DeterministicESPAsyncWebServer v6.27.1
Zero-allocation, bounded-execution async HTTP server for ESP32
Loading...
Searching...
No Matches
Documentation

A multi-protocol network server for ESP32 with a fully deterministic memory footprint, RFC 7230 compliant request parsing, and an OSI-layered architecture. It serves HTTP/1.1 and HTTP/2 (with HTTP/3 over QUIC, host-tested), WebSocket, and Server-Sent Events, with optional HTTPS/TLS, SSH, Telnet, SNMP, CoAP, Modbus TCP, MQTT, and OPC UA.

Installation

PlatformIO:

lib_deps = https://github.com/dstroy0/DeterministicESPAsyncWebServer.git

Arduino IDE: Download the repository as a ZIP and use Sketch → Include Library → Add .ZIP Library.

Quick Start

#include <WiFi.h>
#include "dwserver.h"
DetWebServer server;
void handle_status(uint8_t slot_id, HttpReq *req)
{
server.send(slot_id, 200, "application/json", "{\"ok\":true}");
}
void setup()
{
init_wifi_physical("SSID", "PASSWORD");
while (!wifi_ready()) delay(250);
server.on("/status", HTTP_GET, handle_status);
server.set_cors("*");
server.begin(80);
}
void loop()
{
server.handle();
}
Single-port HTTP server with deterministic, zero-allocation execution.
Definition dwserver.h:348
void on(const char *path, HttpMethod method, Handler callback)
Register a route handler.
Definition dwserver.cpp:759
void handle()
Drive the server - call every Arduino loop() iteration.
void send(uint8_t slot_id, int code, const char *content_type, const char *payload)
Send an HTTP response with a body and close the connection.
void set_cors(const char *origin)
Enable CORS by pre-building the Access-Control headers.
Definition dwserver.cpp:866
int32_t begin(const WebServerConfig *cfg=nullptr)
Initialize all connection slots and open all registered listeners.
Definition dwserver.cpp:495
Layer 7 (Application) - public HTTP routing API.
@ HTTP_GET
Safe, idempotent read.
bool wifi_ready()
True if the WiFi station link is up (associated + an IP is assigned).
Definition physical.cpp:30
bool init_wifi_physical(const char *ssid, const char *password)
Connect to a WiFi access point.
Definition physical.cpp:24
Layer 1 (Physical) - link bring-up and live egress-interface reporting.
Fully-parsed HTTP/1.1 request.

See examples/Foundation/05.Configuration/05.Configuration.ino for a full reference of every configurable flag and constant.

Features

A compile-time menu grouped by the OSI layer each feature lives at, alphabetized within each layer: each cell is an optional DETWS_ENABLE_* subsystem (core HTTP/1.1, routing, middleware, JSON, templating, and chunked responses are always on). Hover an entry for its summary; click through to FEATURES.md for the full description. The tables are generated from FEATURES.md by docs/utilities/gen_feature_tables.py, so they never drift.

Foundation
Config IO Config Store Device ID DMA Peripheral Ingest Exception Decoder
Failsafe Watchdog GPIO Map Guardrails Hardware Health Preempting Work Queue
PSRAM Pool RTC Sleep Scheduler Southbound Time Source
VFS Wear Leveling
Physical & Data Link (L1-L2)
ADS1115 BLE GATT Bus Capture CC1101 DShot
EnOcean ESP-NOW Ethernet FDC2214 INA219
Interface Forwarding LD2410 LDC1614 LoRa MPR121
nRF24 PCA9685 PN532 Radio Gateway Radio Power
Radio Sniffer Raw L2 SHT3x Sigfox Thread
VL53L0X Wi-Fi Capture Wi-Fi Sniffer Wi-SUN Z-Wave
Zigbee
Network (L3)
Dns Resolver Happy Eyeballs IPv6 Link Manager Network Adaptation
Proxy Protocol
Transport (L4)
Accept Throttle IP Allowlist Keep-Alive MTLS Per IP Throttle
Socket Pool TLS TLS Policy TLS Resumption
Session (L5)
SSH SSH Compression Telnet
Presentation (L6)
Auth Auth Lockout CBOR CloudEvents HTTP Delivery
HTTP/1.1 Parser HTTP/2 HTTP/3 JSON JWT
MessagePack Multipart Protobuf SenML SSE
Web Terminal WebSocket WS Deflate
Web & HTTP
Chunked Responses CORS Dashboard Edge Cache ETag
File Serving HTTP Cache Middleware Range Routing
SPA Router Templating Themes Upload WebDAV
Auth, Identity & Security
Audit Log CSRF OAuth2 OIDC TOTP
IoT, Messaging & APIs
AMQP CoAP CoAP Block CoAP Observe DDS-RTPS
GraphQL gRPC-Web LwM2M MQTT MQTT SN
MQTT TLS NATS Sparkplug Stomp WAMP
XMPP
Industrial & Fieldbus
ADS (Beckhoff) BACnet CANopen CC-Link CiA 402
CIP Control COTP DeviceNet DF1
DirectNET DMX512 EtherNet/IP FINS HART
Host Link INTERBUS IO-Link LonWorks MELSEC
Modbus Modbus Master Modbus Plus Modbus RTU POWERLINK
PROFIBUS PROFINET S7comm SDI-12 SERCOS III
SNP
SCADA, Energy & Monitoring
C37.118 DNP3 GOOSE ICCP IEC 60870
M-Bus MMS OpenADR SEP2 SunSpec
Machine Tools & OT
DNC (CNC drip-feed) MTConnect OPC-UA OPC-UA Client umati (OPC UA for Machine Tools)
Transportation & ITS
ATC J1939 J2735 NEMA TS2 NMEA 0183
NMEA 2000 NTCIP OCIT UTMC WAVE
Clients & Gateways
FTP client HTTP Client HTTP Client TLS Relay (TCP forward / DNAT) SMB
SMTP Webhook WS Client WS Client TLS
Storage & Database
DBM Key-Value Store Document Store Redis SQLite Write-Ahead Log
Time & Discovery
Adaptive mDNS DNS Server MDNS NTP NTP Server
NTS
Observability & Telemetry
Diag Flow Export Log-Buffer Metrics Observability
Partition Monitor SNMP SNMP Trap SNMP V3 Stats
StatsD Syslog Telemetry UDP Telemetry
Firmware & System
OTA OTA Rollback Provisioning
Application (L7) - Other
DTLS 1.3 FANUC FOCAS Interface Bridge NTRIP Caster Post-Quantum Hybrid KEX
SEN0192

New to this? Start here

If networking is new to you, the learn series is a from-scratch on-ramp that assumes no prior knowledge: the OSI model, TCP/IP, and a primer on every language in the project - each tied back to the code below. Every protocol the library implements is mapped to its authoritative spec in STANDARDS.md.

Architecture

Each OSI layer lives in its own subdirectory under src/network_drivers/:

View Directory and OSI Layer Layout

L7 src/dwserver.h/cpp Route table, dispatch, send()
L6 src/network_drivers/presentation/
presentation.h/cpp Drains ring buffer → parser
http_parser.h/cpp RFC 7230 byte-stream state machine
sha1.h/cpp base64.h/cpp mbedTLS hardware-accelerated helpers
websocket.h/cpp sse.h/cpp WS frame parser; SSE connection pool
multipart.h/cpp Multipart form-data parser
L5 src/network_drivers/session/
session.h/cpp FreeRTOS event queue drain
L4 src/network_drivers/transport/
tcp.h/cpp lwIP callbacks, ring buffers, timeouts
listener.h/cpp Per-port TCP listener, per-listener queue
L3 src/network_drivers/network/
network.h/cpp lwIP stub
L2 src/network_drivers/datalink/
datalink.h/cpp Espressif WiFi driver stub
L1 src/network_drivers/physical/
physical.h/cpp WiFi.begin() wrapper
src/network_drivers/tls/ mbedTLS over a fixed static pool (HTTPS / wss)
src/network_drivers/application/ Generated web assets (dashboard, terminal)
src/network_drivers/presentation/ssh/ Zero-heap SSH-2.0 server
src/services/ Optional L7 subsystems, one folder each:
opcua/ + opcua_client/, modbus/, mqtt/, coap/, snmp/, dns_resolver/, oidc/,
oauth2/, totp/, audit_log/, vfs/, graphql/, espnow/, ... (see FEATURES.md)

The conceptual layer map above is a summary; the complete file layout is generated below from src/ by docs/utilities/gen_readme_sections.py (single-.h/.cpp service folders are collapsed to their name; generated web-asset blobs are counted, not listed).

Full source tree (every library file)

