2 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 23 URL Parsing */
14 #include "HttpRequest.h"
15 #include "parser/Tokenizer.h"
17 #include "SquidConfig.h"
18 #include "SquidString.h"
20 static const char valid_hostname_chars_u
[] =
21 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
22 "abcdefghijklmnopqrstuvwxyz"
26 static const char valid_hostname_chars
[] =
27 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
28 "abcdefghijklmnopqrstuvwxyz"
33 /// Characters which are valid within a URI userinfo section
34 static const CharacterSet
&
38 * RFC 3986 section 3.2.1
40 * userinfo = *( unreserved / pct-encoded / sub-delims / ":" )
41 * unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
42 * pct-encoded = "%" HEXDIG HEXDIG
43 * sub-delims = "!" / "$" / "&" / "'" / "(" / ")" / "*" / "+" / "," / ";" / "="
45 static const auto userInfoValid
= CharacterSet("userinfo", ":-._~%!$&'()*+,;=") +
52 * Governed by RFC 3986 section 2.1
55 AnyP::Uri::Encode(const SBuf
&buf
, const CharacterSet
&ignore
)
60 Parser::Tokenizer
tk(buf
);
62 // optimization for the arguably common "no encoding necessary" case
63 if (tk
.prefix(goodSection
, ignore
) && tk
.atEnd())
67 output
.reserveSpace(buf
.length() * 3); // worst case: encode all chars
68 output
.append(goodSection
); // may be empty
71 // TODO: Add Tokenizer::parseOne(void).
72 const auto ch
= tk
.remaining()[0];
73 output
.appendf("%%%02X", static_cast<unsigned int>(ch
)); // TODO: Optimize using a table
76 if (tk
.prefix(goodSection
, ignore
))
77 output
.append(goodSection
);
86 static SBuf
star("*");
91 AnyP::Uri::SlashPath()
93 static SBuf
slash("/");
98 AnyP::Uri::host(const char *src
)
100 hostAddr_
.setEmpty();
102 if (hostAddr_
.isAnyAddr()) {
103 xstrncpy(host_
, src
, sizeof(host_
));
104 hostIsNumeric_
= false;
106 hostAddr_
.toHostStr(host_
, sizeof(host_
));
107 debugs(23, 3, "given IP: " << hostAddr_
);
114 AnyP::Uri::hostOrIp() const
116 static char ip
[MAX_IPSTRLEN
];
118 return SBuf(hostIP().toStr(ip
, sizeof(ip
)));
124 AnyP::Uri::path() const
126 // RFC 3986 section 3.3 says path can be empty (path-abempty).
127 // RFC 7230 sections 2.7.3, 5.3.1, 5.7.2 - says path cannot be empty, default to "/"
128 // at least when sending and using. We must still accept path-abempty as input.
129 if (path_
.isEmpty() && (scheme_
== AnyP::PROTO_HTTP
|| scheme_
== AnyP::PROTO_HTTPS
))
138 debugs(23, 5, "urlInitialize: Initializing...");
139 /* this ensures that the number of protocol strings is the same as
140 * the enum slots allocated because the last enum is always 'MAX'.
142 assert(strcmp(AnyP::ProtocolType_str
[AnyP::PROTO_MAX
], "MAX") == 0);
144 * These test that our matchDomainName() function works the
145 * way we expect it to.
