espressif
feat(webserver): Middleware with default middleware for cors, authc, curl-like logging
This PR improves WebServer with the following additions:
- Add Middleware support (aka Expressif) with some built-in middlewares like cors, authc and logging
- Add ability to collect all incoming request headers
- Added response code and info on server
As discussed in https://github.com/espressif/arduino-esp32/issues/10185, I tested the example thanks to a pio config.
Ideally it would be nice if @me-no-dev and @ayushsharma82 could review this PR, both were involved in these parts.
| Warnings | |
|---|---|
| :warning: |
|
π Hello mathieucarbou, we appreciate your contribution to this project!
Click to see more instructions ...
This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.
DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.
Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- Resolve all warnings (β οΈ ) before requesting a review from human reviewers - they will appreciate it.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.
Review and merge process you can expect ...
We do welcome contributions in the form of bug reports, feature requests and pull requests.
1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
4. If the change is approved and passes the tests it is merged into the default branch.
Generated by :no_entry_sign: dangerJS against 6b1e5d02f10b6bc29573fe3a4c5aa5b7099d3cd5
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Test Results
β62 filesβββ62 suitesβββ16m 34s β±οΈ β24 testsββ18 β β0 π€β6 β 140 runsββ134 β β0 π€β6 β
For more details on these failures, see this check.
Results for commit 6b1e5d02.
:recycle: This comment has been updated with latest results.
Memory usage test (comparing PR against master branch)
The table below shows the summary of memory usage change (decrease - increase) in bytes and percentage for each target.
| Memory | FLASH [bytes] | FLASH [%] | RAM [bytes] | RAM [%] | ||||
|---|---|---|---|---|---|---|---|---|
| Target | DEC | INC | DEC | INC | DEC | INC | DEC | INC |
| ESP32S3 | 0 | :bangbang: +23K | 0.00 | :bangbang: +2.61 | 0 | :bangbang: +3K | 0.00 | :bangbang: +6.93 |
| ESP32S2 | 0 | :bangbang: +19K | 0.00 | :bangbang: +2.25 | 0 | :bangbang: +3K | 0.00 | :bangbang: +6.99 |
| ESP32C3 | 0 | :bangbang: +23K | 0.00 | :bangbang: +2.42 | 0 | :bangbang: +2K | 0.00 | :bangbang: +6.67 |
| ESP32C6 | 0 | :bangbang: +42K | 0.00 | :bangbang: +4.62 | 0 | :bangbang: +25K | 0.00 | :bangbang: +62.11 |
| ESP32 | 0 | :bangbang: +23K | 0.00 | :bangbang: +2.43 | 0 | :warning: +1960 | 0.00 | :bangbang: +3.99 |
Click to expand the detailed deltas report [usage change in BYTES]
| Target | ESP32S3 | ESP32S2 | ESP32C3 | ESP32C6 | ESP32 | |||||
|---|---|---|---|---|---|---|---|---|---|---|
| Example | FLASH | RAM | FLASH | RAM | FLASH | RAM | FLASH | RAM | FLASH | RAM |
| WebServer/examples/AdvancedWebServer | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +23K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1800 |
| WebServer/examples/FSBrowser | :bangbang: +21K | :bangbang: +3K | :bangbang: +18K | :bangbang: +3K | :bangbang: +21K | :bangbang: +2K | :bangbang: +39K | :bangbang: +24K | :bangbang: +21K | :warning: +1816 |
| WebServer/examples/Filters | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +23K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1800 |
| WebServer/examples/HelloServer | :bangbang: +22K | :bangbang: +3K | :bangbang: +17K | :bangbang: +2K | :bangbang: +23K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1800 |
| WebServer/examples/HttpAdvancedAuth | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +22K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1792 |
| WebServer/examples/HttpAuthCallback | :bangbang: +22K | :bangbang: +3K | :bangbang: +17K | :bangbang: +2K | :bangbang: +22K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1792 |
| WebServer/examples/HttpAuthCallbackInline | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +22K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1792 |
| WebServer/examples/HttpBasicAuth | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +22K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1792 |
| WebServer/examples/HttpBasicAuthSHA1 | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +22K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +22K | :warning: +1792 |
| WebServer/examples/HttpBasicAuthSHA1orBearerToken | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +22K | :bangbang: +2K | :bangbang: +41K | :bangbang: +25K | :bangbang: +22K | :warning: +1792 |
| WebServer/examples/Middleware | - | - | - | - | - | - | - | - | - | - |
| WebServer/examples/MultiHomedServers | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +23K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1792 |
| WebServer/examples/PathArgServer | :bangbang: +19K | :bangbang: +3K | :bangbang: +15K | :bangbang: +3K | :bangbang: +14K | :bangbang: +2048 | :bangbang: +35K | :bangbang: +24K | :bangbang: +18K | :warning: +1960 |
| WebServer/examples/SDWebServer | :bangbang: +20K | :bangbang: +3K | :bangbang: +15K | :bangbang: +2K | :bangbang: +22K | :bangbang: +2K | :bangbang: +41K | :bangbang: +24K | :bangbang: +19K | :warning: +1776 |
| WebServer/examples/SimpleAuthentification | :bangbang: +23K | :bangbang: +3K | :bangbang: +19K | :bangbang: +3K | :bangbang: +22K | :warning: +2040 | :bangbang: +42K | :bangbang: +24K | :bangbang: +23K | :warning: +1808 |
| WebServer/examples/UploadHugeFile | :bangbang: +18K | :bangbang: +3K | :bangbang: +13K | :bangbang: +2K | :bangbang: +14K | :bangbang: +2K | :bangbang: +35K | :bangbang: +25K | :bangbang: +18K | :warning: +1960 |
| WebServer/examples/WebServer | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +3K | :bangbang: +22K | :bangbang: +2048 | :bangbang: +41K | :bangbang: +24K | :bangbang: +21K | :warning: +1784 |
| WebServer/examples/WebUpdate | :bangbang: +22K | :bangbang: +3K | :bangbang: +18K | :bangbang: +2K | :bangbang: +23K | :bangbang: +2K | :bangbang: +42K | :bangbang: +25K | :bangbang: +21K | :warning: +1792 |
@mathieucarbou Do you see the possibility to make this enhancement optional? The size increase is not just a few bytes.