src/
├── network_drivers/
│ ├── application/
│ │ ├── binary_asset_blobs.cpp
│ │ ├── binary_asset_blobs.h
│ │ ├── web_assets.cpp
│ │ └── web_assets.h
│ ├── datalink/ (datalink.h, datalink.cpp)
│ ├── network/
│ │ ├── ip.cpp
│ │ ├── ip.h
│ │ ├── network.cpp
│ │ └── network.h
│ ├── physical/ (physical.h, physical.cpp)
│ ├── presentation/
│ │ ├── base64/ (base64.h, base64.cpp)
│ │ ├── cbor/ (cbor.h, cbor.cpp)
│ │ ├── deflate/ (deflate.h, deflate.cpp)
│ │ ├── dtls/
│ │ │ ├── dtls_conn.cpp
│ │ │ ├── dtls_conn.h
│ │ │ ├── dtls_handshake.cpp
│ │ │ ├── dtls_handshake.h
│ │ │ ├── dtls_record.cpp
│ │ │ └── dtls_record.h
│ │ ├── hpack_prim/ (hpack_prim.h, hpack_prim.cpp)
│ │ ├── http2/
│ │ │ ├── h2_conn.cpp
│ │ │ ├── h2_conn.h
│ │ │ ├── h2_frame.cpp
│ │ │ ├── h2_frame.h
│ │ │ ├── h2_server.cpp
│ │ │ ├── h2_server.h
│ │ │ ├── hpack.cpp
│ │ │ └── hpack.h
│ │ ├── http3/
│ │ │ ├── h3_conn.cpp
│ │ │ ├── h3_conn.h
│ │ │ ├── h3_frame.cpp
│ │ │ ├── h3_frame.h
│ │ │ ├── qpack.cpp
│ │ │ ├── qpack.h
│ │ │ ├── quic_aead.cpp
│ │ │ ├── quic_aead.h
│ │ │ ├── quic_conn.cpp
│ │ │ ├── quic_conn.h
│ │ │ ├── quic_crypto.cpp
│ │ │ ├── quic_crypto.h
│ │ │ ├── quic_frame.cpp
│ │ │ ├── quic_frame.h
│ │ │ ├── quic_hkdf.cpp
│ │ │ ├── quic_hkdf.h
│ │ │ ├── quic_packet.cpp
│ │ │ ├── quic_packet.h
│ │ │ ├── quic_server.cpp
│ │ │ ├── quic_server.h
│ │ │ ├── quic_tls.cpp
│ │ │ ├── quic_tls.h
│ │ │ ├── quic_tp.cpp
│ │ │ ├── quic_tp.h
│ │ │ ├── quic_varint.cpp
│ │ │ ├── quic_varint.h
│ │ │ ├── tls13_kdf.cpp
│ │ │ ├── tls13_kdf.h
│ │ │ ├── tls13_msg.cpp
│ │ │ └── tls13_msg.h
│ │ ├── http_parser/ (http_parser.h, http_parser.cpp)
│ │ ├── inflate/ (inflate.h, inflate.cpp)
│ │ ├── json/ (json.h, json.cpp)
│ │ ├── msgpack/ (msgpack.h, msgpack.cpp)
│ │ ├── multipart/ (multipart.h, multipart.cpp)
│ │ ├── pqc/
│ │ │ ├── mlkem.cpp
│ │ │ ├── mlkem.h
│ │ │ ├── sha3.cpp
│ │ │ └── sha3.h
│ │ ├── sha1/ (sha1.h, sha1.cpp)
│ │ ├── sse/ (sse.h, sse.cpp)
│ │ ├── ssh/
│ │ │ ├── auth/ (ssh_auth.h, ssh_auth.cpp)
│ │ │ ├── connection/
│ │ │ │ ├── ssh_channel.cpp
│ │ │ │ ├── ssh_channel.h
│ │ │ │ ├── ssh_conn.cpp
│ │ │ │ ├── ssh_conn.h
│ │ │ │ ├── ssh_forward.cpp
│ │ │ │ ├── ssh_forward.h
│ │ │ │ ├── ssh_server.cpp
│ │ │ │ └── ssh_server.h
│ │ │ ├── crypto/
│ │ │ │ ├── ssh_aes256ctr.cpp
│ │ │ │ ├── ssh_aes256ctr.h
│ │ │ │ ├── ssh_aesgcm.cpp
│ │ │ │ ├── ssh_aesgcm.h
│ │ │ │ ├── ssh_bignum.cpp
│ │ │ │ ├── ssh_bignum.h
│ │ │ │ ├── ssh_chacha20.cpp
│ │ │ │ ├── ssh_chacha20.h
│ │ │ │ ├── ssh_chachapoly.cpp
│ │ │ │ ├── ssh_chachapoly.h
│ │ │ │ ├── ssh_curve25519.cpp
│ │ │ │ ├── ssh_curve25519.h
│ │ │ │ ├── ssh_ecdsa.cpp
│ │ │ │ ├── ssh_ecdsa.h
│ │ │ │ ├── ssh_ed25519.cpp
│ │ │ │ ├── ssh_ed25519.h
│ │ │ │ ├── ssh_ed25519_comb_table.h
│ │ │ │ ├── ssh_fe25519.h
│ │ │ │ ├── ssh_hmac_sha256.cpp
│ │ │ │ ├── ssh_hmac_sha256.h
│ │ │ │ ├── ssh_hmac_sha512.cpp
│ │ │ │ ├── ssh_hmac_sha512.h
│ │ │ │ ├── ssh_poly1305.cpp
│ │ │ │ ├── ssh_poly1305.h
│ │ │ │ ├── ssh_rsa.cpp
│ │ │ │ ├── ssh_rsa.h
│ │ │ │ ├── ssh_sha256.cpp
│ │ │ │ ├── ssh_sha256.h
│ │ │ │ ├── ssh_sha512.cpp
│ │ │ │ └── ssh_sha512.h
│ │ │ └── transport/
│ │ │ ├── ssh_comp.cpp
│ │ │ ├── ssh_comp.h
│ │ │ ├── ssh_dh.cpp
│ │ │ ├── ssh_dh.h
│ │ │ ├── ssh_keymat.cpp
│ │ │ ├── ssh_keymat.h
│ │ │ ├── ssh_packet.cpp
│ │ │ ├── ssh_packet.h
│ │ │ ├── ssh_transport.cpp
│ │ │ ├── ssh_transport.h
│ │ │ ├── ssh_zlib.cpp
│ │ │ └── ssh_zlib.h
│ │ ├── telnet/ (telnet.h, telnet.cpp)
│ │ ├── websocket/ (websocket.h, websocket.cpp)
│ │ ├── presentation.cpp
│ │ └── presentation.h
│ ├── session/
│ │ ├── arena.cpp
│ │ ├── arena.h
│ │ ├── proto_builtins.cpp
│ │ ├── proto_handler.h
│ │ ├── scratch.cpp
│ │ ├── scratch.h
│ │ ├── session.cpp
│ │ ├── session.h
│ │ ├── worker.cpp
│ │ └── worker.h
│ ├── tls/ (tls.h, tls.cpp)
│ └── transport/
│ ├── client.cpp
│ ├── client.h
│ ├── listener.cpp
│ ├── listener.h
│ ├── tcp.cpp
│ ├── tcp.h
│ ├── udp.cpp
│ └── udp.h
├── server/
│ ├── auth.cpp
│ ├── dwserver_internal.h
│ ├── file_serving.cpp
│ ├── http_range.cpp
│ ├── http_range.h
│ ├── middleware.cpp
│ ├── regex.cpp
│ ├── response.cpp
│ ├── webdav.cpp
│ └── websocket_sse.cpp
├── services/
│ ├── ads/ (ads.h, ads.cpp)
│ ├── ads1115/ (ads1115.h, ads1115.cpp)
│ ├── amqp/ (amqp.h, amqp.cpp)
│ ├── atc/ (atc.h, atc.cpp)
│ ├── audit_log/ (audit_log.h, audit_log.cpp)
│ ├── auth_lockout/ (auth_lockout.h, auth_lockout.cpp)
│ ├── bacnet/ (bacnet.h, bacnet.cpp)
│ ├── ble_gatt/ (ble_gatt.h, ble_gatt.cpp)
│ ├── bus_capture/ (bus_capture.h, bus_capture.cpp)
│ ├── c37118/ (c37118.h, c37118.cpp)
│ ├── canopen/ (canopen.h, canopen.cpp)
│ ├── cc1101/ (cc1101.h, cc1101.cpp)
│ ├── cclink/ (cclink.h, cclink.cpp)
│ ├── cia402/ (cia402.h, cia402.cpp)
│ ├── cip/ (cip.h, cip.cpp)
│ ├── cloudevents/ (cloudevents.h, cloudevents.cpp)
│ ├── coap/
│ │ ├── coap.cpp
│ │ ├── coap.h
│ │ ├── coaps.cpp
│ │ ├── coaps.h
│ │ ├── coaps_server.cpp
│ │ └── coaps_server.h
│ ├── config_io/ (config_io.h, config_io.cpp)
│ ├── config_store/ (config_store.h, config_store.cpp)
│ ├── control/ (control.h, control.cpp)
│ ├── cotp/ (cotp.h, cotp.cpp)
│ ├── csrf/ (csrf.h, csrf.cpp)
│ ├── dashboard/
│ │ ├── dashboard.cpp
│ │ ├── dashboard.h
│ │ └── dashboard_routes.cpp
│ ├── dbm/ (dbm.h, dbm.cpp)
│ ├── dds/ (dds.h, dds.cpp)
│ ├── device_id/ (device_id.h, device_id.cpp)
│ ├── devicenet/ (devicenet.h, devicenet.cpp)
│ ├── df1/ (df1.h, df1.cpp)
│ ├── directnet/ (directnet.h, directnet.cpp)
│ ├── dma/ (dma.h, dma.cpp)
│ ├── dmx/ (dmx.h, dmx.cpp)
│ ├── dnc/
│ │ ├── dnc.cpp
│ │ ├── dnc.h
│ │ ├── dnc_stream.cpp
│ │ └── dnc_stream.h
│ ├── dnp3/ (dnp3.h, dnp3.cpp)
│ ├── dns_resolver/ (dns_resolver.h, dns_resolver.cpp)
│ ├── dns_server/ (dns_server.h, dns_server.cpp)
│ ├── docstore/ (docstore.h, docstore.cpp)
│ ├── dshot/ (dshot.h, dshot.cpp)
│ ├── edge_cache/
│ │ ├── edge_cache.cpp
│ │ ├── edge_cache.h
│ │ ├── edge_cache_proxy.cpp
│ │ ├── edge_cache_proxy.h
│ │ ├── edge_cache_sd.cpp
│ │ ├── edge_cache_sd.h
│ │ ├── edge_fetch.cpp
│ │ └── edge_fetch.h
│ ├── enip/ (enip.h, enip.cpp)
│ ├── enocean/ (enocean.h, enocean.cpp)
│ ├── espnow/ (espnow.h, espnow.cpp)
│ ├── exc_decoder/ (exc_decoder.h, exc_decoder.cpp)
│ ├── failsafe/ (failsafe.h, failsafe.cpp)
│ ├── fdc2214/ (fdc2214.h, fdc2214.cpp)
│ ├── fins/ (fins.h, fins.cpp)
│ ├── flow_export/ (flow_export.h, flow_export.cpp)
│ ├── focas/ (focas.h, focas.cpp)
│ ├── forward/ (forward.h, forward.cpp)
│ ├── ftp/ (ftp.h, ftp.cpp)
│ ├── gateway/ (gateway.h, gateway.cpp)
│ ├── gnss/
│ │ ├── gnss_survey.cpp
│ │ ├── gnss_survey.h
│ │ ├── ntrip_caster.cpp
│ │ ├── ntrip_caster.h
│ │ ├── ntrip_caster_listener.cpp
│ │ ├── ntrip_caster_listener.h
│ │ ├── rtcm3.cpp
│ │ └── rtcm3.h
│ ├── goose/ (goose.h, goose.cpp)
│ ├── gpio_map/
│ │ ├── gpio_map.cpp
│ │ ├── gpio_map.h
│ │ └── gpio_map_routes.cpp
│ ├── graphql/ (graphql.h, graphql.cpp)
│ ├── grpcweb/ (grpcweb.h, grpcweb.cpp)
│ ├── guardrails/ (guardrails.h, guardrails.cpp)
│ ├── happy_eyeballs/ (happy_eyeballs.h, happy_eyeballs.cpp)
│ ├── hart/ (hart.h, hart.cpp)
│ ├── hostlink/ (hostlink.h, hostlink.cpp)
│ ├── http_client/ (http_client.h, http_client.cpp)
│ ├── http_delivery/ (http_delivery.h, http_delivery.cpp)
│ ├── httpcache/ (httpcache.h, httpcache.cpp)
│ ├── hw_health/ (hw_health.h, hw_health.cpp)
│ ├── iccp/ (iccp.h, iccp.cpp)
│ ├── iec60870/ (iec60870.h, iec60870.cpp)
│ ├── iface_bridge/
│ │ ├── iface_bridge.cpp
│ │ ├── iface_bridge.h
│ │ ├── iface_bridge_hw.cpp
│ │ └── iface_bridge_hw.h
│ ├── ina219/ (ina219.h, ina219.cpp)
│ ├── interbus/ (interbus.h, interbus.cpp)
│ ├── iolink/ (iolink.h, iolink.cpp)
│ ├── j1939/ (j1939.h, j1939.cpp)
│ ├── j2735/ (j2735.h, j2735.cpp)
│ ├── jwt/ (jwt.h, jwt.cpp)
│ ├── ld2410/ (ld2410.h, ld2410.cpp)
│ ├── ldc1614/ (ldc1614.h, ldc1614.cpp)
│ ├── link_manager/ (link_manager.h, link_manager.cpp)
│ ├── logbuf/ (logbuf.h, logbuf.cpp)
│ ├── lonworks/ (lonworks.h, lonworks.cpp)
│ ├── lora/ (lora.h, lora.cpp)
│ ├── lwm2m/ (lwm2m_tlv.h, lwm2m_tlv.cpp)
│ ├── mbplus/ (mbplus.h, mbplus.cpp)
│ ├── mbus/ (mbus.h, mbus.cpp)
│ ├── mdns_adaptive/ (mdns_adaptive.h, mdns_adaptive.cpp)
│ ├── mdns_service/ (mdns_service.h, mdns_service.cpp)
│ ├── melsec/ (melsec.h, melsec.cpp)
│ ├── mms/ (mms.h, mms.cpp)
│ ├── modbus/
│ │ ├── modbus.cpp
│ │ ├── modbus.h
│ │ ├── modbus_master.cpp
│ │ └── modbus_master.h
│ ├── mpr121/ (mpr121.h, mpr121.cpp)
│ ├── mqtt/
│ │ ├── mqtt.cpp
│ │ ├── mqtt.h
│ │ ├── mqtt_sn.cpp
│ │ └── mqtt_sn.h
│ ├── mtconnect/ (mtconnect.h, mtconnect.cpp)
│ ├── nats/ (nats.h, nats.cpp)
│ ├── nema_ts2/ (nema_ts2.h, nema_ts2.cpp)
│ ├── netadapt/ (netadapt.h, netadapt.cpp)
│ ├── nmea0183/ (nmea0183.h, nmea0183.cpp)
│ ├── nmea2000/ (nmea2000.h, nmea2000.cpp)
│ ├── nrf24/ (nrf24.h, nrf24.cpp)
│ ├── ntcip/ (ntcip.h, ntcip.cpp)
│ ├── ntp_server/ (ntp_server.h, ntp_server.cpp)
│ ├── ntp_service/ (ntp_service.h, ntp_service.cpp)
│ ├── nts/ (nts.h, nts.cpp)
│ ├── oauth2/ (oauth2.h, oauth2.cpp)
│ ├── ocit/ (ocit.h, ocit.cpp)
│ ├── oidc/ (oidc.h, oidc.cpp)
│ ├── opcua/ (opcua.h, opcua.cpp)
│ ├── opcua_client/ (opcua_client.h, opcua_client.cpp)
│ ├── openadr/ (openadr.h, openadr.cpp)
│ ├── ota_rollback/ (ota_rollback.h, ota_rollback.cpp)
│ ├── ota_service/ (ota_service.h, ota_service.cpp)
│ ├── partition_monitor/
│ │ ├── partition_monitor.cpp
│ │ ├── partition_monitor.h
│ │ └── partition_monitor_routes.cpp
│ ├── pca9685/ (pca9685.h, pca9685.cpp)
│ ├── pn532/ (pn532.h, pn532.cpp)
│ ├── powerlink/ (powerlink.h, powerlink.cpp)
│ ├── preempt_queue/ (preempt_queue.h, preempt_queue.cpp)
│ ├── profibus/ (profibus.h, profibus.cpp)
│ ├── profinet/ (profinet.h, profinet.cpp)
│ ├── promisc/ (promisc.h, promisc.cpp)
│ ├── protobuf/ (protobuf.h, protobuf.cpp)
│ ├── provisioning_service/ (provisioning_service.h, provisioning_service.cpp)
│ ├── proxy_protocol/ (proxy_protocol.h, proxy_protocol.cpp)
│ ├── psram_pool/ (psram_pool.h, psram_pool.cpp)
│ ├── radio_power/ (radio_power.h, radio_power.cpp)
│ ├── radio_sniff/ (radio_sniff.h, radio_sniff.cpp)
│ ├── rawl2/ (rawl2.h, rawl2.cpp)
│ ├── redis_resp/ (redis_resp.h, redis_resp.cpp)
│ ├── relay/
│ │ ├── relay.cpp
│ │ ├── relay.h
│ │ ├── relay_listener.cpp
│ │ └── relay_listener.h
│ ├── rtc/ (rtc.h, rtc.cpp)
│ ├── s7comm/ (s7comm.h, s7comm.cpp)
│ ├── sdi12/ (sdi12.h, sdi12.cpp)
│ ├── sen0192/ (sen0192.h, sen0192.cpp)
│ ├── senml/ (senml.h, senml.cpp)
│ ├── sep2/ (sep2.h, sep2.cpp)
│ ├── sercos/ (sercos.h, sercos.cpp)
│ ├── sht3x/ (sht3x.h, sht3x.cpp)
│ ├── sigfox/ (sigfox.h, sigfox.cpp)
│ ├── sleep_sched/ (sleep_sched.h, sleep_sched.cpp)
│ ├── smb/
│ │ ├── ntlm.cpp
│ │ ├── ntlm.h
│ │ ├── ntlmssp.cpp
│ │ ├── ntlmssp.h
│ │ ├── smb2.cpp
│ │ ├── smb2.h
│ │ ├── smb_client.cpp
│ │ ├── smb_client.h
│ │ ├── smb_md.cpp
│ │ ├── smb_md.h
│ │ ├── spnego.cpp
│ │ └── spnego.h
│ ├── smtp/ (smtp.h, smtp.cpp)
│ ├── snmp/
│ │ ├── snmp_agent.cpp
│ │ ├── snmp_agent.h
│ │ ├── snmp_ber.cpp
│ │ ├── snmp_ber.h
│ │ ├── snmp_crypto.cpp
│ │ ├── snmp_crypto.h
│ │ ├── snmp_notify.cpp
│ │ ├── snmp_notify.h
│ │ ├── snmp_v3.cpp
│ │ └── snmp_v3.h
│ ├── snp/ (snp.h, snp.cpp)
│ ├── sockpool/ (sockpool.h, sockpool.cpp)
│ ├── southbound/ (southbound.h, southbound.cpp)
│ ├── spa_router/ (spa_router.h, spa_router.cpp)
│ ├── sparkplug/ (sparkplug.h, sparkplug.cpp)
│ ├── sqlite/ (sqlite_format.h, sqlite_format.cpp)
│ ├── statsd/ (statsd.h, statsd.cpp)
│ ├── stomp/ (stomp.h, stomp.cpp)
│ ├── sunspec/ (sunspec.h, sunspec.cpp)
│ ├── syslog/ (syslog.h, syslog.cpp)
│ ├── telemetry/ (telemetry.h, telemetry.cpp)
│ ├── thread/ (thread.h, thread.cpp)
│ ├── time_source/ (time_source.h, time_source.cpp)
│ ├── tls_policy/ (tls_policy.h, tls_policy.cpp)
│ ├── totp/ (totp.h, totp.cpp)
│ ├── udp_telemetry/ (udp_telemetry.h, udp_telemetry.cpp)
│ ├── umati/ (umati.h, umati.cpp)
│ ├── upload_service/ (upload_service.h, upload_service.cpp)
│ ├── utmc/ (utmc.h, utmc.cpp)
│ ├── vfs/ (vfs.h, vfs.cpp)
│ ├── vl53l0x/ (vl53l0x.h, vl53l0x.cpp)
│ ├── wal/
│ │ ├── wal.cpp
│ │ ├── wal.h
│ │ ├── wal_fs.h
│ │ ├── wal_store.cpp
│ │ └── wal_store.h
│ ├── wamp/ (wamp.h, wamp.cpp)
│ ├── wave/ (wave.h, wave.cpp)
│ ├── wearlevel/ (wearlevel.h, wearlevel.cpp)
│ ├── web_terminal/ (web_terminal.h, web_terminal.cpp)
│ ├── webdav/ (webdav.h, webdav.cpp)
│ ├── webhook/ (webhook.h, webhook.cpp)
│ ├── wifi_sniffer/ (wifi_sniffer.h, wifi_sniffer.cpp)
│ ├── wisun/ (wisun.h, wisun.cpp)
│ ├── ws_client/ (ws_client.h, ws_client.cpp)
│ ├── xmpp/ (xmpp.h, xmpp.cpp)
│ ├── zigbee/ (zigbee.h, zigbee.cpp)
│ ├── zwave/ (zwave.h, zwave.cpp)
│ ├── clock.h
│ └── i2c.h
├── shared_primitives/
│ ├── aes_sbox.h
│ ├── bytes.h
│ ├── can.h
│ ├── crypto_opt.h
│ ├── ghash.h
│ ├── hex.h
│ ├── http_date.h
│ ├── mime.h
│ ├── numparse.h
│ ├── pcap.h
│ ├── ring.h
│ ├── strbuf.h
│ └── utf8.h
├── web/
│ ├── favicons/ (288 generated files)
│ ├── input/
│ │ ├── DETWS_DASHBOARD_PAGE.html
│ │ ├── DETWS_METRICS_PROM.txt
│ │ ├── DETWS_PROV_FORM.html
│ │ ├── DETWS_PROV_SAVED_HTML.html
│ │ ├── DETWS_STATS_JSON.json
│ │ └── DETWS_TERMINAL_PAGE.html
│ ├── themes/ (112 generated files)
│ ├── wizard/
│ │ ├── build_assets.py
│ │ ├── gen_favicons.py
│ │ ├── gen_theme_blobs.py
│ │ └── gen_themes.py
│ └── README.md
├── dwserver.cpp
├── dwserver.h
└── ServerConfig.h

