]>
Commit | Line | Data |
---|---|---|
cb69b4c7 | 1 | /* |
b8ae064d | 2 | * Copyright (C) 1996-2023 The Squid Software Foundation and contributors |
cb69b4c7 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
cb69b4c7 | 7 | */ |
8 | ||
bbc27441 AJ |
9 | /* DEBUG: section 55 HTTP Header */ |
10 | ||
582c2af2 | 11 | #include "squid.h" |
05ba40fc | 12 | #include "base/Assure.h" |
d5f18517 | 13 | #include "base/CharacterSet.h" |
81ab22b6 | 14 | #include "base/EnumIterator.h" |
675b8408 | 15 | #include "base/Raw.h" |
25f98340 | 16 | #include "base64.h" |
67679543 | 17 | #include "globals.h" |
a1b9ec20 | 18 | #include "http/ContentLengthInterpreter.h" |
7ebe76de | 19 | #include "HttpHdrCc.h" |
582c2af2 | 20 | #include "HttpHdrContRange.h" |
1da82544 | 21 | #include "HttpHdrScTarget.h" // also includes HttpHdrSc.h |
8822ebee | 22 | #include "HttpHeader.h" |
df866697 | 23 | #include "HttpHeaderFieldStat.h" |
e1656dc4 | 24 | #include "HttpHeaderStat.h" |
a5bac1d2 | 25 | #include "HttpHeaderTools.h" |
0eb49b6d | 26 | #include "MemBuf.h" |
8822ebee | 27 | #include "mgr/Registration.h" |
69c698a3 | 28 | #include "mime_header.h" |
90be6ff5 | 29 | #include "sbuf/StringConvert.h" |
602d9612 | 30 | #include "SquidConfig.h" |
00a7574e | 31 | #include "StatHist.h" |
8822ebee | 32 | #include "Store.h" |
28204b3b | 33 | #include "StrList.h" |
98cacedb | 34 | #include "time/gadgets.h" |
7c6a034c | 35 | #include "TimeOrTag.h" |
ed6e9fb9 | 36 | #include "util.h" |
cb69b4c7 | 37 | |
42865d25 | 38 | #include <algorithm> |
6932e215 | 39 | #include <array> |
42865d25 | 40 | |
6fda1515 FC |
41 | /* XXX: the whole set of API managing the entries vector should be rethought |
42 | * after the parse4r-ng effort is complete. | |
43 | */ | |
44 | ||
cb69b4c7 | 45 | /* |
2ac76861 | 46 | * On naming conventions: |
26ac0430 AJ |
47 | * |
48 | * HTTP/1.1 defines message-header as | |
49 | * | |
2ac76861 | 50 | * message-header = field-name ":" [ field-value ] CRLF |
51 | * field-name = token | |
52 | * field-value = *( field-content | LWS ) | |
26ac0430 | 53 | * |
2ac76861 | 54 | * HTTP/1.1 does not give a name name a group of all message-headers in a message. |
55 | * Squid 1.1 seems to refer to that group _plus_ start-line as "headers". | |
26ac0430 | 56 | * |
2ac76861 | 57 | * HttpHeader is an object that represents all message-headers in a message. |
58 | * HttpHeader does not manage start-line. | |
26ac0430 | 59 | * |
d8b249ef | 60 | * HttpHeader is implemented as a collection of header "entries". |
61 | * An entry is a (field_id, field_name, field_value) triplet. | |
2ac76861 | 62 | */ |
cb69b4c7 | 63 | |
cb69b4c7 | 64 | /* |
65 | * local constants and vars | |
66 | */ | |
67 | ||
789217a2 | 68 | // statistics counters for headers. clients must not allow Http::HdrType::BAD_HDR to be counted |
81ab22b6 | 69 | std::vector<HttpHeaderFieldStat> headerStatsTable(Http::HdrType::enumEnd_); |
cb69b4c7 | 70 | |
81ab22b6 | 71 | /* request-only headers. Used for cachemgr */ |
f53969cc | 72 | static HttpHeaderMask RequestHeadersMask; /* set run-time using RequestHeaders */ |
16d3204a | 73 | |
81ab22b6 | 74 | /* reply-only headers. Used for cachemgr */ |
f53969cc | 75 | static HttpHeaderMask ReplyHeadersMask; /* set run-time using ReplyHeaders */ |
2cdeea82 | 76 | |
12cf1be2 | 77 | /* header accounting */ |
26735116 | 78 | // NP: keep in sync with enum http_hdr_owner_type |
0ba77a3c | 79 | static std::array<HttpHeaderStat, hoEnd> HttpHeaderStats = {{ |
882010a8 | 80 | HttpHeaderStat(/*hoNone*/ "all", nullptr), |
9f4d4f65 | 81 | #if USE_HTCP |
882010a8 | 82 | HttpHeaderStat(/*hoHtcpReply*/ "HTCP reply", &ReplyHeadersMask), |
9f4d4f65 | 83 | #endif |
882010a8 | 84 | HttpHeaderStat(/*hoRequest*/ "request", &RequestHeadersMask), |
85 | HttpHeaderStat(/*hoReply*/ "reply", &ReplyHeadersMask) | |
26735116 | 86 | #if USE_OPENSSL |
882010a8 | 87 | , HttpHeaderStat(/*hoErrorDetail*/ "error detail templates", nullptr) |
26735116 | 88 | #endif |
882010a8 | 89 | /* hoEnd */ |
90 | } | |
91 | }; | |
12cf1be2 | 92 | |
7faf2bdb | 93 | static int HeaderEntryParsedCount = 0; |
cb69b4c7 | 94 | |
12cf1be2 | 95 | /* |
f734cda2 | 96 | * forward declarations and local routines |
12cf1be2 | 97 | */ |
cb69b4c7 | 98 | |
f734cda2 | 99 | class StoreEntry; |
cb69b4c7 | 100 | |
81ab22b6 FC |
101 | // update parse statistics for header id; if error is true also account |
102 | // for errors and write to debug log what happened | |
103 | static void httpHeaderNoteParsedEntry(Http::HdrType id, String const &value, bool error); | |
73b2aa87 | 104 | static void httpHeaderStatDump(const HttpHeaderStat * hs, StoreEntry * e); |
f734cda2 FC |
105 | /** store report about current header usage and other stats */ |
106 | static void httpHeaderStoreReport(StoreEntry * e); | |
107 | ||
cb69b4c7 | 108 | /* |
109 | * Module initialization routines | |
110 | */ | |
111 | ||
6b7d87bb FC |
112 | static void |
113 | httpHeaderRegisterWithCacheManager(void) | |
114 | { | |
8822ebee | 115 | Mgr::RegisterAction("http_headers", |
d9fc6862 A |
116 | "HTTP Header Statistics", |
117 | httpHeaderStoreReport, 0, 1); | |
6b7d87bb FC |
118 | } |
119 | ||
cb69b4c7 | 120 | void |
9bea1d5b | 121 | httpHeaderInitModule(void) |
cb69b4c7 | 122 | { |
9bea1d5b | 123 | /* check that we have enough space for masks */ |
81ab22b6 FC |
124 | assert(8 * sizeof(HttpHeaderMask) >= Http::HdrType::enumEnd_); |
125 | ||
126 | // masks are needed for stats page still | |
127 | for (auto h : WholeEnum<Http::HdrType>()) { | |
128 | if (Http::HeaderLookupTable.lookup(h).request) | |
129 | CBIT_SET(RequestHeadersMask,h); | |
130 | if (Http::HeaderLookupTable.lookup(h).reply) | |
131 | CBIT_SET(ReplyHeadersMask,h); | |
132 | } | |
dcf3665b | 133 | |
6932e215 AR |
134 | assert(HttpHeaderStats[0].label && "httpHeaderInitModule() called via main()"); |
135 | assert(HttpHeaderStats[hoEnd-1].label && "HttpHeaderStats created with all elements"); | |
16d3204a | 136 | |
9bea1d5b | 137 | /* init dependent modules */ |
43ae1d95 | 138 | httpHdrScInitModule(); |
ea391f18 FC |
139 | |
140 | httpHeaderRegisterWithCacheManager(); | |
62ee09ca | 141 | } |
43ae1d95 | 142 | |
cb69b4c7 | 143 | /* |
144 | * HttpHeader Implementation | |
145 | */ | |
146 | ||
3e42b356 | 147 | HttpHeader::HttpHeader(const http_hdr_owner_type anOwner): owner(anOwner), len(0), conflictingContentLength_(false) |
75faaa7a | 148 | { |
02259ff8 | 149 | assert(anOwner > hoNone && anOwner < hoEnd); |
efc26e8e | 150 | debugs(55, 7, "init-ing hdr: " << this << " owner: " << owner); |
c3b51d64 | 151 | entries.reserve(32); |
75faaa7a | 152 | httpHeaderMaskInit(&mask, 0); |
153 | } | |
154 | ||
66d51f4f | 155 | // XXX: Delete as unused, expensive, and violating copy semantics by skipping Warnings |
3e42b356 | 156 | HttpHeader::HttpHeader(const HttpHeader &other): owner(other.owner), len(other.len), conflictingContentLength_(false) |
5e5fa5b1 | 157 | { |
c3b51d64 | 158 | entries.reserve(other.entries.capacity()); |
5e5fa5b1 | 159 | httpHeaderMaskInit(&mask, 0); |
2d4f252d | 160 | update(&other); // will update the mask as well |
5e5fa5b1 AR |
161 | } |
162 | ||
75faaa7a | 163 | HttpHeader::~HttpHeader() |
164 | { | |
519e0948 | 165 | clean(); |
cb69b4c7 | 166 | } |
167 | ||
66d51f4f | 168 | // XXX: Delete as unused, expensive, and violating assignment semantics by skipping Warnings |
5e5fa5b1 AR |
169 | HttpHeader & |
170 | HttpHeader::operator =(const HttpHeader &other) | |
171 | { | |
172 | if (this != &other) { | |
173 | // we do not really care, but the caller probably does | |
174 | assert(owner == other.owner); | |
175 | clean(); | |
2d4f252d | 176 | update(&other); // will update the mask as well |
5e5fa5b1 | 177 | len = other.len; |
3e42b356 | 178 | conflictingContentLength_ = other.conflictingContentLength_; |
f6dd87e9 | 179 | teUnsupported_ = other.teUnsupported_; |
5e5fa5b1 AR |
180 | } |
181 | return *this; | |
182 | } | |
183 | ||
cb69b4c7 | 184 | void |
519e0948 | 185 | HttpHeader::clean() |
cb69b4c7 | 186 | { |
9bea1d5b | 187 | |
02259ff8 | 188 | assert(owner > hoNone && owner < hoEnd); |
efc26e8e | 189 | debugs(55, 7, "cleaning hdr: " << this << " owner: " << owner); |
9bea1d5b | 190 | |
0de73a38 | 191 | if (owner <= hoReply) { |
c594d76c A |
192 | /* |
193 | * An unfortunate bug. The entries array is initialized | |
194 | * such that count is set to zero. httpHeaderClean() seems to | |
195 | * be called both when 'hdr' is created, and destroyed. Thus, | |
196 | * we accumulate a large number of zero counts for 'hdr' before | |
197 | * it is ever used. Can't think of a good way to fix it, except | |
198 | * adding a state variable that indicates whether or not 'hdr' | |
199 | * has been used. As a hack, just never count zero-sized header | |
200 | * arrays. | |
201 | */ | |
4c9eadc2 FC |
202 | if (!entries.empty()) |
203 | HttpHeaderStats[owner].hdrUCountDistr.count(entries.size()); | |
51328da8 | 204 | |
95dc7ff4 | 205 | ++ HttpHeaderStats[owner].destroyedCount; |
51328da8 | 206 | |
4c9eadc2 | 207 | HttpHeaderStats[owner].busyDestroyedCount += entries.size() > 0; |
0de73a38 | 208 | } // if (owner <= hoReply) |
62e76326 | 209 | |
81ab22b6 | 210 | for (HttpHeaderEntry *e : entries) { |
