Releases: yhirose/cpp-httplib
Releases · yhirose/cpp-httplib
SSLClient::set_ca_cert_store: mark as inline (#435)
v0.5.10 SSLClient::set_ca_cert_store: mark as inline (#435)
set_redirect & set_header are susceptible to http response splitting attack #425
Fixed CVE-2020-11709
cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts.
https://nvd.nist.gov/vuln/detail/CVE-2020-11709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11709
Handler called when error occurred #407
v0.5.8 Fix #407
Fix exception that occurs with libc++ regex engine
Fix exception that occurs with libc++ regex engine (#368) The regex that parses header lines potentially causes an unlimited amount of backtracking, which can cause an exception in the libc++ regex engine. The exception that occurs looks like this and is identical to the message of the exception fixed in https://github.com/yhirose/cpp-httplib/pull/280: libc++abi.dylib: terminating with uncaught exception of type std::__1::regex_error: The complexity of an attempted match against a regular expression exceeded a pre-set level. This commit eliminates the problematic backtracking.
Deflate compression support when decompressing input body on Server
v0.5.6 Support for deflate compression (#360)
Fixed problems (#351 and #352)
Expect: 100-Continue support
v0.5.4 Fix #349
HEAD support for static file server
v0.5.3 Added a contributor to README
Proxy support and bug fixes
v0.5.2 Updated README