To make it possible to serve both HTTPS and HTTP-only clients at the same time.
Consistent with web-stomp and web-mqtt plugins.
References #563.
[#156776853]
Add new configuration parameter login_session_timeout.
Add login_session_timeout to whoami response.
Use it as an expiration timeout for auth cookie.
[#157940664]
This character is neither reserved nor unreserved and thus is an unsafe
character according to RFC 1738 and RFC 3986. Therefore it should be
percent-encoded.
Many implementations accept and/or produce URLs with raw `^`. However,
the URI parser in Erlang 21 is strict and will refuse that character.
Therefore, we now percent-encode it in the testsuite.
[#157964874]
The meaning is the same. However, the RFC recommends to use uppercase in
percent-encoded characters. Morever, the new URI normalization in Erlang
21 would transform the percent-encoded characters to uppercase.
And because our `rabbit_web_dispatch_util:relativise()` uses exact
matches, it will consider e.g `%2f` and `%2F` to be different
characters. Therefore when we use Erlang 21, the relative redirection
returned by the management plugin will be different than the one
returned with Erlang 20 if we use lowercase percent-encoded `/`.
Thus the easy fix is to use uppercase.
A better fix would be to improve `relativise()` and the testsuite to
compare percent-decoded components.
[#157964874]
This commit removes a call to xmerl_ucs:from_utf8 which was used
for two purposes: converting the binary payload into an Erlang
Unicode string (a list of integer code points), and validating
that the payload is indeed utf8.
The call was necessary when it was introduced because mochijson
only supported Unicode strings. Nowadays JSON libraries also
support utf8 binaries so converting is not necessary.
The function also starts by doing a binary_to_list/1 call which
creates a lot of garbage and can lead to OOM situations when the
queue is large. We ended up with the payload binary, the temporary
list and the final Unicode string in memory. With this patch we
only ever have the binary in memory and the memory consumption
is divided by more or less 3.
To validate that the payload is utf8 and keep the functionality
intact a small function was added that makes use of the /utf8
binary matching specifier.
Since this was the only xmerl function used in the management
plugin I have also removed xmerl from the LOCAL_DEPS.
I have added a test for the different encodings that can be
requested to make sure that nothing was broken when doing
the change.
(cherry picked from commit 6a08e3d1f8)
Administrator should be able to restart vhosts if they believe
it can be recovered.
Added buttons to vhost status tables and
the new HTTP API endpoint: /vhosts/:vhost/start/:node
Part of rabbitmq/rabbitmq-server#1321
[#149484305]
This way an administrator without any permissions can access every form
on pages such as user permission management. Some users and RabbitMQ team
members administrators should have unconditional access to all vhosts.
Closes#461 as well as a number of similar issues.
DELETE with a payload doesn't have prescribed semantics and at least
older version of the HTTP spec prescribe that the request uri should
full identify the resource to be deleted.
This change introduces a /users/bulk-delete resource to which we POST the
users that are to be deleted.
[#149484991]
When specified, hostname, port, username and password
are taken from the URI. URI path is intentionally ignored
because AMQP(S) URIs use path to configure target virtual host
but HTTP APIs typically use URI paths to specify an endpoint
prefix (--path-prefix in rabbitmqadmin).
To avoid confusion we log a warning and ask the user to
specify --vhost and/or --path-prefix explicitly.
Closes#437.
This is a temporary measure.
Since rabbitmq/rabbitmq-server@0872a15a05,
`total` has no relationship with the other counters: total is the
resident memory footprint of the OS process (so pages in physical
memory), but the other counters are based on what was actually
allocated. Those counters should be compared to the total reported by
erlang:memory() instead.
* This is a valid case for environments where external
authn mechanisms (x509 certificates) or backends (e.g. HTTP) are used.
* We already allow this for existing users.
Closes#383.
Validation code in place, how to display?
Take existing queue count into consideration
Server-side validation takes existing queue count into consideration. Improve error message sent back to web application.
Improve messaging, remove unused template
Take existing queues into account when importing definitions for all vhosts. Fix test suite.
... instead of polling it once after 200 ms. This was failing from time
to time because of that timer:sleep() was sometimes too short.
Signed-off-by: Karl Nilsson <knilsson@pivotal.io>
This header is required for its `amqp_msg` record.
rabbit_framing.hrl should be included too, for all the AMQP method
records, but it is already included from amqp_client.hrl and
rabbit_framing.hrl doesn't protect itself against multiple inclusions.
This commit fixes the build of the testsuite after the move of
rabbit_mgmt_test.hrl to rabbitmq-ct-helpers.
Reversing initial fix in 47a5ea7b1c
Usages of `with_decode` closed over the ReqData and returned the
instance before the bode decode. This had the effect of causing an error
after a POST or PUT request had been issues on the same keep-alive
connection.
Samples didn't match averages as were reporting total times. Also,
rates do not make sense on time per operation so are all replaced
by the average.
rabbitmq-management#384
[#144393857]
One of the low-hanging fruits in HTTP API optimization.
E.g. serializing information about 10000 queues:
- For JSON it takes 2 seconds on my machine and more than 1GB of RAM
- For BERT it takes 0.2 seconds and negligible amount of RAM
... instead of using binary_to_list() on <<<"ööö"/utf8>>.
Erlang R16B03 took the "ö" individual bytes (from the two-byte encoded
UTF-8 character) and converted them to UTF-8. The queue was created with
the correct name because the correct UTF-8 string was passed to Python
and later to the management API. But because of the wrong conversion of
the expected queue name, the verification failed.
`>` is unallowed in URI path segments according to RFC 3986. This
character must be percent-encoded.
Newer versions of Cowboy are stricter about this.
[#136779967]
(cherry picked from commit 85128761eb)
We must use `-include().` for a local file, not `-include_lib().`. Also,
fix the path to the header itself.
Reported by Syntastic.
(cherry picked from commit e09f94efc9)
`>` is unallowed in URI path segments according to RFC 3986. This
character must be percent-encoded.
Newer versions of Cowboy are stricter about this.
[#136779967]
kjnilsson
Arnaud Cogoluègnes
Luke Bakken
Michael Klishin
John W Higgins
Daniil Fedotov
Michael Klishin
Diana Corbacho
Michael Klishin
Gerhard Lazu
Jean-Sébastien Pédron
Loïc Hoguin
Luke Bakken
Daniil Fedotov
Daniil Fedotov
Karl Nilsson
Jean-Sébastien Pédron
Gabriele Santomaggio
Alexey Lebedeff
Gerhard Lazu