1da82544 | 211 | if (e == nullptr) |
6fda1515 | 212 | continue; |
1da82544 | 213 | if (!Http::any_valid_header(e->id)) { |
d816f28d | 214 | debugs(55, DBG_CRITICAL, "ERROR: Squid BUG: invalid entry (" << e->id << "). Ignored."); |
c594d76c A |
215 | } else { |
216 | if (owner <= hoReply) | |
f30f7998 | 217 | HttpHeaderStats[owner].fieldTypeDistr.count(e->id); |
c594d76c | 218 | delete e; |
62e76326 | 219 | } |
c594d76c | 220 | } |
6fda1515 | 221 | |
c33a88ca | 222 | entries.clear(); |
519e0948 | 223 | httpHeaderMaskInit(&mask, 0); |
5e5fa5b1 | 224 | len = 0; |
3e42b356 | 225 | conflictingContentLength_ = false; |
f6dd87e9 | 226 | teUnsupported_ = false; |
cb69b4c7 | 227 | } |
228 | ||
2246b732 | 229 | /* append entries (also see httpHeaderUpdate) */ |
230 | void | |
a9925b40 | 231 | HttpHeader::append(const HttpHeader * src) |
2246b732 | 232 | { |
a9925b40 | 233 | assert(src); |
234 | assert(src != this); | |
efc26e8e | 235 | debugs(55, 7, "appending hdr: " << this << " += " << src); |
9bea1d5b | 236 | |
81ab22b6 FC |
237 | for (auto e : src->entries) { |
238 | if (e) | |
239 | addEntry(e->clone()); | |
2246b732 | 240 | } |
241 | } | |
242 | ||
1a210de4 EB |
243 | bool |
244 | HttpHeader::needUpdate(HttpHeader const *fresh) const | |
245 | { | |
246 | for (const auto e: fresh->entries) { | |
d747ab54 | 247 | if (!e || skipUpdateHeader(e->id)) |
1a210de4 EB |
248 | continue; |
249 | String value; | |
d5f18517 AJ |
250 | if (!hasNamed(e->name, &value) || |
251 | (value != fresh->getByName(e->name))) | |
1a210de4 EB |
252 | return true; |
253 | } | |
254 | return false; | |
255 | } | |
256 | ||
2d4f252d EB |
257 | bool |
258 | HttpHeader::skipUpdateHeader(const Http::HdrType id) const | |
259 | { | |
66d51f4f | 260 | return |
66d51f4f AR |
261 | // TODO: Consider updating Vary headers after comparing the magnitude of |
262 | // the required changes (and/or cache losses) with compliance gains. | |
263 | (id == Http::HdrType::VARY); | |
2d4f252d EB |
264 | } |
265 | ||
66d51f4f | 266 | void |
2d4f252d | 267 | HttpHeader::update(HttpHeader const *fresh) |
cb69b4c7 | 268 | { |
a9925b40 | 269 | assert(fresh); |
924f73bc | 270 | assert(this != fresh); |
9bea1d5b | 271 | |
1a210de4 EB |
272 | const HttpHeaderEntry *e; |
273 | HttpHeaderPos pos = HttpHeaderInitPos; | |
274 | ||
a9925b40 | 275 | while ((e = fresh->getEntry(&pos))) { |
789217a2 | 276 | /* deny bad guys (ok to check for Http::HdrType::OTHER) here */ |
62e76326 | 277 | |
2d4f252d | 278 | if (skipUpdateHeader(e->id)) |
62e76326 | 279 | continue; |
280 | ||
789217a2 | 281 | if (e->id != Http::HdrType::OTHER) |
ba9fb01d | 282 | delById(e->id); |
283 | else | |
d5f18517 | 284 | delByName(e->name); |
9917847f | 285 | } |
286 | ||
287 | pos = HttpHeaderInitPos; | |
288 | while ((e = fresh->getEntry(&pos))) { | |
789217a2 | 289 | /* deny bad guys (ok to check for Http::HdrType::OTHER) here */ |
9917847f | 290 | |
2d4f252d | 291 | if (skipUpdateHeader(e->id)) |
9917847f | 292 | continue; |
293 | ||
81ab22b6 | 294 | debugs(55, 7, "Updating header '" << Http::HeaderLookupTable.lookup(e->id).name << "' in cached entry"); |
62e76326 | 295 | |
eede25e7 | 296 | addEntry(e->clone()); |
cb69b4c7 | 297 | } |
cb69b4c7 | 298 | } |
299 | ||
69c698a3 EB |
300 | bool |
301 | HttpHeader::Isolate(const char **parse_start, size_t l, const char **blk_start, const char **blk_end) | |
302 | { | |
303 | /* | |
304 | * parse_start points to the first line of HTTP message *headers*, | |
305 | * not including the request or status lines | |
306 | */ | |
307 | const size_t end = headersEnd(*parse_start, l); | |
308 | ||
309 | if (end) { | |
310 | *blk_start = *parse_start; | |
311 | *blk_end = *parse_start + end - 1; | |
312 | assert(**blk_end == '\n'); | |
313 | // Point blk_end to the first character after the last header field. | |
314 | // In other words, blk_end should point to the CR?LF header terminator. | |
315 | if (end > 1 && *(*blk_end - 1) == '\r') | |
316 | --(*blk_end); | |
317 | *parse_start += end; | |
318 | } | |
319 | return end; | |
320 | } | |
321 | ||
322 | int | |
4f1c93a7 | 323 | HttpHeader::parse(const char *buf, size_t buf_len, bool atEnd, size_t &hdr_sz, Http::ContentLengthInterpreter &clen) |
69c698a3 EB |
324 | { |
325 | const char *parse_start = buf; | |
326 | const char *blk_start, *blk_end; | |
327 | hdr_sz = 0; | |
328 | ||
329 | if (!Isolate(&parse_start, buf_len, &blk_start, &blk_end)) { | |
330 | // XXX: do not parse non-isolated headers even if the connection is closed. | |
331 | // Treat unterminated headers as "partial headers" framing errors. | |
332 | if (!atEnd) | |
333 | return 0; | |
334 | blk_start = parse_start; | |
335 | blk_end = blk_start + strlen(blk_start); | |
336 | } | |
337 | ||
4f1c93a7 | 338 | if (parse(blk_start, blk_end - blk_start, clen)) { |
69c698a3 EB |
339 | hdr_sz = parse_start - buf; |
340 | return 1; | |
341 | } | |
342 | return -1; | |
343 | } | |
344 | ||
580448c9 AJ |
345 | // XXX: callers treat this return as boolean. |
346 | // XXX: A better mechanism is needed to signal different types of error. | |
347 | // lexicon, syntax, semantics, validation, access policy - are all (ab)using 'return 0' | |
cb69b4c7 | 348 | int |
4f1c93a7 | 349 | HttpHeader::parse(const char *header_start, size_t hdrLen, Http::ContentLengthInterpreter &clen) |
cb69b4c7 | 350 | { |
52d3f198 | 351 | const char *field_ptr = header_start; |
784619e6 | 352 | const char *header_end = header_start + hdrLen; // XXX: remove |
56cd29e6 | 353 | int warnOnError = (Config.onoff.relaxed_header_parser <= 0 ? DBG_IMPORTANT : 2); |
9bea1d5b | 354 | |
9bea1d5b | 355 | assert(header_start && header_end); |
81858ebc | 356 | debugs(55, 7, "parsing hdr: (" << this << ")" << std::endl << getStringPrefix(header_start, hdrLen)); |
95dc7ff4 | 357 | ++ HttpHeaderStats[owner].parsedCount; |
62e76326 | 358 | |
1d8a896b | 359 | char *nulpos; |
784619e6 | 360 | if ((nulpos = (char*)memchr(header_start, '\0', hdrLen))) { |
e0236918 | 361 | debugs(55, DBG_IMPORTANT, "WARNING: HTTP header contains NULL characters {" << |
81858ebc | 362 | getStringPrefix(header_start, nulpos-header_start) << "}\nNULL\n{" << getStringPrefix(nulpos+1, hdrLen-(nulpos-header_start)-1)); |
81ab22b6 FC |
363 | clean(); |
364 | return 0; | |
52d3f198 | 365 | } |
366 | ||
367 | /* common format headers are "<name>:[ws]<value>" lines delimited by <CRLF>. | |
368 | * continuation lines start with a (single) space or tab */ | |
369 | while (field_ptr < header_end) { | |
370 | const char *field_start = field_ptr; | |
62e76326 | 371 | const char *field_end; |
62e76326 | 372 | |
580448c9 AJ |
373 | const char *hasBareCr = nullptr; |
374 | size_t lines = 0; | |
62e76326 | 375 | do { |
52d3f198 | 376 | const char *this_line = field_ptr; |
377 | field_ptr = (const char *)memchr(field_ptr, '\n', header_end - field_ptr); | |
580448c9 | 378 | ++lines; |
52d3f198 | 379 | |
6d7bc97b AJ |
380 | if (!field_ptr) { |
381 | // missing <LF> | |
81ab22b6 FC |
382 | clean(); |
383 | return 0; | |
6d7bc97b | 384 | } |
52d3f198 | 385 | |
386 | field_end = field_ptr; | |
387 | ||
f53969cc | 388 | ++field_ptr; /* Move to next line */ |
52d3f198 | 389 | |
390 | if (field_end > this_line && field_end[-1] == '\r') { | |
f53969cc | 391 | --field_end; /* Ignore CR LF */ |
52d3f198 | 392 | |
e10272fc AR |
393 | if (owner == hoRequest && field_end > this_line) { |
394 | bool cr_only = true; | |
395 | for (const char *p = this_line; p < field_end && cr_only; ++p) { | |
396 | if (*p != '\r') | |
397 | cr_only = false; | |
398 | } | |
399 | if (cr_only) { | |
6e09ed7b | 400 | debugs(55, DBG_IMPORTANT, "SECURITY WARNING: Rejecting HTTP request with a CR+ " |
e10272fc | 401 | "header field to prevent request smuggling attacks: {" << |
81858ebc | 402 | getStringPrefix(header_start, hdrLen) << "}"); |
81ab22b6 FC |
403 | clean(); |
404 | return 0; | |
e10272fc | 405 | } |
52d3f198 | 406 | } |
407 | } | |
408 | ||
409 | /* Barf on stray CR characters */ | |
410 | if (memchr(this_line, '\r', field_end - this_line)) { | |
580448c9 | 411 | hasBareCr = "bare CR"; |
6e09ed7b | 412 | debugs(55, warnOnError, "WARNING: suspicious CR characters in HTTP header {" << |
81858ebc | 413 | getStringPrefix(field_start, field_end-field_start) << "}"); |
52d3f198 | 414 | |
415 | if (Config.onoff.relaxed_header_parser) { | |
f53969cc | 416 | char *p = (char *) this_line; /* XXX Warning! This destroys original header content and violates specifications somewhat */ |
52d3f198 | 417 | |
aee3523a | 418 | while ((p = (char *)memchr(p, '\r', field_end - p)) != nullptr) { |
a38ec4b1 FC |
419 | *p = ' '; |
420 | ++p; | |
421 | } | |
6d7bc97b | 422 | } else { |
81ab22b6 FC |
423 | clean(); |
424 | return 0; | |
6d7bc97b | 425 | } |
52d3f198 | 426 | } |
427 | ||
428 | if (this_line + 1 == field_end && this_line > field_start) { | |
6e09ed7b | 429 | debugs(55, warnOnError, "WARNING: Blank continuation line in HTTP header {" << |
81858ebc | 430 | getStringPrefix(header_start, hdrLen) << "}"); |
81ab22b6 FC |
431 | clean(); |
432 | return 0; | |
52d3f198 | 433 | } |
434 | } while (field_ptr < header_end && (*field_ptr == ' ' || *field_ptr == '\t')); | |
435 | ||
