]>
Commit | Line | Data |
---|---|---|
f206b652 | 1 | /* |
b8ae064d | 2 | * Copyright (C) 1996-2023 The Squid Software Foundation and contributors |
f206b652 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
f206b652 FC |
7 | */ |
8 | ||
bbc27441 AJ |
9 | /* DEBUG: section 73 HTTP Request */ |
10 | ||
11 | #ifndef SQUID_REQUESTFLAGS_H_ | |
12 | #define SQUID_REQUESTFLAGS_H_ | |
13 | ||
aeeff7fd AR |
14 | #include "base/SupportOrVeto.h" |
15 | ||
450fe1cb FC |
16 | /** request-related flags |
17 | * | |
bad9c5e4 | 18 | * Contains both flags marking a request's current state, |
450fe1cb FC |
19 | * and flags requesting some processing to be done at a later stage. |
20 | * TODO: better distinguish the two cases. | |
21 | */ | |
1b2f0924 FC |
22 | class RequestFlags |
23 | { | |
f206b652 | 24 | public: |
450fe1cb | 25 | /** true if the response to this request may not be READ from cache */ |
bad9c5e4 | 26 | bool noCache = false; |
450fe1cb | 27 | /** request is if-modified-since */ |
bad9c5e4 | 28 | bool ims = false; |
450fe1cb | 29 | /** request is authenticated */ |
bad9c5e4 | 30 | bool auth = false; |
9825b398 | 31 | /** do not use keytabs for peer Kerberos authentication */ |
bad9c5e4 | 32 | bool auth_no_keytab = false; |
aeeff7fd AR |
33 | |
34 | /// whether the response may be stored in the cache | |
35 | SupportOrVeto cachable; | |
36 | ||
450fe1cb | 37 | /** the request can be forwarded through the hierarchy */ |
bad9c5e4 | 38 | bool hierarchical = false; |
450fe1cb | 39 | /** a loop was detected on this request */ |
bad9c5e4 | 40 | bool loopDetected = false; |
450fe1cb | 41 | /** the connection can be kept alive */ |
bad9c5e4 | 42 | bool proxyKeepalive = false; |
450fe1cb | 43 | /** content has expired, need to refresh it */ |
bad9c5e4 | 44 | bool refresh = false; |
450fe1cb | 45 | /** request was redirected by redirectors */ |
bad9c5e4 | 46 | bool redirected = false; |
450fe1cb FC |
47 | /** the requested object needs to be validated. See client_side_reply.cc |
48 | * for further information. | |
49 | */ | |
bad9c5e4 | 50 | bool needValidation = false; |
450fe1cb | 51 | /** whether we should fail if validation fails */ |
bad9c5e4 | 52 | bool failOnValidationError = false; |
450fe1cb | 53 | /** reply is stale if it is a hit */ |
bad9c5e4 | 54 | bool staleIfHit = false; |
450fe1cb FC |
55 | /** request to override no-cache directives |
56 | * | |
57 | * always use noCacheHack() for reading. | |
58 | * \note only meaningful if USE_HTTP_VIOLATIONS is defined at build time | |
59 | */ | |
bad9c5e4 | 60 | bool nocacheHack = false; |
450fe1cb | 61 | /** this request is accelerated (reverse-proxy) */ |
bad9c5e4 | 62 | bool accelerated = false; |
450fe1cb | 63 | /** if set, ignore Cache-Control headers */ |
bad9c5e4 | 64 | bool ignoreCc = false; |
450fe1cb | 65 | /** set for intercepted requests */ |
bad9c5e4 | 66 | bool intercepted = false; |
450fe1cb | 67 | /** set if the Host: header passed verification */ |
bad9c5e4 | 68 | bool hostVerified = false; |
0d901ef4 | 69 | /// Set for requests handled by a "tproxy" port. |
bad9c5e4 | 70 | bool interceptTproxy = false; |
0d901ef4 SH |
71 | /// The client IP address should be spoofed when connecting to the web server. |
72 | /// This applies to TPROXY traffic that has not had spoofing disabled through | |
73 | /// the spoof_client_ip squid.conf ACL. | |
