This enables the WebServer to run protected by a username and password.
While it isn't possible to access such a protected server from inside
Serenity as of now (because neither the Browser nor pro(1) support
this), this may very well be the case in the future. :^)
This moves the configuration of the web server, which currently only
consists of the root path, into a new class, Configuration. Since the
configuration is global and not per client, it is accessed by a
singleton getter.
This change simplifies future extensions of the configurable parameters.
This changes the Client::set_error_response() to not take a "message"
anymore. It now uses the canonical reason phrase which is derived from
the response code.
This adds trailing slashes to all links to directories (when listing the
directory contents). This avoids the redirect that would otherwise
happen when browsing to those directories.
In the web server root directory, ".." has to be handled specially,
since everything above it does not exist from the point of view of the
user. The most sensible thing to do is to make ".." equal to ".". This
is also what ls(1) does for "/" and what "http://localhost/../"
evaluates to.
This also fixes a bug where stat() would fail on the directory above the
root directory, since it hasn't been unveiled for the process.
This replaces all occurrences of those functions with the newly
implemented functions URL::percent_encode() and URL::percent_decode().
The old functions will be removed in a further commit.
These dbgln's caused excessive load in the WebServer process,
accounting for ~67% of the processing time when serving a webpage
with a bunch of resources like serenityos.org/happy/2nd/.
The recent patch to LexicalPath allowed relative paths like ../ to work
in requests to WebServer. This wasn't too dangerous because of unveil,
but let's still fix this :^)
Since applications using Core::EventLoop no longer need to create a
socket in /tmp/rpc/, and also don't need to listen for incoming
connections on this socket, we can remove a whole bunch of pledges!
SPDX License Identifiers are a more compact / standardized
way of representing file license information.
See: https://spdx.dev/resources/use/#identifiers
This was done with the `ambr` search and replace tool.
ambr --no-parent-ignore --key-from-file --rep-from-file key.txt rep.txt *
(...and ASSERT_NOT_REACHED => VERIFY_NOT_REACHED)
Since all of these checks are done in release builds as well,
let's rename them to VERIFY to prevent confusion, as everyone is
used to assertions being compiled out in release.
We can introduce a new ASSERT macro that is specifically for debug
checks, but I'm doing this wholesale conversion first since we've
accumulated thousands of these already, and it's not immediately
obvious which ones are suitable for ASSERT.
