etr
diff --git a/‎Makefile.am‎
Lines changed: 6 additions & 6 deletions b/‎Makefile.am‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎src/Makefile.am‎
Lines changed: 3 additions & 3 deletions b/‎src/Makefile.am‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/details/body.cpp‎ ‎src/detail/body.cpp‎src/details/body.cpp renamed to src/detail/body.cpp
Lines changed: 20 additions & 1 deletion b/‎src/details/body.cpp‎ ‎src/detail/body.cpp‎src/details/body.cpp renamed to src/detail/body.cpp
Lines changed: 20 additions & 1 deletion
diff --git a/‎src/details/http_endpoint.cpp‎ ‎src/detail/http_endpoint.cpp‎src/details/http_endpoint.cpp renamed to src/detail/http_endpoint.cpp
Lines changed: 1 addition & 1 deletion b/‎src/details/http_endpoint.cpp‎ ‎src/detail/http_endpoint.cpp‎src/details/http_endpoint.cpp renamed to src/detail/http_endpoint.cpp
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/http_response.cpp‎
Lines changed: 133 additions & 9 deletions b/‎src/http_response.cpp‎
Lines changed: 133 additions & 9 deletions
diff --git a/‎src/httpserver/basic_auth_fail_response.hpp‎
Lines changed: 3 additions & 2 deletions b/‎src/httpserver/basic_auth_fail_response.hpp‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎src/httpserver/deferred_response.hpp‎
Lines changed: 3 additions & 2 deletions b/‎src/httpserver/deferred_response.hpp‎
Lines changed: 3 additions & 2 deletions
@@ -126,12 +126,12 @@ check-headers:
 	@echo "  PASS: A.4 umbrella does not leak _HTTPSERVER_HPP_INSIDE_"
 
 # check-install-layout asserts that `make install DESTDIR=$(STAGE)` produces
-# a public include tree with NO `details/` directory and NO `*_impl.hpp` files.
+# a public include tree with NO `detail/` directory and NO `*_impl.hpp` files.
 # This protects the public/private split as described in TASK-002 / DR-002.
 CHECK_INSTALL_STAGE = $(abs_top_builddir)/.install-stage
 
 check-install-layout:
-	@echo "=== check-install-layout: staged install must hide details/ and *_impl.hpp ==="
+	@echo "=== check-install-layout: staged install must hide detail/ and *_impl.hpp ==="
 	@if test "$(CHECK_INSTALL_SHARED)" != "yes"; then \
 	    rm -rf $(CHECK_INSTALL_STAGE); \
 	    $(MAKE) $(AM_MAKEFLAGS) install DESTDIR=$(CHECK_INSTALL_STAGE) >check-install.log 2>&1 || { \
@@ -143,10 +143,10 @@ check-install-layout:
 	    }; \
 	    rm -f check-install.log; \
 	fi
-	@leaked_details=`find $(CHECK_INSTALL_STAGE) -type d -name details 2>/dev/null`; \
-	if test -n "$$leaked_details"; then \
-	    echo "FAIL: details/ directory leaked into install:"; \
-	    echo "$$leaked_details"; \
+	@leaked_detail=`find $(CHECK_INSTALL_STAGE) -type d -name detail 2>/dev/null`; \
+	if test -n "$$leaked_detail"; then \
+	    echo "FAIL: detail/ directory leaked into install:"; \
+	    echo "$$leaked_detail"; \
 	    if test "$(CHECK_INSTALL_SHARED)" != "yes"; then rm -rf $(CHECK_INSTALL_STAGE); fi; \
 	    exit 1; \
 	fi
 
