if (OPENSSL_strcasecmp(key, "Content-Type") == 0) {
if (rctx->state == OHS_HEADERS
&& rctx->expected_ct != NULL) {
- if (OPENSSL_strcasecmp(rctx->expected_ct, value) != 0) {
+ const char *semicolon;
+
+ if (OPENSSL_strcasecmp(rctx->expected_ct, value) != 0
+ /* ignore past ';' unless expected_ct contains ';' */
+ && (strchr(rctx->expected_ct, ';') != NULL
+ || (semicolon = strchr(value, ';')) == NULL
+ || (size_t)(semicolon - value) != strlen(rctx->expected_ct)
+ || OPENSSL_strncasecmp(rctx->expected_ct, value,
+ semicolon - value) != 0)) {
ERR_raise_data(ERR_LIB_HTTP,
HTTP_R_UNEXPECTED_CONTENT_TYPE,
"expected=%s, actual=%s",
of the HTTP client on the response.
Due to the structure of an HTTP request, if the I<keep_alive> argument is
nonzero the function must be used before calling OSSL_HTTP_REQ_CTX_set1_req().
-If the I<content_type> parameter
-is not NULL then the client will check that the given content type string
+
+If the I<content_type> argument is not NULL,
+the client will check that the specified content-type string
is included in the HTTP header of the response and return an error if not.
+In the content-type header line the specified string should be present either
+as a whole, or in case the specified string does not include a C<;> character,
+it is sufficient that the specified string appears as a prefix
+in the header line, followed by a C<;> character and any further text.
+For instance, if the I<content_type> argument specifies C<text/html>,
+this is matched by C<text/html>, C<text/html; charset=UTF-8>, etc.
+
If the I<asn1> parameter is nonzero a structure in ASN.1 encoding will be
expected as the response content and input streaming is disabled. This means
that an ASN.1 sequence header is required, its length field is checked, and
the length of the data in I<req> does not need to be determined in advance: the
BIO will be read on-the-fly while sending the request, which supports streaming.
The optional list I<headers> may contain additional custom HTTP header lines.
-If the parameter I<expected_content_type>
-is not NULL then the client will check that the given content type string
+
+If the I<expected_content_type> argument is not NULL,
+the client will check that the specified content-type string
is included in the HTTP header of the response and return an error if not.
+In the content-type header line the specified string should be present either
+as a whole, or in case the specified string does not include a C<;> character,
+it is sufficient that the specified string appears as a prefix
+in the header line, followed by a C<;> character and any further text.
+For instance, if I<expected_content_type> specifies C<text/html>,
+this is matched by C<text/html>, C<text/html; charset=UTF-8>, etc.
+
If the I<expect_asn1> parameter is nonzero,
a structure in ASN.1 encoding will be expected as response content.
The I<max_resp_len> parameter specifies the maximum allowed
projects / thirdparty / openssl.git / commitdiff
