feat(webserver): Middleware with default middleware for cors, authc, curl-like logging

[mathieucarbou]

This PR improves WebServer with the following additions:

• Add Middleware support (aka Expressif) with some built-in middlewares like cors, authc and logging
• Add ability to collect all incoming request headers
• Added response code and info on server

As discussed in #10185, I tested the example thanks to a pio config.

Ideally it would be nice if @me-no-dev and @ayushsharma82 could review this PR, both were involved in these parts.

[github-actions]

	Warnings
⚠️	The **target branch** for this Pull Request **must be the default branch** of the project (`master`). If you would like to add this feature to a different branch, please state this in the PR description and we will consider it.

👋 Hello mathieucarbou, we appreciate your contribution to this project!

---

Click to see more instructions ...

This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- Resolve all warnings (⚠️ ) before requesting a review from human reviewers - they will appreciate it.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...

We do welcome contributions in the form of bug reports, feature requests and pull requests.

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
4. If the change is approved and passes the tests it is merged into the default branch.

Generated by 🚫 dangerJS against 6b1e5d0

[github-actions]

Test Results

 62 files   62 suites   16m 34s ⏱️
 24 tests  18 ✅ 0 💤 6 ❌
140 runs  134 ✅ 0 💤 6 ❌

For more details on these failures, see this check.

Results for commit 6b1e5d0.

♻️ This comment has been updated with latest results.

[github-actions]

Memory usage test (comparing PR against master branch)

The table below shows the summary of memory usage change (decrease - increase) in bytes and percentage for each target.

Memory	FLASH [bytes]		FLASH [%]		RAM [bytes]		RAM [%]
Target	DEC	INC	DEC	INC	DEC	INC	DEC	INC
ESP32S3	0	‼️ +23K	0.00	‼️ +2.61	0	‼️ +3K	0.00	‼️ +6.93
ESP32S2	0	‼️ +19K	0.00	‼️ +2.25	0	‼️ +3K	0.00	‼️ +6.99
ESP32C3	0	‼️ +23K	0.00	‼️ +2.42	0	‼️ +2K	0.00	‼️ +6.67
ESP32C6	0	‼️ +42K	0.00	‼️ +4.62	0	‼️ +25K	0.00	‼️ +62.11
ESP32	0	‼️ +23K	0.00	‼️ +2.43	0	⚠️ +1960	0.00	‼️ +3.99

Click to expand the detailed deltas report [usage change in BYTES]

Target	ESP32S3		ESP32S2		ESP32C3		ESP32C6		ESP32
Example	FLASH	RAM	FLASH	RAM	FLASH	RAM	FLASH	RAM	FLASH	RAM
WebServer/examples/AdvancedWebServer	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +23K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1800
WebServer/examples/FSBrowser	‼️ +21K	‼️ +3K	‼️ +18K	‼️ +3K	‼️ +21K	‼️ +2K	‼️ +39K	‼️ +24K	‼️ +21K	⚠️ +1816
WebServer/examples/Filters	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +23K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1800
WebServer/examples/HelloServer	‼️ +22K	‼️ +3K	‼️ +17K	‼️ +2K	‼️ +23K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1800
WebServer/examples/HttpAdvancedAuth	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +22K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1792
WebServer/examples/HttpAuthCallback	‼️ +22K	‼️ +3K	‼️ +17K	‼️ +2K	‼️ +22K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1792
WebServer/examples/HttpAuthCallbackInline	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +22K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1792
WebServer/examples/HttpBasicAuth	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +22K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1792
WebServer/examples/HttpBasicAuthSHA1	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +22K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +22K	⚠️ +1792
WebServer/examples/HttpBasicAuthSHA1orBearerToken	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +22K	‼️ +2K	‼️ +41K	‼️ +25K	‼️ +22K	⚠️ +1792
WebServer/examples/Middleware	-	-	-	-	-	-	-	-	-	-
WebServer/examples/MultiHomedServers	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +23K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1792
WebServer/examples/PathArgServer	‼️ +19K	‼️ +3K	‼️ +15K	‼️ +3K	‼️ +14K	‼️ +2048	‼️ +35K	‼️ +24K	‼️ +18K	⚠️ +1960
WebServer/examples/SDWebServer	‼️ +20K	‼️ +3K	‼️ +15K	‼️ +2K	‼️ +22K	‼️ +2K	‼️ +41K	‼️ +24K	‼️ +19K	⚠️ +1776
WebServer/examples/SimpleAuthentification	‼️ +23K	‼️ +3K	‼️ +19K	‼️ +3K	‼️ +22K	⚠️ +2040	‼️ +42K	‼️ +24K	‼️ +23K	⚠️ +1808
WebServer/examples/UploadHugeFile	‼️ +18K	‼️ +3K	‼️ +13K	‼️ +2K	‼️ +14K	‼️ +2K	‼️ +35K	‼️ +25K	‼️ +18K	⚠️ +1960
WebServer/examples/WebServer	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +3K	‼️ +22K	‼️ +2048	‼️ +41K	‼️ +24K	‼️ +21K	⚠️ +1784
WebServer/examples/WebUpdate	‼️ +22K	‼️ +3K	‼️ +18K	‼️ +2K	‼️ +23K	‼️ +2K	‼️ +42K	‼️ +25K	‼️ +21K	⚠️ +1792

