From: Amos Jeffries <amosjeffries@squid-cache.org>
Date: Fri, 13 Aug 2010 07:53:08 +0000 (-0600)
Subject: HTTP/1.1 compliance: Stop using Proxy-Connection header
X-Git-Tag: take1~393
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=95e785008cfde3ae4a0f830437dd768ce7afdb2e;p=thirdparty%2Fsquid.git

HTTP/1.1 compliance: Stop using Proxy-Connection header

The Proxy-Connection header is not part of any HTTP standard. It was added
by Netscape to differentiate persistent connections to intermediary proxies
but that duty has been formally superceded by the Connection: header.

This compliance update makes Squid stop sending Proxy-Connection on outbound
requests. Starts consistently using Connection: header instead.

The Proxy-Connection header is also ignored on HTTP-strict builds.
For compatibility we must do a small violation and drop it as a hop-by-hop
header despite strct-mode technically being required to pass it through.

For origin server connections the non-strict builds will retain the
status-quo: interpret it, but treat it as an HTTP/0.9 thing to be
upgraded to HTTP/1.1 Connection:.

squidclient is also fixed not to send it.
---

diff --git a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc
index c4b995b349..ae7e9120eb 100644
--- a/src/HttpHeaderTools.cc
+++ b/src/HttpHeaderTools.cc
@@ -145,19 +145,19 @@ int
 httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive)
 {
     String list;
-    http_hdr_type ht;
     int res;
     /* what type of header do we have? */
 
+#if USE_HTTP_VIOLATIONS
     if (hdr->has(HDR_PROXY_CONNECTION))
-        ht = HDR_PROXY_CONNECTION;
-    else if (hdr->has(HDR_CONNECTION))
-        ht = HDR_CONNECTION;
+        list = hdr->getList(HDR_PROXY_CONNECTION);
+    else
+#endif
+    if (hdr->has(HDR_CONNECTION))
+        list = hdr->getList(HDR_CONNECTION);
     else
         return 0;
 
-    list = hdr->getList(ht);
-
     res = strListIsMember(&list, directive, ',');
 
     list.clean();
diff --git a/src/cf.data.pre b/src/cf.data.pre
index e1c6c430ea..6d213ea6d3 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -4042,7 +4042,6 @@ DOC_START
 		request_header_access Retry-After allow all
 		request_header_access Title allow all
 		request_header_access Connection allow all
-		request_header_access Proxy-Connection allow all
 		request_header_access All deny all
 
 	although many of those are HTTP reply headers, and so should be
@@ -4118,7 +4117,6 @@ DOC_START
 		reply_header_access Retry-After allow all
 		reply_header_access Title allow all
 		reply_header_access Connection allow all
-		reply_header_access Proxy-Connection allow all
 		reply_header_access All deny all
 
 	although the HTTP request headers won't be usefully controlled
diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc
index a32d7e40a2..4932e339e1 100644
--- a/src/client_side_reply.cc
+++ b/src/client_side_reply.cc
@@ -1402,9 +1402,8 @@ clientReplyContext::buildReplyHeader()
         hdr->delById(HDR_VIA);
         hdr->putStr(HDR_VIA, strVia.termedBuf());
     }
-    /* Signal keep-alive if needed */
-    hdr->putStr( (http->flags.accel || http->flags.intercepted)? HDR_CONNECTION : HDR_PROXY_CONNECTION,
-                 request->flags.proxy_keepalive ? "keep-alive" : "close");
+    /* Signal keep-alive or close explicitly */
+    hdr->putStr(HDR_CONNECTION, request->flags.proxy_keepalive ? "keep-alive" : "close");
 
 #if ADD_X_REQUEST_URI
     /*
diff --git a/src/http.cc b/src/http.cc
index 6e922bb544..4a712aeddb 100644
--- a/src/http.cc
+++ b/src/http.cc
@@ -1732,11 +1732,7 @@ HttpStateData::httpBuildRequestHeader(HttpRequest * request,
 
     /* maybe append Connection: keep-alive */
     if (flags.keepalive) {
-        if (flags.proxying) {
-            hdr_out->putStr(HDR_PROXY_CONNECTION, "keep-alive");
-        } else {
-            hdr_out->putStr(HDR_CONNECTION, "keep-alive");
-        }
+        hdr_out->putStr(HDR_CONNECTION, "keep-alive");
     }
 
     /* append Front-End-Https */
@@ -1881,12 +1877,13 @@ copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, co
 
         break;
 
-    case HDR_PROXY_CONNECTION:
+    case HDR_PROXY_CONNECTION: // SHOULD ignore. But doing so breaks things.
+        break;
 
     case HDR_X_FORWARDED_FOR:
 
     case HDR_CACHE_CONTROL:
-        /** \par Proxy-Connaction:, X-Forwarded-For:, Cache-Control:
+        /** \par X-Forwarded-For:, Cache-Control:
          * handled specially by Squid, so leave off for now.
          * append these after the loop if needed */
         break;
diff --git a/tools/squidclient.cc b/tools/squidclient.cc
index 581f382c78..769a794570 100644
--- a/tools/squidclient.cc
+++ b/tools/squidclient.cc
@@ -427,17 +427,11 @@ main(int argc, char *argv[])
             strcat(msg, buf);
         }
 
-        /* HTTP/1.0 may need keep-alive */
-        if (strcmp(version, "1.0") == 0) {
-            if (keep_alive) {
-                if (strchr(url, ':')) {
-                    snprintf(buf, BUFSIZ, "Proxy-Connection: keep-alive\r\n");
-                    strcat(msg, buf);
-                } else
-                    strcat(msg, "Connection: keep-alive\r\n");
-            }
-        }
-        /* HTTP/1.1 may need close */
+        /* HTTP/1.0 may need keep-alive explicitly */
+        if (strcmp(version, "1.0") == 0 && keep_alive)
+            strcat(msg, "Connection: keep-alive\r\n");
+
+        /* HTTP/1.1 may need close explicitly */
         if (!keep_alive)
             strcat(msg, "Connection: close\r\n");