Bug 1923 fix: Do not send hop-by-hop headers to the ICAP server.
- Send Proxy-Authenticate and Proxy-Authorization in ICAP request headers.
- removeConnectionHeaderEntries() is removeHopByHopEntries() now.
/*
- * $Id: ESIInclude.cc,v 1.14.2.1 2008/02/10 10:43:09 serassio Exp $
+ * $Id: ESIInclude.cc,v 1.14.2.2 2008/02/27 05:59:29 amosjeffries Exp $
*
* DEBUG: section 86 ESI processing
* AUTHOR: Robert Collins
ESIInclude::prepareRequestHeaders(HttpHeader &tempheaders, ESIVarState *vars)
{
tempheaders.update (&vars->header(), NULL);
- tempheaders.removeConnectionHeaderEntries();
+ tempheaders.removeHopByHopEntries();
}
/*
- * $Id: HttpHeader.cc,v 1.138 2007/11/26 13:09:55 hno Exp $
+ * $Id: HttpHeader.cc,v 1.138.2.1 2008/02/27 05:59:29 amosjeffries Exp $
*
* DEBUG: section 55 HTTP Header
* AUTHOR: Alex Rousskov
HDR_USER_AGENT, HDR_X_FORWARDED_FOR, HDR_SURROGATE_CAPABILITY
};
+static http_hdr_type HopByHopHeadersArr[] =
+ {
+ HDR_CONNECTION, HDR_KEEP_ALIVE, HDR_PROXY_AUTHENTICATE, HDR_PROXY_AUTHORIZATION,
+ HDR_TE, HDR_TRAILERS, HDR_TRANSFER_ENCODING, HDR_UPGRADE
+ };
+
/* header accounting */
static HttpHeaderStat HttpHeaderStats[] =
{
return result;
}
+void
+HttpHeader::removeHopByHopEntries()
+{
+ removeConnectionHeaderEntries();
+
+ int count = countof(HopByHopHeadersArr);
+
+ for (int i=0; i<count; i++)
+ delById(HopByHopHeadersArr[i]);
+
+}
+
void
HttpHeader::removeConnectionHeaderEntries()
{
}
if (headers_deleted)
refreshMask();
-
- delById(HDR_CONNECTION);
}
}
/*
- * $Id: HttpHeader.h,v 1.24 2007/11/26 13:09:55 hno Exp $
+ * $Id: HttpHeader.h,v 1.24.2.1 2008/02/27 05:59:29 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
TimeOrTag getTimeOrTag(http_hdr_type id) const;
int hasListMember(http_hdr_type id, const char *member, const char separator) const;
int hasByNameListMember(const char *name, const char *member, const char separator) const;
- void removeConnectionHeaderEntries();
+ void removeHopByHopEntries();
/* protected, do not use these, use interface functions instead */
Vector<HttpHeaderEntry *> entries; /* parsed fields in raw format */
HttpHeaderMask mask; /* bit set <=> entry present */
http_hdr_owner_type owner; /* request or reply */
int len; /* length when packed, not counting terminating '\0' */
+protected:
+ void removeConnectionHeaderEntries();
+
private:
HttpHeaderEntry *findLastEntry(http_hdr_type id) const;
// Make it non-copyable. Our destructor is a bit nasty...
if (!TheICAPConfig.reuse_connections)
buf.Printf("Connection: close\r\n");
+ // we must forward "Proxy-Authenticate" and "Proxy-Authorization"
+ // as ICAP headers.
+ if (virgin.header->header.has(HDR_PROXY_AUTHENTICATE))
+ buf.Printf("Proxy-Authenticate: %s\r\n",
+ virgin.header->header.getByName("Proxy-Authenticate").buf());
+
+ if (virgin.header->header.has(HDR_PROXY_AUTHORIZATION))
+ buf.Printf("Proxy-Authorization: %s\r\n",
+ virgin.header->header.getByName("Proxy-Authorization").buf());
+
buf.Printf("Encapsulated: ");
MemBuf httpBuf;
// update ICAP header
icapBuf.Printf("%s=%d, ", section, (int) httpBuf.contentSize());
- // pack HTTP head
- packHead(httpBuf, head);
+ // begin cloning
+ HttpMsg *headClone = NULL;
+
+ if (const HttpRequest* old_request = dynamic_cast<const HttpRequest*>(head)) {
+ HttpRequest* new_request = new HttpRequest;
+ urlParse(old_request->method, old_request->canonical,new_request);
+ new_request->http_ver = old_request->http_ver;
+ inheritVirginProperties(*new_request, *old_request);
+ headClone = new_request;
+ }
+ else if (const HttpReply *old_reply = dynamic_cast<const HttpReply*>(head)) {
+ HttpReply* new_reply = new HttpReply;
+ new_reply->sline = old_reply->sline;
+ headClone = new_reply;
+ }
+
+ Must(headClone);
+
+ HttpHeaderPos pos = HttpHeaderInitPos;
+ HttpHeaderEntry* p_head_entry = NULL;
+ while (NULL != (p_head_entry = head->header.getEntry(&pos)) )
+ headClone->header.addEntry(p_head_entry->clone());
+
+ // end cloning
+
+ // remove all hop-by-hop headers from the clone
+ headClone->header.removeHopByHopEntries();
+
+ // pack polished HTTP header
+ packHead(httpBuf, headClone);
+
+ delete headClone;
}
void ICAPModXact::packHead(MemBuf &httpBuf, const HttpMsg *head)
/*
- * $Id: client_side_reply.cc,v 1.144.2.3 2008/02/26 00:05:47 amosjeffries Exp $
+ * $Id: client_side_reply.cc,v 1.144.2.4 2008/02/27 05:59:29 amosjeffries Exp $
*
* DEBUG: section 88 Client-side Reply Routines
* AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c)
if (is_hit)
hdr->delById(HDR_SET_COOKIE);
- /*
- * Be sure to obey the Connection header
- */
- reply->header.removeConnectionHeaderEntries();
+ reply->header.removeHopByHopEntries();
// if (request->range)
// clientBuildRangeHeader(http, reply);
projects / thirdparty / squid.git / commitdiff
