we should take into account cur.request->function->need_ssl too
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1010 e52654a7-88a9-db11-a3e9-0013d4bc506e
beforehand we made a http connection from the special thread
now we just send a fastcgi packet to the unix socket
the old way was broken because it requires the http server to work
and if the operating system is going to shutdown/reboot then the http server
can be first closed and consequently the winix cannot wake up from
the main thread (and will be terminated SIGKILL by the os)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@998 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: config option:
// the way we behave when no_session_cookie_treshold limit is exceeded
// 0 - if a client doesn't send a session cookie again then use a temporary session
// (other sessions from this IP address are not affected)
// 1 - add this IP address to ban list and create a temporary session
// (this will block other sessions from this IP address too)
// default: 0
int no_session_cookie_ban_mode;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@996 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: possibility to ban if a client tries to hijack the session cookie
added: possibility to ban if a client did not send a session cookie
renamed: ezc functions:
login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed)
login_when_available_login -> ipban_current_ip_expires_time
added: config options:
// after how many broken encoded cookie we should ban the current IP
// default: 2 (value in the range <0 - 65535>)
size_t broken_encoded_cookie_treshold;
// after how many incorrect session identifiers (or session indices) we should ban the current IP
// do not set this value too low, as people connecting from the same IP address (from behind a NAT)
// would be banned if they have an old session cookie remembered in the browser
// default: 128 (value in the range <0 - 65535>)
size_t session_hijacking_treshold;
// after how many times a client will be banned if it did not send a session cookie
// default: 1000 (value in the range <0 - 65535>)
size_t no_session_cookie_treshold;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: config options:
// whether or not we should encode the session cookie
// (we have a special algorithm)
// default: false
bool session_cookie_encode;
// if session_cookie_encode is true then you should provide
// a file where AES keys will be stored
std::wstring session_keys_file;
// each session has an index -- an unsigned int value
// this value is sent in the cookie string (is encoded)
// and is incremented when session_index_time_increment time is passed since the last incrementing
// if a client sent the cookie back the difference between
// current index and the index in the cookie should be less than or equal to session_allow_index_difference
// default: 8
size_t session_allow_index_difference;
// the time which should pass after the session index is incremented
// default: 30
// (session_allow_index_difference + 1) * session_index_time_increment should be less than a time
// load of a page and all elements on it such as images (of course it depends on client's download too)
time_t session_index_time_increment;
// time in seconds after a new AES key pair should be generated
// we have 256 pairs of keys so this time multiplied by 256 should not be less than
// the max time of a session (session_remember_max_idle),
// by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle)
// default: 172800 = 2 days (max: 2678400 = 1 month, min: 10)
size_t session_key_renew_time;
changed: when printing the time of a request we print only two non-zero digits
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
everywhere we are using std::wstring and wchar_t*
(std::string and char* is used only locally in some places
especially when creating a path to OS file system etc.)
added: to the special thread when winix closes:
a write function for curl: FetchPageOnExitCurlCallback()
without this function the curl library will print
the page's content to the standart output
changed: TextStream<> class from core can make
UTF8<->wide strings conversions
removed: from config: utf8 option
now winix expects UTF8 from the user's input (html forms, url-es)
and outputs strings in the UTF8 format
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@965 e52654a7-88a9-db11-a3e9-0013d4bc506e
each one for each thread
fixed: on Linux: pthread mutexes by default behaves differently than on FreeBSD
we have to set PTHREAD_MUTEX_ERRORCHECK attribute
when creating a mutex
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@953 e52654a7-88a9-db11-a3e9-0013d4bc506e
(before we were using BSD's fetch)
fixed: we didn't use FCGX_Finish_r() on the request made from the special thread
so the thread hangs (now we can use pthread_join correctly from the main thread)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@947 e52654a7-88a9-db11-a3e9-0013d4bc506e
headers and cookies were not sent
(instead of headers the content was sent, so the client's browser was unable to open it correctly)
added: standard http headers are added by winix only if there are not such headers already
e.g. if a plugin adds "Content-Type" header then winix will not overwrite it
(headers names are case sensitive)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@945 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: now we are able to use the html filter for the whole out_streams (when ajax is used the output is filtered too)
splitted FilterCompressSend() function -- first we are making the filtering