@@ -19,11 +19,11 @@
 AM_CPPFLAGS = -I../ -I$(srcdir)/httpserver/ -DHTTPSERVER_COMPILATION
 METASOURCES = AUTO
 lib_LTLIBRARIES = libhttpserver.la
-libhttpserver_la_SOURCES = string_utilities.cpp webserver.cpp http_utils.cpp file_info.cpp http_request.cpp http_response.cpp string_response.cpp digest_auth_fail_response.cpp deferred_response.cpp file_response.cpp pipe_response.cpp empty_response.cpp iovec_response.cpp http_resource.cpp create_webserver.cpp details/http_endpoint.cpp details/body.cpp
+libhttpserver_la_SOURCES = string_utilities.cpp webserver.cpp http_utils.cpp file_info.cpp http_request.cpp http_response.cpp string_response.cpp digest_auth_fail_response.cpp deferred_response.cpp file_response.cpp pipe_response.cpp empty_response.cpp iovec_response.cpp http_resource.cpp create_webserver.cpp detail/http_endpoint.cpp detail/body.cpp
 # noinst_HEADERS: shipped in the tarball but NEVER installed under $prefix/include.
-# Detail headers (httpserver/details/*.hpp) live here so they cannot leak to
+# Detail headers (httpserver/detail/*.hpp) live here so they cannot leak to
 # downstream consumers — the public surface comes in through <httpserver.hpp>.
-noinst_HEADERS = httpserver/string_utilities.hpp httpserver/details/modded_request.hpp httpserver/details/http_endpoint.hpp httpserver/details/body.hpp gettext.h
+noinst_HEADERS = httpserver/string_utilities.hpp httpserver/detail/modded_request.hpp httpserver/detail/http_endpoint.hpp httpserver/detail/body.hpp gettext.h
 nobase_include_HEADERS = httpserver.hpp httpserver/body_kind.hpp httpserver/constants.hpp httpserver/create_webserver.hpp httpserver/webserver.hpp httpserver/http_utils.hpp httpserver/file_info.hpp httpserver/http_request.hpp httpserver/http_response.hpp httpserver/http_resource.hpp httpserver/string_response.hpp httpserver/digest_auth_fail_response.hpp httpserver/deferred_response.hpp httpserver/file_response.hpp httpserver/pipe_response.hpp httpserver/empty_response.hpp httpserver/feature_unavailable.hpp httpserver/iovec_entry.hpp httpserver/iovec_response.hpp httpserver/http_arg_value.hpp httpserver/http_method.hpp
 
 if HAVE_BAUTH
 
@@ -18,7 +18,7 @@
      USA
 */
 
-#include "httpserver/details/body.hpp"
+#include "httpserver/detail/body.hpp"
 
 #include <fcntl.h>
 #include <microhttpd.h>
@@ -143,6 +143,18 @@ file_body::~file_body() {
     }
 }
 
+// Hand-written move ctor: transfers fd_ ownership to the destination and
+// flips the source's materialized_ to true so the source's destructor
+// skips the close path. Without this, the moved-from file_body would
+// close the fd we just handed off — a classic double-close bug
+// (CWE-415). std::exchange keeps the move noexcept.
+file_body::file_body(file_body&& o) noexcept
+    : path_(std::move(o.path_)),
+      size_(o.size_),
+      fd_(std::exchange(o.fd_, -1)),
+      materialized_(std::exchange(o.materialized_, true)) {
+}
+
 MHD_Response* file_body::materialize() {
     if (fd_ == -1) return nullptr;
 
@@ -190,6 +202,13 @@ pipe_body::~pipe_body() {
     }
 }
 
+// Same shape as file_body's move ctor: transfer fd_, mark source as
+// already-materialized so its destructor skips close.
+pipe_body::pipe_body(pipe_body&& o) noexcept
+    : fd_(std::exchange(o.fd_, -1)),
+      materialized_(std::exchange(o.materialized_, true)) {
+}
+
 MHD_Response* pipe_body::materialize() {
     MHD_Response* r = MHD_create_response_from_pipe(fd_);
     if (r != nullptr) {
 
@@ -29,7 +29,7 @@
 #include <string>
 #include <vector>
 
-#include "httpserver/details/http_endpoint.hpp"
+#include "httpserver/detail/http_endpoint.hpp"
 #include "httpserver/http_utils.hpp"
 
 using std::string;
 