Build Footprint

Measured flash + static RAM for each optional feature, built in isolation over the base server on esp32dev. Generated from docs/footprints.json (produced by the RPi build matrix) by docs/utilities/gen_readme_sections.py.

Per-feature build footprint

Measured on esp32dev from each feature's isolated example (one feature enabled over the base server). Flash is the program image; RAM is static .data + .bss. Regenerated by the Feature Tables workflow from docs/footprints.json.

Feature Example Flash (bytes) Static RAM (bytes)
SIGFOX Foundation/15.SigfoxUplink 267,961 21,464
PREEMPT_QUEUE Foundation/08.PreemptLanes 268,401 23,936
ENOCEAN+GATEWAY Foundation/13.EnOceanGateway 268,693 21,848
ZWAVE+GATEWAY Foundation/16.ZWaveGateway 268,905 21,848
THREAD+GATEWAY Foundation/18.ThreadGateway 269,137 22,616
ZIGBEE+GATEWAY Foundation/17.ZigbeeGateway 269,237 22,104
DMA+PREEMPT_QUEUE+DMA_SIMULATE Foundation/07.DmaIngest 269,401 28,600
core/02.SSHCryptoSelfTest L5-Session/02.SSHCryptoSelfTest 269,537 21,476
SEN0192 L7-Application/77.Sen0192 269,805 21,488
DMA+PREEMPT_QUEUE+GATEWAY+DMA_SIMULATE Foundation/10.RadioGateway 270,557 28,720
LD2410 L7-Application/62.Ld2410 270,681 21,576
DMA+PREEMPT_QUEUE+FORWARD+DMA_SIMULATE Foundation/09.InterfaceForward 270,813 29,096
NRF24+GATEWAY Foundation/12.Nrf24Gateway 276,105 21,680
LORA+GATEWAY Foundation/11.LoRaGateway 276,329 21,688
PCA9685 L7-Application/65.Pca9685 284,601 21,800
ADS1115 L7-Application/66.Ads1115 286,841 21,800
SHT3X L7-Application/64.Sht3x 286,909 21,800
INA219 L7-Application/67.Ina219 287,001 21,800
MPR121 L7-Application/63.Mpr121 287,609 21,800
PN532+GATEWAY Foundation/14.NfcGateway 288,129 21,920
core/23.EthernetW5500 Foundation/23.EthernetW5500 469,573 73,672
DNS_SERVER L7-Application/60.DnsServer 725,677 45,976
COAP+COAP_BLOCK+COAP_MAX_PAYLOAD L7-Application/28.CoapBlock 727,557 48,352
UDP_TELEMETRY L7-Application/39.UdpTelemetry 728,137 44,944
SNMP+SNMP_TRAP L7-Application/26.SnmpTrap 728,417 44,928
STATSD L7-Application/59.StatsdMetrics 728,425 45,088
COAP+COAP_OBSERVE L7-Application/27.CoapObserve 729,369 46,104
ESPNOW L7-Application/53.EspNow 731,293 43,576
DNC L7-Application/69.EthernetDnc 733,829 61,112
HTTP_CLIENT L7-Application/23.HttpClient 734,501 63,160
SMTP L7-Application/57.SmtpAlert 734,637 61,112
MQTT L7-Application/24.MqttClient 736,341 65,320
SMB L7-Application/68.SmbFileClient 742,441 65,208
NTP_SERVER+TIME_SOURCE+NMEA0183+NTP L7-Application/58.NtpServer 748,109 46,668
ACCEPT_THROTTLE L4-Transport/02.AcceptThrottle 752,169 81,784
core/71.MediaStreaming L7-Application/71.MediaStreaming 752,269 81,776
core/02.CORS L7-Application/02.CORS 752,333 81,776
RADIO_POWER+RADIO_WIFI_PS L7-Application/47.RadioPower 752,409 81,776
core/04.BasicAuth L6-Presentation/04.BasicAuth 752,409 81,776
core/05.DigestAuth L6-Presentation/05.DigestAuth 752,533 81,776
core/06.RegexRoutes L7-Application/06.RegexRoutes 752,653 81,776
PER_IP_THROTTLE L4-Transport/05.PerIpThrottle 752,677 82,224
KEEPALIVE L4-Transport/01.KeepAlive 752,697 81,776
DEVICE_ID L7-Application/32.DeviceUuid 752,733 81,816
core/05.PathParams L7-Application/05.PathParams 752,737 81,776
core/09.WebSocket L6-Presentation/09.WebSocket 752,785 81,776
GUARDRAILS L7-Application/40.Guardrails 752,857 81,792
core/07.ResponseHeaders L7-Application/07.ResponseHeaders 752,869 81,776
core/04.Middleware L7-Application/04.Middleware 752,961 81,784
core/08.ServerSentEvents L6-Presentation/08.ServerSentEvents 752,969 81,784
DIAG L7-Application/20.Diagnostics 753,009 81,776
core/36.NetEgress L7-Application/36.NetEgress 753,037 81,776
PARTITION_MONITOR L7-Application/37.PartitionMonitor 753,065 81,784
core/01.ChunkedResponse L7-Application/01.ChunkedResponse 753,065 81,792
core/01.FormParams L6-Presentation/01.FormParams 753,161 81,776
AUTH_LOCKOUT L6-Presentation/12.AuthLockout 753,401 82,352
OTA_ROLLBACK L7-Application/44.OtaRollback 753,401 81,792
core/03.Multipart L6-Presentation/03.Multipart 753,497 81,776
TOTP L7-Application/45.Totp 753,517 81,816
IP_ALLOWLIST L4-Transport/07.IpAllowlist 753,697 81,776
LOGBUF L7-Application/41.LogBuffer 753,877 84,904
CSRF L7-Application/33.Csrf 753,941 81,832
core/03.InterfaceFilter L7-Application/03.InterfaceFilter 753,961 81,776
MODBUS L7-Application/30.ModbusTcp 754,093 82,064
core/08.Templating L7-Application/08.Templating 754,137 81,824
STATS L7-Application/22.Stats 754,209 81,880
CONTROL L7-Application/74.PidTuning 754,325 89,856
core/01.Basic Foundation/01.Basic 754,421 81,792
MODBUS+MODBUS_MASTER L7-Application/43.ModbusScan 754,429 82,056
JWT L6-Presentation/06.JWTAuth 754,549 82,928
TELNET L5-Session/04.Telnet 754,581 82,320
AUDIT_LOG L7-Application/49.AuditLog 754,633 84,768
CBOR L6-Presentation/13.Cbor 754,717 81,856
IPV6 Foundation/20.IPv6 754,821 81,776
core/03.Expert Foundation/03.Expert 755,069 81,800
SYSLOG L7-Application/19.Syslog 755,741 83,640
MSGPACK L6-Presentation/14.MsgPack 756,017 81,856
STATS+METRICS L7-Application/21.PrometheusMetrics 756,373 81,920
core/02.Json L6-Presentation/02.Json 756,433 81,784
GPIO_MAP L7-Application/38.GpioMap 756,701 81,840
WS_DEFLATE L6-Presentation/11.WebSocketCompression 757,025 89,976
WEB_TERMINAL L6-Presentation/10.WebTerminal 757,169 81,864
GRAPHQL L7-Application/52.GraphQL 757,285 86,192
CONFIG_STORE+CONFIG_IO L7-Application/42.ConfigExport 757,329 81,844
OTA L7-Application/16.OTA 757,625 102,128
COAP L7-Application/13.CoAP 758,001 84,296
DNS_RESOLVER L7-Application/48.DnsResolver 758,317 83,064
PROVISIONING L7-Application/17.Provisioning 759,961 83,348
OPCUA L7-Application/55.OpcUa 760,497 92,064
core/02.Advanced Foundation/02.Advanced 761,093 81,888
TELEMETRY L7-Application/34.Telemetry 761,201 82,100
SNMP L7-Application/14.SNMP 761,237 94,184
RELAY L7-Application/70.PortForward 762,337 116,392
HTTP_CLIENT+WEBHOOK L7-Application/46.Webhook 762,985 101,536
PROMISC+FORWARD+ETHERNET Foundation/21.WifiCapture 764,637 47,520
OAUTH2+HTTP_CLIENT L7-Application/54.OAuth2 765,217 104,600
OIDC L7-Application/50.OidcAuth 766,149 99,824
core/04.Sysadmin Foundation/04.Sysadmin 766,301 81,792
RTC+TIME_SOURCE+NTP L7-Application/61.Rtc 766,653 45,372
OPCUA+UMATI L7-Application/72.Umati 767,217 92,208
NTRIP_CASTER L7-Application/76.NtripCaster 770,525 84,700
BUS_CAPTURE+FORWARD+ETHERNET Foundation/22.CanCapture 771,165 45,516
ADS L7-Application/73.AdsClient 771,933 45,440
DASHBOARD L7-Application/35.Dashboard 773,173 82,152
NTP+TIME_SOURCE L7-Application/31.TimeSourceFallback 773,549 83,396
EDGE_CACHE+HTTP_CACHE+HTTP_CLIENT L7-Application/79.EdgeCache 773,593 118,848
MDNS L7-Application/15.mDNS 777,813 83,680
NTP L7-Application/18.SNTP 778,073 84,328
IFACE_BRIDGE L7-Application/75.InterfaceBridge 780,393 82,624
COAP+DTLS L7-Application/78.CoapSecure 780,501 102,864
OPCUA+OPCUA_CLIENT L7-Application/56.OpcUaClient 783,461 95,936
ETHERNET Foundation/19.Ethernet 791,209 81,828
ETHERNET+ETH_W5500+ETH_W5500_CS+ETH_W5500_RST+ETH_W5500_INT+ETH_W5500_SCK+ETH_W5500_MISO+ETH_W5500_MOSI Foundation/23.EthernetW5500 791,225 81,828
core/10.FileServing L7-Application/10.FileServing 793,713 81,816
UPLOAD L7-Application/11.FileUpload 794,853 91,128
RANGE L7-Application/12.Range 794,937 81,816
VFS L7-Application/51.Vfs 795,973 86,304
WEBDAV L7-Application/29.WebDav 821,069 105,352
WEBDAV+WEBDAV_MAX_ENTRIES+WEBDAV_BUF_SIZE L7-Application/29.WebDav 821,761 90,856
ETAG L7-Application/09.ETag 828,489 83,088
SSH L5-Session/03.SSHHostKey 828,645 109,156
WS_CLIENT+TLS+WS_CLIENT_TLS L7-Application/25.WebSocketClient 831,333 120,548
WS_CLIENT+TLS+WS_CLIENT_TLS+WS_CLIENT_BUF_SIZE L7-Application/25.WebSocketClient 831,745 123,620
WS_CLIENT+TLS+WS_CLIENT_TLS+WS_CLIENT_BUF_SIZE+TLS_ARENA_SIZE L7-Application/25.WebSocketClient 831,785 107,236
TLS L6-Presentation/07.SecureWebSocket 855,873 122,020
TLS+TLS_ARENA_SIZE L6-Presentation/07.SecureWebSocket 856,485 105,652
TLS+TLS_RESUMPTION L4-Transport/06.TlsResumption 856,693 122,180
TLS+MTLS L4-Transport/04.mTLS 856,829 122,356
TLS+TLS_RESUMPTION+TLS_ARENA_SIZE L4-Transport/06.TlsResumption 857,341 105,812
TLS+MTLS+TLS_ARENA_SIZE L4-Transport/04.mTLS 857,497 105,988