436 | if (field_start == field_end) { | |
437 | if (field_ptr < header_end) { | |
2f8abb64 | 438 | debugs(55, warnOnError, "WARNING: unparsable HTTP header field near {" << |
81858ebc | 439 | getStringPrefix(field_start, hdrLen-(field_start-header_start)) << "}"); |
81ab22b6 FC |
440 | clean(); |
441 | return 0; | |
52d3f198 | 442 | } |
443 | ||
f53969cc | 444 | break; /* terminating blank line */ |
52d3f198 | 445 | } |
62e76326 | 446 | |
2358b975 AJ |
447 | const auto e = HttpHeaderEntry::parse(field_start, field_end, owner); |
448 | if (!e) { | |
2f8abb64 | 449 | debugs(55, warnOnError, "WARNING: unparsable HTTP header field {" << |
81858ebc AJ |
450 | getStringPrefix(field_start, field_end-field_start) << "}"); |
451 | debugs(55, warnOnError, " in {" << getStringPrefix(header_start, hdrLen) << "}"); | |
52d3f198 | 452 | |
81ab22b6 FC |
453 | clean(); |
454 | return 0; | |
47ac2ebe | 455 | } |
62e76326 | 456 | |
580448c9 AJ |
457 | if (lines > 1 || hasBareCr) { |
458 | const auto framingHeader = (e->id == Http::HdrType::CONTENT_LENGTH || e->id == Http::HdrType::TRANSFER_ENCODING); | |
459 | if (framingHeader) { | |
460 | if (!hasBareCr) // already warned about bare CRs | |
461 | debugs(55, warnOnError, "WARNING: obs-fold in framing-sensitive " << e->name << ": " << e->value); | |
462 | delete e; | |
580448c9 AJ |
463 | clean(); |
464 | return 0; | |
465 | } | |
466 | } | |
467 | ||
a1b9ec20 AR |
468 | if (e->id == Http::HdrType::CONTENT_LENGTH && !clen.checkField(e->value)) { |
469 | delete e; | |
b3123159 | 470 | |
a1b9ec20 AR |
471 | if (Config.onoff.relaxed_header_parser) |
472 | continue; // clen has printed any necessary warnings | |
6e09ed7b | 473 | |
a1b9ec20 AR |
474 | clean(); |
475 | return 0; | |
52d3f198 | 476 | } |
62e76326 | 477 | |
a9925b40 | 478 | addEntry(e); |
cb69b4c7 | 479 | } |
62e76326 | 480 | |
a1b9ec20 AR |
481 | if (clen.headerWideProblem) { |
482 | debugs(55, warnOnError, "WARNING: " << clen.headerWideProblem << | |
483 | " Content-Length field values in" << | |
484 | Raw("header", header_start, hdrLen)); | |
485 | } | |
486 | ||
f6dd87e9 | 487 | String rawTe; |
4f1c93a7 | 488 | if (clen.prohibitedAndIgnored()) { |
f6dd87e9 AJ |
489 | // prohibitedAndIgnored() includes trailer header blocks |
490 | // being parsed as a case to forbid/ignore these headers. | |
491 | ||
4f1c93a7 EB |
492 | // RFC 7230 section 3.3.2: A server MUST NOT send a Content-Length |
493 | // header field in any response with a status code of 1xx (Informational) | |
494 | // or 204 (No Content). And RFC 7230 3.3.3#1 tells recipients to ignore | |
495 | // such Content-Lengths. | |
496 | if (delById(Http::HdrType::CONTENT_LENGTH)) | |
497 | debugs(55, 3, "Content-Length is " << clen.prohibitedAndIgnored()); | |
f6dd87e9 | 498 | |
c64d8e60 AR |
499 | // The same RFC 7230 3.3.3#1-based logic applies to Transfer-Encoding |
500 | // banned by RFC 7230 section 3.3.1. | |
501 | if (delById(Http::HdrType::TRANSFER_ENCODING)) | |
f6dd87e9 | 502 | debugs(55, 3, "Transfer-Encoding is " << clen.prohibitedAndIgnored()); |
f6dd87e9 AJ |
503 | |
504 | } else if (getByIdIfPresent(Http::HdrType::TRANSFER_ENCODING, &rawTe)) { | |
c3d0ba0c | 505 | // RFC 2616 section 4.4: ignore Content-Length with Transfer-Encoding |
a1b9ec20 | 506 | // RFC 7230 section 3.3.3 #3: Transfer-Encoding overwrites Content-Length |
789217a2 | 507 | delById(Http::HdrType::CONTENT_LENGTH); |
a1b9ec20 | 508 | // and clen state becomes irrelevant |
f6dd87e9 | 509 | |
86badeb5 | 510 | if (rawTe.caseCmp("chunked") == 0) { |
f6dd87e9 | 511 | ; // leave header present for chunked() method |
86badeb5 | 512 | } else if (rawTe.caseCmp("identity") == 0) { // deprecated. no coding |
f6dd87e9 AJ |
513 | delById(Http::HdrType::TRANSFER_ENCODING); |
514 | } else { | |
515 | // This also rejects multiple encodings until we support them properly. | |
516 | debugs(55, warnOnError, "WARNING: unsupported Transfer-Encoding used by client: " << rawTe); | |
517 | teUnsupported_ = true; | |
518 | } | |
519 | ||
a1b9ec20 AR |
520 | } else if (clen.sawBad) { |
521 | // ensure our callers do not accidentally see bad Content-Length values | |
3e42b356 | 522 | delById(Http::HdrType::CONTENT_LENGTH); |
a1b9ec20 AR |
523 | conflictingContentLength_ = true; // TODO: Rename to badContentLength_. |
524 | } else if (clen.needsSanitizing) { | |
525 | // RFC 7230 section 3.3.2: MUST either reject or ... [sanitize]; | |
526 | // ensure our callers see a clean Content-Length value or none at all | |
527 | delById(Http::HdrType::CONTENT_LENGTH); | |
528 | if (clen.sawGood) { | |
529 | putInt64(Http::HdrType::CONTENT_LENGTH, clen.value); | |
530 | debugs(55, 5, "sanitized Content-Length to be " << clen.value); | |
531 | } | |
c3d0ba0c AR |
532 | } |
533 | ||
f53969cc | 534 | return 1; /* even if no fields where found, it is a valid header */ |
cb69b4c7 | 535 | } |
536 | ||
99edd1c3 | 537 | /* packs all the entries using supplied packer */ |
cb69b4c7 | 538 | void |
17802cf1 | 539 | HttpHeader::packInto(Packable * p, bool mask_sensitive_info) const |
cb69b4c7 | 540 | { |
9bea1d5b | 541 | HttpHeaderPos pos = HttpHeaderInitPos; |
542 | const HttpHeaderEntry *e; | |
a9925b40 | 543 | assert(p); |
3cc0f4e7 AR |
544 | debugs(55, 7, this << " into " << p << |
545 | (mask_sensitive_info ? " while masking" : "")); | |
9bea1d5b | 546 | /* pack all entries one by one */ |
d8f6c79c FC |
547 | while ((e = getEntry(&pos))) { |
548 | if (!mask_sensitive_info) { | |
549 | e->packInto(p); | |
550 | continue; | |
551 | } | |
3cc0f4e7 AR |
552 | |
553 | bool maskThisEntry = false; | |
d8f6c79c | 554 | switch (e->id) { |
789217a2 FC |
555 | case Http::HdrType::AUTHORIZATION: |
556 | case Http::HdrType::PROXY_AUTHORIZATION: | |
3cc0f4e7 | 557 | maskThisEntry = true; |
d3823ea7 | 558 | break; |
3cc0f4e7 | 559 | |
789217a2 FC |
560 | case Http::HdrType::FTP_ARGUMENTS: |
561 | if (const HttpHeaderEntry *cmd = findEntry(Http::HdrType::FTP_COMMAND)) | |
3cc0f4e7 AR |
562 | maskThisEntry = (cmd->value == "PASS"); |
563 | break; | |
564 | ||
d3823ea7 | 565 | default: |
d3823ea7 | 566 | break; |
d8f6c79c | 567 | } |
3cc0f4e7 | 568 | if (maskThisEntry) { |
d5f18517 | 569 | p->append(e->name.rawContent(), e->name.length()); |
785b508d | 570 | p->append(": ** NOT DISPLAYED **\r\n", 23); |
3cc0f4e7 AR |
571 | } else { |
572 | e->packInto(p); | |
573 | } | |
574 | ||
d8f6c79c | 575 | } |
35b88ed2 | 576 | /* Pack in the "special" entries */ |
577 | ||
578 | /* Cache-Control */ | |
cb69b4c7 | 579 | } |
580 | ||
581 | /* returns next valid entry */ | |
99edd1c3 | 582 | HttpHeaderEntry * |
a9925b40 | 583 | HttpHeader::getEntry(HttpHeaderPos * pos) const |
cb69b4c7 | 584 | { |
a9925b40 | 585 | assert(pos); |
c0abe2ec | 586 | assert(*pos >= HttpHeaderInitPos && *pos < static_cast<ssize_t>(entries.size())); |
62e76326 | 587 | |
c0abe2ec | 588 | for (++(*pos); *pos < static_cast<ssize_t>(entries.size()); ++(*pos)) { |
4c9eadc2 | 589 | if (entries[*pos]) |
c0abe2ec | 590 | return static_cast<HttpHeaderEntry*>(entries[*pos]); |
cb69b4c7 | 591 | } |
62e76326 | 592 | |
aee3523a | 593 | return nullptr; |
cb69b4c7 | 594 | } |
595 | ||
596 | /* | |
26ac0430 | 597 | * returns a pointer to a specified entry if any |
d8b249ef | 598 | * note that we return one entry so it does not make much sense to ask for |
599 | * "list" headers | |
cb69b4c7 | 600 | */ |
de336bbe | 601 | HttpHeaderEntry * |
789217a2 | 602 | HttpHeader::findEntry(Http::HdrType id) const |
cb69b4c7 | 603 | { |
8cccf1f8 | 604 | assert(any_registered_header(id)); |
81ab22b6 | 605 | assert(!Http::HeaderLookupTable.lookup(id).list); |
9bea1d5b | 606 | |
607 | /* check mask first */ | |
62e76326 | 608 | |
a9925b40 | 609 | if (!CBIT_TEST(mask, id)) |
aee3523a | 610 | return nullptr; |
62e76326 | 611 | |
9bea1d5b | 612 | /* looks like we must have it, do linear search */ |
81ab22b6 FC |
613 | for (auto e : entries) { |
614 | if (e && e->id == id) | |
62e76326 | 615 | return e; |
cb69b4c7 | 616 | } |
62e76326 | 617 | |
9bea1d5b | 618 | /* hm.. we thought it was there, but it was not found */ |
81ab22b6 FC |
619 | assert(false); |
620 | return nullptr; /* not reached */ | |
cb69b4c7 | 621 | } |
622 | ||
a622fff0 | 623 | /* |
624 | * same as httpHeaderFindEntry | |
625 | */ | |
a9925b40 | 626 | HttpHeaderEntry * |
789217a2 | 627 | HttpHeader::findLastEntry(Http::HdrType id) const |
a622fff0 | 628 | { |
8cccf1f8 | 629 | assert(any_registered_header(id)); |
81ab22b6 | 630 | assert(!Http::HeaderLookupTable.lookup(id).list); |
9bea1d5b | 631 | |
632 | /* check mask first */ | |
a9925b40 | 633 | if (!CBIT_TEST(mask, id)) |
aee3523a | 634 | return nullptr; |
62e76326 | 635 | |
81ab22b6 FC |
636 | for (auto e = entries.rbegin(); e != entries.rend(); ++e) { |
637 | if (*e && (*e)->id == id) | |
638 | return *e; | |
a622fff0 | 639 | } |
62e76326 | 640 | |
81ab22b6 FC |
641 | /* hm.. we thought it was there, but it was not found */ |
642 | assert(false); | |
643 | return nullptr; /* not reached */ | |
a622fff0 | 644 | } |
645 | ||
2ac76861 | 646 | int |
d5f18517 | 647 | HttpHeader::delByName(const SBuf &name) |
cb69b4c7 | 648 | { |
9bea1d5b | 649 | int count = 0; |
650 | HttpHeaderPos pos = HttpHeaderInitPos; | |