@@ -19,41 +19,165 @@
 */
 
 #include "httpserver/http_response.hpp"
+
 #include <microhttpd.h>
+
+#include <cstddef>
 #include <iostream>
 #include <map>
+#include <new>
 #include <string>
+#include <type_traits>
 #include <utility>
+
+#include "httpserver/detail/body.hpp"   // complete type for body_->~body()
 #include "httpserver/http_utils.hpp"
 
 namespace httpserver {
 
+// -----------------------------------------------------------------------
+// Layout / trait acceptance asserts (TASK-009 AC). Duplicated in
+// test/unit/http_response_sbo_test.cpp; placing them in the .cpp catches
+// drift on every library build, even before tests are linked.
+// -----------------------------------------------------------------------
+static_assert(std::is_nothrow_move_constructible_v<http_response>,
+              "TASK-009 AC: move ctor must be noexcept");
+static_assert(std::is_nothrow_move_assignable_v<http_response>,
+              "TASK-009 AC: move assign must be noexcept");
+static_assert(!std::is_copy_constructible_v<http_response>,
+              "TASK-009 AC: move-only");
+static_assert(!std::is_copy_assignable_v<http_response>,
+              "TASK-009 AC: move-only");
+static_assert(http_response::body_buf_size == 64,
+              "DR-005: SBO buffer is 64 bytes");
+static_assert(alignof(http_response) >= 16,
+              "alignas(16) std::byte body_storage_[64] requires class "
+              "alignment >= 16");
+
+// -----------------------------------------------------------------------
+// Body lifecycle helpers.
+//
+// destroy_body() and adopt_body_from() factor out the SBO destruct /
+// adopt logic that the destructor, move ctor, and move-assign all need.
+// Keeping each branch in exactly one place makes the inline-vs-heap
+// discriminator impossible to get out of sync. Both helpers are
+// noexcept (DR-005): destroy_body relies on body subclass dtors being
+// noexcept, adopt_body_from relies on the noexcept move_into() virtual
+// (statically asserted per-subclass in detail/body.hpp).
+//
+// Members are private; they live as out-of-line member functions so
+// they have access without an extra friend declaration.
+// -----------------------------------------------------------------------
+void http_response::destroy_body() noexcept {
+    if (body_ == nullptr) return;
+    body_->~body();
+    if (!body_inline_) {
+        // Heap path: ::operator delete pairs with the
+        // ::operator new(sizeof(T)) the factory uses (TASK-010).
+        ::operator delete(body_);
+    }
+    body_ = nullptr;
+    body_inline_ = false;
+}
+
+void http_response::adopt_body_from(http_response& o) noexcept {
+    if (o.body_ == nullptr) {
+        return;  // destination's body_/body_inline_ already cleared
+    }
+    if (o.body_inline_) {
+        // Placement-move into our buffer, then destroy the source's
+        // inline body so the source's destructor is a no-op.
+        o.body_->move_into(body_storage_);
+        body_ = reinterpret_cast<detail::body*>(body_storage_);
+        body_inline_ = true;
+        o.body_->~body();
+    } else {
+        // Heap path: pointer transfer — no allocation, no copy.
+        body_ = o.body_;
+        body_inline_ = false;
+    }
+    o.body_ = nullptr;
+    o.body_inline_ = false;
+}
+
+// -----------------------------------------------------------------------
+// Destructor.
+//
+// Subclass-virtual destructor: required as long as the v1 subclass
+// hierarchy still inherits from http_response. TASK-013 marks the class
+// `final` once those subclasses are removed.
+// -----------------------------------------------------------------------
+http_response::~http_response() {
+    destroy_body();
+}
+
+// -----------------------------------------------------------------------
+// Move constructor.
+//
+// noexcept because every member's move is noexcept (header_map is a
+// std::map, std::map move is noexcept; std::byte[64] is trivially
+// movable; per-subclass body move ctors are noexcept by static_assert in
+// detail/body.hpp).
+// -----------------------------------------------------------------------
+http_response::http_response(http_response&& o) noexcept
+    : status_code_(o.status_code_),
+      headers_(std::move(o.headers_)),
+      footers_(std::move(o.footers_)),
+      cookies_(std::move(o.cookies_)),
+      kind_(o.kind_) {
+    adopt_body_from(o);
+}
+
+// -----------------------------------------------------------------------
+// Move-assignment.
+//
+// Linearises the inline×heap inline×heap "four cases" into:
+//   step 1 — destroy our existing body
+//   step 2 — adopt source's body
+//
+// Self-assignment is guarded explicitly because step 1 would otherwise
+// destroy the body we are about to read from.
+// -----------------------------------------------------------------------
+http_response& http_response::operator=(http_response&& o) noexcept {
+    if (this == &o) {
+        return *this;
+    }
+    destroy_body();
+    status_code_ = o.status_code_;
+    headers_ = std::move(o.headers_);
+    footers_ = std::move(o.footers_);
+    cookies_ = std::move(o.cookies_);
+    kind_ = o.kind_;
+    adopt_body_from(o);
+    return *this;
+}
+
 MHD_Response* http_response::get_raw_response() {
     return MHD_create_response_from_buffer(0, nullptr, MHD_RESPMEM_PERSISTENT);
 }
 
