Both APIs conceptually do the same thing: "use these CA certs for
verification." However, set_ca_cert_store() falls through to the else
branch in load_certs() where system certs are added to the user's
custom store, defeating the purpose of certificate pinning.
This change makes set_ca_cert_store() behave consistently with
set_ca_cert_path() by checking ca_cert_store_ before loading system
certificates.
Added test to verify system certs are not loaded when custom store is set.
Co-authored-by: Your <you@example.com>
* Resolve#2262
* Enhance request handling on Windows by adding early response check for large request bodies
* Enhance early response handling for large requests with long URIs on Windows
* Fix problem with 'windows without SSL`
* Fix payload limit enforcement for requests without Content-Length on Windows
- Enable MSG_PEEK on Windows (non-SSL builds) to detect payloads without Content-Length
- Only use MSG_PEEK when payload_max_length is set to a finite value to avoid blocking
- Use read_content_without_length for actual size checking to support any payload limit
- Set 413 Payload Too Large status before rejecting oversized requests
This fixes three test cases on Windows:
- RequestWithoutContentLengthOrTransferEncoding (no payload limit)
- NoContentLengthPayloadLimit (8-byte limit)
- NoContentLengthExceeds10MB (10MB limit)
* clang-format
* Ensure payload_max_length_ is respected for compressed payloads
* Fix Denial of service (DOS) using zip bomb
---------
Co-authored-by: Hritik Vijay <hey@hritik.sh>
On Windows cpp-httplib defines ssize_t, therefore applications needing
to define ssize_t for their own needs or are using libraries that do
require a means to avoid a possible incompatible redefinition.
Signed-off-by: Ralph Sennhauser <ralph.sennhauser@gmail.com>
