Bug fixes

This commit is contained in:
2025-11-21 21:10:54 +01:00
parent 51d3f84715
commit 54c02827be
11 changed files with 111 additions and 86 deletions
+4
View File
@@ -0,0 +1,4 @@
- From Claude:
While peer verification is enabled, there's no hostname verification. An attacker with any valid certificate could MITM connections. Should add SSL_set1_host(ssl, hostname);
- Add connection timeouts
- Per RFC 6265, cookie values can be quoted. This parser would include the quotes in the value.
+1 -1
View File
@@ -82,5 +82,5 @@ source.append_file("src/byte_queue.c")
source.append_file("src/cert.c")
source.append_file("src/client.c")
source.append_file("src/server.c")
header.append_text(license)
source.append_text(license)
source.save("chttp.c")