147 assert(0 == matchDomainName("foo.com", "foo.com"));
148 assert(0 == matchDomainName(".foo.com", "foo.com"));
149 assert(0 == matchDomainName("foo.com", ".foo.com"));
150 assert(0 == matchDomainName(".foo.com", ".foo.com"));
151 assert(0 == matchDomainName("x.foo.com", ".foo.com"));
152 assert(0 == matchDomainName("y.x.foo.com", ".foo.com"));
153 assert(0 != matchDomainName("x.foo.com", "foo.com"));
154 assert(0 != matchDomainName("foo.com", "x.foo.com"));
155 assert(0 != matchDomainName("bar.com", "foo.com"));
156 assert(0 != matchDomainName(".bar.com", "foo.com"));
157 assert(0 != matchDomainName(".bar.com", ".foo.com"));
158 assert(0 != matchDomainName("bar.com", ".foo.com"));
159 assert(0 < matchDomainName("zzz.com", "foo.com"));
160 assert(0 > matchDomainName("aaa.com", "foo.com"));
161 assert(0 == matchDomainName("FOO.com", "foo.COM"));
162 assert(0 < matchDomainName("bfoo.com", "afoo.com"));
163 assert(0 > matchDomainName("afoo.com", "bfoo.com"));
164 assert(0 < matchDomainName("x-foo.com", ".foo.com"));
166 assert(0 == matchDomainName(".foo.com", ".foo.com", mdnRejectSubsubDomains
));
167 assert(0 == matchDomainName("x.foo.com", ".foo.com", mdnRejectSubsubDomains
));
168 assert(0 != matchDomainName("y.x.foo.com", ".foo.com", mdnRejectSubsubDomains
));
169 assert(0 != matchDomainName(".x.foo.com", ".foo.com", mdnRejectSubsubDomains
));
171 assert(0 == matchDomainName("*.foo.com", "x.foo.com", mdnHonorWildcards
));
172 assert(0 == matchDomainName("*.foo.com", ".x.foo.com", mdnHonorWildcards
));
173 assert(0 == matchDomainName("*.foo.com", ".foo.com", mdnHonorWildcards
));
174 assert(0 != matchDomainName("*.foo.com", "foo.com", mdnHonorWildcards
));
180 * Extract the URI scheme and ':' delimiter from the given input buffer.
182 * Schemes up to 16 characters are accepted.
184 * Governed by RFC 3986 section 3.1
186 static AnyP::UriScheme
187 uriParseScheme(Parser::Tokenizer
&tok
)
190 * RFC 3986 section 3.1 paragraph 2:
192 * Scheme names consist of a sequence of characters beginning with a
193 * letter and followed by any combination of letters, digits, plus
194 * ("+"), period ("."), or hyphen ("-").
196 * The underscore ("_") required to match "cache_object://" squid
197 * special URI scheme.
199 static const auto schemeChars
=
200 #if USE_HTTP_VIOLATIONS
201 CharacterSet("special", "_") +
203 CharacterSet("scheme", "+.-") + CharacterSet::ALPHA
+ CharacterSet::DIGIT
;
206 if (tok
.prefix(str
, schemeChars
, 16) && tok
.skip(':') && CharacterSet::ALPHA
[str
.at(0)]) {
207 const auto protocol
= AnyP::UriScheme::FindProtocolType(str
);
208 if (protocol
== AnyP::PROTO_UNKNOWN
)
209 return AnyP::UriScheme(protocol
, str
.c_str());
210 return AnyP::UriScheme(protocol
, nullptr);
213 throw TextException("invalid URI scheme", Here());
217 * Appends configured append_domain to hostname, assuming
218 * the given buffer is at least SQUIDHOSTNAMELEN bytes long,
219 * and that the host FQDN is not a 'dotless' TLD.
221 * \returns false if and only if there is not enough space to append
224 urlAppendDomain(char *host
)
226 /* For IPv4 addresses check for a dot */
227 /* For IPv6 addresses also check for a colon */
228 if (Config
.appendDomain
&& !strchr(host
, '.') && !strchr(host
, ':')) {
229 const uint64_t dlen
= strlen(host
);
230 const uint64_t want
= dlen
+ Config
.appendDomainLen
;
231 if (want
> SQUIDHOSTNAMELEN
- 1) {
232 debugs(23, 2, "URL domain too large (" << dlen
<< " bytes)");
235 strncat(host
, Config
.appendDomain
, SQUIDHOSTNAMELEN
- dlen
- 1);
243 * It is assumed that the URL is complete -
244 * ie, the end of the string is the end of the URL. Don't pass a partial
245 * URL here as this routine doesn't have any way of knowing whether
246 * it is partial or not (ie, it handles the case of no trailing slash as
247 * being "end of host with implied path of /".
249 * method is used to switch parsers. If method is Http::METHOD_CONNECT,
250 * then rather than a URL a hostname:port is looked for.