Zero Heap Allocation

Every byte of memory the library uses is accounted for at compile time:

View Zero Heap Allocation Storage Details

Storage Location
conn_pool[MAX_CONNS] - TCP connections + ring buffers BSS
http_pool[MAX_CONNS] - HTTP request structs BSS
ws_pool[MAX_WS_CONNS] - WebSocket connection state BSS
sse_pool[MAX_SSE_CONNS] - SSE connection state BSS
_queue_storage[EVT_QUEUE_DEPTH * sizeof(TcpEvt)] - event queue backing store BSS
_queue_struct - FreeRTOS StaticQueue_t BSS
Route table _routes[MAX_ROUTES] BSS (inside `DetWebServer`)

`begin()` calls xQueueCreateStatic() - no pvPortMalloc, no fragmentation risk. The library makes no heap allocations.

The only post-begin() allocation that can occur is inside fs::File construction in serve_file(), which is an Arduino FS implementation detail outside the library's control.

Every pool above is a fixed BSS array sized from the compile-time constants, so the memory cost is exactly what the configuration says - it never grows at runtime. For the measured flash and static-RAM cost of each optional feature, see the Build Footprint table above.

Feature Flags & Configuration

‍[!IMPORTANT] **Use Build Flags (-D...), Not Sketch #defines!**

Because PlatformIO (and standard Arduino IDE builds) compiles the library's source files (.cpp) independently from your sketch (.ino / .cpp), #define macros inside your sketch files do not propagate to the library's pre-compiled objects.

Declaring configuration or feature macros like #define DETWS_ENABLE_PROVISIONING 1 inside your .ino sketch file before the #include will result in configuration mismatches, linker errors (such as undefined symbols), or unstable behavior at runtime.

To enable/disable features or override configuration constants, you must pass them as compiler build flags. For example, in PlatformIO, define them inside platformio.ini under build_flags:

[env:esp32dev]
platform = espressif32
board = esp32dev
framework = arduino
build_flags =
-DDETWS_ENABLE_PROVISIONING=1
-DDETWS_ENABLE_WEBSOCKET=0
-DMAX_CONNS=6

Any feature flag set to 0 strips the corresponding code and its includes from the build entirely.

Feature Flags

The complete set of DETWS_ENABLE_* flags and their defaults, scraped from src/ServerConfig.h by docs/utilities/gen_readme_sections.py (see FEATURES.md for the full description of each):