(after filtering we know the size of the content to send)
added: to Compress:
Compressing(const char * source, size_t source_len, BinaryPage & out_stream, int encoding);
changed: some refactoring in App
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@942 e52654a7-88a9-db11-a3e9-0013d4bc506e
some environment variables were put there
removed: config variable: debug_info
removed: Request::role (responder, authorizer)
now we have only one role: responder
added: new config variables:
log_env_variables (default false) - when true then fastcgi environment
variables are logged to the log file
log_http_answer_headers (default false) - when true all http headers
created by winix ale logged (note that the www server can add/adjust other headers)
changed: some refactoring in Request struct
changed: CookieTab to std::map<std::wstring, std::wstring>
beforehand std::string was used
(changed CookieParser as well)
changed: Request::SetCookie() to AddCookie()
added: Request::out_headers (a PT::Space struct)
http headers (without cookies) send back to the client
added: Request::out_cookies (a PT::Space struct)
cookies send to the client
changed: App class to use Request::out_headers and Request::out_cookies
some SendHeaders...() methods were renamed to PrepareHeaders...()
and they create output in Request::out_headers first (and out_cookies)
and later it is sent
added: two plugin messages:
// http headers (without cookies) were created and are ready to send
// here you can make some changes to them
// in p1 you have a pointer to the PT::Space (Request::out_headers)
#define WINIX_PREPARE_TO_SEND_HTTP_HEADERS 31070
// http cookies were created and are ready to send
// here you can make some changes to them
// in p1 you have a pointer to the PT::Space (Request::out_cookies)
#define WINIX_PREPARE_TO_SEND_HTTP_COOKIES 31080
added: config variable:
// how many output streams do we have in Request class
// default: 16 (64 maximum)
size_t ezc_out_streams_size;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@940 e52654a7-88a9-db11-a3e9-0013d4bc506e
index_rawcontent.html, index_ajaxcontent.html
now we have out_streams in Request and some special
keyword in ezc templates for sending content to the
specified streams
changed: the way how winix answers to the client's browsers:
info from Request class:
winix answer send to the client's browser
|
|
depending on send_bin_stream
-------------------------------------------------
| |
text answer binary answer
| |
depending on return_json sending out_bin_stream
------------------------------------
| |
normal request ajax request
| |
sending out_streams[0] depending on return_info_only
------------------------------------------------------
| |
generating JSON object from: generating JSON object only from info
out_streams and info, e.g.: e.g.:
{ { info object serialized here }
"stream_1": "some html content",
"stream_2": "some other html content",
"info": { info object serialized here }
}
note that out_streams[0] is not sent
in JSON answers
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@937 e52654a7-88a9-db11-a3e9-0013d4bc506e
then we are using a generic json serializer
changed: we are sending the application/json header when returning an json string
added: to config: log_server_answer (default false)
when true we put the whole string (server's answer) to the log file
added: to Request: use_200_status_for_not_found_and_permission_denied
if this is true then if the server http code would be 403 or 404
then we return 200 OK (useful when using ajax)
changed: System::RedirectTo() methods take as the last parameter: use_reqtype
if this is true (default) then reqtype:type parameter is automatically added to the redirecting path
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@918 e52654a7-88a9-db11-a3e9-0013d4bc506e
now after some incorrent login attempts your IP can be banned or blocked
(see new config variables)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
this message is sent before calling MakePost() or MakeGet()
if you return false (which is default) you can prevent the access
to the resource
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@901 e52654a7-88a9-db11-a3e9-0013d4bc506e
beforehand we didn't take into accout default winix functions
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@894 e52654a7-88a9-db11-a3e9-0013d4bc506e
// try to use SSL
// if in the config 'use_ssl' is true and 'use_ssl_only_for_logged_users' is true
// then ssl is used only for logged users but sometimes there is a need to use
// SSL even if noone is logged (for example for such functions like 'login' or 'adduser')
// default: false
// (this option is ignored if 'use_ssl' in the config is false)
bool need_ssl;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@892 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: to Request:
// binary page
BinaryPage binary_page;
// a compressed page ready to send to the client
BinaryPage compressed_page;
// if true then either page or ajaxpage will be sent to the client
// if false then binary_page is sent
// default: true
bool use_text_page;
BinaryPage is defined as (in requesttypes.h):
typedef PT::TextStreamBase<char, 1, 4096> BinaryPage;
added: to Compress: now it can gets BinaryPage as arguments (input, output)
changed: winix version to: 0.5.0
added: in templates: TexTextStream class
for taking input to the TeX typesetting system
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@884 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: 'postredirect' global parameter (it can be a param or post value)
you can use this parameter in a html POST form