253 AnyP::Uri::parse(const HttpRequestMethod
& method
, const SBuf
&rawUrl
)
257 LOCAL_ARRAY(char, login
, MAX_URL
);
258 LOCAL_ARRAY(char, foundHost
, MAX_URL
);
259 LOCAL_ARRAY(char, urlpath
, MAX_URL
);
267 foundHost
[0] = urlpath
[0] = login
[0] = '\0';
269 if ((l
= rawUrl
.length()) + Config
.appendDomainLen
> (MAX_URL
- 1)) {
270 debugs(23, DBG_IMPORTANT
, MYNAME
<< "URL too large (" << l
<< " bytes)");
274 if ((method
== Http::METHOD_OPTIONS
|| method
== Http::METHOD_TRACE
) &&
275 Asterisk().cmp(rawUrl
) == 0) {
276 // XXX: these methods might also occur in HTTPS traffic. Handle this better.
277 setScheme(AnyP::PROTO_HTTP
, nullptr);
278 port(getScheme().defaultPort());
283 Parser::Tokenizer
tok(rawUrl
);
284 AnyP::UriScheme scheme
;
286 if (method
== Http::METHOD_CONNECT
) {
288 * RFC 7230 section 5.3.3: authority-form = authority
289 * "excluding any userinfo and its "@" delimiter"
291 * RFC 3986 section 3.2: authority = [ userinfo "@" ] host [ ":" port ]
293 * As an HTTP(S) proxy we assume HTTPS (443) if no port provided.
297 // XXX: use tokenizer
299 const char *url
= B
.c_str();
301 if (sscanf(url
, "[%[^]]]:%d", foundHost
, &foundPort
) < 1)
302 if (sscanf(url
, "%[^:]:%d", foundHost
, &foundPort
) < 1)
307 scheme
= uriParseScheme(tok
);
309 if (scheme
== AnyP::PROTO_NONE
)
310 return false; // invalid scheme
312 if (scheme
== AnyP::PROTO_URN
) {
313 parseUrn(tok
); // throws on any error
317 // URLs then have "//"
318 static const SBuf
doubleSlash("//");
319 if (!tok
.skip(doubleSlash
))
322 auto B
= tok
.remaining();
323 const char *url
= B
.c_str();
329 /* Then everything until first /; that's host (and port; which we'll look for here later) */
330 // bug 1881: If we don't get a "/" then we imply it was there
331 // bug 3074: We could just be given a "?" or "#". These also imply "/"
332 // bug 3233: whitespace is also a hostname delimiter.
333 for (dst
= foundHost
; i
< l
&& *src
!= '/' && *src
!= '?' && *src
!= '#' && *src
!= '\0' && !xisspace(*src
); ++i
, ++src
, ++dst
) {
338 * We can't check for "i >= l" here because we could be at the end of the line
339 * and have a perfectly valid URL w/ no trailing '/'. In this case we assume we've
340 * been -given- a valid URL and the path is just '/'.