All feature flags and their defaults

Flag Default Description
DETWS_ENABLE_ACCEPT_THROTTLE 0 Opt-in global accept-rate throttle (connection-flood defense).
DETWS_ENABLE_ADS 0 Beckhoff ADS / AMS protocol codec (services/ads).
DETWS_ENABLE_ADS1115 0 TI ADS1115 16-bit ADC (I2C) - a precise external analog input.
DETWS_ENABLE_AMQP 0 AMQP 0-9-1 frame codec (services/amqp).
DETWS_ENABLE_ATC 0 Opt-in ATC (Advanced Traffic Controller) field-I/O interop snapshot.
DETWS_ENABLE_AUDIT_LOG 0 Tamper-evident audit log.
DETWS_ENABLE_AUTH 1 HTTP Basic Authentication per-route.
DETWS_ENABLE_AUTH_LOCKOUT 0 Opt-in per-IP brute-force lockout for HTTP auth (requires DETWS_ENABLE_AUTH).
DETWS_ENABLE_BACNET 0 BACnet/IP BVLC + NPDU codec (services/bacnet).
DETWS_ENABLE_BLE_GATT 0 Opt-in Bluetooth ATT protocol codec + GATT characteristic bridge.
DETWS_ENABLE_BUS_CAPTURE 0 Wired field-bus listen-only capture.
DETWS_ENABLE_C37118 0 IEEE C37.118.2 synchrophasor frame codec (services/c37118).
DETWS_ENABLE_CANOPEN 0 CANopen (CiA 301) message codec (services/canopen).
DETWS_ENABLE_CBOR 0 Zero-heap CBOR (RFC 8949) encoder for compact binary payloads.
DETWS_ENABLE_CC1101 0 Opt-in CC1101 sub-GHz radio driver.
DETWS_ENABLE_CCLINK 0 Opt-in CC-Link (CLPA) cyclic fieldbus frame codec.
DETWS_ENABLE_CIA402 0 CiA 402 / IEC 61800-7-201 drive + motion profile (services/cia402).
DETWS_ENABLE_CIP 0 CIP (Common Industrial Protocol) message codec (services/cip).
DETWS_ENABLE_CLOUDEVENTS 0 CloudEvents v1.0 (CNCF) event envelope (structured JSON + binary headers).
DETWS_ENABLE_COAP 0 CoAP server (RFC 7252) over UDP/5683.
DETWS_ENABLE_COAP_BLOCK 0 CoAP block-wise transfer - RFC 7959 (requires DETWS_ENABLE_COAP).
DETWS_ENABLE_COAP_OBSERVE 0 CoAP resource observation - RFC 7641 (requires DETWS_ENABLE_COAP).
DETWS_ENABLE_CONFIG_IO 0 Opt-in schema-driven config export / restore.
DETWS_ENABLE_CONFIG_STORE 0 Typed NVS configuration store (WiFi creds, IP config, ...
DETWS_ENABLE_CONTROL 0 Closed-loop control law (services/control).
DETWS_ENABLE_COTP 0 TPKT (RFC 1006) + COTP (X.224 class 0) frame codec (services/cotp).
DETWS_ENABLE_CSRF 0 Opt-in CSRF protection for state-changing HTTP requests.
DETWS_ENABLE_DASHBOARD 0 Real-time SVG dashboard (DETWS_ENABLE_DASHBOARD; requires DETWS_ENABLE_SSE).
DETWS_ENABLE_DBM 0 Opt-in dbm: a log-structured hash key-value store on the WAL (DETWS_ENABLE_DBM, requires WAL).
DETWS_ENABLE_DDS 0 Opt-in DDS / RTPS wire-protocol codec.
DETWS_ENABLE_DEVICENET 0 DeviceNet link-adaptation codec (services/devicenet).
DETWS_ENABLE_DEVICE_ID 0 Stable device UUID derived from the chip MAC (RFC 4122 v5).
DETWS_ENABLE_DF1 0 Allen-Bradley DF1 full-duplex frame codec (services/df1).
DETWS_ENABLE_DIAG 0 Expose a diagnostic JSON endpoint via server.diag().
DETWS_ENABLE_DIRECTNET 0 Opt-in AutomationDirect / Koyo DirectNET serial frame codec.
DETWS_ENABLE_DMA 0 Enable the DMA peripheral ingest / egress primitive (default off).
DETWS_ENABLE_DMX 0 DMX512 + RDM (ANSI E1.20) lighting codec (services/dmx).
DETWS_ENABLE_DNC 0 Opt-in CNC RS-232 DNC drip-feed codec.
DETWS_ENABLE_DNP3 0 DNP3 (IEEE 1815) data-link frame codec (services/dnp3).
DETWS_ENABLE_DNS_RESOLVER 0 Opt-in DNS resolver with answer verification.
DETWS_ENABLE_DNS_SERVER 0 Authoritative DNS server (services/dns_server) on UDP/53.
DETWS_ENABLE_DOCSTORE 0 Opt-in local JSON document store on the WAL (DETWS_ENABLE_DOCSTORE, requires DBM + WAL).
DETWS_ENABLE_DSHOT 0 Opt-in DShot ESC throttle protocol codec.
DETWS_ENABLE_DTLS 0 DTLS 1.3 datagram security (RFC 9147) - the record layer.
DETWS_ENABLE_EDGE_CACHE 0 Opt-in CDN edge-cache tier (DETWS_ENABLE_EDGE_CACHE, requires HTTP_CACHE).
DETWS_ENABLE_ENIP 0 EtherNet/IP encapsulation codec (services/enip).
DETWS_ENABLE_ENOCEAN 0 Enable the EnOcean ESP3 serial codec (default off).
DETWS_ENABLE_ESPNOW 0 ESP-NOW peer messaging.
DETWS_ENABLE_ETAG 0 Conditional GET (ETag + Last-Modified) for served files.
DETWS_ENABLE_ETHERNET 0 Enable wired Ethernet bring-up (init_eth_physical / eth_ready).
DETWS_ENABLE_EXC_DECODER 0 Opt-in ESP32 panic / exception decoder for a live diagnostics panel.
DETWS_ENABLE_FAILSAFE 0 Opt-in software watchdog: deadlock detection + fail-safe safe-state.
DETWS_ENABLE_FDC2214 0 Opt-in FDC2114/2214 capacitance-to-digital field sensor.
DETWS_ENABLE_FILE_SERVING 1 Static file serving via Arduino FS (LittleFS, SPIFFS, SD).
DETWS_ENABLE_FINS 0 Omron FINS frame codec (services/fins).
DETWS_ENABLE_FLOW_EXPORT 0 Flow-record export codec (services/flow_export).
DETWS_ENABLE_FOCAS 0 FANUC FOCAS Ethernet protocol codec (services/focas).
DETWS_ENABLE_FORWARD 0 Enable the interface forwarding plane (default off).
DETWS_ENABLE_FTP 0 Opt-in FTP client wire codec.
DETWS_ENABLE_GATEWAY 0 Enable the radio / wireless gateway bridge (default off).
DETWS_ENABLE_GOOSE 0 Opt-in IEC 61850 GOOSE publisher codec.
DETWS_ENABLE_GPIO_MAP 0 Opt-in browser GPIO pin-mapper / diagnostics endpoint.
DETWS_ENABLE_GRAPHQL 0 GraphQL query subset.
DETWS_ENABLE_GRPC_WEB 0 gRPC-Web message framing (services/grpcweb).
DETWS_ENABLE_GUARDRAILS 0 Opt-in runtime heap/stack guardrails.
DETWS_ENABLE_HAPPY_EYEBALLS 0 Opt-in dual-stack Happy Eyeballs destination selection.
DETWS_ENABLE_HART 0 Opt-in HART / HART-IP process-instrument protocol codec.
DETWS_ENABLE_HOSTLINK 0 Omron Host Link (C-mode) frame codec (services/hostlink).
DETWS_ENABLE_HTTP2 0 HTTP/2 (RFC 9113) over the version-agnostic request/response core.
DETWS_ENABLE_HTTP3 0 HTTP/3 (RFC 9114) over QUIC (RFC 9000) - implemented, host-tested end-to-end (HW verification pending).
DETWS_ENABLE_HTTP_CACHE 0 Opt-in HTTP Cache-Control directive helpers.
DETWS_ENABLE_HTTP_CLIENT 0 Outbound HTTP(S) client (raw lwIP, optional client-side mbedTLS).
DETWS_ENABLE_HTTP_CLIENT_TLS 0 HTTPS client support inside the HTTP client (needs DETWS_ENABLE_TLS).
DETWS_ENABLE_HTTP_DELIVERY 0 Opt-in HTTP delivery optimizations.
DETWS_ENABLE_HW_HEALTH 0 Opt-in hardware-health diagnostics.
DETWS_ENABLE_ICCP 0 Opt-in ICCP / TASE.2 (IEC 60870-6) inter-control-center telemetry codec.
DETWS_ENABLE_IEC60870 0 IEC 60870-5-101 / -104 telecontrol (SCADA) codec (services/iec60870).
DETWS_ENABLE_IFACE_BRIDGE 0 User-defined address:port -> hardware-bus bridge (services/iface_bridge).
DETWS_ENABLE_INA219 0 TI INA219 high-side current / power monitor (I2C).
DETWS_ENABLE_INTERBUS 0 Opt-in INTERBUS summation-frame fieldbus codec.
DETWS_ENABLE_IOLINK 0 IO-Link (SDCI, IEC 61131-9) data-link message codec (services/iolink).
DETWS_ENABLE_IPV6 0 Enable IPv6 on the network interface (dual-stack).
DETWS_ENABLE_IP_ALLOWLIST 0 Opt-in source-IP allowlist (accept-time firewall, IPv4 and IPv6).
DETWS_ENABLE_J1939 0 SAE J1939 message codec (services/j1939).
DETWS_ENABLE_J2735 0 Opt-in SAE J2735 V2X codec.
DETWS_ENABLE_JWT 0 JWT bearer-token authentication (HS256).
DETWS_ENABLE_KEEPALIVE 1 HTTP/1.1 persistent connections (keep-alive).
DETWS_ENABLE_LD2410 0 HLK-LD2410 24 GHz mmWave presence / motion radar (UART).
DETWS_ENABLE_LDC1614 0 Opt-in LDC1614 inductance-to-digital field sensor.
DETWS_ENABLE_LINK_MANAGER 0 Opt-in multi-interface egress selection / failover policy.
DETWS_ENABLE_LOGBUF 0 Opt-in fixed-RAM rotating log buffer with severity traps.
DETWS_ENABLE_LONWORKS 0 Opt-in LonWorks / LON-IP (ISO/IEC 14908) network-variable codec.
DETWS_ENABLE_LORA 0 Enable the LoRa (SX127x) radio codec + driver (default off).
DETWS_ENABLE_LWM2M 0 OMA LwM2M TLV codec (services/lwm2m).
DETWS_ENABLE_MBPLUS 0 Opt-in Modbus Plus HDLC token-bus frame codec.
DETWS_ENABLE_MBUS 0 Wired M-Bus (Meter-Bus, EN 13757) frame codec (services/mbus).
DETWS_ENABLE_MDNS 0 mDNS / DNS-SD advertisement (name.local + _http._tcp) via ESPmDNS.
DETWS_ENABLE_MDNS_ADAPTIVE 0 Opt-in adaptive mDNS beacon scheduling.
DETWS_ENABLE_MELSEC 0 Mitsubishi MELSEC MC protocol (binary 3E) codec (services/melsec).
DETWS_ENABLE_METRICS 0 Prometheus /metrics endpoint (text exposition format 0.0.4).
DETWS_ENABLE_MMS 0 Opt-in IEC 61850 MMS PDU codec.
DETWS_ENABLE_MODBUS 0 Modbus TCP slave/server (Modbus Application Protocol v1.1b3) on TCP/502.
DETWS_ENABLE_MODBUS_MASTER 0 Opt-in Modbus master codec + register scanner.
DETWS_ENABLE_MODBUS_RTU 0 Modbus RTU framing (serial / RS-485) over the same data model + PDU dispatch.
DETWS_ENABLE_MPR121 0 NXP MPR121 12-channel capacitive-touch controller (I2C).
DETWS_ENABLE_MQTT 0 MQTT 3.1.1 publish/subscribe client (raw lwIP, optional MQTTS over TLS).
DETWS_ENABLE_MQTT_SN 0 MQTT-SN v1.2 wire codec (services/mqtt/mqtt_sn).
DETWS_ENABLE_MQTT_TLS 0 MQTTS: run the MQTT client over client-side TLS (needs DETWS_ENABLE_TLS).
DETWS_ENABLE_MSGPACK 0 Zero-heap MessagePack encoder and decoder for compact binary payloads.
DETWS_ENABLE_MTCONNECT 0 Opt-in MTConnect agent response codec.
DETWS_ENABLE_MTLS 0 Mutual TLS - require and verify a client certificate (mTLS).
DETWS_ENABLE_MULTIPART 1 multipart/form-data body parser.
DETWS_ENABLE_NATS 0 NATS client protocol codec (services/nats).
DETWS_ENABLE_NEMA_TS2 0 Opt-in NEMA TS 2 traffic-cabinet SDLC frame codec.
DETWS_ENABLE_NETADAPT 0 Opt-in network adaptation decisions.
DETWS_ENABLE_NMEA0183 0 NMEA 0183 sentence codec (services/nmea0183).
DETWS_ENABLE_NMEA2000 0 NMEA 2000 codec (services/nmea2000).
DETWS_ENABLE_NRF24 0 Enable the nRF24L01+ radio driver (default off).
DETWS_ENABLE_NTCIP 0 Opt-in NTCIP transportation-device object identifiers.
DETWS_ENABLE_NTP 0 SNTP wall-clock time sync via the ESP-IDF SNTP client.
DETWS_ENABLE_NTP_SERVER 0 NTP/SNTP time server (RFC 5905 / RFC 4330 server mode) on UDP/123 (services/ntp_server).
DETWS_ENABLE_NTRIP_CASTER 0 GNSS RTK base station + NTRIP caster (services/gnss).
DETWS_ENABLE_NTS 0 Opt-in Network Time Security (NTS, RFC 8915) wire codec.
DETWS_ENABLE_OAUTH2 0 OAuth2 token-endpoint client.
DETWS_ENABLE_OBSERVABILITY 0 Transport-layer observability: connection event hook + counters.
DETWS_ENABLE_OCIT 0 Opt-in OCIT-Outstations message codec.
DETWS_ENABLE_OIDC 0 OpenID Connect ID-token verification, RS256.
DETWS_ENABLE_OPCUA 0 OPC UA Binary server.
DETWS_ENABLE_OPCUA_CLIENT 0 OPC UA Binary client.
DETWS_ENABLE_OPENADR 0 Opt-in OpenADR 3.0 (Automated Demand Response) JSON codec.
DETWS_ENABLE_OTA 0 Authenticated OTA firmware update (streaming POST to the ESP32 Update API).
DETWS_ENABLE_OTA_ROLLBACK 0 Opt-in OTA rollback protection / soft-brick safeguard.
DETWS_ENABLE_PARTITION_MONITOR 0 Opt-in flash partition-map monitor endpoint.
DETWS_ENABLE_PCA9685 0 NXP PCA9685 16-channel 12-bit PWM / servo driver (I2C).
DETWS_ENABLE_PER_IP_THROTTLE 0 Opt-in per-IP accept-rate throttle (connection-flood defense, keyed by source IPv4).
DETWS_ENABLE_PN532 0 Enable the PN532 NFC frame codec (default off).
DETWS_ENABLE_POWERLINK 0 Opt-in Ethernet POWERLINK (EPSG) basic frame codec.
DETWS_ENABLE_PQC_KEX 0 Post-quantum hybrid key exchange: ML-KEM-768 + X25519 (FIPS 203 / RFC 9370 combiner).
DETWS_ENABLE_PREEMPT_QUEUE 0 Enable the preempting work queue primitive (default off).
DETWS_ENABLE_PROFIBUS 0 Opt-in PROFIBUS-DP FDL telegram codec.
DETWS_ENABLE_PROFINET 0 Opt-in PROFINET DCP (Discovery and Configuration Protocol) frame codec.
DETWS_ENABLE_PROMISC 0 Wi-Fi promiscuous (monitor) capture.
DETWS_ENABLE_PROTOBUF 0 Protocol Buffers wire codec (services/protobuf).
DETWS_ENABLE_PROVISIONING 0 First-boot WiFi provisioning: softAP + captive-portal credentials form.
DETWS_ENABLE_PROXY_PROTOCOL 0 HAProxy PROXY protocol codec (services/proxy_protocol).
DETWS_ENABLE_PSRAM_POOL 0 Opt-in buffer placement policy (DRAM vs PSRAM) + SPI DMA ping-pong manager.
DETWS_ENABLE_RADIO_POWER 0 Opt-in radio power controls.
DETWS_ENABLE_RADIO_SNIFF 0 Opt-in receive-only radio channel sniffer to pcap.
DETWS_ENABLE_RANGE 0 HTTP Range requests / 206 Partial Content (requires DETWS_ENABLE_FILE_SERVING or DETWS_ENABLE_EDGE_CACHE).
DETWS_ENABLE_RAWL2 0 Opt-in raw Layer-2 Ethernet frame codec.
DETWS_ENABLE_REDIS 0 Redis RESP2 wire codec (services/redis_resp).
DETWS_ENABLE_REDIS 0 Redis RESP2 wire codec (services/redis_resp).
DETWS_ENABLE_RELAY 0 Opt-in TCP relay / DNAT port forwarding.
DETWS_ENABLE_RTC 0 I2C real-time-clock driver (DS1307 / DS3231) - a battery-backed time source.
DETWS_ENABLE_S7COMM 0 Siemens S7comm PDU codec (services/s7comm).
DETWS_ENABLE_SDI12 0 SDI-12 sensor-bus codec (services/sdi12).
DETWS_ENABLE_SEN0192 0 DFRobot SEN0192 10.525 GHz microwave Doppler motion sensor (single digital OUT line).
DETWS_ENABLE_SENML 0 SenML (RFC 8428) measurement-pack builder (services/senml).
DETWS_ENABLE_SEP2 0 Opt-in IEEE 2030.5 (Smart Energy Profile 2.0) resource codec.
DETWS_ENABLE_SERCOS 0 Opt-in SERCOS III motion-bus telegram codec.
DETWS_ENABLE_SHT3X 0 Sensirion SHT3x temperature / humidity sensor (I2C).
DETWS_ENABLE_SIGFOX 0 Enable the Sigfox AT-command codec (default off).
DETWS_ENABLE_SLEEP_SCHED 0 Opt-in dynamic sleep-cycle scheduler.
DETWS_ENABLE_SMB 0 Opt-in SMB2 client.
DETWS_ENABLE_SMTP 0 Outbound SMTP client (RFC 5321) for device email alerts (services/smtp).
DETWS_ENABLE_SNMP 0 SNMP agent (v1/v2c, + v3 USM when DETWS_ENABLE_SNMP_V3) over lwIP UDP.
DETWS_ENABLE_SNMP_TRAP 0 Outbound SNMP notifications - traps and informs (requires DETWS_ENABLE_SNMP).
DETWS_ENABLE_SNMP_V3 0 Add SNMPv3 USM (auth via HMAC-SHA, privacy via AES-128-CFB).
DETWS_ENABLE_SNP 0 Opt-in GE Fanuc SNP (Series Ninety Protocol) serial frame codec.
DETWS_ENABLE_SOCKPOOL 0 Opt-in dynamic socket recycling: an LRU connection-slot pool.
DETWS_ENABLE_SOUTHBOUND 0 Opt-in southbound protocol-driver framework.
DETWS_ENABLE_SPARKPLUG 0 Sparkplug B payload + topic codec (services/sparkplug).
DETWS_ENABLE_SPA_ROUTER 0 Opt-in single-page-app micro-routing decision.
DETWS_ENABLE_SQLITE 0 Opt-in SQLite3 on-disk file-format reader.
DETWS_ENABLE_SSE 1 Server-Sent Events push support.
DETWS_ENABLE_SSH 0 SSH server support (RFC 4253/4252/4254).
DETWS_ENABLE_SSH_ZLIB 0 SSH server-to-client compression (zlib@openssh.com / zlib, RFC 4253 sec 6.2).
DETWS_ENABLE_STATS 0 Runtime stats endpoint (uptime, request/error counts, pool usage, heap).
DETWS_ENABLE_STATSD 0 Opt-in StatsD metrics client.
DETWS_ENABLE_STOMP 0 STOMP 1.2 frame codec (services/stomp).
DETWS_ENABLE_SUNSPEC 0 SunSpec Modbus device-information-model codec (services/sunspec).
DETWS_ENABLE_SYSLOG 0 Syslog client (RFC 5424 over UDP).
DETWS_ENABLE_TELEMETRY 0 Telemetry math helpers (moving-window stats, rate-of-change, totalizer).
DETWS_ENABLE_TELNET 0 Telnet server support (RFC 854 / IAC option negotiation).
DETWS_ENABLE_THEMES 0 Embed the theme stylesheet library as runtime-selectable blobs (default off).
DETWS_ENABLE_THREAD 0 Enable the Thread spinel / HDLC-lite framing codec (default off).
DETWS_ENABLE_TIME_SOURCE 0 Multi-source time fallback (NTP / RTC / GPS / ...
DETWS_ENABLE_TLS 0 TLS (HTTPS/WSS) via mbedTLS with a static memory pool (ESP32-only).
DETWS_ENABLE_TLS_POLICY 0 Opt-in TLS version negotiation + pinned cipher-suite policy.
DETWS_ENABLE_TLS_RESUMPTION 0 TLS session resumption via RFC 5077 session tickets (requires DETWS_ENABLE_TLS).
DETWS_ENABLE_TOTP 0 Opt-in TOTP two-factor auth (RFC 6238).
DETWS_ENABLE_UDP_TELEMETRY 0 Opt-in fire-and-forget UDP telemetry cast.
DETWS_ENABLE_UMATI 0 umati - OPC UA for Machine Tools information model.
DETWS_ENABLE_UPLOAD 0 Streaming file upload: POST a body straight to a file on the filesystem.
DETWS_ENABLE_UTMC 0 Opt-in UTMC (Urban Traffic Management and Control) common-database codec.
DETWS_ENABLE_VFS 0 Unified virtual filesystem wrapper.
DETWS_ENABLE_VL53L0X 0 Opt-in VL53L0X optical time-of-flight ranging sensor.
DETWS_ENABLE_WAL 0 Opt-in write-ahead store for atomic buffer-to-flash storage.
DETWS_ENABLE_WAMP 0 WAMP messaging codec (services/wamp).
DETWS_ENABLE_WAVE 0 Opt-in IEEE 1609 WAVE (WSMP + 1609.2 envelope) codec.
DETWS_ENABLE_WEARLEVEL 0 Opt-in flash wear-leveling slot selector.
DETWS_ENABLE_WEBDAV 0 WebDAV server (RFC 4918, class 1 + advisory locks) over the file system.
DETWS_ENABLE_WEBHOOK 0 Opt-in outbound webhooks / IFTTT.
DETWS_ENABLE_WEBSOCKET 1 WebSocket support (RFC 6455 framing + SHA-1/base64 handshake).
DETWS_ENABLE_WEB_TERMINAL 0 Browser "web serial" terminal over WebSocket (src/services/web_terminal).
DETWS_ENABLE_WIFI_SNIFFER 0 Opt-in 802.11 sniffer / traffic analyzer.
DETWS_ENABLE_WISUN 0 Opt-in Wi-SUN FAN border-router connector.
DETWS_ENABLE_WS_CLIENT 0 Outbound WebSocket client (RFC 6455 over raw lwIP, optional wss:// TLS).
DETWS_ENABLE_WS_CLIENT_TLS 0 wss://: run the WebSocket client over client-side TLS (needs DETWS_ENABLE_TLS).
DETWS_ENABLE_WS_DEFLATE 0 WebSocket permessage-deflate (RFC 7692) - bidirectional compression.
DETWS_ENABLE_XMPP 0 Opt-in XMPP (RFC 6120) stanza codec.
DETWS_ENABLE_ZIGBEE 0 Enable the Zigbee EZSP / ASH framing codec (default off).
DETWS_ENABLE_ZWAVE 0 Enable the Z-Wave Serial API frame codec (default off).

