refactor(confighttp): HTML page handlers into generic getPage function #4645
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bundle ReportChanges will increase total bundle size by 740 bytes (0.1%) ⬆️. This is within the configured threshold ✅ Detailed changes
Affected Assets, Files, and Routes:view changes for bundle: sunshine-esmAssets Changed:
Files in
Files in
|
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #4645 +/- ##
==========================================
+ Coverage 15.49% 16.37% +0.88%
==========================================
Files 94 94
Lines 19248 19336 +88
Branches 8907 8962 +55
==========================================
+ Hits 2982 3167 +185
- Misses 12868 14558 +1690
+ Partials 3398 1611 -1787
Flags with carried forward coverage won't be shown. Click here to find out more.
|
ReenigneArcher
force-pushed
the
refactor/confighttp/common-functions
branch
2 times, most recently
from
edee013 to
1f0d6d4
Compare
ReenigneArcher
force-pushed
the
refactor/confighttp/common-functions
branch
4 times, most recently
from
c5b6f8f to
129fe3d
Compare
Consolidated multiple individual HTML page handler functions into a single getPage function that serves different HTML files based on parameters. Updated server route bindings to use the new generic handler, reducing code duplication and improving maintainability.
Updated all HTTP handler functions to take const reference parameters for response and request objects, improving const-correctness and clarity. Introduced a helper for page handlers and refactored server route setup to use concise lambda expressions and handler typedefs, reducing code duplication and improving maintainability.
Introduced check_request_body_empty to validate that certain API endpoints receive no request body, replacing previous content-type checks where appropriate. This improves request validation and ensures correct client usage for endpoints that do not expect a body.
Updated function signatures in confighttp.cpp to ensure consistent spacing between type and parameter names, improving code readability and style consistency.
Refactors the generateExamples function to only include Content-Type headers and body parameters in cURL, JavaScript, and PowerShell examples when a request body is present. This prevents unnecessary headers and parameters in generated code samples for endpoints that do not require a body.
Add initial unit tests for confighttp using a real HTTPS client/server (tests/unit/test_confighttp.cpp). Update confighttp public API and types: add necessary includes (nlohmann::json, Simple-Web-Server), introduce HTTPS type aliases (https_server_t, resp_https_t, req_https_t), and declare helper functions (print_req, send_response, send_unauthorized, send_redirect, authenticate, not_found, bad_request, check_* utilities, getPage, etc.). Align implementations in src/confighttp.cpp with the header by removing default parameters from not_found, bad_request, and getPage signatures. These changes improve test coverage and clarify the confighttp interface.
Wrap test header includes with #pragma GCC diagnostic push/pop to ignore -Warray-bounds and -Wstringop-overflow on GCC (excluding clang). This suppresses known false-positive warnings originating from Boost.Asio's basic_resolver_results.hpp on some GCC versions (notably observed on Arch Linux) and restores diagnostics after the includes.
Rename confighttp::getNodeModules to confighttp::getAsset and update the server resource mapping. Add function declarations for getAsset and getLocale to confighttp.h. Expand unit tests (tests/unit/test_confighttp.cpp): include iostream, persist/restore locale in setup/teardown, create a test HTML file in WEB_DIR, register multiple test routes exercising send_response, send_redirect, check_content_type, check_request_body_empty, getPage, and getLocale, and add many corresponding test cases to improve coverage and validate headers, content types, redirects, auth behavior, and JSON responses.
ReenigneArcher
force-pushed
the
refactor/confighttp/common-functions
branch
from
8b8ffcf to
d19f7c2
Compare
Override SUNSHINE_ASSETS_DIR in tests to ${CMAKE_CURRENT_BINARY_DIR}/test_assets so tests use a writable assets directory. Update test_confighttp setup to create a temporary web directory, use std::filesystem::create_directories for WEB_DIR, and write test_page.html directly (removing the previous try/catch and existence checks). These changes simplify test setup and ensure test files are created in writable temp locations.
ReenigneArcher
force-pushed
the
refactor/confighttp/common-functions
branch
from
d19f7c2 to
cb500b9
Compare
Implement CSRF protection across HTTP API endpoints and expose a token endpoint. Changes include: - Add docs: API and configuration docs updated to describe CSRF protection and the new GET /api/csrf-token endpoint. - Config: add csrf_allowed_origins to config struct; parse comma-separated origin lists; include built-in localhost defaults and append web UI port-specific origins once port is known. - confighttp: implement CSRF token generation, storage (with expiration), client identification, and validation logic. Validation allows same-origin requests via Origin/Referer to bypass tokens and requires X-CSRF-Token header or csrf_token query param for cross-origin requests. Register GET /api/csrf-token and integrate validation into state-changing endpoints. - Web UI: add form field and localization strings for csrf_allowed_origins and include it in config HTML. - Tests: add unit tests for CSRF token generation, header/query validation, same-origin exemptions, and restore/cleanup of config state. Also remove usages of the old empty-body checker where CSRF/authentication flow was applied. This commit wires CSRF protection end-to-end (docs, config, server, UI, and tests).
ReenigneArcher
force-pushed
the
refactor/confighttp/common-functions
branch
from
38816e8 to
b1252cf
Compare
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Initial motivation for the PR was to consolidate multiple individual HTML page handler functions into a single
getPagefunction. This works by providing the page as a parameter. Then HTTP handler functions were updated to take response and request by const reference, which was a clang-tidy suggestion. New helper functions for page handlers were added to simplify the server route setup.Introduced check_request_body_empty to validate that certain API endpoints receive no request body, replacing previous content-type checks where appropriate. I am not 100% sure if this is necessary. Docs were updated to only include the
Content-Typeheaders when necessary.Also, added some initial tests for
confighttp.cpp/h.Lastly, I had to add macros to ignore some error/warnings in tests/tests_common.h due to failures in the ArchLinux build. I am not fully understanding what caused these errors to start occurring.
Screenshot
Issues Fixed or Closed
Roadmap Issues
Type of Change
Checklist
AI Usage