346 // bug 3074: received 'path' starting with '?', '#', or '\0' implies '/'
347 if (*src
== '?' || *src
== '#' || *src
== '\0') {
353 /* Then everything from / (inclusive) until \r\n or \0 - that's urlpath */
354 for (; i
< l
&& *src
!= '\r' && *src
!= '\n' && *src
!= '\0'; ++i
, ++src
, ++dst
) {
358 /* We -could- be at the end of the buffer here */
361 /* If the URL path is empty we set it to be "/" */
362 if (dst
== urlpath
) {
368 foundPort
= scheme
.defaultPort(); // may be reset later
370 /* Is there any login information? (we should eventually parse it above) */
371 t
= strrchr(foundHost
, '@');
373 strncpy((char *) login
, (char *) foundHost
, sizeof(login
)-1);
374 login
[sizeof(login
)-1] = '\0';
375 t
= strrchr(login
, '@');
377 strncpy((char *) foundHost
, t
+ 1, sizeof(foundHost
)-1);
378 foundHost
[sizeof(foundHost
)-1] = '\0';
379 // Bug 4498: URL-unescape the login info after extraction
380 rfc1738_unescape(login
);
383 /* Is there any host information? (we should eventually parse it above) */
384 if (*foundHost
== '[') {
385 /* strip any IPA brackets. valid under IPv6. */
387 /* only for IPv6 sadly, pre-IPv6/URL code can't handle the clean result properly anyway. */
390 l
= strlen(foundHost
);
392 for (; i
< l
&& *src
!= ']' && *src
!= '\0'; ++i
, ++src
, ++dst
) {
396 /* we moved in-place, so truncate the actual hostname found */
400 /* skip ahead to either start of port, or original EOS */
401 while (*dst
!= '\0' && *dst
!= ':')
405 t
= strrchr(foundHost
, ':');
407 if (t
!= strchr(foundHost
,':') ) {
408 /* RFC 2732 states IPv6 "SHOULD" be bracketed. allowing for times when its not. */
409 /* RFC 3986 'update' simply modifies this to an "is" with no emphasis at all! */
410 /* therefore we MUST accept the case where they are not bracketed at all. */
415 // Bug 3183 sanity check: If scheme is present, host must be too.
416 if (scheme
!= AnyP::PROTO_NONE
&& foundHost
[0] == '\0') {
417 debugs(23, DBG_IMPORTANT
, "SECURITY ALERT: Missing hostname in URL '" << url
<< "'. see access.log for details.");
421 if (t
&& *t
== ':') {
428 for (t
= foundHost
; *t
; ++t
)
431 if (stringHasWhitespace(foundHost
)) {
432 if (URI_WHITESPACE_STRIP
== Config
.uri_whitespace
) {
445 debugs(23, 3, "Split URL '" << rawUrl
<< "' into proto='" << scheme
.image() << "', host='" << foundHost
<< "', port='" << foundPort
<< "', path='" << urlpath
<< "'");
447 if (Config
.onoff
.check_hostnames
&&
448 strspn(foundHost
, Config
.onoff
.allow_underscore
? valid_hostname_chars_u
: valid_hostname_chars
) != strlen(foundHost
)) {
449 debugs(23, DBG_IMPORTANT
, MYNAME
<< "Illegal character in hostname '" << foundHost
<< "'");
453 if (!urlAppendDomain(foundHost
))
456 /* remove trailing dots from hostnames */
457 while ((l
= strlen(foundHost
)) > 0 && foundHost
[--l
] == '.')
460 /* reject duplicate or leading dots */
461 if (strstr(foundHost
, "..") || *foundHost
== '.') {
462 debugs(23, DBG_IMPORTANT
, MYNAME
<< "Illegal hostname '" << foundHost
<< "'");
466 if (foundPort
< 1 || foundPort
> 65535) {
467 debugs(23, 3, "Invalid port '" << foundPort
<< "'");
471 #if HARDCODE_DENY_PORTS
472 /* These ports are filtered in the default squid.conf, but
473 * maybe someone wants them hardcoded... */
474 if (foundPort
== 7 || foundPort
== 9 || foundPort
== 19) {
475 debugs(23, DBG_CRITICAL
, MYNAME
<< "Deny access to port " << foundPort
);
480 if (stringHasWhitespace(urlpath
)) {
481 debugs(23, 2, "URI has whitespace: {" << rawUrl
<< "}");
483 switch (Config
.uri_whitespace
) {
485 case URI_WHITESPACE_DENY
:
488 case URI_WHITESPACE_ALLOW
:
491 case URI_WHITESPACE_ENCODE
:
492 t
= rfc1738_escape_unescaped(urlpath
);
493 xstrncpy(urlpath
, t
, MAX_URL
);
496 case URI_WHITESPACE_CHOP
:
497 *(urlpath
+ strcspn(urlpath
, w_space
)) = '\0';
500 case URI_WHITESPACE_STRIP
:
517 userInfo(SBuf(login
));
522 debugs(23, 2, "error: " << CurrentException
<< " " << Raw("rawUrl", rawUrl
.rawContent(), rawUrl
.length()));
528 * Governed by RFC 8141 section 2:
530 * assigned-name = "urn" ":" NID ":" NSS
531 * NID = (alphanum) 0*30(ldh) (alphanum)
532 * ldh = alphanum / "-"
533 * NSS = pchar *(pchar / "/")
535 * RFC 3986 Appendix D.2 defines (as deprecated):
537 * alphanum = ALPHA / DIGIT
539 * Notice that NID is exactly 2-32 characters in length.