f53969cc | 651 | httpHeaderMaskInit(&mask, 0); /* temporal inconsistency */ |
efc26e8e | 652 | debugs(55, 9, "deleting '" << name << "' fields in hdr " << this); |
62e76326 | 653 | |
d5f18517 | 654 | while (const HttpHeaderEntry *e = getEntry(&pos)) { |
30abd221 | 655 | if (!e->name.caseCmp(name)) |
ba9fb01d | 656 | delAt(pos, count); |
657 | else | |
a9925b40 | 658 | CBIT_SET(mask, e->id); |
cb69b4c7 | 659 | } |
62e76326 | 660 | |
9bea1d5b | 661 | return count; |
cb69b4c7 | 662 | } |
663 | ||
2246b732 | 664 | /* deletes all entries with a given id, returns the #entries deleted */ |
665 | int | |
789217a2 | 666 | HttpHeader::delById(Http::HdrType id) |
d8b249ef | 667 | { |
efc26e8e | 668 | debugs(55, 8, this << " del-by-id " << id); |
8cccf1f8 | 669 | assert(any_registered_header(id)); |
62e76326 | 670 | |
a9925b40 | 671 | if (!CBIT_TEST(mask, id)) |
62e76326 | 672 | return 0; |
673 | ||
5134d3a4 AR |
674 | int count = 0; |
675 | ||
676 | HttpHeaderPos pos = HttpHeaderInitPos; | |
677 | while (HttpHeaderEntry *e = getEntry(&pos)) { | |
678 | if (e->id == id) | |
679 | delAt(pos, count); // deletes e | |
680 | } | |
62e76326 | 681 | |
a9925b40 | 682 | CBIT_CLR(mask, id); |
9bea1d5b | 683 | assert(count); |
684 | return count; | |
d8b249ef | 685 | } |
d8b249ef | 686 | |
cb69b4c7 | 687 | /* |
688 | * deletes an entry at pos and leaves a gap; leaving a gap makes it | |
689 | * possible to iterate(search) and delete fields at the same time | |
ba9fb01d | 690 | * NOTE: Does not update the header mask. Caller must follow up with |
691 | * a call to refreshMask() if headers_deleted was incremented. | |
cb69b4c7 | 692 | */ |
2246b732 | 693 | void |
ba9fb01d | 694 | HttpHeader::delAt(HttpHeaderPos pos, int &headers_deleted) |
cb69b4c7 | 695 | { |
9bea1d5b | 696 | HttpHeaderEntry *e; |
c0abe2ec FC |
697 | assert(pos >= HttpHeaderInitPos && pos < static_cast<ssize_t>(entries.size())); |
698 | e = static_cast<HttpHeaderEntry*>(entries[pos]); | |
aee3523a | 699 | entries[pos] = nullptr; |
9bea1d5b | 700 | /* decrement header length, allow for ": " and crlf */ |
d5f18517 | 701 | len -= e->name.length() + 2 + e->value.size() + 2; |
a9925b40 | 702 | assert(len >= 0); |
eede25e7 | 703 | delete e; |
ba9fb01d | 704 | ++headers_deleted; |
cb69b4c7 | 705 | } |
706 | ||
394499bd | 707 | /* |
708 | * Compacts the header storage | |
709 | */ | |
710 | void | |
711 | HttpHeader::compact() | |
712 | { | |
6e1410f9 | 713 | // TODO: optimize removal, or possibly make it so that's not needed. |
81ab22b6 FC |
714 | entries.erase( std::remove(entries.begin(), entries.end(), nullptr), |
715 | entries.end()); | |
394499bd | 716 | } |
717 | ||
ba9fb01d | 718 | /* |
719 | * Refreshes the header mask. Required after delAt() calls. | |
720 | */ | |
721 | void | |
722 | HttpHeader::refreshMask() | |
723 | { | |
724 | httpHeaderMaskInit(&mask, 0); | |
725 | debugs(55, 7, "refreshing the mask in hdr " << this); | |
81ab22b6 FC |
726 | for (auto e : entries) { |
727 | if (e) | |
728 | CBIT_SET(mask, e->id); | |
ba9fb01d | 729 | } |
730 | } | |
99edd1c3 | 731 | |
62e76326 | 732 | /* appends an entry; |
eede25e7 | 733 | * does not call e->clone() so one should not reuse "*e" |
cb69b4c7 | 734 | */ |
99edd1c3 | 735 | void |
a9925b40 | 736 | HttpHeader::addEntry(HttpHeaderEntry * e) |
cb69b4c7 | 737 | { |
a9925b40 | 738 | assert(e); |
1da82544 | 739 | assert(any_HdrType_enum_value(e->id)); |
d5f18517 | 740 | assert(e->name.length()); |
9bea1d5b | 741 | |
4c9eadc2 | 742 | debugs(55, 7, this << " adding entry: " << e->id << " at " << entries.size()); |
62e76326 | 743 | |
789217a2 | 744 | if (e->id != Http::HdrType::BAD_HDR) { |
73b2aa87 FC |
745 | if (CBIT_TEST(mask, e->id)) { |
746 | ++ headerStatsTable[e->id].repCount; | |
747 | } else { | |
748 | CBIT_SET(mask, e->id); | |
749 | } | |
b88a45ed | 750 | } |
62e76326 | 751 | |
a9925b40 | 752 | entries.push_back(e); |
62e76326 | 753 | |
fbc23dd6 | 754 | len += e->length(); |
cb69b4c7 | 755 | } |
756 | ||
35b88ed2 | 757 | bool |
789217a2 | 758 | HttpHeader::getList(Http::HdrType id, String *s) const |
35b88ed2 | 759 | { |
efc26e8e | 760 | debugs(55, 9, this << " joining for id " << id); |
35b88ed2 | 761 | /* only fields from ListHeaders array can be "listed" */ |
81ab22b6 | 762 | assert(Http::HeaderLookupTable.lookup(id).list); |
35b88ed2 | 763 | |
764 | if (!CBIT_TEST(mask, id)) | |
765 | return false; | |
766 | ||
81ab22b6 FC |
767 | for (auto e: entries) { |
768 | if (e && e->id == id) | |
9d7a89a5 | 769 | strListAdd(s, e->value.termedBuf(), ','); |
35b88ed2 | 770 | } |
771 | ||
772 | /* | |
773 | * note: we might get an empty (size==0) string if there was an "empty" | |
774 | * header. This results in an empty length String, which may have a NULL | |
775 | * buffer. | |
776 | */ | |
777 | /* temporary warning: remove it? (Is it useful for diagnostics ?) */ | |
778 | if (!s->size()) | |
81ab22b6 | 779 | debugs(55, 3, "empty list header: " << Http::HeaderLookupTable.lookup(id).name << "(" << id << ")"); |
35b88ed2 | 780 | else |
781 | debugs(55, 6, this << ": joined for id " << id << ": " << s); | |
782 | ||
783 | return true; | |
784 | } | |
785 | ||
99edd1c3 | 786 | /* return a list of entries with the same id separated by ',' and ws */ |
30abd221 | 787 | String |
789217a2 | 788 | HttpHeader::getList(Http::HdrType id) const |
cb69b4c7 | 789 | { |
9bea1d5b | 790 | HttpHeaderEntry *e; |
791 | HttpHeaderPos pos = HttpHeaderInitPos; | |
efc26e8e | 792 | debugs(55, 9, this << "joining for id " << id); |
9bea1d5b | 793 | /* only fields from ListHeaders array can be "listed" */ |
81ab22b6 | 794 | assert(Http::HeaderLookupTable.lookup(id).list); |
62e76326 | 795 | |
a9925b40 | 796 | if (!CBIT_TEST(mask, id)) |
30abd221 | 797 | return String(); |
650c4b88 | 798 | |
30abd221 | 799 | String s; |
62e76326 | 800 | |
a9925b40 | 801 | while ((e = getEntry(&pos))) { |
62e76326 | 802 | if (e->id == id) |
9d7a89a5 | 803 | strListAdd(&s, e->value.termedBuf(), ','); |
d35b9a94 | 804 | } |
62e76326 | 805 | |
9bea1d5b | 806 | /* |
948078e3 | 807 | * note: we might get an empty (size==0) string if there was an "empty" |
808 | * header. This results in an empty length String, which may have a NULL | |
809 | * buffer. | |
9bea1d5b | 810 | */ |
948078e3 | 811 | /* temporary warning: remove it? (Is it useful for diagnostics ?) */ |
528b2c61 | 812 | if (!s.size()) |
81ab22b6 | 813 | debugs(55, 3, "empty list header: " << Http::HeaderLookupTable.lookup(id).name << "(" << id << ")"); |
948078e3 | 814 | else |
815 | debugs(55, 6, this << ": joined for id " << id << ": " << s); | |
62e76326 | 816 | |
9bea1d5b | 817 | return s; |
cb69b4c7 | 818 | } |
819 | ||
f66a9ef4 | 820 | /* return a string or list of entries with the same id separated by ',' and ws */ |
30abd221 | 821 | String |
789217a2 | 822 | HttpHeader::getStrOrList(Http::HdrType id) const |
f66a9ef4 | 823 | { |
c7327fa0 | 824 | HttpHeaderEntry *e; |
9bea1d5b | 825 | |
81ab22b6 | 826 | if (Http::HeaderLookupTable.lookup(id).list) |
a9925b40 | 827 | return getList(id); |
62e76326 | 828 | |
a9925b40 | 829 | if ((e = findEntry(id))) |
62e76326 | 830 | return e->value; |
831 | ||
30abd221 | 832 | return String(); |
f66a9ef4 | 833 | } |
834 | ||
835 | /* | |
b2c44718 | 836 | * Returns the value of the specified header and/or an undefined String. |
f66a9ef4 | 837 | */ |
30abd221 | 838 | String |
a9925b40 | 839 | HttpHeader::getByName(const char *name) const |
81ab22b6 FC |
840 | { |
841 | String result; | |
842 | // ignore presence: return undefined string if an empty header is present | |
f29d429e | 843 | (void)hasNamed(name, strlen(name), &result); |
81ab22b6 FC |
844 | return result; |
845 | } | |
846 | ||
847 | String | |
848 | HttpHeader::getByName(const SBuf &name) const | |
b2c44718 AR |
849 | { |
850 | String result; | |
851 | // ignore presence: return undefined string if an empty header is present | |
f29d429e | 852 | (void)hasNamed(name, &result); |
b2c44718 AR |
853 | return result; |
854 | } | |
855 | ||
81ab22b6 FC |
856 | String |
857 | HttpHeader::getById(Http::HdrType id) const | |
858 | { | |
859 | String result; | |
f29d429e | 860 | (void)getByIdIfPresent(id, &result); |
81ab22b6 FC |
861 | return result; |
862 | } | |
863 | ||
864 | bool | |
f29d429e | 865 | HttpHeader::hasNamed(const SBuf &s, String *result) const |
81ab22b6 | 866 | { |
f29d429e | 867 | return hasNamed(s.rawContent(), s.length(), result); |
81ab22b6 FC |
868 | } |
869 | ||
870 | bool | |
f29d429e | 871 | HttpHeader::getByIdIfPresent(Http::HdrType id, String *result) const |
81ab22b6 FC |
872 | { |
873 | if (id == Http::HdrType::BAD_HDR) | |
874 | return false; | |
875 | if (!has(id)) | |
876 | return false; | |
f29d429e EB |
877 | if (result) |
878 | *result = getStrOrList(id); | |
81ab22b6 FC |
879 | return true; |
880 | } | |
881 | ||
b2c44718 | 882 | bool |
d5f18517 | 883 | HttpHeader::hasNamed(const char *name, unsigned int namelen, String *result) const |
f66a9ef4 | 884 | { |
789217a2 | 885 | Http::HdrType id; |
9bea1d5b | 886 | HttpHeaderPos pos = HttpHeaderInitPos; |
887 | HttpHeaderEntry *e; | |
9bea1d5b | 888 | |
9bea1d5b | 889 | assert(name); |
890 | ||
891 | /* First try the quick path */ | |
