yaws
yaws copied to clipboard
erlyaws
Yaws webserver
We are running some security scanning tools that are complaining about this. So my question is if perhaps a 'charset=' should be appended to this content type? (the obsoleted 'text/javascript'...
DoS
Make a HEAD or GET request using curl: ``` curl -I -H "transfer-encoding: chunked" url_to_yaws_server ``` which should tie up an acceptor for minutes. Start a few more such requests...
Before OTP 21, error_logger is the only logger provided by default and used by OTP. The result is when Yaws report.log is enabled (default) most logs are captured. The situation...
I am reviewing my setting of `partial_post_size`. I currently have it at `1048576` from a long time ago. But since Yaws will always read the first chunk eagerly. It is...
Is it possible to support logging to syslog without a special logger_mod? I saw that there is https://github.com/yakaz/yaws-logger , maybe that could be brought in?
I now use Yaws as a rebar3 dep and after building a release the `yaws-2.0.6` directory looks like this: ``` ├── ebin ├── include └── priv ``` all these subdirectories...
https://github.com/klacke/yaws/blob/493ecfe60d722be506bc3ee8a9b12c69bf1e3580/win32/yaws.c#L211 This line opens a local vulnerability that could be exploited by SEH Buffer Overflow technique. I exploited it, in this POC: (python) ``` import binascii from subprocess import call...
When changing sconf, acceptors that are neither Ready nor Last can continue to receive and process requests using the old sconf. If appmods and/or opaque are changed then this could...
I hava a cookie, ``` "QN1=dXrgjVrqaxEuvRe0H6YdAg==; QN243=72; QN25=82a9a2a3-ec38-4e38-b78b-057fc5f9636e-9f992f90; _i=RBTKSwn6xd-VxgOw6_TO9N5Z3Fbx; _vi=ErElzmjxsa0uV5FPi_r5xiFRQB5n1jAXTo3LqBKgRm5viZ0B_CC2wAcR0VBUO1QrTzS-tKzX1hEuq-13oO890mFd-3a_0uQWKgKUkOSR_DJYqguz1tyEKX9WEbmxme7zjkwWXXgqr_86YH0qMgn6PHSXwMGfuHoMZiaqScwGxSDF; fid=fcefde0c-7d80-46ae-8969-49fe0b59d66f; QN271=e2b20f4a-bfb7-4bae-872a-c2f3ded45672; QN43=2; QN42=%E5%88%98%E5%B8%86; _q=U.esbnomd3156; _t=25530365; csrfToken=IqYbdFNxPQnCZqVuPezzAyLuzzwnjyDt; _s=s_UEMMZXWDWKMHGZ4Q4EQEJQT57M; _v=jXhrHX3dNwg8Bh6gz450ZKARqiXfyXJdR3M4VhSB9iT5PT0Fsi0LZtDNTlJDDt7ziT9EZWgR5BG95mC6g8vXsvC3L1L1jdmkPi_cWx9JXFi_67ndWrzqyUYE7iSfhpRfWjnVQRN1TRRv0upMqGHdFf8rLdnD5nDzxfgihMP7Y8QE; QN44=esbnomd3156; QunarGlobal=10.86.213.151_1e9d65bb_16320441ba4_119c|1525255516387; QN99=9494; QN269=4FD5EDB04DF011E8ACB5FA163E233FC1; PHPSESSID=j3rq22l8oim5id6ouvsdieev44; QN48=tc_61d7988bd35b650e_163205037a3_6157; q_ckey=dT1lc2Jub21kMzE1NiZrPTlBM0U3RDE1OTc5MDM5NUE5QzU3MzM0MzYzNkI3QTY3JnQ9MTUyNTMxMjI3NDkwNg==; l-pswebapp1-8000-PORTAL-PSJSESSIONID=-SIjqqbXNz_fN35Rb2gsDHHwVgELahB1!-820342716; ExpirePage=http://ehr.corp.qunar.com/psp/HCMPRD/; PS_LOGINLIST=http://ehr.corp.qunar.com/HCMPRD; PS_TOKENEXPIRE=03_May_2018_01:42:58_GMT;...
Try `yaws_exhtml:fformat().` to get an exception. I think the two test functions `fformat/0` and `sformat/0` should be renamed or moved to test directory. `sformat/0` shares the same name as two...