/*
- * $Id: cache_cf.cc,v 1.307 1998/10/13 23:33:31 wessels Exp $
+ * $Id: cache_cf.cc,v 1.308 1998/10/14 21:11:55 wessels Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
#define free_wordlist wordlistDestroy
+#define free_uri_whitespace free_int
+
+static void
+parse_uri_whitespace(int *var)
+{
+ char *token = strtok(NULL, w_space);
+ if (token == NULL)
+ self_destruct();
+ if (!strcasecmp(token, "deny"))
+ *var = URI_WHITESPACE_DENY;
+ else if (!strcasecmp(token, "allow"))
+ *var = URI_WHITESPACE_ALLOW;
+ else if (!strcasecmp(token, "encode"))
+ *var = URI_WHITESPACE_ENCODE;
+ else if (!strcasecmp(token, "chop"))
+ *var = URI_WHITESPACE_CHOP;
+ else
+ self_destruct();
+}
+
+
+static void
+dump_uri_whitespace(StoreEntry * entry, const char *name, int var)
+{
+ char *s;
+ if (var == URI_WHITESPACE_ALLOW)
+ s = "allow";
+ else if (var == URI_WHITESPACE_ENCODE)
+ s = "encode";
+ else if (var == URI_WHITESPACE_CHOP)
+ s = "chop";
+ else
+ s = "deny";
+ storeAppendPrintf(entry, "%s %s\n", name, s);
+}
+
#include "cf_parser.c"
peer_t
#
-# $Id: cf.data.pre,v 1.121 1998/10/13 23:42:03 wessels Exp $
+# $Id: cf.data.pre,v 1.122 1998/10/14 21:11:57 wessels Exp $
#
#
# SQUID Internet Object Cache http://squid.nlanr.net/Squid/
objects.
DOC_END
+NAME: uri_whitespace
+TYPE: uri_whitespace
+LOC: Config.uri_whitespace
+DEFAULT: deny
+DOC_START
+ What to do with requests that have whitespace characters in the
+ URI. Options:
+
+ deny: The request is denied. The user receives an "Invalid
+ Request" message.
+ allow: The request is allowed and the URI is not changed. The
+ whitespace characters remain in the URI. Note the
+ whitespace is passed to redirector processes if they
+ are in use.
+ encode: The request is allowed and the whitespace characters are
+ encoded according to RFC1738. This could be considered
+ a violation of the HTTP/1.1
+ RFC because proxies are not allowed to rewrite URI's.
+ chop: The request is allowed and the URI is chopped at the
+ first whitespace. This might also be considered a
+ violation.
+uri_whitespace deny
+DOC_END
+
EOF
/*
- * $Id: client_side.cc,v 1.411 1998/10/13 23:39:08 wessels Exp $
+ * $Id: client_side.cc,v 1.412 1998/10/14 21:11:58 wessels Exp $
*
* DEBUG: section 33 Client-side Routines
* AUTHOR: Duane Wessels
debug(33, 5) ("parseHttpRequest: Method is '%s'\n", mstr);
*method_p = method;
- /* look for URL */
- if ((url = strtok(NULL, "\r\n\t ")) == NULL) {
+ /* look for URL+HTTP/x.x */
+ if ((url = strtok(NULL, "\r\n")) == NULL) {
debug(33, 1) ("parseHttpRequest: Missing URL\n");
return parseHttpRequestAbort(conn, "error:missing-url");
}
- debug(33, 5) ("parseHttpRequest: Request is '%s'\n", url);
-
- token = strtok(NULL, null_string);
- for (t = token; t && *t && *t != '\n' && *t != '\r'; t++);
- if (t == NULL || *t == '\0' || t == token || strncasecmp(token, "HTTP/", 5)) {
+ t = url + strlen(url);
+ assert(*t == '\0');
+ token = NULL;
+ while (t > url) {
+ t--;
+ if (isspace(*t) && !strncmp(t + 1, "HTTP/", 5)) {
+ token = t + 1;
+ break;
+ }
+ }
+ while (t > url && isspace(*t))
+ *(t--) = '\0';
+ debug(33, 5) ("parseHttpRequest: URI is '%s'\n", url);
+ if (token == NULL) {
debug(33, 3) ("parseHttpRequest: Missing HTTP identifier\n");
#if RELAXED_HTTP_PARSER
http_ver = (float) 0.9; /* wild guess */
strcpy(http->uri, url);
http->flags.accel = 0;
}
- http->log_uri = xstrdup(http->uri);
