]>
Commit | Line | Data |
---|---|---|
f206b652 | 1 | /* |
f70aedc4 | 2 | * Copyright (C) 1996-2021 The Squid Software Foundation and contributors |
f206b652 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
f206b652 FC |
7 | */ |
8 | ||
bbc27441 AJ |
9 | /* DEBUG: section 73 HTTP Request */ |
10 | ||
11 | #ifndef SQUID_REQUESTFLAGS_H_ | |
12 | #define SQUID_REQUESTFLAGS_H_ | |
13 | ||
450fe1cb FC |
14 | /** request-related flags |
15 | * | |
bad9c5e4 | 16 | * Contains both flags marking a request's current state, |
450fe1cb FC |
17 | * and flags requesting some processing to be done at a later stage. |
18 | * TODO: better distinguish the two cases. | |
19 | */ | |
1b2f0924 FC |
20 | class RequestFlags |
21 | { | |
f206b652 | 22 | public: |
450fe1cb | 23 | /** true if the response to this request may not be READ from cache */ |
bad9c5e4 | 24 | bool noCache = false; |
450fe1cb | 25 | /** request is if-modified-since */ |
bad9c5e4 | 26 | bool ims = false; |
450fe1cb | 27 | /** request is authenticated */ |
bad9c5e4 | 28 | bool auth = false; |
9825b398 | 29 | /** do not use keytabs for peer Kerberos authentication */ |
bad9c5e4 | 30 | bool auth_no_keytab = false; |
450fe1cb | 31 | /** he response to the request may be stored in the cache */ |
bad9c5e4 | 32 | bool cachable = false; |
450fe1cb | 33 | /** the request can be forwarded through the hierarchy */ |
bad9c5e4 | 34 | bool hierarchical = false; |
450fe1cb | 35 | /** a loop was detected on this request */ |
bad9c5e4 | 36 | bool loopDetected = false; |
450fe1cb | 37 | /** the connection can be kept alive */ |
bad9c5e4 | 38 | bool proxyKeepalive = false; |
450fe1cb | 39 | /** content has expired, need to refresh it */ |
bad9c5e4 | 40 | bool refresh = false; |
450fe1cb | 41 | /** request was redirected by redirectors */ |
bad9c5e4 | 42 | bool redirected = false; |
450fe1cb FC |
43 | /** the requested object needs to be validated. See client_side_reply.cc |
44 | * for further information. | |
45 | */ | |
bad9c5e4 | 46 | bool needValidation = false; |
450fe1cb | 47 | /** whether we should fail if validation fails */ |
bad9c5e4 | 48 | bool failOnValidationError = false; |
450fe1cb | 49 | /** reply is stale if it is a hit */ |
bad9c5e4 | 50 | bool staleIfHit = false; |
450fe1cb FC |
51 | /** request to override no-cache directives |
52 | * | |
53 | * always use noCacheHack() for reading. | |
54 | * \note only meaningful if USE_HTTP_VIOLATIONS is defined at build time | |
55 | */ | |
bad9c5e4 | 56 | bool nocacheHack = false; |
450fe1cb | 57 | /** this request is accelerated (reverse-proxy) */ |
bad9c5e4 | 58 | bool accelerated = false; |
450fe1cb | 59 | /** if set, ignore Cache-Control headers */ |
bad9c5e4 | 60 | bool ignoreCc = false; |
450fe1cb | 61 | /** set for intercepted requests */ |
bad9c5e4 | 62 | bool intercepted = false; |
450fe1cb | 63 | /** set if the Host: header passed verification */ |
bad9c5e4 | 64 | bool hostVerified = false; |
0d901ef4 | 65 | /// Set for requests handled by a "tproxy" port. |
bad9c5e4 | 66 | bool interceptTproxy = false; |
0d901ef4 SH |
67 | /// The client IP address should be spoofed when connecting to the web server. |