81ab22b6 | 892 | id = Http::HeaderLookupTable.lookup(name,namelen).id; |
62e76326 | 893 | |
789217a2 | 894 | if (id != Http::HdrType::BAD_HDR) { |
81ab22b6 FC |
895 | if (getByIdIfPresent(id, result)) |
896 | return true; | |
b2c44718 | 897 | } |
650c4b88 | 898 | |
9bea1d5b | 899 | /* Sorry, an unknown header name. Do linear search */ |
b2c44718 | 900 | bool found = false; |
a9925b40 | 901 | while ((e = getEntry(&pos))) { |
d5f18517 | 902 | if (e->id == Http::HdrType::OTHER && e->name.length() == namelen && e->name.caseCmp(name, namelen) == 0) { |
b2c44718 | 903 | found = true; |
f29d429e EB |
904 | if (!result) |
905 | break; | |
906 | strListAdd(result, e->value.termedBuf(), ','); | |
62e76326 | 907 | } |
f66a9ef4 | 908 | } |
62e76326 | 909 | |
b2c44718 | 910 | return found; |
f66a9ef4 | 911 | } |
cb69b4c7 | 912 | |
14b463aa | 913 | /* |
372fdfbf | 914 | * Returns a the value of the specified list member, if any. |
14b463aa | 915 | */ |
36c774f7 | 916 | SBuf |
a9925b40 | 917 | HttpHeader::getByNameListMember(const char *name, const char *member, const char separator) const |
14b463aa | 918 | { |
14b463aa | 919 | assert(name); |
36c774f7 EB |
920 | const auto header = getByName(name); |
921 | return ::getListMember(header, member, separator); | |
14b463aa | 922 | } |
923 | ||
924 | /* | |
925 | * returns a the value of the specified list member, if any. | |
926 | */ | |
36c774f7 | 927 | SBuf |
789217a2 | 928 | HttpHeader::getListMember(Http::HdrType id, const char *member, const char separator) const |
14b463aa | 929 | { |
8cccf1f8 | 930 | assert(any_registered_header(id)); |
36c774f7 EB |
931 | const auto header = getStrOrList(id); |
932 | return ::getListMember(header, member, separator); | |
14b463aa | 933 | } |
934 | ||
cb69b4c7 | 935 | /* test if a field is present */ |
2ac76861 | 936 | int |
789217a2 | 937 | HttpHeader::has(Http::HdrType id) const |
cb69b4c7 | 938 | { |
8cccf1f8 | 939 | assert(any_registered_header(id)); |
efc26e8e | 940 | debugs(55, 9, this << " lookup for " << id); |
a9925b40 | 941 | return CBIT_TEST(mask, id); |
cb69b4c7 | 942 | } |
943 | ||
90be6ff5 EB |
944 | void |
945 | HttpHeader::addVia(const AnyP::ProtocolVersion &ver, const HttpHeader *from) | |
946 | { | |
947 | // TODO: do not add Via header for messages where Squid itself | |
948 | // generated the message (i.e., Downloader or ESI) there should be no Via header added at all. | |
949 | ||
950 | if (Config.onoff.via) { | |
951 | SBuf buf; | |
952 | // RFC 7230 section 5.7.1.: protocol-name is omitted when | |
953 | // the received protocol is HTTP. | |
954 | if (ver.protocol > AnyP::PROTO_NONE && ver.protocol < AnyP::PROTO_UNKNOWN && | |
955 | ver.protocol != AnyP::PROTO_HTTP && ver.protocol != AnyP::PROTO_HTTPS) | |
956 | buf.appendf("%s/", AnyP::ProtocolType_str[ver.protocol]); | |
957 | buf.appendf("%d.%d %s", ver.major, ver.minor, ThisCache); | |
958 | const HttpHeader *hdr = from ? from : this; | |
959 | SBuf strVia = StringToSBuf(hdr->getList(Http::HdrType::VIA)); | |
960 | if (!strVia.isEmpty()) | |
961 | strVia.append(", ", 2); | |
962 | strVia.append(buf); | |
05ba40fc | 963 | updateOrAddStr(Http::HdrType::VIA, strVia); |
90be6ff5 EB |
964 | } |
965 | } | |
966 | ||
cb69b4c7 | 967 | void |
789217a2 | 968 | HttpHeader::putInt(Http::HdrType id, int number) |
cb69b4c7 | 969 | { |
8cccf1f8 | 970 | assert(any_registered_header(id)); |
81ab22b6 | 971 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftInt); /* must be of an appropriate type */ |
9bea1d5b | 972 | assert(number >= 0); |
d5f18517 | 973 | addEntry(new HttpHeaderEntry(id, SBuf(), xitoa(number))); |
cb69b4c7 | 974 | } |
975 | ||
47f6e231 | 976 | void |
789217a2 | 977 | HttpHeader::putInt64(Http::HdrType id, int64_t number) |
47f6e231 | 978 | { |
8cccf1f8 | 979 | assert(any_registered_header(id)); |
81ab22b6 | 980 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftInt64); /* must be of an appropriate type */ |
47f6e231 | 981 | assert(number >= 0); |
d5f18517 | 982 | addEntry(new HttpHeaderEntry(id, SBuf(), xint64toa(number))); |
47f6e231 | 983 | } |
984 | ||
cb69b4c7 | 985 | void |
789217a2 | 986 | HttpHeader::putTime(Http::HdrType id, time_t htime) |
cb69b4c7 | 987 | { |
8cccf1f8 | 988 | assert(any_registered_header(id)); |
81ab22b6 | 989 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftDate_1123); /* must be of an appropriate type */ |
a1d6870f | 990 | assert(htime >= 0); |
98cacedb | 991 | addEntry(new HttpHeaderEntry(id, SBuf(), Time::FormatRfc1123(htime))); |
cb69b4c7 | 992 | } |
2ac76861 | 993 | |
cb69b4c7 | 994 | void |
789217a2 | 995 | HttpHeader::putStr(Http::HdrType id, const char *str) |
cb69b4c7 | 996 | { |
8cccf1f8 | 997 | assert(any_registered_header(id)); |
81ab22b6 | 998 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftStr); /* must be of an appropriate type */ |
9bea1d5b | 999 | assert(str); |
d5f18517 | 1000 | addEntry(new HttpHeaderEntry(id, SBuf(), str)); |
cb69b4c7 | 1001 | } |
1002 | ||
63259c34 | 1003 | void |
a9925b40 | 1004 | HttpHeader::putAuth(const char *auth_scheme, const char *realm) |
63259c34 | 1005 | { |
a9925b40 | 1006 | assert(auth_scheme && realm); |
789217a2 | 1007 | httpHeaderPutStrf(this, Http::HdrType::WWW_AUTHENTICATE, "%s realm=\"%s\"", auth_scheme, realm); |
63259c34 | 1008 | } |
1009 | ||
99edd1c3 | 1010 | void |
182faab8 | 1011 | HttpHeader::putCc(const HttpHdrCc &cc) |
99edd1c3 | 1012 | { |
9bea1d5b | 1013 | /* remove old directives if any */ |
789217a2 | 1014 | delById(Http::HdrType::CACHE_CONTROL); |
9bea1d5b | 1015 | /* pack into mb */ |
10201568 | 1016 | MemBuf mb; |
2fe7eff9 | 1017 | mb.init(); |
182faab8 | 1018 | cc.packInto(&mb); |
9bea1d5b | 1019 | /* put */ |
d5f18517 | 1020 | addEntry(new HttpHeaderEntry(Http::HdrType::CACHE_CONTROL, SBuf(), mb.buf)); |
9bea1d5b | 1021 | /* cleanup */ |
2fe7eff9 | 1022 | mb.clean(); |
99edd1c3 | 1023 | } |
1024 | ||
d192d11f | 1025 | void |
a9925b40 | 1026 | HttpHeader::putContRange(const HttpHdrContRange * cr) |
d192d11f | 1027 | { |
a9925b40 | 1028 | assert(cr); |
9bea1d5b | 1029 | /* remove old directives if any */ |
789217a2 | 1030 | delById(Http::HdrType::CONTENT_RANGE); |
9bea1d5b | 1031 | /* pack into mb */ |
10201568 | 1032 | MemBuf mb; |
2fe7eff9 | 1033 | mb.init(); |
10201568 | 1034 | httpHdrContRangePackInto(cr, &mb); |
9bea1d5b | 1035 | /* put */ |
d5f18517 | 1036 | addEntry(new HttpHeaderEntry(Http::HdrType::CONTENT_RANGE, SBuf(), mb.buf)); |
9bea1d5b | 1037 | /* cleanup */ |
2fe7eff9 | 1038 | mb.clean(); |
d192d11f | 1039 | } |
1040 | ||
1041 | void | |
a9925b40 | 1042 | HttpHeader::putRange(const HttpHdrRange * range) |
d192d11f | 1043 | { |
a9925b40 | 1044 | assert(range); |
9bea1d5b | 1045 | /* remove old directives if any */ |
789217a2 | 1046 | delById(Http::HdrType::RANGE); |
9bea1d5b | 1047 | /* pack into mb */ |
10201568 | 1048 | MemBuf mb; |
2fe7eff9 | 1049 | mb.init(); |
10201568 | 1050 | range->packInto(&mb); |
9bea1d5b | 1051 | /* put */ |
d5f18517 | 1052 | addEntry(new HttpHeaderEntry(Http::HdrType::RANGE, SBuf(), mb.buf)); |
9bea1d5b | 1053 | /* cleanup */ |
2fe7eff9 | 1054 | mb.clean(); |
d192d11f | 1055 | } |
1056 | ||
43ae1d95 | 1057 | void |
a9925b40 | 1058 | HttpHeader::putSc(HttpHdrSc *sc) |
43ae1d95 | 1059 | { |
a9925b40 | 1060 | assert(sc); |
43ae1d95 | 1061 | /* remove old directives if any */ |
789217a2 | 1062 | delById(Http::HdrType::SURROGATE_CONTROL); |
43ae1d95 | 1063 | /* pack into mb */ |
10201568 | 1064 | MemBuf mb; |
2fe7eff9 | 1065 | mb.init(); |
10201568 | 1066 | sc->packInto(&mb); |
43ae1d95 | 1067 | /* put */ |
d5f18517 | 1068 | addEntry(new HttpHeaderEntry(Http::HdrType::SURROGATE_CONTROL, SBuf(), mb.buf)); |
43ae1d95 | 1069 | /* cleanup */ |
2fe7eff9 | 1070 | mb.clean(); |
43ae1d95 | 1071 | } |
1072 | ||
cb69b4c7 | 1073 | /* add extension header (these fields are not parsed/analyzed/joined, etc.) */ |
1074 | void | |
a9925b40 | 1075 | HttpHeader::putExt(const char *name, const char *value) |
cb69b4c7 | 1076 | { |
9bea1d5b | 1077 | assert(name && value); |
efc26e8e | 1078 | debugs(55, 8, this << " adds ext entry " << name << " : " << value); |
d5f18517 | 1079 | addEntry(new HttpHeaderEntry(Http::HdrType::OTHER, SBuf(name), value)); |
528b2c61 | 1080 | } |
1081 | ||
05ba40fc EW |
1082 | void |
1083 | HttpHeader::updateOrAddStr(const Http::HdrType id, const SBuf &newValue) | |
1084 | { | |
1085 | assert(any_registered_header(id)); | |
1086 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftStr); | |
1087 | ||
1088 | // XXX: HttpHeaderEntry::value suffers from String size limits | |
1089 | Assure(newValue.length() < String::SizeMaxXXX()); | |
1090 | ||
1091 | if (!CBIT_TEST(mask, id)) { | |
1092 | auto newValueCopy = newValue; // until HttpHeaderEntry::value becomes SBuf | |
1093 | addEntry(new HttpHeaderEntry(id, SBuf(), newValueCopy.c_str())); | |
1094 | return; | |
1095 | } | |
1096 | ||
1097 | auto foundSameName = false; | |
1098 | for (auto &e: entries) { | |
1099 | if (!e || e->id != id) | |
1100 | continue; | |
1101 | ||
1102 | if (foundSameName) { | |
1103 | // get rid of this repeated same-name entry | |
1104 | delete e; | |
1105 | e = nullptr; | |
1106 | continue; | |
1107 | } | |
1108 | ||