Illegal combinations (e.g. MAX_WS_CONNS + MAX_SSE_CONNS > MAX_CONNS) produce #error messages at compile time with a descriptive reason string.

Configuration Overrides

All constants can be overridden using compiler build flags (e.g. -DMAX_CONNS=6). Default limits and sizes reside in ServerConfig.h.

Expand Configuration constants and options

The full list of tunable #define constants and their defaults, scraped from src/ServerConfig.h by docs/utilities/gen_readme_sections.py. Override any with a build flag (e.g. -DMAX_CONNS=6); illegal combinations are caught by #error guards at compile time.

Constant Default Description
BODY_BUF_SIZE 256 Maximum request body bytes stored in HttpReq::body.
CACHE_CONTROL_BUF_SIZE 64 Size of the optional Cache-Control header line stored in DetWebServer.
CHUNK_BUF_SIZE 1440 Per-chunk staging buffer for send_chunked()'s ChunkSource (max bytes a source produces per call, hence the largest single chunk on the wire).
CONN_TIMEOUT_MS 5000 Compile-time default for connection idle timeout in milliseconds.
CORS_HDR_BUF_SIZE 192 Size of the pre-built CORS header block stored in DetWebServer.
DETWS_ACCEPT_THROTTLE_MAX 20 Max accepted connections per throttle window (see DETWS_ENABLE_ACCEPT_THROTTLE).
DETWS_ACCEPT_THROTTLE_WINDOW_MS 1000 Throttle window length in milliseconds (see DETWS_ENABLE_ACCEPT_THROTTLE).
DETWS_ADS1115_DIFFERENTIAL 0 ADS1115 input mode: 0 = single-ended (AINx vs GND), 1 = differential.
DETWS_ADS1115_I2C_ADDR 0x48 I2C address of the ADS1115 (0x48 with ADDR to GND; 0x49/0x4A/0x4B for VDD/SDA/SCL).
DETWS_AUTH_LOCKOUT_BASE_MS 1000 First lockout duration in ms; doubles on each further failure.
DETWS_AUTH_LOCKOUT_MAX_MS 300000 Maximum lockout duration in ms (the exponential backoff cap).
DETWS_AUTH_LOCKOUT_SLOTS 16 Number of source IPs the auth lockout tracks (BSS bucket table).
DETWS_AUTH_LOCKOUT_THRESHOLD 5 Consecutive failed auths from one IP before it is locked out.
DETWS_BRIDGE_MAX_RULES 8 Max concurrent address:port -> bus rules (services/iface_bridge).
DETWS_BRIDGE_STREAM_CHUNK 256 STREAM (UART) pipe chunk size (bytes) for services/iface_bridge - one socket<->UART hop.
DETWS_BRIDGE_TXN_MAX 256 Max write / read payload (bytes) per TRANSACTION frame (services/iface_bridge).
DETWS_BRIDGE_UART_TXN_MS 50 UART TRANSACTION read window (ms): how long a write-then-read waits for the read_len reply.
DETWS_CLIENT_CONNS 2 Number of simultaneous outbound client connections (BSS pool size).
DETWS_CLIENT_RX_BUF 8192 Per-connection wire receive ring size (bytes).
DETWS_CLOSING_TIMEOUT_MS 2000 Upper bound (ms) a slot may dwell in ConnState::CONN_CLOSING after a graceful close before the idle sweep force-aborts it.
DETWS_COAP_BLOCK1_MAX 1024 Reassembly buffer for a block-wise (Block1) request upload, in bytes.
DETWS_COAP_BLOCK_SZX_MAX 6 Largest block-size exponent (SZX) the server will use: block size = 2^(SZX+4) bytes, SZX 0..6 (16..1024).
DETWS_COAP_MAX_OBSERVERS 4 Maximum simultaneous CoAP observers (one slot per observed resource per client).
DETWS_COAP_MAX_PATH 64 Maximum reconstructed Uri-Path length, including separators and the leading '/'.
DETWS_COAP_MAX_PAYLOAD 256 Maximum CoAP request/response payload in bytes.
DETWS_COAP_MAX_QUERY 64 Maximum reconstructed Uri-Query length (segments joined by '&').
DETWS_COAP_MAX_RESOURCES 8 Maximum registered CoAP resources (the server's fixed routing table).
DETWS_COAP_OBSERVE_PORT 5683 Default UDP port the CoAP observe transport notifies from (IANA well-known 5683).
DETWS_CONFIG_KEY_MAX 16 Max key length incl.
DETWS_CONFIG_MAX_ENTRIES 16 Max key/value entries in the host (test) config backend.
DETWS_CONFIG_VAL_MAX 64 Max value bytes per entry in the host (test) config backend.
DETWS_DASHBOARD_JSON_BUF 1024 Stack buffer for the dashboard layout / values JSON (bytes).
DETWS_DASHBOARD_MAX_WIDGETS 16 Maximum widgets in the dashboard table (BSS value array).
DETWS_DEFER_QUEUE_DEPTH 8 Depth of each worker's deferred-callback queue.
DETWS_DMA_BUF_SIZE 256 Bytes per DMA transfer buffer (RX is double-buffered at this size).
DETWS_DMA_CHANNELS 2 Number of DMA channels (static-allocated; each is one peripheral link).
DETWS_DMA_SIMULATE 1 Route DMA transfers through the ingress/egress simulator (default on).
DETWS_DNC_LEADER_LEN 32 Default leader/trailer runout length for the DNC encoder.
DETWS_DNC_LINE_MAX 128 Largest G-code block (one line) the DNC decoder reassembles.
DETWS_DNC_XOFF_MAX_POLLS 200000 Safety cap on how many times the DNC stream engine polls the reverse channel while paused by an XOFF, before giving up with an I/O error.
DETWS_DNS_NAME_MAX 128 Max length of a queried/stored DNS name (bytes, incl NUL).
DETWS_DNS_SERVER_MAX_RECORDS 8 Max A records in the DNS server's fixed table.
DETWS_DNS_SERVER_TTL 60 TTL (seconds) the DNS server puts on its answers.
DETWS_DNS_TIMEOUT_MS 5000 DNS resolve timeout in milliseconds.
DETWS_ENFORCE_HOST_HEADER 1 Enforce the RFC 7230 §5.4 Host-header requirement (default on).
DETWS_ENOCEAN_MAX_DATA 512 Reject an ESP3 telegram whose declared data length exceeds this (framing sanity).
DETWS_ETH_W5500 0
DETWS_FAILSAFE_MAX_LIFELINES 8 Max monitored lifelines in the fail-safe registry (static, zero-heap).
DETWS_FTP_CMD_MAX 256 Suggested FTP control-command buffer size.
DETWS_FWD_ACL_PATLEN 4 Bytes an ACL entry can match (its pattern / mask length).
DETWS_FWD_INSPECT 0 Build-time toggle for the forwarding-path inspection hook (default off, for cost + privacy).
DETWS_FWD_MAX_ACL 8 Max ingress access-control entries (byte-pattern permit/deny; static).
DETWS_FWD_MAX_IFACES 4 Max interfaces the forwarding plane tracks (static-allocated).
DETWS_FWD_MAX_ROUTES 8 Max policy routes (byte-pattern -> egress interface; static).
DETWS_FWD_MAX_RULES 8 Max forwarding rules (src -> dst allow/deny + rate cap; static-allocated).
DETWS_GPIO_JSON_BUF 1024 Stack buffer for the GPIO-map JSON (bytes).
DETWS_GPIO_MAX 40 Maximum GPIO pins the mapper reports (BSS table).
DETWS_GUARDRAIL_FRAG_MIN_BLOCK 4096 Largest-free-block floor (bytes); below this trips the fragmentation guardrail.
DETWS_GUARDRAIL_HEAP_MIN 8192 Free-heap floor (bytes); below this trips the heap guardrail.
DETWS_GUARDRAIL_STACK_MIN 512 Task remaining-stack floor (bytes); below this trips the stack guardrail.
DETWS_GW_MAX_PORTS 4 Max southbound gateway ports (radios / buses; static-allocated).
DETWS_H2_HDR_BLOCK 4096 Header-block reassembly buffer for HTTP/2 requests that span HEADERS + CONTINUATION frames (a single END_HEADERS frame decodes in place and needs no copy).
DETWS_H2_MAX_FRAME 16384 Largest HTTP/2 frame we accept, in bytes (advertised as SETTINGS_MAX_FRAME_SIZE).
DETWS_H2_MAX_STREAMS 8 Max concurrent HTTP/2 streams per connection (advertised as MAX_CONCURRENT_STREAMS).
DETWS_H2_POOL_IN_PSRAM 0 Place the HTTP/2 connection-engine pool in external PSRAM (ESP32).
DETWS_H3_CRYPTO_BUF 2048 Maximum bytes of one QUIC/TLS handshake CRYPTO flight (RFC 9001).
DETWS_H3_MAX_STREAMS 8 Maximum concurrent request streams per HTTP/3 connection.
DETWS_HPACK_MAX_ENTRIES 128 Max HPACK dynamic-table entries (>= DETWS_HPACK_TABLE_BYTES / 32, the min entry size).
DETWS_HPACK_TABLE_BYTES 4096 Per-connection HPACK dynamic-table size in bytes (our decoder; advertised to the peer as SETTINGS_HEADER_TABLE_SIZE).
DETWS_HTTP3_PORT 443 UDP port the HTTP/3 (QUIC) server binds by default (used by DetWebServer::h3_cert).
DETWS_HTTP_CLIENT_BUF_SIZE 2048 Receive buffer (and max response size) for the outbound HTTP client, bytes.
DETWS_HTTP_CLIENT_CT_BUF_SIZE 4096 Ciphertext receive-ring size for the https:// client, bytes.
DETWS_HTTP_CLIENT_TIMEOUT_MS 8000 Outbound HTTP client connect/response timeout in milliseconds.
DETWS_HTTP_EMIT_DATE 0 Auto-inject a Date response header (RFC 7231 7.1.1.2) when a wall-clock time is available.
DETWS_INA219_CURRENT_LSB_UA 100 Default INA219 current LSB in microamps per bit (calibration input).
DETWS_INA219_I2C_ADDR 0x40 I2C address of the INA219 (0x40 default; the A0/A1 pins select 0x40..0x4F).
DETWS_INA219_SHUNT_MOHM 100 Default INA219 shunt resistance in milliohms (calibration input).
DETWS_IP_ALLOWLIST_SLOTS 8 Number of CIDR rules the source-IP allowlist can hold (BSS table).
DETWS_JWT_MAX_LEN 512 Maximum accepted JWT length in bytes (header.payload.signature).
DETWS_KEEPALIVE_MAX_REQUESTS 100 Maximum requests served on one keep-alive connection before it is closed.
DETWS_LD2410_BAUD 256000 LD2410 UART baud rate (the module's fixed factory default is 256000).
DETWS_LOG_LINES 32 Number of log lines retained in the ring.
DETWS_LOG_LINE_LEN 96 Maximum length of one stored log line (bytes, including null).
DETWS_LORA_MAX_PAYLOAD 251 Max LoRa payload bytes (SX127x FIFO is 256; RadioHead uses 251 + 4 header).
DETWS_MAX_UDP_LISTENERS 2 Maximum simultaneously bound UDP ports (transport-layer UDP service).
DETWS_MODBUS_COILS 64 Number of Modbus coils (FC 1/5/15), single-bit R/W (BSS, bit-packed).
DETWS_MODBUS_DISCRETE_INPUTS 64 Number of Modbus discrete inputs (FC 2), single-bit read-only (BSS, bit-packed).
DETWS_MODBUS_HOLDING_REGS 64 Number of Modbus holding registers (FC 3/6/16), 16-bit R/W (BSS).
DETWS_MODBUS_INPUT_REGS 64 Number of Modbus input registers (FC 4), 16-bit read-only (BSS).
DETWS_MPR121_I2C_ADDR 0x5A I2C address of the MPR121 (0x5A default; 0x5B/0x5C/0x5D via the ADDR pin).
DETWS_MPR121_RELEASE_THRESHOLD 6 MPR121 per-electrode release threshold (delta counts; should be below the touch threshold).
DETWS_MPR121_TOUCH_THRESHOLD 12 MPR121 per-electrode touch threshold (delta counts from baseline; NXP AN3944 suggests ~4..12).
DETWS_MQTT_BUF_SIZE 1024 MQTT packet buffer size in bytes (bounds one outgoing/incoming packet).
DETWS_MQTT_CT_BUF_SIZE 4096 Ciphertext receive-ring size for MQTTS (draining ring; must exceed one TCP_MSS).
DETWS_MQTT_INFLIGHT_BUF 256 Stored-packet size per in-flight QoS 1/2 slot (caps a retransmittable PUBLISH).
DETWS_MQTT_KEEPALIVE_S 30 Default MQTT keep-alive interval in seconds (PINGREQ cadence / CONNECT field).
DETWS_MQTT_MAX_INFLIGHT 4 Outbound QoS 1/2 in-flight slots (unacknowledged messages held for DUP retransmit).
DETWS_MQTT_MAX_TOPIC 128 Maximum inbound MQTT topic length (including NUL) delivered to the callback.
DETWS_MQTT_RETRANSMIT_MS 5000 Retransmit timeout (ms) for an unacknowledged in-flight QoS 1/2 message.
DETWS_MQTT_RX_QOS2_SLOTS 8 Inbound QoS 2 packet-id de-duplication ring depth (PUBREC-acknowledged, awaiting PUBREL).
DETWS_MTLS_SUBJECT_MAX 128 Maximum length of a verified mTLS peer subject DN string (incl.
DETWS_NEED_DET_CLIENT 0
DETWS_NRF24_PAYLOAD 32 nRF24 fixed payload width in bytes (1..32; the chip's static payload size).
DETWS_NTP_SERVER_STRATUM 3 Stratum the NTP server advertises (distance from a reference clock; 1-15).
DETWS_NTRIP_MAX_MOUNTS 2 Max distinct mountpoints a single caster serves (each = one RTCM stream).
DETWS_NTRIP_MAX_ROVERS 4 Max concurrent rover connections a caster serves corrections to (services/gnss).
DETWS_NTRIP_MOUNT_MAX 32 Max length (incl.
DETWS_NTRIP_REQ_MAX 512 Max NTRIP client request size (bytes) the caster buffers while reading the request headers.
DETWS_OIDC_MAX_LEN 1600 Max accepted OIDC ID-token length (also sizes the Authorization buffer).
DETWS_OTA_CONFIRM_WINDOW_MS 30000 Confirm window (ms): a pending image not confirmed within this rolls back.
DETWS_PARTITION_JSON_BUF 1024 Stack buffer for the partition-map JSON (bytes).
DETWS_PARTITION_MAX 16 Maximum partitions the monitor reports (BSS table).
DETWS_PCA9685_FREQ 50 Default PWM output frequency in Hz (50 Hz suits hobby servos).
DETWS_PCA9685_I2C_ADDR 0x40 I2C address of the PCA9685 (0x40 default; the six address pins select 0x40..0x7F).
