vndb/fu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
155 commits 1 branch 10 tags 398 KiB
Commit graph

155 commits

This branch
This branch
All branches
Author SHA1 Message Date
Yorhel
a7868f74bf Pg: Be more strict with boolean bind parameters 
Reason for this is that, with FU::SQL, it's possible to accidentally
introduce a bind parameter when a WHERE clause was intended (i.e.
"WHERE $1"). That's pretty bad, but can easily be caught by simply not
accepting *every* possible value as boolean.
 2025-06-12 16:45:09 +02:00
Yorhel
02b1dcc328 FU: Set $0 when spawning a new worker 
This is primarily useful in error state, to avoid having a worker
process waiting for an incoming connection to be marked as the
supervisor.
 2025-06-12 09:12:21 +02:00
Yorhel
5560d9af60 Version 1.1 2025-06-07 09:49:38 +02:00
Yorhel
55baa6c9a6 json_parse(): Disallow control characters in strings by default 
Deviating from the standard, but more consistent other FU functions.
 2025-06-04 18:48:08 +02:00
Yorhel
a43dc70ff9 XMLWriter: Throw error when stringifying a bare reference 
I can't think of a use case where Perl's default ref stringification is
something you actually want when writing XML/HTML - this pretty much
always points to a bug. One that I seem to be prone to making...
 2025-06-02 09:00:06 +02:00
Yorhel
f8cd8a6d8c FU: Simplify --monitor file change detection 
This changes the way that file changes are detected. The upside is that
it now correctly detects changes that happened after the code has loaded
but before the first request came in, the downside is that it now gets
stuck on reloading when a file has a future mtime.
 2025-05-27 09:30:49 +02:00
Yorhel
fd8332601b t/pgconnect: Fix ref leak in test 
Apparently 'my sub' captured the $conn variable and held a ref on it
even beyond the parent sub scope. 'my $x = sub {}' doesn't do that.

Getting the ref counts right is important here for the last test to work.

(Found while I was inspecting the refcount effects of the new ->conn()
methods with Devel::Peek)
 2025-05-22 09:56:11 +02:00
Yorhel
2083ab2a6f Pg: Set appropriate quote_identifier for $conn->Q() 2025-05-22 09:53:41 +02:00
Yorhel
81a3d3c608 SQL: Add IDENT() and quote_identifier options 
Turns out VNDB has a few places where request data is directly used for
column names in VALUES/SET/WHERE clauses. These are already restricted
to known strings through the use of FU::Validate, but an extra layer of
protection seems warranted here.
 2025-05-22 09:22:07 +02:00
Yorhel
31994a4bf6 Doc typos 2025-05-18 09:51:34 +02:00
Yorhel
32c8fc1b89 Version 1.0 + remove "experimental" notices 2025-05-11 11:03:32 +02:00
Yorhel
383ed8409c bench: version updates + add small Pg benchmark 2025-05-11 10:39:08 +02:00
Yorhel
8dbc17ab37 FU: Fix error logging of formdata 2025-05-09 09:53:43 +02:00
Yorhel
6c54ee3091 FU: Reject some invalid characters in path 2025-05-09 08:32:41 +02:00
Yorhel
52c36e0aea FU: Preserve existing headers on fu->redirect() 
Allows setting custom headers (in particular, cookies) when redirecting.
This behavior is consistent with send_file().
 2025-05-04 12:18:36 +02:00
Yorhel
6787f32fd9 DebugInfo: Fix handling of undef and falsy bind parameters 2025-05-03 12:32:52 +02:00
Yorhel
cbccf045b7 DebugInfo: Expand queries table with params & details 
Apart from the ugly implementation, this is pretty neat.
 2025-05-01 12:18:26 +02:00
Yorhel
76f55f277b Pg: Add text2bin() and bin2text() conversion methods 2025-04-30 20:02:20 +02:00
Yorhel
beeefcf337 Pg: Add perl2bin() and bin2perl() conversion methods 2025-04-30 17:07:44 +02:00
Yorhel
af9340f908 DebugInfo: Styling + add request/response body and fu obj contents 
Formatting is still shit.
 2025-04-30 15:00:26 +02:00
Yorhel
f52ad9a2e6 json_format(): Fix buffer overflow in float formatting 
The ndigit argument to Gconvert() is the number of significant digits to
format, not the size of the output buffer. D'oh.
 2025-04-29 13:51:31 +02:00
Yorhel
f8b0043e22 MultipartFormData: Bunch of parser fixes 2025-04-29 09:14:44 +02:00
Yorhel
d0c5397e2d json_parse()/pgtypes: Fix accidental creation of read-only array/hash values 
&PL_sv_* shouldn't be used when constructing arrays or hashes in this
context.
 2025-04-28 10:23:51 +02:00
Yorhel
817fa600d0 FU: Add fu->log_verbose() + include request body in error logs 2025-04-27 11:17:54 +02:00
Yorhel
753cac615a Validate: Improved + extendable error message formatting 
Very much needed for VNDB's advanced search validation.
Also completely undocumented.
 2025-04-26 15:56:12 +02:00
Yorhel
461ed6f39d FU: Suppress warnings about non-existent files in FU::monitor_path checking 2025-04-26 08:05:09 +02:00
Yorhel
5f8809d052 FU::Util::query_decode(): Properly handle empty "&"-parts 2025-04-25 17:07:56 +02:00
Yorhel
0cd947c545 FastCGI: Ignore HTTP_CONTENT_(TYPE|LENGTH) 
The non-HTTP_ versions of these are authoritative, Also fixes a memory
leak when both the HTTP_ and non-HTTP_ versions are included.
 2025-04-25 09:34:22 +02:00
Yorhel
e88ad65232 Version 0.5 2025-04-24 14:16:17 +02:00
Yorhel
4833456898 FU: Accept charset argument in JSON request content-type header 2025-04-24 10:50:50 +02:00
Yorhel
ab168bd952 Pg: Don't return self on / cache() or text_*() methods 
This is much too easy of a footgun:

  $db->cache->q(...);

Enabled cache on the $db object, not just for the given query.
 2025-04-24 07:23:03 +02:00
Yorhel
13271fa413 Minor changes & fixes 2025-04-23 16:12:39 +02:00
Yorhel
8096de7497 MultipartFormData: Fix ->save() on zero-length values 2025-04-22 18:54:04 +02:00
Yorhel
91b2421a84 FU: Add -procname import option and setting $0 to something useful 2025-04-22 09:32:56 +02:00
Yorhel
ea8ad9e483 FU: Throw and handle FU::Validate errors directly 
Instead of wrapping them in a FU::err that isn't easily inspected.
 2025-04-20 18:37:59 +02:00
Yorhel
1594006739 FU: Improve merging of "Vary" response headers + debug header listing 2025-04-20 11:40:27 +02:00
Yorhel
f2294a709a FU: Fix warning when calling fu->set_header() with undef value 2025-04-20 11:31:15 +02:00
Yorhel
8b807e6dcf Validate: Add empty() and coerce() methods 
Implementing the undocumented coerce_for_json() method from TUWF and
elm_empty() from VNDB.
 2025-04-19 12:36:28 +02:00
Yorhel
efa63ca96a Pg: Discard temporary hash keys earlier in $st->kv? methods 
Saves some memory for large query results, didn't notice much of a
performance difference.
 2025-04-07 16:52:47 +02:00
Yorhel
196b1cc3ce FU: Use CLOCK_MONOTONIC for timing 2025-04-07 16:41:29 +02:00
Yorhel
e7a9f165de Fix use of SvPVXtrue() where SvTRUEx() was intended 2025-04-07 14:29:21 +02:00
Yorhel
b3281924d1 Pg: Add escape_literal() and escape_identifier() 
Didn't expect I'd ever need these, but they're useful for generating SQL
scripts.
 2025-04-07 13:45:33 +02:00
Yorhel
3bf98e4d8f FU: Fix fu->reset also resetting cookies 2025-04-03 15:58:38 +02:00
Yorhel
13661b46f9 Validate: Normalize num/int/uint to Perl numeric types + add 64bit limit to int/uint 
Normalization may be undone by later validations, but this should work
in most cases.
 2025-03-30 13:55:23 +02:00
Yorhel
2f50736782 fdpass_recv: Set O_CLOEXEC on received fds 
Turns out this is necessary even if the fd is going to be passed through
exec() soon, because the supervisor might receive multiple fds before
spawning another process, in which case all of them are going to be
passed to the new process instead of just one.
 2025-03-24 11:07:39 +01:00
Yorhel
9e1be5bc71 FU: Log errors thrown from error handler 2025-03-22 15:10:59 +01:00
Yorhel
17584f2b8c FU: Fix DB reconnect + not setting debug_info() 2025-03-22 14:58:38 +01:00
Yorhel
90881924d4 Doc fixes 2025-03-21 11:31:20 +01:00
Yorhel
0925ae79a1 XS: Ensure created Perl strings are nul-terminated 
Most of these are binary strings and shouldn't be interpreted as C
strings in the first place, but better be safe in case they are, anyway.
The lack of nul-termination of FU::Pg `$hex` strings was more likely to
be problematic.
 2025-03-19 17:34:42 +01:00
Yorhel
7c765f33bb Version 0.4 2025-03-19 10:54:23 +01:00