542 AnyP::Uri::parseUrn(Parser::Tokenizer
&tok
)
544 static const auto nidChars
= CharacterSet("NID","-") + CharacterSet::ALPHA
+ CharacterSet::DIGIT
;
545 static const auto alphanum
= (CharacterSet::ALPHA
+ CharacterSet::DIGIT
).rename("alphanum");
547 if (!tok
.prefix(nid
, nidChars
, 32))
548 throw TextException("NID not found", Here());
551 throw TextException("NID too long or missing ':' delimiter", Here());
553 if (nid
.length() < 2)
554 throw TextException("NID too short", Here());
556 if (!alphanum
[*nid
.begin()])
557 throw TextException("NID prefix is not alphanumeric", Here());
559 if (!alphanum
[*nid
.rbegin()])
560 throw TextException("NID suffix is not alphanumeric", Here());
562 setScheme(AnyP::PROTO_URN
, nullptr);
564 // TODO validate path characters
565 path(tok
.remaining());
566 debugs(23, 3, "Split URI into proto=urn, nid=" << nid
<< ", " << Raw("path",path().rawContent(),path().length()));
573 authorityHttp_
.clear();
574 authorityWithPort_
.clear();
578 AnyP::Uri::authority(bool requirePort
) const
580 if (authorityHttp_
.isEmpty()) {
582 // both formats contain Host/IP
583 authorityWithPort_
.append(host());
584 authorityHttp_
= authorityWithPort_
;
586 // authorityForm_ only has :port if it is non-default
587 authorityWithPort_
.appendf(":%u",port());
588 if (port() != getScheme().defaultPort())
589 authorityHttp_
= authorityWithPort_
;
592 return requirePort
? authorityWithPort_
: authorityHttp_
;
596 AnyP::Uri::absolute() const
598 if (absolute_
.isEmpty()) {
599 // TODO: most URL will be much shorter, avoid allocating this much
600 absolute_
.reserveCapacity(MAX_URL
);
602 absolute_
.append(getScheme().image());
603 absolute_
.append(":",1);
604 if (getScheme() != AnyP::PROTO_URN
) {
605 absolute_
.append("//", 2);
606 const bool allowUserInfo
= getScheme() == AnyP::PROTO_FTP
||
607 getScheme() == AnyP::PROTO_UNKNOWN
;
609 if (allowUserInfo
&& !userInfo().isEmpty()) {
610 static const CharacterSet uiChars
= CharacterSet(UserInfoChars())
612 .rename("userinfo-reserved");
613 absolute_
.append(Encode(userInfo(), uiChars
));
614 absolute_
.append("@", 1);
616 absolute_
.append(authority());
618 absolute_
.append(host());
619 absolute_
.append(":", 1);
621 absolute_
.append(path()); // TODO: Encode each URI subcomponent in path_ as needed.
627 /** \todo AYJ: Performance: This is an *almost* duplicate of HttpRequest::effectiveRequestUri(). But elides the query-string.
628 * After copying it on in the first place! Would be less code to merge the two with a flag parameter.
629 * and never copy the query-string part in the first place
632 urlCanonicalCleanWithoutRequest(const SBuf
&url
, const HttpRequestMethod
&method
, const AnyP::UriScheme
&scheme
)
634 LOCAL_ARRAY(char, buf
, MAX_URL
);
636 snprintf(buf
, sizeof(buf
), SQUIDSBUFPH
, SQUIDSBUFPRINT(url
));
637 buf
[sizeof(buf
)-1] = '\0';
639 // URN, CONNECT method, and non-stripped URIs can go straight out
640 if (Config
.onoff
.strip_query_terms
&& !(method
== Http::METHOD_CONNECT
|| scheme
== AnyP::PROTO_URN
)) {
641 // strip anything AFTER a question-mark
642 // leaving the '?' in place
643 if (auto t
= strchr(buf
, '?')) {
648 if (stringHasCntl(buf
))
649 xstrncpy(buf
, rfc1738_escape_unescaped(buf
), MAX_URL
);
655 * Yet another alternative to urlCanonical.
