Dear Emmanuel, Not sure, for the main lib: due to the security considerations, an implementation would be either inherently incomplete (suprise!), or likely insecure (bad surprise). I don't like shipping either of these surprises.
However, if you do have a reasonably robust implementation, we could certainly at least add it to the MHD *examples* / documentation for other people to more easily find and use it. Happy hacking! Christian On 3/21/20 11:08 AM, Emmanuel Engelhart wrote: > Hi Christian > > Thank you for our quick response. > > If we have one, would you be interested to integrate it to libmicrohttpd > as a kind of helper solution? > > Kind regards > Emmanuel > > On 21.03.20 10:56, Christian Grothoff wrote: >> Hi! >> >> No, we don't. Note that you might not even want to support the full >> range spec: >> >> https://tools.ietf.org/html/rfc7233#page-19 >> >> https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/updated-mitigation-of-apache-range-header-dos-attack/ >> >> Happy hacking! >> >> Christian >> >> On 3/21/20 10:45 AM, Emmanuel Engelhart wrote: >>> Hi >>> >>> Does libmicrohttpd provides facilities to handle HTTP range requests >>> parsing. The spec is quite complicated and it is pretty cumbersome to >>> handle all cases within a custom parser. >>> >>> Regards >>> Emmanuel >>> >> > >
signature.asc
Description: OpenPGP digital signature