DETWS_PER_IP_THROTTLE_MAX 10 Max accepted connections per window from one source IP (see DETWS_ENABLE_PER_IP_THROTTLE).
DETWS_PER_IP_THROTTLE_SLOTS 16 Number of source IPv4 addresses tracked by the per-IP throttle (BSS bucket table).
DETWS_PER_IP_THROTTLE_WINDOW_MS 10000 Per-IP throttle window length in milliseconds (see DETWS_ENABLE_PER_IP_THROTTLE).
DETWS_PN532_MAX_DATA 254 Reject a PN532 normal frame whose declared length exceeds this (framing sanity).
DETWS_PQ_DEPTH 16 Capacity of the preempting queue in items (static-allocated).
DETWS_PQ_INTERNAL_PRIORITY 8 Base FreeRTOS priority for the internal preempting lanes (DMA / forwarding / device access).
DETWS_PQ_ITEM_SIZE 32 Bytes per preempting-queue item (the posted item must fit).
DETWS_PQ_STACK 4096 Stack (bytes) for each preempting-queue processing task (ESP32).
DETWS_PROTO_MAX 10 Size of the protocol-handler dispatch table; must exceed the largest ConnProto id.
DETWS_RADIO_MAX_TX_DBM 0 Max TX power cap in dBm (2..20); 0 = leave the platform default.
DETWS_RADIO_WIFI_PS 0 WiFi modem-sleep mode: 0 = none (max perf), 1 = min modem, 2 = max modem.
DETWS_RELAY_BUF 2048 Per-direction relay buffer size (bytes) for services/relay.
DETWS_RELAY_CONNECT_MS 5000 Blocking connect timeout (ms) when the relay listener dials the origin on a new inbound.
DETWS_RELAY_DRAIN_MAX 8 Max det_relay_step passes per poll for the relay listener.
DETWS_RELAY_HOST_MAX 64 Max origin hostname length (bytes, incl.
DETWS_RELAY_MAX_CONNS 4 Max concurrent relayed connections (bridge table size) for the relay listener.
DETWS_RELAY_MAX_PUBLISH 4 Max published relay ports (bind table size) for the relay listener.
DETWS_RTC_I2C_ADDR 0x68 I2C address of the RTC (DS1307/DS3231 are fixed at 0x68).
DETWS_SCRATCH_ARENA_SIZE 8192 Size in bytes of the shared per-dispatch scratch arena.
DETWS_SEN0192_ACTIVE_HIGH 1 SEN0192 OUT polarity: 1 = the OUT line reads HIGH on motion, 0 = active-LOW.
DETWS_SEN0192_HOLD_MS 2000 Presence is held this many ms after the last active (motion) sample before it clears.
DETWS_SEN0192_PIN 4 GPIO the SEN0192 OUT line is wired to.
DETWS_SHT3X_I2C_ADDR 0x44 I2C address of the SHT3x (0x44 with ADDR low; 0x45 with ADDR high).
DETWS_SIGFOX_MAX_PAYLOAD 12 Maximum Sigfox uplink payload (the network caps a message at 12 bytes).
DETWS_SMB_BUF 1024 SMB2 client work-buffer size (bytes) for smb_client's request/response framing.
DETWS_SMTP_CT_BUF_SIZE 4096 Ciphertext receive-ring size for SMTPS, bytes (only used when the message is TLS).
DETWS_SMTP_LINE_MAX 256 Max length of one SMTP command / address line (bytes, incl.
DETWS_SMTP_MSG_MAX 2048 Max size of the assembled DATA payload (headers + dot-stuffed body), bytes.
DETWS_SMTP_REPLY_MAX 512 Max size of one (possibly multi-line) server reply held while parsing, bytes.
DETWS_SMTP_TIMEOUT_MS 10000 SMTP connect / per-reply timeout in milliseconds.
DETWS_SNMP_TRAP_BUF_SIZE 1024 Static datagram buffer for an outbound SNMP notification, bytes.
DETWS_SNMP_TRAP_MAX_VARBINDS 8 Maximum extra variable-bindings (beyond sysUpTime/snmpTrapOID) in one notification.
DETWS_SPB_METRIC_MAX 256 Max serialized size of one Sparkplug B metric submessage (stack temp, bytes).
DETWS_SSH_ALLOW_PASSWORD 1 Allow SSH password authentication (default on).
DETWS_SSH_FWD_CHUNK 1024 Max bytes moved per forward channel per poll, target -> client (<= SSH_PKT_BUF_SIZE).
DETWS_SSH_FWD_CONNECT_MS 3000 Blocking connect timeout (ms) when opening a forward target.
DETWS_SSH_FWD_HOST_MAX 64 Maximum forward target hostname length including null terminator.
DETWS_SSH_FWD_MAX 2 Maximum concurrent forwarded TCP connections (must be <= DETWS_CLIENT_CONNS).
DETWS_SSH_MAX_CHANNELS 1 Maximum concurrent SSH channels per connection (RFC 4254 multiplexing).
DETWS_SSH_PORT_FORWARD 0 SSH TCP port forwarding (direct-tcpip, i.e.
DETWS_SSH_RFWD_BRIDGE_MAX 2 Maximum concurrent bridged connections across all remote forwards.
DETWS_SSH_RFWD_MAX 1 Maximum concurrent remote-forward listeners (ssh -R / tcpip-forward).
DETWS_SSH_ZLIB_ACK_DRAM 0 Acknowledge placing the SSH compressor in internal DRAM (no PSRAM).
DETWS_SSH_ZLIB_IN_PSRAM 0 Place the per-connection SSH compression state in external PSRAM (ESP32).
DETWS_SSH_ZLIB_MAX_IN 2048 Largest uncompressed payload the s2c compressor accepts in one call (bytes).
DETWS_SSH_ZLIB_WINDOW 8192 SSH s2c DEFLATE sliding-window size in bytes (max back-reference distance).
DETWS_STATSD_LINE_MAX 256 Stack buffer for one StatsD line (bytes; caps metric name + value + tags).
DETWS_STATSD_PORT 8125 Default StatsD collector UDP port (StatsD/Graphite standard).
DETWS_STOMP_MAX_HEADERS 16 Max header lines parsed per STOMP frame (extras beyond this are ignored).
DETWS_SYSLOG_DEFAULT_PORT 514 Default syslog collector UDP port (RFC 5426 well-known 514; overridable at runtime via syslog_init and here for a non-standard collector).
DETWS_SYSLOG_FIELD_MAX 32 Maximum syslog HOSTNAME / APP-NAME field length (including NUL).
DETWS_SYSLOG_MSG_MAX 256 Maximum formatted syslog datagram length in bytes (RFC 5424 line).
DETWS_TCP_NODELAY 1 Disable Nagle's algorithm (set TCP_NODELAY) on every accepted connection.
DETWS_THEMES_INCLUDE_TRADEMARKED 1 Include the trademark-named themes in the embedded set (default on / open-source).
DETWS_THREAD_MAX_DATA 256 Max spinel payload bytes carried in one HDLC-lite frame.
DETWS_TIME_SOURCE_MAX 4 Maximum registered time sources.
DETWS_TLS_ACK_MULTI_CONN_DRAM 0 Acknowledge that a MAX_TLS_CONNS > 1 build has been sized to fit.
DETWS_TLS_ARENA_IN_PSRAM 0 Place the TLS arena in external PSRAM instead of internal DRAM (ESP32).
DETWS_TLS_ARENA_SIZE 49152 Bytes of the static BSS arena mbedTLS allocates from.
DETWS_TLS_MAX_FRAG_LEN 0 Cap TLS records via the Maximum Fragment Length extension (RFC 6066).
DETWS_TLS_TICKET_LIFETIME_S 86400 Session-ticket lifetime / key-rotation period in seconds (see DETWS_ENABLE_TLS_RESUMPTION).
DETWS_UDP_RX_BUF_SIZE 1472 Shared receive-scratch size for the transport-layer UDP service.
DETWS_UDP_TELEMETRY_BUF 256 Stack buffer for one telemetry line (bytes).
DETWS_UMATI_NS 1 NamespaceIndex the umati MachineTool nodes live at (default 1).
DETWS_WEBDAV_BUF_SIZE 2048 Buffer (BSS) for a WebDAV 207 Multi-Status response, in bytes (see DETWS_ENABLE_WEBDAV).
DETWS_WEBDAV_MAX_ENTRIES 32 Maximum children listed in a WebDAV Depth-1 PROPFIND (bounds the response).
DETWS_WEBDAV_MAX_PROPS 16 Maximum properties echoed in a WebDAV PROPPATCH 207 response (bounds the response).
DETWS_WORKER_CORE 1 Core that worker 0 pins to (ESP32).
DETWS_WORKER_COUNT 1 Number of server worker tasks (slots partitioned i % N).
DETWS_WORKER_POLL_TICKS 1 Idle-sweep timeout, in FreeRTOS ticks, that a worker blocks between service iterations when no events are pending.
DETWS_WORKER_STACK_CURVE_MIN 12288 Minimum worker-task stack (bytes) required once SSH is compiled in.
DETWS_WORKER_STACK_PQC_MIN 16384
DETWS_WORKER_STACK_RSA_MIN 8192 Minimum worker-task stack (bytes) required once an RSA-2048 verifier is compiled in (OIDC / SSH).
DETWS_WORKER_TASK_PRIORITY 5 FreeRTOS priority for each server worker task (ESP32).
DETWS_WS_CLIENT_BUF_SIZE 1024 WebSocket client send/receive buffer size in bytes (bounds one frame).
DETWS_WS_CLIENT_CT_BUF_SIZE 4096 Ciphertext receive-ring size for wss:// (draining ring; must exceed one TCP_MSS).
DETWS_WS_FRAG_SIZE 0 WebSocket outbound fragmentation size (RFC 6455 sec 5.4), in payload bytes.
DETWS_ZIGBEE_MAX_DATA 128 Max ASH payload bytes (an EZSP frame; the ASH data field caps near 128).
DETWS_ZWAVE_MAX_DATA 64 Reject a Z-Wave frame whose declared length exceeds this data cap (sanity).
DIGEST_AUTH_HDR_MAX 384 Capacity for the full Authorization header value (Digest auth).
EXTRA_HDR_BUF_SIZE 256 Per-connection buffer for app-supplied custom response headers and cookies.
FILE_CHUNK_SIZE 1024 Bytes read from the filesystem and passed to tcp_write() per loop().
JSON_MAX_DEPTH 8 Maximum object/array nesting depth for the JsonWriter (see json.h).
MAX_AUTH_LEN 32 Maximum username or password length for HTTP Basic Authentication.
MAX_BOUNDARY_LEN 72 Maximum MIME boundary length (RFC 2046 allows up to 70 characters).
MAX_CONNS 8 Maximum simultaneous TCP connections (fixed static pool; ~3.95 KB of internal RAM per slot).
MAX_HEADERS 8 Maximum HTTP headers stored per request.
MAX_KEY_LEN 32 Maximum header field-name length (e.g.
MAX_LISTENERS 3 Maximum number of simultaneously active listener ports.
MAX_MIDDLEWARE 4 Maximum globally-registered middleware functions.
MAX_MULTIPART_PARTS 4 Maximum simultaneously parsed multipart parts per request.
MAX_PATH_LEN 64 Maximum URL path length (including leading /).
MAX_PATH_PARAMS 4 Maximum number of :name path parameters captured per route match.
MAX_QUERY_LEN 128 Maximum raw query-string length (everything after ?).
MAX_QUERY_PARAMS 8 Maximum number of parsed query-string parameters.
MAX_ROUTES 16 Maximum simultaneously registered routes.
MAX_SSE_CONNS 2 Maximum simultaneous SSE connections.
MAX_SSH_CONNS 1 Maximum simultaneous SSH connections.
MAX_TELNET_CONNS 2 Maximum simultaneous Telnet connections.
MAX_TLS_CONNS 1 Maximum simultaneous TLS connections (each holds mbedTLS record buffers).
MAX_VAL_LEN 48 Maximum header field-value length.
MAX_WS_CONNS 2 Maximum simultaneous WebSocket connections.
QUERY_KEY_LEN 24 Maximum query-parameter key length.
QUERY_VAL_LEN 48 Maximum query-parameter value length.
RESP_HDR_BUF_SIZE 768 Stack buffer for HTTP response header lines in send() / send_empty() / send_unauth() / serve_file().
RE_MAX_STEPS 2000 Step budget for the regex route matcher (see on_regex()).
RX_BUF_SIZE 1024 Ring-buffer capacity in bytes per connection slot.
SNMP_COMMUNITY_MAX 32 Maximum SNMP community-string length (including null terminator).
SNMP_MAX_MIB_ENTRIES 16 Maximum registered MIB objects (the agent's fixed OID table).
SNMP_MAX_OID_LEN 32 Maximum sub-identifiers (arcs) in an SNMP object identifier.
SNMP_MAX_VARBINDS 16 Maximum variable bindings the agent will emit in one response.
SNMP_MSG_BUF_SIZE 1472 Static request/response datagram buffers for the SNMP UDP agent.
SNMP_V3_ENGINEID_MAX 32 Maximum SNMPv3 authoritative engine-ID length in bytes (RFC 3411 allows 5..32).
SNMP_V3_USER_MAX 32 Maximum SNMPv3 USM user-name length (including null terminator).
SSE_BUF_SIZE 256 Output buffer size in bytes for a single SSE event.
SSH_AUTH_PASS_MAX 64 Max stored password length.
SSH_AUTH_USER_MAX 32 Max stored user name (RFC 4252 imposes no limit; we cap for BSS).
SSH_CHAN_MAX_PACKET 32768u Maximum SSH channel data payload the server accepts per message.
SSH_CHAN_WINDOW 32768u Initial receive window the SSH server advertises (RFC 4254 §5.1).
SSH_CRYPTO_WORK_SIZE 1536 Shared scratch buffer for SSH big-number operations.
SSH_KEXINIT_MAX 2048 Max stored size of the CLIENT KEXINIT payload (I_C, for the exchange hash).
SSH_MAX_AUTH_ATTEMPTS 6 Maximum failed SSH authentication attempts per connection.
SSH_MAX_PASSWORD_LEN 64 Maximum SSH password length including null terminator.
SSH_MAX_USERNAME_LEN 32 Maximum SSH username length including null terminator.
SSH_PKT_BUF_SIZE 2048 Packet assembly buffer per SSH connection (bytes).
SSH_REKEY_PACKET_THRESHOLD 0x40000000u Re-key when either packet sequence number reaches this value.
SSH_REKEY_TIME_MS 3600000u Elapsed-time re-key trigger in milliseconds (RFC 4253 §9: "after each hour").
TELNET_BUF_SIZE 256 Stack buffer for one Telnet I/O chunk.
TERM_TX_BUF_SIZE 256 Stack scratch for detws_web_terminal_printf()/println() formatting.
WS_FRAME_SIZE 512 Maximum WebSocket frame payload in bytes.
WS_HDR_BUF_SIZE 256 Stack buffer for the HTTP 101 Switching Protocols response sent during the WebSocket handshake.

