* Fix#2339
* Fix CI errors
* Fix Windows build error
* Fix CI errors on Windows
* Fix payload_max_length initialization in BodyReader
* Initialize payload_max_length with CPPHTTPLIB_PAYLOAD_MAX_LENGTH in BodyReader
* Update README and tests to clarify payload_max_length behavior and add no limit case
* Fix server thread lambda capture in ClientVulnerabilityTest
* Add Tests for case sensitive hostname verfication
* Modify check_host_name to perform case insensitive comparisons during ssl hostname validation
---------
Co-authored-by: Tabor, Chris <chris.tabor@commscope.com>
Both APIs conceptually do the same thing: "use these CA certs for
verification." However, set_ca_cert_store() falls through to the else
branch in load_certs() where system certs are added to the user's
custom store, defeating the purpose of certificate pinning.
This change makes set_ca_cert_store() behave consistently with
set_ca_cert_path() by checking ca_cert_store_ before loading system
certificates.
Added test to verify system certs are not loaded when custom store is set.
Co-authored-by: Your <you@example.com>
* Resolve#2262
* Enhance request handling on Windows by adding early response check for large request bodies
* Enhance early response handling for large requests with long URIs on Windows
* Ensure payload_max_length_ is respected for compressed payloads
* Fix Denial of service (DOS) using zip bomb
---------
Co-authored-by: Hritik Vijay <hey@hritik.sh>
* Fix HTTP 414 errors hanging until timeout
* All errors (status code 400+) close the connection
* 🧹
---------
Co-authored-by: Wor Ker <worker@factory>
* Fix use of dangling references
When the resolve thread is detached, local variables were still used, which could lead to a program crash.
* Add test to verify dangling ref fix
* Add missing brace initialization
* Assert that the remaining fields are really zeroed
* Fix use of chrono literals
* Initialize start time for server
By initializing start_time_ for server, I hope to measure the time taken to process a request at the end maybe in the set_logger callback and print it.
I only see current usage in client with server retaining the inital min value
* Add test to verify start time is initialized
* Address review comments
* run clang format
