📜 Multipart parser and other fixes
- Introduces support for parsing multipart POSTs in an efficient and simple way. Runs about 155x faster than Node.js alternatives - especially on parts larger than a few hundred kilobytes.
- The library now compiles without any warnings using -Wall -Wextra -Wpedantic -Wsign-conversion -Wconversion on both GCC and Clang. Hundreds of (non-default) warnings have been fixed in this release and from now we aim to keep things pedantically clean.
- 🛠 Fixes a permessage-deflate regression introduced in v0.17.4.
- 🛠 Fixes parsing bugs when compiling using WITH_PROXY=1 (introduced in v18.1.0).
🏗 Build fixes
🏗 Apparently the added QueryParser of v18.14.0 had multiple definition flaws that have now been fixed and will build properly.
getQuery with key
- HttpRequest::getQuery now takes (optional) key and returns the URI-decoded value if present in the querystring.
- ✅ Fuzz test for QueryParser added, with dictionary.
- Make sure to use this feature when possible, as decodeURIComponent is roughly 400x slower.
- 🛠 A particular edge case causing stack buffer overflow of "triggered topics" was found by fuzzing, and has been fixed.
- 🛠 The newly added ServerName example caused a drop in reported code quality due to a pedantic alert, which has been fixed.
Server Name Indication (and more fuzzing)
➕ Adds App::missingServerName, App::addServerName and App::removeServerName for managing multiple certificates/configurations for SSL.
Fuzzing coverage is now about 95% overall for both uSockets and uWebSockets. This is a big improvement, esp. for uSockets coverage.
Improving fuzzing coverage and fixing bugs
🛠 OSS-Fuzz is now reporting 99.5% function coverage and ~94% region coverage. Furthermore there is now fuzzing of large parts of uSockets thanks to libEpollFuzzer - about 80% of non-SSL use. Overall this is a major improvement in fuzzing coverage and has led to new bugs being discovered and fixed.
- 👀 TopicTree has seen two bug fixes; one stack overflow when trimming large trees, and one CPU hang when publishing to a large tree using wildcards (which is ill-use according to MQTT).
- Minor misuse of HTTP header BloomFilter has been corrected.
Larger HTTP streams
HttpResponse::tryEndwill now take
intwherever size is communicated. This breaks API slightly but allows streaming files larger than 2GB.
- ⚡️ Updates fuzzing targets for uSockets 0.5.0
- Minor permessage-deflate tweaks, server_max_window_bits
- ✂ Removes unused debug remnants
Meaningful close reasons
The library will now report more meaningful reasons when internally closing a WebSocket:
- Close code 0 is never reported; instead the standard 1005 code will be used to denote missing close code
- Close code 1006 is now accompanied with a meaningful text reason such as "Message too big" or "WebSocket timed out".
- 💻 Shutting down a WebSocket in the open handler would send WebSocket FIN, but not TCP FIN, causing minor incompatibilities with the Chrome browser.
- AsyncSocket::getBufferedAmount is now unsigned