bad9c5e4 | 74 | bool spoofClientIp = false; |
450fe1cb | 75 | /** set if the request is internal (\see ClientHttpRequest::flags.internal)*/ |
bad9c5e4 | 76 | bool internal = false; |
450fe1cb | 77 | /** if set, request to try very hard to keep the connection alive */ |
bad9c5e4 | 78 | bool mustKeepalive = false; |
2f8abb64 | 79 | /** set if the request wants connection oriented auth */ |
bad9c5e4 | 80 | bool connectionAuth = false; |
450fe1cb | 81 | /** set if connection oriented auth can not be supported */ |
bad9c5e4 | 82 | bool connectionAuthDisabled = false; |
450fe1cb | 83 | // XXX This is set in clientCheckPinning but never tested |
bad9c5e4 AJ |
84 | /** Request wants connection oriented auth */ |
85 | bool connectionProxyAuth = false; | |
450fe1cb | 86 | /** set if the request was sent on a pinned connection */ |
bad9c5e4 | 87 | bool pinned = false; |
450fe1cb | 88 | /** Authentication was already sent upstream (e.g. due tcp-level auth) */ |
bad9c5e4 | 89 | bool authSent = false; |
2f8abb64 | 90 | /** Deny direct forwarding unless overridden by always_direct |
450fe1cb | 91 | * Used in accelerator mode */ |
bad9c5e4 | 92 | bool noDirect = false; |
450fe1cb | 93 | /** Reply with chunked transfer encoding */ |
bad9c5e4 | 94 | bool chunkedReply = false; |
61beade2 | 95 | /** set if stream error has occurred */ |
bad9c5e4 | 96 | bool streamError = false; |
450fe1cb | 97 | /** internal ssl-bump request to get server cert */ |
bad9c5e4 | 98 | bool sslPeek = false; |
450fe1cb FC |
99 | /** set if X-Forwarded-For checking is complete |
100 | * | |
101 | * do not read directly; use doneFollowXff for reading | |
823e6f98 | 102 | */ |
bad9c5e4 | 103 | bool done_follow_x_forwarded_for = false; |
450fe1cb | 104 | /** set for ssl-bumped requests */ |
bad9c5e4 | 105 | bool sslBumped = false; |
92ae4c86 | 106 | /// carries a representation of an FTP command [received on ftp_port] |
bad9c5e4 AJ |
107 | bool ftpNative = false; |
108 | bool destinationIpLookedUp = false; | |
450fe1cb | 109 | /** request to reset the TCP stream */ |
bad9c5e4 | 110 | bool resetTcp = false; |
450fe1cb | 111 | /** set if the request is ranged */ |
bad9c5e4 | 112 | bool isRanged = false; |
f1a1f20a | 113 | |
6b2b6cfe | 114 | /// whether to forward via TunnelStateData (instead of FwdState) |
bad9c5e4 | 115 | bool forceTunnel = false; |
6b2b6cfe | 116 | |
450fe1cb FC |
117 | /** clone the flags, resetting to default those which are not safe in |
118 | * a related (e.g. ICAP-adapted) request. | |
119 | */ | |
f1a1f20a FC |
120 | RequestFlags cloneAdaptationImmune() const; |
121 | ||
122 | // if FOLLOW_X_FORWARDED_FOR is not set, we always return "done". | |
123 | bool doneFollowXff() const { | |
124 | return done_follow_x_forwarded_for || !FOLLOW_X_FORWARDED_FOR; | |
125 | } | |
450fe1cb FC |
126 | |
127 | // if USE_HTTP_VIOLATIONS is not set, never allow this | |
128 | bool noCacheHack() const { | |
129 | return USE_HTTP_VIOLATIONS && nocacheHack; | |
130 | } | |
aeeff7fd AR |
131 | |
132 | /// ban satisfying the request from the cache and ban storing the response | |
133 | /// in the cache | |
134 | /// \param reason summarizes the marking decision context (for debugging) | |
135 | void disableCacheUse(const char *reason); | |
f206b652 FC |
136 | }; |
137 | ||
138 | #endif /* SQUID_REQUESTFLAGS_H_ */ | |
f53969cc | 139 |