HTTP: do not allow Proxy-Connection to override Connection header

Proxy-Connection header is never actually valid, it is relevant in
HTTP/1.0 messages only when Connection header is missing and not
relevant at all in HTTP/1.1 messages.

This fixes part of the behaviour, making Squid use Connection header
for persistence (keep-alive vs close) checking if one is present
instead of letting Proxy-Connection override it.

TODO: Proxy-Connection still needs to be ignored completely when
      the message version is HTTP/1.1.

diff --git a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc
index d8c29d8c98c9dcebcd4db380ee0d29292d2bcfd9..011002c0d72fa7572ba7244664412725da01a2b3 100644 (file)
--- a/src/HttpHeaderTools.cc
+++ b/src/HttpHeaderTools.cc
@@ -131,32 +131,30 @@ httpHeaderAddContRange(HttpHeader * hdr, HttpHdrRangeSpec spec, int64_t ent_len)
 }
 
 /**
- * return true if a given directive is found in at least one of
- * the "connection" header-fields note: if HDR_PROXY_CONNECTION is
- * present we ignore HDR_CONNECTION.
+ * \return true if a given directive is found in the Connection header field-value.
+ *
+ * \note if no Connection header exists we may check the Proxy-Connection header
  */
-int
+bool
 httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive)
 {
     String list;
-    int res;
+
     /* what type of header do we have? */
+    if (hdr->has(HDR_CONNECTION)) {
+        list = hdr->getList(HDR_CONNECTION);
+        return strListIsMember(&list, directive, ',') != 0;
+    }
 
 #if USE_HTTP_VIOLATIONS
-    if (hdr->has(HDR_PROXY_CONNECTION))
+    if (hdr->has(HDR_PROXY_CONNECTION)) {
         list = hdr->getList(HDR_PROXY_CONNECTION);
-    else
+        return strListIsMember(&list, directive, ',') != 0;
+    }
 #endif
-        if (hdr->has(HDR_CONNECTION))
-            list = hdr->getList(HDR_CONNECTION);
-        else
-            return 0;
-
-    res = strListIsMember(&list, directive, ',');
-
-    list.clean();
 
-    return res;
+    // else, no connection header for it to exist in
+    return false;
 }
 
 /** handy to printf prefixes of potentially very long buffers */

diff --git a/src/HttpHeaderTools.h b/src/HttpHeaderTools.h
index 509d940d3a91001dcb397d4cb424e0e179c990c7..7eadc221044a3dcb151efd79b3e1317577292586 100644 (file)
--- a/src/HttpHeaderTools.h
+++ b/src/HttpHeaderTools.h
@@ -120,7 +120,7 @@ void httpHeaderDestroyFieldsInfo(HttpHeaderFieldInfo * info, int count);
 http_hdr_type httpHeaderIdByName(const char *name, size_t name_len, const HttpHeaderFieldInfo * attrs, int end);
 http_hdr_type httpHeaderIdByNameDef(const char *name, int name_len);
 const char *httpHeaderNameById(int id);
-int httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive);
+bool httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive);
 int httpHeaderParseInt(const char *start, int *val);
 void httpHeaderPutStrf(HttpHeader * hdr, http_hdr_type id, const char *fmt,...) PRINTF_FORMAT_ARG3;