68 | /// This applies to TPROXY traffic that has not had spoofing disabled through | |
69 | /// the spoof_client_ip squid.conf ACL. | |
bad9c5e4 | 70 | bool spoofClientIp = false; |
450fe1cb | 71 | /** set if the request is internal (\see ClientHttpRequest::flags.internal)*/ |
bad9c5e4 | 72 | bool internal = false; |
450fe1cb | 73 | /** if set, request to try very hard to keep the connection alive */ |
bad9c5e4 | 74 | bool mustKeepalive = false; |
2f8abb64 | 75 | /** set if the request wants connection oriented auth */ |
bad9c5e4 | 76 | bool connectionAuth = false; |
450fe1cb | 77 | /** set if connection oriented auth can not be supported */ |
bad9c5e4 | 78 | bool connectionAuthDisabled = false; |
450fe1cb | 79 | // XXX This is set in clientCheckPinning but never tested |
bad9c5e4 AJ |
80 | /** Request wants connection oriented auth */ |
81 | bool connectionProxyAuth = false; | |
450fe1cb | 82 | /** set if the request was sent on a pinned connection */ |
bad9c5e4 | 83 | bool pinned = false; |
450fe1cb | 84 | /** Authentication was already sent upstream (e.g. due tcp-level auth) */ |
bad9c5e4 | 85 | bool authSent = false; |
2f8abb64 | 86 | /** Deny direct forwarding unless overridden by always_direct |
450fe1cb | 87 | * Used in accelerator mode */ |
bad9c5e4 | 88 | bool noDirect = false; |
450fe1cb | 89 | /** Reply with chunked transfer encoding */ |
bad9c5e4 | 90 | bool chunkedReply = false; |
61beade2 | 91 | /** set if stream error has occurred */ |
bad9c5e4 | 92 | bool streamError = false; |
450fe1cb | 93 | /** internal ssl-bump request to get server cert */ |
bad9c5e4 | 94 | bool sslPeek = false; |
450fe1cb FC |
95 | /** set if X-Forwarded-For checking is complete |
96 | * | |
97 | * do not read directly; use doneFollowXff for reading | |
823e6f98 | 98 | */ |
bad9c5e4 | 99 | bool done_follow_x_forwarded_for = false; |
450fe1cb | 100 | /** set for ssl-bumped requests */ |
bad9c5e4 | 101 | bool sslBumped = false; |
92ae4c86 | 102 | /// carries a representation of an FTP command [received on ftp_port] |
bad9c5e4 AJ |
103 | bool ftpNative = false; |
104 | bool destinationIpLookedUp = false; | |
450fe1cb | 105 | /** request to reset the TCP stream */ |
bad9c5e4 | 106 | bool resetTcp = false; |
450fe1cb | 107 | /** set if the request is ranged */ |
bad9c5e4 | 108 | bool isRanged = false; |
f1a1f20a | 109 | |
6b2b6cfe | 110 | /// whether to forward via TunnelStateData (instead of FwdState) |
bad9c5e4 | 111 | bool forceTunnel = false; |
6b2b6cfe | 112 | |
450fe1cb FC |
113 | /** clone the flags, resetting to default those which are not safe in |
114 | * a related (e.g. ICAP-adapted) request. | |
115 | */ | |
f1a1f20a FC |
116 | RequestFlags cloneAdaptationImmune() const; |
117 | ||
118 | // if FOLLOW_X_FORWARDED_FOR is not set, we always return "done". | |
119 | bool doneFollowXff() const { | |
120 | return done_follow_x_forwarded_for || !FOLLOW_X_FORWARDED_FOR; | |
121 | } | |
450fe1cb FC |
122 | |
123 | // if USE_HTTP_VIOLATIONS is not set, never allow this | |
124 | bool noCacheHack() const { | |
125 | return USE_HTTP_VIOLATIONS && nocacheHack; | |
126 | } | |
f206b652 FC |
127 | }; |
128 | ||
129 | #endif /* SQUID_REQUESTFLAGS_H_ */ | |
f53969cc | 130 |