]> git.ipfire.org Git - thirdparty/squid.git/blame - src/RequestFlags.h
Docs: Copyright updates for 2018 (#114)
[thirdparty/squid.git] / src / RequestFlags.h
CommitLineData
f206b652 1/*
5b74111a 2 * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
f206b652 3 *
bbc27441
AJ
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
f206b652
FC
7 */
8
bbc27441
AJ
9/* DEBUG: section 73 HTTP Request */
10
11#ifndef SQUID_REQUESTFLAGS_H_
12#define SQUID_REQUESTFLAGS_H_
13
450fe1cb
FC
14/** request-related flags
15 *
bad9c5e4 16 * Contains both flags marking a request's current state,
450fe1cb
FC
17 * and flags requesting some processing to be done at a later stage.
18 * TODO: better distinguish the two cases.
19 */
1b2f0924
FC
20class RequestFlags
21{
f206b652 22public:
450fe1cb 23 /** true if the response to this request may not be READ from cache */
bad9c5e4 24 bool noCache = false;
450fe1cb 25 /** request is if-modified-since */
bad9c5e4 26 bool ims = false;
450fe1cb 27 /** request is authenticated */
bad9c5e4 28 bool auth = false;
9825b398 29 /** do not use keytabs for peer Kerberos authentication */
bad9c5e4 30 bool auth_no_keytab = false;
450fe1cb 31 /** he response to the request may be stored in the cache */
bad9c5e4 32 bool cachable = false;
450fe1cb 33 /** the request can be forwarded through the hierarchy */
bad9c5e4 34 bool hierarchical = false;
450fe1cb 35 /** a loop was detected on this request */
bad9c5e4 36 bool loopDetected = false;
450fe1cb 37 /** the connection can be kept alive */
bad9c5e4 38 bool proxyKeepalive = false;
450fe1cb 39 /* this should be killed, also in httpstateflags */
bad9c5e4 40 bool proxying = false;
450fe1cb 41 /** content has expired, need to refresh it */
bad9c5e4 42 bool refresh = false;
450fe1cb 43 /** request was redirected by redirectors */
bad9c5e4 44 bool redirected = false;
450fe1cb
FC
45 /** the requested object needs to be validated. See client_side_reply.cc
46 * for further information.
47 */
bad9c5e4 48 bool needValidation = false;
450fe1cb 49 /** whether we should fail if validation fails */
bad9c5e4 50 bool failOnValidationError = false;
450fe1cb 51 /** reply is stale if it is a hit */
bad9c5e4 52 bool staleIfHit = false;
450fe1cb
FC
53 /** request to override no-cache directives
54 *
55 * always use noCacheHack() for reading.
56 * \note only meaningful if USE_HTTP_VIOLATIONS is defined at build time
57 */
bad9c5e4 58 bool nocacheHack = false;
450fe1cb 59 /** this request is accelerated (reverse-proxy) */
bad9c5e4 60 bool accelerated = false;
450fe1cb 61 /** if set, ignore Cache-Control headers */
bad9c5e4 62 bool ignoreCc = false;
450fe1cb 63 /** set for intercepted requests */
bad9c5e4 64 bool intercepted = false;
450fe1cb 65 /** set if the Host: header passed verification */
bad9c5e4 66 bool hostVerified = false;
0d901ef4 67 /// Set for requests handled by a "tproxy" port.
bad9c5e4 68 bool interceptTproxy = false;
0d901ef4
SH
69 /// The client IP address should be spoofed when connecting to the web server.
70 /// This applies to TPROXY traffic that has not had spoofing disabled through
71 /// the spoof_client_ip squid.conf ACL.
bad9c5e4 72 bool spoofClientIp = false;
450fe1cb 73 /** set if the request is internal (\see ClientHttpRequest::flags.internal)*/
bad9c5e4 74 bool internal = false;
450fe1cb 75 /** if set, request to try very hard to keep the connection alive */
bad9c5e4 76 bool mustKeepalive = false;
450fe1cb 77 /** set if the rquest wants connection oriented auth */
bad9c5e4 78 bool connectionAuth = false;
450fe1cb 79 /** set if connection oriented auth can not be supported */
bad9c5e4 80 bool connectionAuthDisabled = false;
450fe1cb 81 // XXX This is set in clientCheckPinning but never tested
bad9c5e4
AJ
82 /** Request wants connection oriented auth */
83 bool connectionProxyAuth = false;
450fe1cb 84 /** set if the request was sent on a pinned connection */
bad9c5e4 85 bool pinned = false;
450fe1cb 86 /** Authentication was already sent upstream (e.g. due tcp-level auth) */
bad9c5e4 87 bool authSent = false;
450fe1cb
FC
88 /** Deny direct forwarding unless overriden by always_direct
89 * Used in accelerator mode */
bad9c5e4 90 bool noDirect = false;
450fe1cb 91 /** Reply with chunked transfer encoding */
bad9c5e4 92 bool chunkedReply = false;
450fe1cb 93 /** set if stream error has occured */
bad9c5e4 94 bool streamError = false;
450fe1cb 95 /** internal ssl-bump request to get server cert */
bad9c5e4 96 bool sslPeek = false;
450fe1cb
FC
97 /** set if X-Forwarded-For checking is complete
98 *
99 * do not read directly; use doneFollowXff for reading
823e6f98 100 */
bad9c5e4 101 bool done_follow_x_forwarded_for = false;
450fe1cb 102 /** set for ssl-bumped requests */
bad9c5e4 103 bool sslBumped = false;
92ae4c86 104 /// carries a representation of an FTP command [received on ftp_port]
bad9c5e4
AJ
105 bool ftpNative = false;
106 bool destinationIpLookedUp = false;
450fe1cb 107 /** request to reset the TCP stream */
bad9c5e4 108 bool resetTcp = false;
450fe1cb 109 /** set if the request is ranged */
bad9c5e4 110 bool isRanged = false;
f1a1f20a 111
6b2b6cfe 112 /// whether to forward via TunnelStateData (instead of FwdState)
bad9c5e4 113 bool forceTunnel = false;
6b2b6cfe 114
450fe1cb
FC
115 /** clone the flags, resetting to default those which are not safe in
116 * a related (e.g. ICAP-adapted) request.
117 */
f1a1f20a
FC
118 RequestFlags cloneAdaptationImmune() const;
119
120 // if FOLLOW_X_FORWARDED_FOR is not set, we always return "done".
121 bool doneFollowXff() const {
122 return done_follow_x_forwarded_for || !FOLLOW_X_FORWARDED_FOR;
123 }
450fe1cb
FC
124
125 // if USE_HTTP_VIOLATIONS is not set, never allow this
126 bool noCacheHack() const {
127 return USE_HTTP_VIOLATIONS && nocacheHack;
128 }
f206b652
FC
129};
130
131#endif /* SQUID_REQUESTFLAGS_H_ */
f53969cc 132