1109 | if (newValue.cmp(e->value.termedBuf()) != 0) | |
1110 | e->value.assign(newValue.rawContent(), newValue.plength()); | |
1111 | ||
1112 | foundSameName = true; | |
1113 | // continue to delete any repeated same-name entries | |
1114 | } | |
1115 | assert(foundSameName); | |
1116 | debugs(55, 5, "synced: " << Http::HeaderLookupTable.lookup(id).name << ": " << newValue); | |
1117 | } | |
1118 | ||
528b2c61 | 1119 | int |
789217a2 | 1120 | HttpHeader::getInt(Http::HdrType id) const |
528b2c61 | 1121 | { |
8cccf1f8 | 1122 | assert(any_registered_header(id)); |
81ab22b6 | 1123 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftInt); /* must be of an appropriate type */ |
528b2c61 | 1124 | HttpHeaderEntry *e; |
62e76326 | 1125 | |
a9925b40 | 1126 | if ((e = findEntry(id))) |
eede25e7 | 1127 | return e->getInt(); |
62e76326 | 1128 | |
528b2c61 | 1129 | return -1; |
7c525cc2 | 1130 | } |
1131 | ||
47f6e231 | 1132 | int64_t |
789217a2 | 1133 | HttpHeader::getInt64(Http::HdrType id) const |
47f6e231 | 1134 | { |
8cccf1f8 | 1135 | assert(any_registered_header(id)); |
81ab22b6 | 1136 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftInt64); /* must be of an appropriate type */ |
47f6e231 | 1137 | HttpHeaderEntry *e; |
1138 | ||
1139 | if ((e = findEntry(id))) | |
1140 | return e->getInt64(); | |
1141 | ||
1142 | return -1; | |
1143 | } | |
1144 | ||
de336bbe | 1145 | time_t |
789217a2 | 1146 | HttpHeader::getTime(Http::HdrType id) const |
cb69b4c7 | 1147 | { |
9bea1d5b | 1148 | HttpHeaderEntry *e; |
1149 | time_t value = -1; | |
8cccf1f8 | 1150 | assert(any_registered_header(id)); |
81ab22b6 | 1151 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftDate_1123); /* must be of an appropriate type */ |
62e76326 | 1152 | |
a9925b40 | 1153 | if ((e = findEntry(id))) { |
98cacedb | 1154 | value = Time::ParseRfc1123(e->value.termedBuf()); |
62e76326 | 1155 | httpHeaderNoteParsedEntry(e->id, e->value, value < 0); |
d8b249ef | 1156 | } |
62e76326 | 1157 | |
9bea1d5b | 1158 | return value; |
cb69b4c7 | 1159 | } |
1160 | ||
99edd1c3 | 1161 | /* sync with httpHeaderGetLastStr */ |
de336bbe | 1162 | const char * |
789217a2 | 1163 | HttpHeader::getStr(Http::HdrType id) const |
cb69b4c7 | 1164 | { |
9bea1d5b | 1165 | HttpHeaderEntry *e; |
8cccf1f8 | 1166 | assert(any_registered_header(id)); |
81ab22b6 | 1167 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftStr); /* must be of an appropriate type */ |
62e76326 | 1168 | |
a9925b40 | 1169 | if ((e = findEntry(id))) { |
81ab22b6 | 1170 | httpHeaderNoteParsedEntry(e->id, e->value, false); /* no errors are possible */ |
9d7a89a5 | 1171 | return e->value.termedBuf(); |
d8b249ef | 1172 | } |
62e76326 | 1173 | |
aee3523a | 1174 | return nullptr; |
cb69b4c7 | 1175 | } |
1176 | ||
a622fff0 | 1177 | /* unusual */ |
1178 | const char * | |
789217a2 | 1179 | HttpHeader::getLastStr(Http::HdrType id) const |
a622fff0 | 1180 | { |
9bea1d5b | 1181 | HttpHeaderEntry *e; |
8cccf1f8 | 1182 | assert(any_registered_header(id)); |
81ab22b6 | 1183 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftStr); /* must be of an appropriate type */ |
62e76326 | 1184 | |
a9925b40 | 1185 | if ((e = findLastEntry(id))) { |
81ab22b6 | 1186 | httpHeaderNoteParsedEntry(e->id, e->value, false); /* no errors are possible */ |
9d7a89a5 | 1187 | return e->value.termedBuf(); |
a622fff0 | 1188 | } |
62e76326 | 1189 | |
aee3523a | 1190 | return nullptr; |
a622fff0 | 1191 | } |
1192 | ||
7faf2bdb | 1193 | HttpHdrCc * |
a9925b40 | 1194 | HttpHeader::getCc() const |
cb69b4c7 | 1195 | { |
789217a2 | 1196 | if (!CBIT_TEST(mask, Http::HdrType::CACHE_CONTROL)) |
aee3523a | 1197 | return nullptr; |
62e76326 | 1198 | |
c57b8f05 | 1199 | String s; |
789217a2 | 1200 | getList(Http::HdrType::CACHE_CONTROL, &s); |
62e76326 | 1201 | |
c57b8f05 | 1202 | HttpHdrCc *cc=new HttpHdrCc(); |
7ebe76de FC |
1203 | |
1204 | if (!cc->parse(s)) { | |
cf66f10a | 1205 | delete cc; |
aee3523a | 1206 | cc = nullptr; |
cf66f10a | 1207 | } |
62e76326 | 1208 | |
95dc7ff4 | 1209 | ++ HttpHeaderStats[owner].ccParsedCount; |
62e76326 | 1210 | |
9bea1d5b | 1211 | if (cc) |
a9925b40 | 1212 | httpHdrCcUpdateStats(cc, &HttpHeaderStats[owner].ccTypeDistr); |
62e76326 | 1213 | |
789217a2 | 1214 | httpHeaderNoteParsedEntry(Http::HdrType::CACHE_CONTROL, s, !cc); |
62e76326 | 1215 | |
9bea1d5b | 1216 | return cc; |
cb69b4c7 | 1217 | } |
1218 | ||
02922e76 | 1219 | HttpHdrRange * |
a9925b40 | 1220 | HttpHeader::getRange() const |
02922e76 | 1221 | { |
aee3523a | 1222 | HttpHdrRange *r = nullptr; |
9bea1d5b | 1223 | HttpHeaderEntry *e; |
1224 | /* some clients will send "Request-Range" _and_ *matching* "Range" | |
1225 | * who knows, some clients might send Request-Range only; | |
1226 | * this "if" should work correctly in both cases; | |
1227 | * hopefully no clients send mismatched headers! */ | |
62e76326 | 1228 | |
789217a2 FC |
1229 | if ((e = findEntry(Http::HdrType::RANGE)) || |
1230 | (e = findEntry(Http::HdrType::REQUEST_RANGE))) { | |
62e76326 | 1231 | r = HttpHdrRange::ParseCreate(&e->value); |
1232 | httpHeaderNoteParsedEntry(e->id, e->value, !r); | |
d192d11f | 1233 | } |
62e76326 | 1234 | |
9bea1d5b | 1235 | return r; |
02922e76 | 1236 | } |
1237 | ||
43ae1d95 | 1238 | HttpHdrSc * |
a9925b40 | 1239 | HttpHeader::getSc() const |
43ae1d95 | 1240 | { |
789217a2 | 1241 | if (!CBIT_TEST(mask, Http::HdrType::SURROGATE_CONTROL)) |
aee3523a | 1242 | return nullptr; |
43ae1d95 | 1243 | |
30abd221 | 1244 | String s; |
26ac0430 | 1245 | |
789217a2 | 1246 | (void) getList(Http::HdrType::SURROGATE_CONTROL, &s); |
43ae1d95 | 1247 | |
45a58345 | 1248 | HttpHdrSc *sc = httpHdrScParseCreate(s); |
43ae1d95 | 1249 | |
95dc7ff4 | 1250 | ++ HttpHeaderStats[owner].ccParsedCount; |
43ae1d95 | 1251 | |
1252 | if (sc) | |
45a58345 | 1253 | sc->updateStats(&HttpHeaderStats[owner].scTypeDistr); |
43ae1d95 | 1254 | |
789217a2 | 1255 | httpHeaderNoteParsedEntry(Http::HdrType::SURROGATE_CONTROL, s, !sc); |
43ae1d95 | 1256 | |
1257 | return sc; | |
1258 | } | |
1259 | ||
d76fcfa7 | 1260 | HttpHdrContRange * |
a9925b40 | 1261 | HttpHeader::getContRange() const |
d76fcfa7 | 1262 | { |
aee3523a | 1263 | HttpHdrContRange *cr = nullptr; |
9bea1d5b | 1264 | HttpHeaderEntry *e; |
62e76326 | 1265 | |
789217a2 | 1266 | if ((e = findEntry(Http::HdrType::CONTENT_RANGE))) { |
9d7a89a5 | 1267 | cr = httpHdrContRangeParseCreate(e->value.termedBuf()); |
62e76326 | 1268 | httpHeaderNoteParsedEntry(e->id, e->value, !cr); |
d8b249ef | 1269 | } |
62e76326 | 1270 | |
9bea1d5b | 1271 | return cr; |
cb69b4c7 | 1272 | } |
1273 | ||
2582f64a AJ |
1274 | SBuf |
1275 | HttpHeader::getAuthToken(Http::HdrType id, const char *auth_scheme) const | |
cb69b4c7 | 1276 | { |
9bea1d5b | 1277 | const char *field; |
1278 | int l; | |
a9925b40 | 1279 | assert(auth_scheme); |
1280 | field = getStr(id); | |
62e76326 | 1281 | |
2582f64a | 1282 | static const SBuf nil; |
f53969cc | 1283 | if (!field) /* no authorization field */ |
2582f64a | 1284 | return nil; |
62e76326 | 1285 | |
9bea1d5b | 1286 | l = strlen(auth_scheme); |
62e76326 | 1287 | |
f53969cc | 1288 | if (!l || strncasecmp(field, auth_scheme, l)) /* wrong scheme */ |
2582f64a | 1289 | return nil; |
62e76326 | 1290 | |
9bea1d5b | 1291 | field += l; |
62e76326 | 1292 | |
f53969cc | 1293 | if (!xisspace(*field)) /* wrong scheme */ |
2582f64a | 1294 | return nil; |
62e76326 | 1295 | |
9bea1d5b | 1296 | /* skip white space */ |
95dc7ff4 | 1297 | for (; field && xisspace(*field); ++field); |
62e76326 | 1298 | |
f53969cc | 1299 | if (!*field) /* no authorization cookie */ |
2582f64a | 1300 | return nil; |
62e76326 | 1301 | |
2582f64a AJ |
1302 | const auto fieldLen = strlen(field); |
1303 | SBuf result; | |
1304 | char *decodedAuthToken = result.rawAppendStart(BASE64_DECODE_LENGTH(fieldLen)); | |
aadbbd7d AJ |
1305 | struct base64_decode_ctx ctx; |
1306 | base64_decode_init(&ctx); | |
1307 | size_t decodedLen = 0; | |
2582f64a | 1308 | if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(decodedAuthToken), fieldLen, field) || |
aadbbd7d | 1309 | !base64_decode_final(&ctx)) { |
2582f64a | 1310 | return nil; |
aadbbd7d | 1311 | } |
2582f64a AJ |
1312 | result.rawAppendFinish(decodedAuthToken, decodedLen); |
1313 | return result; | |
cb69b4c7 | 1314 | } |
1315 | ||
a9771e51 | 1316 | ETag |
789217a2 | 1317 | HttpHeader::getETag(Http::HdrType id) const |
a9771e51 | 1318 | { |
aee3523a | 1319 | ETag etag = {nullptr, -1}; |
9bea1d5b | 1320 | HttpHeaderEntry *e; |
81ab22b6 | 1321 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftETag); /* must be of an appropriate type */ |
62e76326 | 1322 | |
a9925b40 | 1323 | if ((e = findEntry(id))) |
9d7a89a5 | 1324 | etagParseInit(&etag, e->value.termedBuf()); |
62e76326 | 1325 | |
9bea1d5b | 1326 | return etag; |
a9771e51 | 1327 | } |
1328 | ||
1329 | TimeOrTag | |
789217a2 | 1330 | HttpHeader::getTimeOrTag(Http::HdrType id) const |
a9771e51 | 1331 | { |
9bea1d5b | 1332 | TimeOrTag tot; |
1333 | HttpHeaderEntry *e; | |
81ab22b6 | 1334 | assert(Http::HeaderLookupTable.lookup(id).type == Http::HdrFieldType::ftDate_1123_or_ETag); /* must be of an appropriate type */ |
9bea1d5b | 1335 | memset(&tot, 0, sizeof(tot)); |
62e76326 | 1336 | |