656 * This one adds the https:// parts to Http::METHOD_CONNECT URL
657 * for use in error page outputs.
658 * Luckily we can leverage the others instead of duplicating.
661 urlCanonicalFakeHttps(const HttpRequest
* request
)
663 LOCAL_ARRAY(char, buf
, MAX_URL
);
665 // method CONNECT and port HTTPS
666 if (request
->method
== Http::METHOD_CONNECT
&& request
->url
.port() == 443) {
667 snprintf(buf
, MAX_URL
, "https://%s/*", request
->url
.host());
671 // else do the normal complete canonical thing.
672 return request
->canonicalCleanUrl();
676 * Test if a URL is a relative reference.
678 * Governed by RFC 3986 section 4.2
680 * relative-ref = relative-part [ "?" query ] [ "#" fragment ]
682 * relative-part = "//" authority path-abempty
688 urlIsRelative(const char *url
)
691 return false; // no URL
694 * RFC 3986 section 5.2.3
696 * path = path-abempty ; begins with "/" or is empty
697 * / path-absolute ; begins with "/" but not "//"
698 * / path-noscheme ; begins with a non-colon segment
699 * / path-rootless ; begins with a segment
700 * / path-empty ; zero characters
704 return true; // path-empty
707 // RFC 3986 section 5.2.3
708 // path-absolute ; begins with "/" but not "//"
710 return true; // network-path reference, aka. 'scheme-relative URI'
712 return true; // path-absolute, aka 'absolute-path reference'
715 for (const auto *p
= url
; *p
!= '\0' && *p
!= '/' && *p
!= '?' && *p
!= '#'; ++p
) {
717 return false; // colon is forbidden in first segment
720 return true; // path-noscheme, path-abempty, path-rootless
724 AnyP::Uri::addRelativePath(const char *relUrl
)
726 // URN cannot be merged
727 if (getScheme() == AnyP::PROTO_URN
)
730 // TODO: Handle . and .. segment normalization
732 const auto lastSlashPos
= path_
.rfind('/');
733 // TODO: To optimize and simplify, add and use SBuf::replace().
734 const auto relUrlLength
= strlen(relUrl
);
735 if (lastSlashPos
== SBuf::npos
) {
736 // start replacing the whole path
737 path_
.reserveCapacity(1 + relUrlLength
);
738 path_
.assign("/", 1);
740 // start replacing just the last segment
741 path_
.reserveCapacity(lastSlashPos
+ 1 + relUrlLength
);
742 path_
.chop(0, lastSlashPos
+1);
744 path_
.append(relUrl
, relUrlLength
);
748 matchDomainName(const char *h
, const char *d
, MatchDomainNameFlags flags
)
753 const bool hostIncludesSubdomains
= (*h
== '.');
765 * Start at the ends of the two strings and work towards the
768 while (xtolower(h
[--hl
]) == xtolower(d
[--dl
])) {
769 if (hl
== 0 && dl
== 0) {
771 * We made it all the way to the beginning of both
772 * strings without finding any difference.
779 * The host string is shorter than the domain string.
780 * There is only one case when this can be a match.
781 * If the domain is just one character longer, and if
782 * that character is a leading '.' then we call it a
786 if (1 == dl
&& '.' == d
[0])
794 * The domain string is shorter than the host string.
795 * This is a match only if the first domain character
800 if (flags
& mdnRejectSubsubDomains
) {
801 // Check for sub-sub domain and reject
802 while(--hl
>= 0 && h
[hl
] != '.');
804 // No sub-sub domain found, but reject if there is a
805 // leading dot in given host string (which is removed
806 // before the check is started).
807 return hostIncludesSubdomains
? 1 : 0;
809 return 1; // sub-sub domain, reject
818 * We found different characters in the same position (from the end).