after processing the POST request winix will make a redirect to the value
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@881 e52654a7-88a9-db11-a3e9-0013d4bc506e
(the filter can be used before we make the json answer -- not implemented yet)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@872 e52654a7-88a9-db11-a3e9-0013d4bc506e
// used as a JSON output (when ajax_serializer is defined)
// it will be serialized and have at least:
// 'content' string - the whole html content
// 'http_status' integer - http status code (e.g. 200)
PT::Space ajax;
// if not null then the request will have a JSON as an output
PT::SpaceToJSON * ajax_serializer;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@871 e52654a7-88a9-db11-a3e9-0013d4bc506e
changed: time zones -- now we have the daylight saving time
different for each year (start, end)
added: config option: time_zone_id (size_t)
time zone identifier for not logged users
or for newly created accounts
those identifiers you can see in etc/time_zones.conf file
or by using timezone winix function with 'a' parameter (timezone/a) (!!IMPROVE ME NOT IMPLEMENTED YET)
default: 34 (Coordinated Universal Time UTC+00:00)
added: config option: locale_default_id (size_t)
locale for not logged users
or for newly created accounts
added: config option: locale_max_id (size_t)
a maximum value of a locale identifier
default: 100 (maximum: 1000)
each locale files should have its own identifier (in "winix_locale_id" field)
from zero to this value
added: config option: time_zone_max_id (size_t)
maximum value of a time zone identifier
time zones with an id greater than this will be skipped
default: 130 (maximum: 1000)
removed: config option: locale_default
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@852 e52654a7-88a9-db11-a3e9-0013d4bc506e
if either use_ssl in the config if false
or if use_ssl_only_for_logged_users is true
and a user is not logged
added: base url redirect HTTP codes to the config
// if current connection is without SSL and should be made through SSL
// or if is via SSL and should be done in plain text
// then we make a redirect
// default: 303
int use_ssl_redirect_code;
// when the HOST_HTTP environment variable is not equal to 'base_url'
// (the part 'http://' and the last slash is removed)
// the server will redirect into base_url + 'REQUEST_URI'
// it's useful when you want to redirect from 'mydomain.tld' into 'www.mydomain.tld' etc.
// set this option to false if you have multiple subdomains
// default: false
bool base_url_redirect;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@847 e52654a7-88a9-db11-a3e9-0013d4bc506e
now we first demonize (fork) and then open the log file
added: start adding support for PT::Date
we are using instead of tz system structure
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@836 e52654a7-88a9-db11-a3e9-0013d4bc506e
and was not used when checking for base url redirect
fixed: return values from plugins should be given in a special structure
they were remembered in plugin object (ret_false, ret_true)
and consequently were not thread safe
now all plugin.Call() methods return PluginRes structure
in which there are ret_false and ret_true variables
changed: small refactoring in AddUser winix function
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@827 e52654a7-88a9-db11-a3e9-0013d4bc506e
(Session, SessionContainer, SessionManager)
now a Session object don't copy all fields in its copy constructor (only id)
the rest fields are set after the object is inserted in SessionContainer
added: after successfully login a session id is changed
added: plugin.Call() methods with a first argument a pointer to a Session object
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@823 e52654a7-88a9-db11-a3e9-0013d4bc506e
changed: UGContainer<> now uses std::list as a storage
(previously it was using std::vector with pointers)
removed: now we don't have the operator[] for UGContainer<>
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@816 e52654a7-88a9-db11-a3e9-0013d4bc506e
UrlEncode() for char->wstring
UrlEncode() for wstring->wstring
removed: Request::redirect_url_encoded flag
the Request::redirect_to string should always be url-encoded
changed: in UrnEncode()
now characters like '#' and '/' are not allowed in an url
(will be url-encoded)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@807 e52654a7-88a9-db11-a3e9-0013d4bc506e
parameter: ezc_max_elements
maximum number for elements through the whole template (ezc)
default: 50000
parameter: ezc_max_loop_elements
maximum number of each [for] loop
default: 5000 (from ezc generator)
added: to Request class:
time_t start_time;
tm start_tm;
they are set when a request starts
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@806 e52654a7-88a9-db11-a3e9-0013d4bc506e
the kind of "Content-Type" header send to the client
if utf8 is enabled then 'charset=UTF-8' will also be appended
added: to templates: an index pattern for 'rawcontent'
used when 'rawcontent' parameter is present
by default the template has only one [content] ezc function
useful in AJAX requests
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@784 e52654a7-88a9-db11-a3e9-0013d4bc506e
true if the connections is encrypted by using SSL
changed: in BaseUrlRedirect
we also check if the connection should use SSL
and if so then we make a redirect to "https://.."
changed: in 'static' mount points:
if the request was e.g. "/styles/default.js?t=B49E5BQ"
we should return a file "/styles/default.js" (without the "?..." part)
additionally '#' character is checked
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@762 e52654a7-88a9-db11-a3e9-0013d4bc506e