a9925b40 | 1337 | if ((e = findEntry(id))) { |
9d7a89a5 | 1338 | const char *str = e->value.termedBuf(); |
62e76326 | 1339 | /* try as an ETag */ |
1340 | ||
1341 | if (etagParseInit(&tot.tag, str)) { | |
aee3523a | 1342 | tot.valid = tot.tag.str != nullptr; |
62e76326 | 1343 | tot.time = -1; |
1344 | } else { | |
1345 | /* or maybe it is time? */ | |
98cacedb | 1346 | tot.time = Time::ParseRfc1123(str); |
62e76326 | 1347 | tot.valid = tot.time >= 0; |
aee3523a | 1348 | tot.tag.str = nullptr; |
62e76326 | 1349 | } |
a9771e51 | 1350 | } |
62e76326 | 1351 | |
f53969cc | 1352 | assert(tot.time < 0 || !tot.tag.str); /* paranoid */ |
9bea1d5b | 1353 | return tot; |
a9771e51 | 1354 | } |
1355 | ||
cb69b4c7 | 1356 | /* |
1357 | * HttpHeaderEntry | |
1358 | */ | |
1359 | ||
d5f18517 | 1360 | HttpHeaderEntry::HttpHeaderEntry(Http::HdrType anId, const SBuf &aName, const char *aValue) |
cb69b4c7 | 1361 | { |
1da82544 | 1362 | assert(any_HdrType_enum_value(anId)); |
eede25e7 | 1363 | id = anId; |
62e76326 | 1364 | |
789217a2 | 1365 | if (id != Http::HdrType::OTHER) |
81ab22b6 | 1366 | name = Http::HeaderLookupTable.lookup(id).name; |
9bea1d5b | 1367 | else |
eede25e7 | 1368 | name = aName; |
62e76326 | 1369 | |
eede25e7 | 1370 | value = aValue; |
62e76326 | 1371 | |
1da82544 | 1372 | if (id != Http::HdrType::BAD_HDR) |
73b2aa87 | 1373 | ++ headerStatsTable[id].aliveCount; |
62e76326 | 1374 | |
9d7a89a5 | 1375 | debugs(55, 9, "created HttpHeaderEntry " << this << ": '" << name << " : " << value ); |
eede25e7 | 1376 | } |
62e76326 | 1377 | |
eede25e7 | 1378 | HttpHeaderEntry::~HttpHeaderEntry() |
2ac76861 | 1379 | { |
9d7a89a5 | 1380 | debugs(55, 9, "destroying entry " << this << ": '" << name << ": " << value << "'"); |
62e76326 | 1381 | |
1da82544 FC |
1382 | if (id != Http::HdrType::BAD_HDR) { |
1383 | assert(headerStatsTable[id].aliveCount); | |
1384 | -- headerStatsTable[id].aliveCount; | |
1385 | id = Http::HdrType::BAD_HDR; // it already is BAD_HDR, no sense in resetting it | |
1386 | } | |
62e76326 | 1387 | |
cb69b4c7 | 1388 | } |
1389 | ||
eede25e7 | 1390 | /* parses and inits header entry, returns true/false */ |
cdce6c61 | 1391 | HttpHeaderEntry * |
2358b975 | 1392 | HttpHeaderEntry::parse(const char *field_start, const char *field_end, const http_hdr_owner_type msgType) |
cb69b4c7 | 1393 | { |
9bea1d5b | 1394 | /* note: name_start == field_start */ |
52d3f198 | 1395 | const char *name_end = (const char *)memchr(field_start, ':', field_end - field_start); |
26ac0430 | 1396 | int name_len = name_end ? name_end - field_start :0; |
f53969cc | 1397 | const char *value_start = field_start + name_len + 1; /* skip ':' */ |
9bea1d5b | 1398 | /* note: value_end == field_end */ |
1399 | ||
95dc7ff4 | 1400 | ++ HeaderEntryParsedCount; |
9bea1d5b | 1401 | |
1402 | /* do we have a valid field name within this field? */ | |
62e76326 | 1403 | |
9bea1d5b | 1404 | if (!name_len || name_end > field_end) |
aee3523a | 1405 | return nullptr; |
62e76326 | 1406 | |
67746eea | 1407 | if (name_len > 65534) { |
1408 | /* String must be LESS THAN 64K and it adds a terminating NULL */ | |
2358b975 AJ |
1409 | // TODO: update this to show proper name_len in Raw markup, but not print all that |
1410 | debugs(55, 2, "ignoring huge header field (" << Raw("field_start", field_start, 100) << "...)"); | |
aee3523a | 1411 | return nullptr; |
25acfb53 | 1412 | } |
62e76326 | 1413 | |
2358b975 AJ |
1414 | /* |
1415 | * RFC 7230 section 3.2.4: | |
1416 | * "No whitespace is allowed between the header field-name and colon. | |
1417 | * ... | |
1418 | * A server MUST reject any received request message that contains | |
1419 | * whitespace between a header field-name and colon with a response code | |
1420 | * of 400 (Bad Request). A proxy MUST remove any such whitespace from a | |
1421 | * response message before forwarding the message downstream." | |
1422 | */ | |
1423 | if (xisspace(field_start[name_len - 1])) { | |
1424 | ||
1425 | if (msgType == hoRequest) | |
1426 | return nullptr; | |
1427 | ||
1428 | // for now, also let relaxed parser remove this BWS from any non-HTTP messages | |
1429 | const bool stripWhitespace = (msgType == hoReply) || | |
1430 | Config.onoff.relaxed_header_parser; | |
1431 | if (!stripWhitespace) | |
1432 | return nullptr; // reject if we cannot strip | |
1433 | ||
bf8fe701 | 1434 | debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2, |
d816f28d | 1435 | "WARNING: Whitespace after header name in '" << getStringPrefix(field_start, field_end-field_start) << "'"); |
52d3f198 | 1436 | |
1437 | while (name_len > 0 && xisspace(field_start[name_len - 1])) | |
5e263176 | 1438 | --name_len; |
52d3f198 | 1439 | |
2358b975 AJ |
1440 | if (!name_len) { |
1441 | debugs(55, 2, "found header with only whitespace for name"); | |
aee3523a | 1442 | return nullptr; |
2358b975 | 1443 | } |
52d3f198 | 1444 | } |
1445 | ||
b453677b AJ |
1446 | /* RFC 7230 section 3.2: |
1447 | * | |
1448 | * header-field = field-name ":" OWS field-value OWS | |
1449 | * field-name = token | |
1450 | * token = 1*TCHAR | |
1451 | */ | |
1452 | for (const char *pos = field_start; pos < (field_start+name_len); ++pos) { | |
1453 | if (!CharacterSet::TCHAR[*pos]) { | |
1454 | debugs(55, 2, "found header with invalid characters in " << | |
1455 | Raw("field-name", field_start, min(name_len,100)) << "..."); | |
1456 | return nullptr; | |
1457 | } | |
1458 | } | |
1459 | ||
9bea1d5b | 1460 | /* now we know we can parse it */ |
62e76326 | 1461 | |
81858ebc | 1462 | debugs(55, 9, "parsing HttpHeaderEntry: near '" << getStringPrefix(field_start, field_end-field_start) << "'"); |
62e76326 | 1463 | |
9bea1d5b | 1464 | /* is it a "known" field? */ |
81ab22b6 | 1465 | Http::HdrType id = Http::HeaderLookupTable.lookup(field_start,name_len).id; |
92991271 | 1466 | debugs(55, 9, "got hdr-id=" << id); |
cdce6c61 | 1467 | |
d5f18517 | 1468 | SBuf theName; |
cdce6c61 | 1469 | |
30abd221 | 1470 | String value; |
62e76326 | 1471 | |
789217a2 FC |
1472 | if (id == Http::HdrType::BAD_HDR) |
1473 | id = Http::HdrType::OTHER; | |
62e76326 | 1474 | |
9bea1d5b | 1475 | /* set field name */ |
789217a2 | 1476 | if (id == Http::HdrType::OTHER) |
d5f18517 | 1477 | theName.append(field_start, name_len); |
9bea1d5b | 1478 | else |
d5f18517 | 1479 | theName = Http::HeaderLookupTable.lookup(id).name; |
62e76326 | 1480 | |
9bea1d5b | 1481 | /* trim field value */ |
1482 | while (value_start < field_end && xisspace(*value_start)) | |
95dc7ff4 | 1483 | ++value_start; |
62e76326 | 1484 | |
52d3f198 | 1485 | while (value_start < field_end && xisspace(field_end[-1])) |
5e263176 | 1486 | --field_end; |
52d3f198 | 1487 | |
67746eea | 1488 | if (field_end - value_start > 65534) { |
1489 | /* String must be LESS THAN 64K and it adds a terminating NULL */ | |
2358b975 | 1490 | debugs(55, 2, "WARNING: found '" << theName << "' header of " << (field_end - value_start) << " bytes"); |
aee3523a | 1491 | return nullptr; |
25acfb53 | 1492 | } |
62e76326 | 1493 | |
9bea1d5b | 1494 | /* set field value */ |
2fe0439c | 1495 | value.assign(value_start, field_end - value_start); |
62e76326 | 1496 | |
789217a2 | 1497 | if (id != Http::HdrType::BAD_HDR) |
73b2aa87 | 1498 | ++ headerStatsTable[id].seenCount; |
62e76326 | 1499 | |
d5f18517 | 1500 | debugs(55, 9, "parsed HttpHeaderEntry: '" << theName << ": " << value << "'"); |
62e76326 | 1501 | |
d5f18517 | 1502 | return new HttpHeaderEntry(id, theName, value.termedBuf()); |
cb69b4c7 | 1503 | } |
1504 | ||
99edd1c3 | 1505 | HttpHeaderEntry * |
eede25e7 | 1506 | HttpHeaderEntry::clone() const |
cb69b4c7 | 1507 | { |
d5f18517 | 1508 | return new HttpHeaderEntry(id, name, value.termedBuf()); |
cb69b4c7 | 1509 | } |
1510 | ||
de336bbe | 1511 | void |
17802cf1 | 1512 | HttpHeaderEntry::packInto(Packable * p) const |
cb69b4c7 | 1513 | { |
eede25e7 | 1514 | assert(p); |
d5f18517 | 1515 | p->append(name.rawContent(), name.length()); |
785b508d AJ |
1516 | p->append(": ", 2); |
1517 | p->append(value.rawBuf(), value.size()); | |
1518 | p->append("\r\n", 2); | |
cb69b4c7 | 1519 | } |
1520 | ||
eede25e7 | 1521 | int |
1522 | HttpHeaderEntry::getInt() const | |
1523 | { | |
eede25e7 | 1524 | int val = -1; |
9d7a89a5 | 1525 | int ok = httpHeaderParseInt(value.termedBuf(), &val); |
81ab22b6 | 1526 | httpHeaderNoteParsedEntry(id, value, ok == 0); |
eede25e7 | 1527 | /* XXX: Should we check ok - ie |
1528 | * return ok ? -1 : value; | |
1529 | */ | |
1530 | return val; | |
1531 | } | |
1532 | ||
47f6e231 | 1533 | int64_t |
1534 | HttpHeaderEntry::getInt64() const | |
1535 | { | |
47f6e231 | 1536 | int64_t val = -1; |
a1b9ec20 | 1537 | const bool ok = httpHeaderParseOffset(value.termedBuf(), &val); |
a7fea967 | 1538 | httpHeaderNoteParsedEntry(id, value, !ok); |
a1b9ec20 | 1539 | return val; // remains -1 if !ok (XXX: bad method API) |
47f6e231 | 1540 | } |
1541 | ||
cb69b4c7 | 1542 | static void |
81ab22b6 | 1543 | httpHeaderNoteParsedEntry(Http::HdrType id, String const &context, bool error) |
cb69b4c7 | 1544 | { |
789217a2 | 1545 | if (id != Http::HdrType::BAD_HDR) |
73b2aa87 | 1546 | ++ headerStatsTable[id].parsCount; |
62e76326 | 1547 | |
9bea1d5b | 1548 | if (error) { |