821 // If the h has a form of "*.foo.com" and d has a form of "x.foo.com"
822 // then the h[hl] points to '*', h[hl+1] to '.' and d[dl] to 'x'
823 // The following checks are safe, the "h[hl + 1]" in the worst case is '\0'.
824 if ((flags
& mdnHonorWildcards
) && h
[hl
] == '*' && h
[hl
+ 1] == '.')
828 * If one of those character is '.' then its special. In order
829 * for splay tree sorting to work properly, "x-foo.com" must
830 * be greater than ".foo.com" even though '-' is less than '.'.
838 return (xtolower(h
[hl
]) - xtolower(d
[dl
]));
842 * return true if we can serve requests for this method.
845 urlCheckRequest(const HttpRequest
* r
)
848 /* protocol "independent" methods
850 * actually these methods are specific to HTTP:
851 * they are methods we receive on our HTTP port,
852 * and if we had a FTP listener would not be relevant
855 * So, we should delegate them to HTTP. The problem is that we
856 * do not have a default protocol from the client side of HTTP.
859 if (r
->method
== Http::METHOD_CONNECT
)
862 // we support OPTIONS and TRACE directed at us (with a 501 reply, for now)
863 // we also support forwarding OPTIONS and TRACE, except for the *-URI ones
864 if (r
->method
== Http::METHOD_OPTIONS
|| r
->method
== Http::METHOD_TRACE
)
865 return (r
->header
.getInt64(Http::HdrType::MAX_FORWARDS
) == 0 || r
->url
.path() != AnyP::Uri::Asterisk());
867 if (r
->method
== Http::METHOD_PURGE
)
870 /* does method match the protocol? */
871 switch (r
->url
.getScheme()) {
873 case AnyP::PROTO_URN
:
875 case AnyP::PROTO_HTTP
:
877 case AnyP::PROTO_CACHE_OBJECT
:
881 case AnyP::PROTO_FTP
:
883 if (r
->method
== Http::METHOD_PUT
)
886 case AnyP::PROTO_GOPHER
:
888 case AnyP::PROTO_WAIS
:
890 case AnyP::PROTO_WHOIS
:
891 if (r
->method
== Http::METHOD_GET
)
893 else if (r
->method
== Http::METHOD_HEAD
)
898 case AnyP::PROTO_HTTPS
:
905 * Squid can't originate an SSL connection, so it should
906 * never receive an "https:" URL. It should always be
920 AnyP::Uri::Uri(AnyP::UriScheme
const &aScheme
) :
922 hostIsNumeric_(false),
928 // TODO: fix code duplication with AnyP::Uri::parse()
930 AnyP::Uri::cleanup(const char *uri
)
933 char *cleanedUri
= nullptr;
934 switch (Config
.uri_whitespace
) {
935 case URI_WHITESPACE_ALLOW
:
936 flags
|= RFC1738_ESCAPE_NOSPACE
;
937 // fall through to next case
938 case URI_WHITESPACE_ENCODE
:
939 flags
|= RFC1738_ESCAPE_UNESCAPED
;
940 cleanedUri
= xstrndup(rfc1738_do_escape(uri
, flags
), MAX_URL
);
943 case URI_WHITESPACE_CHOP
: {
944 flags
|= RFC1738_ESCAPE_UNESCAPED
;
945 const auto pos
= strcspn(uri
, w_space
);
946 char *choppedUri
= nullptr;
947 if (pos
< strlen(uri
))
948 choppedUri
= xstrndup(uri
, pos
+ 1);
949 cleanedUri
= xstrndup(rfc1738_do_escape(choppedUri
? choppedUri
: uri
, flags
), MAX_URL
);
950 cleanedUri
[pos
] = '\0';
955 case URI_WHITESPACE_DENY
:
956 case URI_WHITESPACE_STRIP
:
958 // TODO: avoid duplication with urlParse()
960 char *tmp_uri
= static_cast<char*>(xmalloc(strlen(uri
) + 1));
971 cleanedUri
= xstrndup(rfc1738_escape_unescaped(tmp_uri
), MAX_URL
);