[Jason2866]

@mathieucarbou Do you see the possibility to make this enhancement optional?
The size increase is not just a few bytes.

[mathieucarbou]

@mathieucarbou Do you see the possibility to make this enhancement optional? The size increase is not just a few bytes.

I saw that and I was surprised by it... I don't feel to have written 2k of code...

[mathieucarbou]

Adding a ref to: #10221 (comment)

[lucasssvaz]

LGTM. Tested and it works as expected. Just a couple nitpicks.

[mathieucarbou]

@lucasssvaz : thanks! I will update the PR soon.

[lucasssvaz]

@mathieucarbou Also, as there are some changes to the WebServer. Maybe it would be better to target branch release/v3.1.x to make sure we don't introduce any unwanted breaking change by mistake. Probably you just need to rebase this PR and the commits on top of it.

[mathieucarbou]

@mathieucarbou Also, as there are some changes to the WebServer. Maybe it would be better to target branch release/v3.1.x to make sure we don't introduce any unwanted breaking change by mistake. Probably you just need to rebase this PR and the commits on top of it.

Yes that would be better.

What do you think about the 3 bullet points above ? Could I also switch to std::list ?

[lucasssvaz]

@mathieucarbou Also, as there are some changes to the WebServer. Maybe it would be better to target branch release/v3.1.x to make sure we don't introduce any unwanted breaking change by mistake. Probably you just need to rebase this PR and the commits on top of it.

Yes that would be better.

What do you think about the 3 bullet points above ? Could I also switch to std::list ?

I think it should be fine now that we are targeting v3.1.x as long as the flash usage increase is not very significant. There are too many changes from IDF recently that increased flash usage a lot and we are trying to optimize things for space.

What do you think @me-no-dev ?

[lucasssvaz]

@mathieucarbou Could you please reopen this targeting master ?

[mathieucarbou]

@mathieucarbou Could you please reopen this targeting master ?

FYI, for next time, before deleting branches, just know that there is a github option to edit PRs and change the target branch. This allows keeping the history of PRs instead of having to recreate them. Here since the target branch was deleted, github closed the PR without a way to re-open it and change the target branch.

[me-no-dev]

@mathieucarbou I did not expect the PR to be closed. The one for the libs was not closed and I switched the target branch after I deleted the 3.1.x one

[me-no-dev]

Interesting what made this PR different. Maybe the fact that we were not given rights to edit it?

[mathieucarbou]

Oh, that's right: "Allow edits and access to secrets by maintainers" was not checked, I just checked it now.

Why ? I do not know. This is always an option I usually keep on (I hate to block people or being blocked by this option).
I don't even know if there is a github option to keep it off by default.

Definitley, that must be this thing.

Do you know if this could be unchecked by default with the required CLA agreement ?

[me-no-dev]

CLA bot comes after the PR is created, so I doubt that was it. GH has been a bit strange on a few fronts lately, so not unlikely that something else was the cause

[me-no-dev]

trying to reopen

[me-no-dev]

It's not allowing me to reopen it 😦

[mathieucarbou]

It's not allowing me to reopen it 😦

yeah, same ;-) no worry, I have rebased already, I am doing another review (always good to re-read after a while). Will push in a few.

[Jason2866]

"Edit" is off when the PR is opened from an ORG repository.