Runtime Config

The connection idle timeout can be changed without a rebuild:

const WebServerConfig cfg PROGMEM = { .conn_timeout_ms = 10000 }; // flash, no RAM cost
server.begin(80, &cfg);
Runtime-tunable server parameters.
uint32_t conn_timeout_ms

Pass nullptr (or omit) to use the compile-time default `CONN_TIMEOUT_MS` (5000 ms).

API Reference

Expand API Reference

DetWebServer - Lifecycle

Method Description
begin(port, cfg = nullptr) Bind and listen. Returns DETWS_OK (1) on success, a negative error code on failure.
`stop()` Abort all connections, close listener, reset all pools.
restart(cfg = nullptr) stop() + begin() on the same port. Returns -1 if called before begin().
`handle()` Call every loop(). Runs timeout sweep, event drain, and dispatch.

DetWebServer - HTTP Routes

Method Description
on(path, method, handler) Register a route. Trailing * enables prefix matching.
on(path, method, handler, realm, user, pass) Same, with Basic Auth (DETWS_ENABLE_AUTH).
on_not_found(handler) Fallback handler; default sends 404.
set_cors(origin) Enable CORS and answer OPTIONS with 204. Pass "" to disable.
send(slot_id, code, type, body) Send a response with body and close the connection.
send_empty(slot_id, code) Send a headers-only response and close the connection.
serve_file(slot_id, fs, path, type) Stream a file from an Arduino FS (DETWS_ENABLE_FILE_SERVING).

DetWebServer - WebSocket (DETWS_ENABLE_WEBSOCKET)

Method Description
on_ws(path, on_connect, on_message, on_close) Register a WebSocket route.
ws_send_text(ws_id, text) Send a UTF-8 text frame to a client.
ws_send_binary(ws_id, data, len) Send a binary frame to a client.
ws_disconnect(ws_id) Send Close frame and mark slot for cleanup.

In on_message, read the received payload from ws_pool[ws_id].buf (length in ws_pool[ws_id].payload_len).

DetWebServer - SSE (DETWS_ENABLE_SSE)

Method Description
on_sse(path, on_connect) Register an SSE route.
sse_send(sse_id, data, event = nullptr, id = nullptr) Push an event to one client.
sse_broadcast(path, data, event = nullptr, id = nullptr) Push an event to all clients on a path.

DetWebServer - Diagnostic (DETWS_ENABLE_DIAG)

Method Description
diag(slot_id) Send a JSON object with all active feature flags and configuration constants. Disable in production.

Handler Signatures

// HTTP
void handler(uint8_t slot_id, HttpReq *req);
// WebSocket (DETWS_ENABLE_WEBSOCKET)
void ws_connect(uint8_t ws_id);
void ws_message(uint8_t ws_id); // payload in ws_pool[ws_id].buf
void ws_close(uint8_t ws_id);
// SSE (DETWS_ENABLE_SSE)
void sse_connect(uint8_t sse_id);
void ws_close(WsConn *ws, WsCloseCode code)
Send a Close frame and mark the slot WsParseState::WS_CLOSED.

HttpReq Fields

Field Type Description
method char[8] HTTP method string, e.g. "GET"
path char[MAX_PATH_LEN] URL path, e.g. "/api/status"
version `HttpVersion` `HTTP_10`, `HTTP_11`, or `HTTP_UNKNOWN`
query char[MAX_QUERY_LEN] Raw query string (everything after ?)
query_params QueryParam[MAX_QUERY_PARAMS] Parsed key=value pairs
query_count uint8_t Valid entries in query_params[]
headers Header[MAX_HEADERS] Captured header fields
header_count uint8_t Valid entries in headers[]
content_length size_t Value of Content-Length header (0 if absent)
body uint8_t[BODY_BUF_SIZE+1] Request body, always null-terminated
body_len size_t Bytes stored in body[]

Helper Functions

const char *http_get_header(const HttpReq *req, const char *key); // case-insensitive
const char *http_get_query (const HttpReq *req, const char *key); // case-sensitive
const char * http_get_header(const HttpReq *req, const char *key)
Look up a header value by name (case-insensitive).
const char * http_get_query(const HttpReq *req, const char *key)
Look up a query parameter value by name (case-sensitive).

RFC Compliance

The core HTTP/1.1 parser enforces RFC 7230 byte-by-byte; the dispatcher returns the correct status codes (400/404/405/413/414/426/501) with Allow / Sec-WebSocket-Version headers where required; the WebSocket layer enforces RFC 6455 framing. HTTP/2 (RFC 9113 + HPACK RFC 7541) and the HTTP/3 stack (RFC 9114 over QUIC, RFC 9000) follow their own specs, and every optional protocol is implemented against its authoritative standard.

See RFC.md for the HTTP / WebSocket / error-response conformance tables and STANDARDS.md for the complete per-protocol standards map.

SSH Support

DeterministicESPAsyncWebServer includes a complete SSH-2.0 server - banner exchange → KEXINIT negotiation → key exchange → NEWKEYS → user authentication (publickey and password) → ssh-connection session channel, with per-direction NEWKEYS and transparent in-session re-keys. Key exchange offers Curve25519 ECDH (curve25519-sha256) and diffie-hellman-group14-sha256; host keys are Ed25519 (ssh-ed25519) and RSA (rsa-sha2-256 / ssh-rsa). All state is static (BSS), the host private key never touches static scratch memory, and password auth can be compiled out (DETWS_SSH_ALLOW_PASSWORD=0) for publickey-only hardening.

See SSH.md for the feature summary, RFC/FIPS compliance table, authentication/hardening details, and memory footprint, and SECURITY.md for the security treatment.

Utility Tools

Python tooling for generating documentation and building the embedded web assets. The documentation generators run in CI (the Feature Tables workflow) so their output never drifts; run any of them locally from the repo root.

Expand Utility Tools and Scripts Guide

Documentation generators (docs/utilities/)

Script Generates
gen_feature_tables.py the README / docs feature tables from FEATURES.md
gen_readme_sections.py this file's feature-flag, configuration-override, source-tree, and footprint regions
gen_configurator.py the interactive configurator.html from ServerConfig.h
gen_flag_deps.py the build-flag dependency diagram
gen_api_flow.py the core API-flow diagram
gen_examples.py the example index in EXAMPLES.md
decorate_changelog.py wraps each release in CHANGELOG.md in a collapsible block (CI)

The suite's own generator lives with the tests: test/gen_test_readme.py refreshes the env matrix + per-test directory in `test/README.md`.

Web-asset build (src/web/wizard/)

Script Purpose
build_assets.py compile the editable web sources (src/web/input/*) into embedded C++ application assets
gen_themes.py build the theme CSS library + gallery from the palette sources
gen_theme_blobs.py pack the runtime-selectable theme CSS into C++ blobs
gen_favicons.py build the favicon library + gallery
python docs/utilities/gen_readme_sections.py # refresh this file's generated sections
python src/web/wizard/build_assets.py # rebuild the embedded web assets

Testing

2,300+ Unity tests across the native suites, all runnable on a native x86/x64 host (no hardware required). See TEST_REPORT.md for the current per-suite breakdown and totals. Run a representative subset with:

pio test -e native -e native_app -e native_ssh \
-e native_ssh_hardened -e native_ssh_conn -e native_compliance

See the test suite README for the suite breakdown, environment matrix, and per-test directory, and TEST_REPORT.md for the latest results (auto-generated by the Test Report GitHub workflow).

Documentation

Other documentation files in this repository:

View Documentation Reference Directory

Document Contents
RFC.md HTTP/1.1, WebSocket, and error-response RFC conformance tables
SSH.md SSH-2.0 server: features, RFC/FIPS compliance, auth, memory
SECURITY.md Security posture (good/ok/bad) and per-feature security treatment
CODEQL.md CodeQL static-analysis setup, coverage, and findings disposition
HARDWARE_HOOKUP.md Wiring and settings for codecs that talk to external hardware
test/README.md Test suites, environment matrix, per-test directory, how to run
TEST_REPORT.md Latest test results (auto-generated)
TODO.md Outstanding fixes and maintenance
ROADMAP.md Forward-looking feature backlog (sized S/M/L)
KNOWN_LIMITATIONS.md Deliberate constraints and caveats
TUNING.md Performance tuning: worker count, core/affinity, poll knobs
CHANGELOG.md Release history

Generating Docs Locally

To generate the HTML API documentation locally, run the following command from the repository root:

doxygen docs/Doxyfile

The output will be generated in docs/html/index.html.

If you are viewing the offline version of this documentation, you can access the latest online version at the GitHub Pages documentation site.

Licensing & Commercial Use

This library is dual-licensed.

Open Source. This library is, and will ALWAYS REMAIN, FULLY OPEN-SOURCE under the AGPLv3 (or later). We commit to maintaining a fully featured, parity-matched open-source version available to everyone - from hobbyists and educators to professionals - without hiding any non-proprietary (e.g. custom protocols, intellectual property, confidential telemetry configurations, etc.) feature behind a commercial paywall. It will always be free to use under the AGPLv3 (or later) in any environment that complies with the AGPLv3 (or later) terms. See the LICENSE file.

Commercial. For teams and applications that cannot meet the AGPLv3 copyleft requirements, a commercial license is available. Contact: Douglas Quigg (dstroy0), dquig.nosp@m.g123.nosp@m.@gmai.nosp@m.l.co.nosp@m.m

Educators. Teaching with this? We'd love that. SERIOUSLY. Squirty is meant to keep children engaged on the docs page. The docs and styling are set up to appeal to them, hobbyists, and anyone who wants to learn but doesn't know how to style things or glue services together. The library documentation is extensive, extremely thorough, and useful to professionals as well as educators as a teaching tool/classroom prop. If sharing your source under the AGPLv3 isn't practical for a classroom or lab, or you have concerns that have stopped you from using copyleft licensed software before, email Douglas Quigg (dstroy0) at dquig.nosp@m.g123.nosp@m.@gmai.nosp@m.l.co.nosp@m.m from your school address and we'll see what we can do. ESP32 boards are cheap and a hands-on HTTP / IoT-edge stack is a great way into embedded networking, so we're glad to look at education-focused requests one by one. We can't promise an exception for every situation, but please ask. (This is just for genuine educational use; for products, see the commercial option above.) I can help you set up a github repo your students can push to that will help you review their submissions, and walk you through setting up flags for your rubric items. We really need to make an effort to get as many people as possible into the profession, looking at how things work, figuring out how they work on a deeper level, and entering the profession, we need their ideas, we need them now. All great discoveries have come from fresh perspective.


Squirty the Injection Squid
Squirty the Injection Squid: the official library mascot.
Copyright © Douglas Quigg (dstroy0). All rights reserved.