789217a2 | 1549 | if (id != Http::HdrType::BAD_HDR) |
73b2aa87 | 1550 | ++ headerStatsTable[id].errCount; |
81ab22b6 | 1551 | debugs(55, 2, "cannot parse hdr field: '" << Http::HeaderLookupTable.lookup(id).name << ": " << context << "'"); |
cb69b4c7 | 1552 | } |
cb69b4c7 | 1553 | } |
1554 | ||
cb69b4c7 | 1555 | /* |
12cf1be2 | 1556 | * Reports |
cb69b4c7 | 1557 | */ |
cb69b4c7 | 1558 | |
fcd2d3ef | 1559 | /* tmp variable used to pass stat info to dumpers */ |
f53969cc | 1560 | extern const HttpHeaderStat *dump_stat; /* argh! */ |
aee3523a | 1561 | const HttpHeaderStat *dump_stat = nullptr; |
fcd2d3ef | 1562 | |
8b082ed9 | 1563 | static void |
ced8def3 | 1564 | httpHeaderFieldStatDumper(StoreEntry * sentry, int, double val, double, int count) |
cb69b4c7 | 1565 | { |
92991271 | 1566 | const int id = static_cast<int>(val); |
1da82544 | 1567 | const bool valid_id = Http::any_valid_header(static_cast<Http::HdrType>(id)); |
81ab22b6 | 1568 | const char *name = valid_id ? Http::HeaderLookupTable.lookup(static_cast<Http::HdrType>(id)).name : "INVALID"; |
9bea1d5b | 1569 | int visible = count > 0; |
1570 | /* for entries with zero count, list only those that belong to current type of message */ | |
62e76326 | 1571 | |
9bea1d5b | 1572 | if (!visible && valid_id && dump_stat->owner_mask) |
62e76326 | 1573 | visible = CBIT_TEST(*dump_stat->owner_mask, id); |
1574 | ||
9bea1d5b | 1575 | if (visible) |
62e76326 | 1576 | storeAppendPrintf(sentry, "%2d\t %-20s\t %5d\t %6.2f\n", |
1577 | id, name, count, xdiv(count, dump_stat->busyDestroyedCount)); | |
cb69b4c7 | 1578 | } |
1579 | ||
12cf1be2 | 1580 | static void |
ced8def3 | 1581 | httpHeaderFldsPerHdrDumper(StoreEntry * sentry, int idx, double val, double, int count) |
cb69b4c7 | 1582 | { |
9bea1d5b | 1583 | if (count) |
62e76326 | 1584 | storeAppendPrintf(sentry, "%2d\t %5d\t %5d\t %6.2f\n", |
1585 | idx, (int) val, count, | |
1586 | xpercent(count, dump_stat->destroyedCount)); | |
cb69b4c7 | 1587 | } |
1588 | ||
cb69b4c7 | 1589 | static void |
9bea1d5b | 1590 | httpHeaderStatDump(const HttpHeaderStat * hs, StoreEntry * e) |
12cf1be2 | 1591 | { |
73b2aa87 FC |
1592 | assert(hs); |
1593 | assert(e); | |
9bea1d5b | 1594 | |
6932e215 AR |
1595 | if (!hs->owner_mask) |
1596 | return; // these HttpHeaderStat objects were not meant to be dumped here | |
1597 | ||
9bea1d5b | 1598 | dump_stat = hs; |
1599 | storeAppendPrintf(e, "\nHeader Stats: %s\n", hs->label); | |
1600 | storeAppendPrintf(e, "\nField type distribution\n"); | |
1601 | storeAppendPrintf(e, "%2s\t %-20s\t %5s\t %6s\n", | |
62e76326 | 1602 | "id", "name", "count", "#/header"); |
96886986 | 1603 | hs->fieldTypeDistr.dump(e, httpHeaderFieldStatDumper); |
9bea1d5b | 1604 | storeAppendPrintf(e, "\nCache-control directives distribution\n"); |
1605 | storeAppendPrintf(e, "%2s\t %-20s\t %5s\t %6s\n", | |
62e76326 | 1606 | "id", "name", "count", "#/cc_field"); |
96886986 | 1607 | hs->ccTypeDistr.dump(e, httpHdrCcStatDumper); |
43ae1d95 | 1608 | storeAppendPrintf(e, "\nSurrogate-control directives distribution\n"); |
1609 | storeAppendPrintf(e, "%2s\t %-20s\t %5s\t %6s\n", | |
1610 | "id", "name", "count", "#/sc_field"); | |
96886986 | 1611 | hs->scTypeDistr.dump(e, httpHdrScStatDumper); |
9bea1d5b | 1612 | storeAppendPrintf(e, "\nNumber of fields per header distribution\n"); |
1613 | storeAppendPrintf(e, "%2s\t %-5s\t %5s\t %6s\n", | |
62e76326 | 1614 | "id", "#flds", "count", "%total"); |
96886986 | 1615 | hs->hdrUCountDistr.dump(e, httpHeaderFldsPerHdrDumper); |
41b43e70 | 1616 | storeAppendPrintf(e, "\n"); |
aee3523a | 1617 | dump_stat = nullptr; |
cb69b4c7 | 1618 | } |
1619 | ||
12cf1be2 | 1620 | void |
9bea1d5b | 1621 | httpHeaderStoreReport(StoreEntry * e) |
cb69b4c7 | 1622 | { |
9bea1d5b | 1623 | assert(e); |
1624 | ||
1625 | HttpHeaderStats[0].parsedCount = | |
62e76326 | 1626 | HttpHeaderStats[hoRequest].parsedCount + HttpHeaderStats[hoReply].parsedCount; |
9bea1d5b | 1627 | HttpHeaderStats[0].ccParsedCount = |
62e76326 | 1628 | HttpHeaderStats[hoRequest].ccParsedCount + HttpHeaderStats[hoReply].ccParsedCount; |
9bea1d5b | 1629 | HttpHeaderStats[0].destroyedCount = |
62e76326 | 1630 | HttpHeaderStats[hoRequest].destroyedCount + HttpHeaderStats[hoReply].destroyedCount; |
9bea1d5b | 1631 | HttpHeaderStats[0].busyDestroyedCount = |
62e76326 | 1632 | HttpHeaderStats[hoRequest].busyDestroyedCount + HttpHeaderStats[hoReply].busyDestroyedCount; |
9bea1d5b | 1633 | |
6932e215 AR |
1634 | for (const auto &stats: HttpHeaderStats) |
1635 | httpHeaderStatDump(&stats, e); | |
62e76326 | 1636 | |
9bea1d5b | 1637 | /* field stats for all messages */ |
1638 | storeAppendPrintf(e, "\nHttp Fields Stats (replies and requests)\n"); | |
62e76326 | 1639 | |
077fe581 | 1640 | storeAppendPrintf(e, "%2s\t %-25s\t %5s\t %6s\t %6s\n", |
62e76326 | 1641 | "id", "name", "#alive", "%err", "%repeat"); |
1642 | ||
fda6d769 | 1643 | // scan heaaderTable and output |
81ab22b6 FC |
1644 | for (auto h : WholeEnum<Http::HdrType>()) { |
1645 | auto stats = headerStatsTable[h]; | |
fda6d769 | 1646 | storeAppendPrintf(e, "%2d\t %-25s\t %5d\t %6.3f\t %6.3f\n", |
81ab22b6 FC |
1647 | Http::HeaderLookupTable.lookup(h).id, |
1648 | Http::HeaderLookupTable.lookup(h).name, | |
92991271 | 1649 | stats.aliveCount, |
f7ad4af5 FC |
1650 | xpercent(stats.errCount, stats.parsCount), |
1651 | xpercent(stats.repCount, stats.seenCount)); | |
fda6d769 | 1652 | } |
62e76326 | 1653 | |
9bea1d5b | 1654 | storeAppendPrintf(e, "Headers Parsed: %d + %d = %d\n", |
62e76326 | 1655 | HttpHeaderStats[hoRequest].parsedCount, |
1656 | HttpHeaderStats[hoReply].parsedCount, | |
1657 | HttpHeaderStats[0].parsedCount); | |
9bea1d5b | 1658 | storeAppendPrintf(e, "Hdr Fields Parsed: %d\n", HeaderEntryParsedCount); |
cb69b4c7 | 1659 | } |
97474590 | 1660 | |
924f73bc | 1661 | int |
789217a2 | 1662 | HttpHeader::hasListMember(Http::HdrType id, const char *member, const char separator) const |
924f73bc | 1663 | { |
1664 | int result = 0; | |
aee3523a | 1665 | const char *pos = nullptr; |
924f73bc | 1666 | const char *item; |
1667 | int ilen; | |
1668 | int mlen = strlen(member); | |
1669 | ||
8cccf1f8 | 1670 | assert(any_registered_header(id)); |
924f73bc | 1671 | |
30abd221 | 1672 | String header (getStrOrList(id)); |
924f73bc | 1673 | |
9d0cdbb9 | 1674 | while (strListGetItem(&header, separator, &item, &ilen, &pos)) { |
380e7faf | 1675 | if (strncasecmp(item, member, mlen) == 0 |
9d0cdbb9 | 1676 | && (item[mlen] == '=' || item[mlen] == separator || item[mlen] == ';' || item[mlen] == '\0')) { |
1677 | result = 1; | |
1678 | break; | |
1679 | } | |
1680 | } | |
1681 | ||
1682 | return result; | |
1683 | } | |
1684 | ||
1685 | int | |
a9925b40 | 1686 | HttpHeader::hasByNameListMember(const char *name, const char *member, const char separator) const |
9d0cdbb9 | 1687 | { |
1688 | int result = 0; | |
aee3523a | 1689 | const char *pos = nullptr; |
9d0cdbb9 | 1690 | const char *item; |
1691 | int ilen; | |
1692 | int mlen = strlen(member); | |
1693 | ||
9d0cdbb9 | 1694 | assert(name); |
1695 | ||
30abd221 | 1696 | String header (getByName(name)); |
9d0cdbb9 | 1697 | |
924f73bc | 1698 | while (strListGetItem(&header, separator, &item, &ilen, &pos)) { |
380e7faf | 1699 | if (strncasecmp(item, member, mlen) == 0 |
924f73bc | 1700 | && (item[mlen] == '=' || item[mlen] == separator || item[mlen] == ';' || item[mlen] == '\0')) { |
1701 | result = 1; | |
1702 | break; | |
1703 | } | |
1704 | } | |
1705 | ||
1706 | return result; | |
1707 | } | |
1708 | ||
2cdeea82 | 1709 | void |
1710 | HttpHeader::removeHopByHopEntries() | |
1711 | { | |
1712 | removeConnectionHeaderEntries(); | |
26ac0430 | 1713 | |
dcf3665b AJ |
1714 | const HttpHeaderEntry *e; |
1715 | HttpHeaderPos pos = HttpHeaderInitPos; | |
1716 | int headers_deleted = 0; | |
1717 | while ((e = getEntry(&pos))) { | |
789217a2 | 1718 | Http::HdrType id = e->id; |
81ab22b6 | 1719 | if (Http::HeaderLookupTable.lookup(id).hopbyhop) { |
26ac0430 AJ |
1720 | delAt(pos, headers_deleted); |
1721 | CBIT_CLR(mask, id); | |
1722 | } | |
dcf3665b | 1723 | } |
2cdeea82 | 1724 | } |
1725 | ||
924f73bc | 1726 | void |
1727 | HttpHeader::removeConnectionHeaderEntries() | |
1728 | { | |
789217a2 | 1729 | if (has(Http::HdrType::CONNECTION)) { |
924f73bc | 1730 | /* anything that matches Connection list member will be deleted */ |
30abd221 | 1731 | String strConnection; |
26ac0430 | 1732 | |
789217a2 | 1733 | (void) getList(Http::HdrType::CONNECTION, &strConnection); |
924f73bc | 1734 | const HttpHeaderEntry *e; |
1735 | HttpHeaderPos pos = HttpHeaderInitPos; | |
1736 | /* | |
1737 | * think: on-average-best nesting of the two loops (hdrEntry | |
1738 | * and strListItem) @?@ | |
1739 | */ | |
1740 | /* | |
1741 | * maybe we should delete standard stuff ("keep-alive","close") | |
1742 | * from strConnection first? | |
1743 | */ | |
1744 | ||
ba9fb01d | 1745 | int headers_deleted = 0; |
a9925b40 | 1746 | while ((e = getEntry(&pos))) { |
d5f18517 | 1747 | if (strListIsMember(&strConnection, e->name, ',')) |
ba9fb01d | 1748 | delAt(pos, headers_deleted); |
924f73bc | 1749 | } |
ba9fb01d | 1750 | if (headers_deleted) |
1751 | refreshMask(); | |
924f73bc | 1752 | } |
1753 | } | |
f53969cc | 1754 |