Comment by mistivia

4 days ago

It's very dangerous to write a http parser from scratch in C. This can be very vulnerable without rigorous testing. To get a useful web framework for production in C, I think it's a better idea to start from libmicrohttpd, libevent_http, or even fastcgi, which are battle-tested.

3 comments

mistivia

jacquesm 4 days ago

I don't think anybody here is going to use this for production, but just in case you're tempted: don't.

wallmountedtv 4 days ago

I hear this comment warnings, and can easily see this myself being true. But, how could one actually make a reasonably safe http server in C from scratch?

That would honestly sound like an amazing book, just walking through all the ways it's horrible chapter by chapter, and how to structure the code instead, slowly. Like an accelerated history to create such a matured http library.

throwaway2037 3 days ago

I like your idea for the book. I hope that Robert Nystrom writes it.