@mathieucarbou Do you see the possibility to make this enhancement optional? The size increase is not just a few bytes.
I saw that and I was surprised by it... I don't feel to have written 2k of code...
Adding a ref to: https://github.com/espressif/arduino-esp32/pull/10221#issuecomment-2305402113
@safocl : I would be glad to revisit this PR but only if there is a real motivation coming from the Espressif team to merge it.
Otherwise I won't spend my time updating a PR for nothing.
I have already implemented middleware support in the fork of https://github.com/mathieucarbou/ESPAsyncWebServer we maintain (https://github.com/mathieucarbou/ESPAsyncWebServer) and also in v2 branch of PsychicHttp (https://github.com/hoeken/PsychicHttp) which is the future version, with a lot of supported middlewares for CORS, Authc, authz, curl like logging, etc.
I would be glad to revisit this PR but only if there is a real motivation coming from the Espressif team to merge it.
There is interest. we are trying to finish up some big tasks and have a good look at this PR
@safocl : thank your for your review
@me-no-dev : thank you for your confirmation
I have reworked the PR to clean it - as it was it was more a PoC waiting for some interest. So I correctly did it and cleaned up the things saw by @safocl and much more.
I saw several things that I really don't like in WebServer:
-
Returning
Stringinstead ofconst String&: I saw a bunch of placed where a String copy would be done in the return instead of returning a ref. Sadly, fixing that would break backward compatibility -
Use of chained pointers: this just makes the code error prone and harder to read with all these boilerplate loops. I would rather use
std::listinstead, but since I didn't see any usage of that (and only a few about vector), I don't know if there's a reason why the Arduino core code would not use it ? Especially that in the case of WebServer, the number of elements in such list would not be high enough to trigger any downsides of using them. -
Last point is more about organisation: the file structure inside
srcfolder is quite fuzzy I find... AlsoWebServer.hwould need a bit of re-ordering / api doc : there are so many public methods, and a mix of them for request and response.
@mathieucarbou Also, as there are some changes to the WebServer. Maybe it would be better to target branch release/v3.1.x to make sure we don't introduce any unwanted breaking change by mistake. Probably you just need to rebase this PR and the commits on top of it.
@mathieucarbou Also, as there are some changes to the WebServer. Maybe it would be better to target branch
release/v3.1.xto make sure we don't introduce any unwanted breaking change by mistake. Probably you just need to rebase this PR and the commits on top of it.
Yes that would be better.
What do you think about the 3 bullet points above ? Could I also switch to std::list ?
@mathieucarbou Also, as there are some changes to the WebServer. Maybe it would be better to target branch
release/v3.1.xto make sure we don't introduce any unwanted breaking change by mistake. Probably you just need to rebase this PR and the commits on top of it.Yes that would be better.
What do you think about the 3 bullet points above ? Could I also switch to std::list ?
I think it should be fine now that we are targeting v3.1.x as long as the flash usage increase is not very significant. There are too many changes from IDF recently that increased flash usage a lot and we are trying to optimize things for space.
What do you think @me-no-dev ?
@mathieucarbou Could you please reopen this targeting
master?
FYI, for next time, before deleting branches, just know that there is a github option to edit PRs and change the target branch. This allows keeping the history of PRs instead of having to recreate them. Here since the target branch was deleted, github closed the PR without a way to re-open it and change the target branch.
@mathieucarbou I did not expect the PR to be closed. The one for the libs was not closed and I switched the target branch after I deleted the 3.1.x one
Interesting what made this PR different. Maybe the fact that we were not given rights to edit it?
Oh, that's right: "Allow edits and access to secrets by maintainers" was not checked, I just checked it now.
Why ? I do not know. This is always an option I usually keep on (I hate to block people or being blocked by this option). I don't even know if there is a github option to keep it off by default.
Definitley, that must be this thing.
Do you know if this could be unchecked by default with the required CLA agreement ?
CLA bot comes after the PR is created, so I doubt that was it. GH has been a bit strange on a few fronts lately, so not unlikely that something else was the cause
It's not allowing me to reopen it π¦
yeah, same ;-) no worry, I have rebased already, I am doing another review (always good to re-read after a while). Will push in a few.