Used this perl command:
$ # perl -pi -e 's/string\.len\((.*?)\)/#\1/g' *.lua
Also fixed one instance where the above command didn't correctly
translate the intended code (string.len(a .. b .. c)).
first was that pos was declared as a local variable and shadowed the pos
parameter. The second was that when multiple WWW-Authenticate headers
were present, the wrong pos would be returned after reading the first
one. The arrow shows the pos it was returning:
Digest realm="My Site", domain="/", Basic realm="My Site"
^
It now returns this correct pos, ready to read the next challenge:
Digest realm="My Site", domain="/", Basic realm="My Site"
^
This was a problem I had already solved for Ncat but I copied the logic
imperfectly to http.lua.
non-whitespace characters, the position counter was advanced one past
where it was supposed to be. This didn't have any bad effect when the
server used CRLF to separate header fields, because it ate the CR and
still recognized LF as ending the field. But it concatenated multiple
header fields when the server only used LF to separate them.
where I added a check to make sure that a GET request would hit a cache
entry for a HEAD request and vice versa. Because of a misnamed
identifier, the test was always false.
buildGet/buildRequest with a one-step build_request. Provide a new
function generic_request that can do a request for any given method
(get, head, and post are now defined in terms of this function).
options table, in http functions. It was unreasonable that this
yet-unused feature was given a more prominent place than even the header
and request body, both of which are in the options table.
This change doesn't affect any other scripts or libraries because none
of them use cookies. In the cases, like http.get, where cookies was an
optional final parameter, I just removed it. Where it was not the final
parameter, as in http.post and http.pGet, I left the parameter in place
but documented that it is ignored for backwards compatibility.
there is one. Even though section 4.4 of RFC 2616 says that sending a
body in response to a HEAD request is a MUST NOT, pyllyukko sent me a
sample from a server that does--"LuCI - Lua Configuration Interface".
initial request to get a value stored in the Keep-Alive header, which is
the size of the pipeline. It then iterates, doignt hat many requests at
once until the list of requests is exhausted. The prbolem was that in
the first round, it didn't count its initial Keep-Alive probe. So if the
server said it was good for 40 requests, we would send 41 before closing
the connection. Even worse was when the initial probe returned a
"Connection: close"; the pipeline would try another request before
closing the connection for the first time.
failure. It happened when there was an error getting the a response
at the beginning of a batch in http.pipeline. The symptoms of the
bug were:
NSE: Received only 0 of 1 expected reponses.
Decreasing max pipelined requests to 0.
NSOCK (0.1870s) Write request for 0 bytes...
nmap: nsock_core.c:516: handle_write_result: Assertion `bytesleft > 0' failed.
The error was reported by Brandon Enright and pyllyukko.
