_lenient_optional_cr_before_lf(llhttp_t* parser, int enabled);

/* Enables/disables lenient handling of chunks not separated via CRLF.
*
* Normally `llhttp` would error when after a chunk data a CRLF is missing before
Expand All @@ -864,6 +877,18 @@ void llhttp_set_lenient_optional_lf_after_cr(llhttp_t* parser, int enabled);
LLHTTP_EXPORT
void llhttp_set_lenient_optional_crlf_after_chunk(llhttp_t* parser, int enabled);

/* Enables/disables lenient handling of spaces after chunk size.
*
* Normally `llhttp` would error when after a chunk size is followed by one or more
* spaces are present instead of a CRLF or `;`.
* With this flag this check is disabled.
*
* **Enabling this flag can pose a security issue since you will be exposed to
* request smuggling attacks. USE WITH CAUTION!**
*/
LLHTTP_EXPORT
void llhttp_set_lenient_spaces_after_chunk_size(llhttp_t* parser, int enabled);

#ifdef __cplusplus
} /* extern "C" */
#endif
Expand Down

0 comments on commit 4333cc5

Please sign in to comment.