+ if (!stringHasWhitespace(http->uri))
+ http->log_uri = xstrdup(http->uri);
+ else
+ http->log_uri = xstrdup(rfc1738_escape(http->uri));
debug(33, 5) ("parseHttpRequest: Complete request received\n");
if (free_request)
safe_free(url);
/*
- * $Id: defines.h,v 1.66 1998/09/14 22:18:45 wessels Exp $
+ * $Id: defines.h,v 1.67 1998/10/14 21:12:00 wessels Exp $
*
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
#define PEER_TCP_MAGIC_COUNT 10
#define CLIENT_SOCK_SZ 4096
+
+#define URI_WHITESPACE_DENY 0
+#define URI_WHITESPACE_ALLOW 1
+#define URI_WHITESPACE_ENCODE 2
+#define URI_WHITESPACE_CHOP 3
/*
- * $Id: protos.h,v 1.277 1998/10/12 21:41:01 wessels Exp $
+ * $Id: protos.h,v 1.278 1998/10/14 21:12:01 wessels Exp $
*
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
extern int asnMatchIp(void *, struct in_addr);
extern void asnInit(void);
extern void asnFreeMemory(void);
+
+/* tools.c */
extern void dlinkAdd(void *data, dlink_node *, dlink_list *);
extern void dlinkAddTail(void *data, dlink_node *, dlink_list *);
extern void dlinkDelete(dlink_node * m, dlink_list * list);
extern double gb_to_double(const gb_t *);
extern const char *gb_to_str(const gb_t *);
extern void gb_flush(gb_t *); /* internal, do not use this */
+extern int stringHasWhitespace(const char *);
#if USE_HTCP
extern void htcpInit(void);
/*
- * $Id: structs.h,v 1.239 1998/10/10 14:57:43 wessels Exp $
+ * $Id: structs.h,v 1.240 1998/10/14 21:12:02 wessels Exp $
*
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
int http_min_poll;
} comm_incoming;
int max_open_disk_fds;
+ int uri_whitespace;
};
struct _SquidConfig2 {
/*
- * $Id: tools.cc,v 1.169 1998/10/12 20:26:41 wessels Exp $
+ * $Id: tools.cc,v 1.170 1998/10/14 21:12:03 wessels Exp $
*
* DEBUG: section 21 Misc Functions
* AUTHOR: Harvest Derived
packerClean(&p);
memBufClean(&mb);
}
+
+int
+stringHasWhitespace(const char *s)
+{
+ return (strcspn(s, w_space) != strlen(s));
+}
/*
- * $Id: url.cc,v 1.108 1998/08/26 19:53:41 wessels Exp $
+ * $Id: url.cc,v 1.109 1998/10/14 21:12:04 wessels Exp $
*
* DEBUG: section 23 URL Parsing
* AUTHOR: Duane Wessels
} else if (!strncmp(url, "urn:", 4)) {
return urnParse(method, url);
} else {
- if (sscanf(url, "%[^:]://%[^/]%s", proto, host, urlpath) < 2)
+ if (sscanf(url, "%[^:]://%[^/]%[^\r\n]", proto, host, urlpath) < 2)
return NULL;
protocol = urlParseProtocol(proto);
port = urlDefaultPort(protocol);
return NULL;
}
#endif
+ if (stringHasWhitespace(urlpath)) {
+ debug(23, 1) ("urlParse: URI has whitespace: {%s}\n", url);
+ switch (Config.uri_whitespace) {
+ case URI_WHITESPACE_DENY:
+ return NULL;
+ case URI_WHITESPACE_ALLOW:
+ break;
+ case URI_WHITESPACE_ENCODE:
+ t = rfc1738_escape(urlpath);
+ xstrncpy(urlpath, t, MAX_URL);
+ break;
+ case URI_WHITESPACE_CHOP:
+ *(urlpath + strcspn(urlpath, w_space)) = '\0';
+ break;
+ }
+ }
request = requestCreate(method, protocol, urlpath);
xstrncpy(request->host, host, SQUIDHOSTNAMELEN);
xstrncpy(request->login, login, MAX_LOGIN_SZ);
char *t;
if (request->protocol == PROTO_URN) {
snprintf(buf, MAX_URL, "urn:%s", strBuf(request->urlpath));
- } else
+ } else {
switch (request->method) {
case METHOD_CONNECT:
snprintf(buf, MAX_URL, "%s:%d", request->host, request->port);
*(++t) = '\0';
break;
}
+ }
+ if (stringHasWhitespace(buf))
+ xstrncpy(buf, rfc1738_escape(buf), MAX_URL);
return buf;
}