 void http_response::decorate_response(MHD_Response* response) {
     std::map<std::string, std::string, http::header_comparator>::iterator it;
 
-    for (it=headers.begin() ; it != headers.end(); ++it) {
+    for (it=headers_.begin() ; it != headers_.end(); ++it) {
         MHD_add_response_header(response, (*it).first.c_str(), (*it).second.c_str());
     }
 
-    for (it=footers.begin() ; it != footers.end(); ++it) {
+    for (it=footers_.begin() ; it != footers_.end(); ++it) {
         MHD_add_response_footer(response, (*it).first.c_str(), (*it).second.c_str());
     }
 
-    for (it=cookies.begin(); it != cookies.end(); ++it) {
+    for (it=cookies_.begin(); it != cookies_.end(); ++it) {
         MHD_add_response_header(response, "Set-Cookie", ((*it).first + "=" + (*it).second).c_str());
     }
 }
 
 int http_response::enqueue_response(MHD_Connection* connection, MHD_Response* response) {
-    return MHD_queue_response(connection, response_code, response);
+    return MHD_queue_response(connection, status_code_, response);
 }
 
 void http_response::shoutCAST() {
-    response_code |= http::http_utils::shoutcast_response;
+    status_code_ |= http::http_utils::shoutcast_response;
 }
 
 namespace {
@@ -67,11 +191,11 @@ static inline http::header_view_map to_view_map(const http::header_map& hdr_map)
 }
 
 std::ostream &operator<< (std::ostream& os, const http_response& r) {
-    os << "Response [response_code:" << r.response_code << "]" << std::endl;
+    os << "Response [response_code:" << r.status_code_ << "]" << std::endl;
 
-    http::dump_header_map(os, "Headers", to_view_map(r.headers));
-    http::dump_header_map(os, "Footers", to_view_map(r.footers));
-    http::dump_header_map(os, "Cookies", to_view_map(r.cookies));
+    http::dump_header_map(os, "Headers", to_view_map(r.headers_));
+    http::dump_header_map(os, "Footers", to_view_map(r.footers_));
+    http::dump_header_map(os, "Cookies", to_view_map(r.cookies_));
 
     return os;
 }
 
@@ -50,9 +50,10 @@ class basic_auth_fail_response : public string_response {
             realm(realm),
             prefer_utf8(prefer_utf8) { }
 
-     basic_auth_fail_response(const basic_auth_fail_response& other) = default;
+     // Move-only: base http_response is now move-only (TASK-009 / DR-005).
+     basic_auth_fail_response(const basic_auth_fail_response&) = delete;
      basic_auth_fail_response(basic_auth_fail_response&& other) noexcept = default;
-     basic_auth_fail_response& operator=(const basic_auth_fail_response& b) = default;
+     basic_auth_fail_response& operator=(const basic_auth_fail_response&) = delete;
      basic_auth_fail_response& operator=(basic_auth_fail_response&& b) = default;
 
      ~basic_auth_fail_response() = default;
 
@@ -58,9 +58,10 @@ class deferred_response : public string_response {
          initial_content(content),
          content_offset(0) { }
 
-     deferred_response(const deferred_response& other) = default;
+     // Move-only: base http_response is now move-only (TASK-009 / DR-005).
+     deferred_response(const deferred_response&) = delete;
      deferred_response(deferred_response&& other) noexcept = default;
-     deferred_response& operator=(const deferred_response& b) = default;
+     deferred_response& operator=(const deferred_response&) = delete;
      deferred_response& operator=(deferred_response&& b) = default;
 
      ~deferred_response() = default;