{
const char *field_ptr = header_start;
HttpHeaderEntry *e, *e2;
+ bool warnOnError = (Config.onoff.relaxed_header_parser <= 0 ? DBG_IMPORTANT : 2);
PROF_start(HttpHeaderParse);
cr_only = false;
}
if (cr_only) {
- debugs(55, DBG_IMPORTANT, "WARNING: Rejecting HTTP request with a CR+ "
+ debugs(55, DBG_IMPORTANT, "SECURITY WARNING: Rejecting HTTP request with a CR+ "
"header field to prevent request smuggling attacks: {" <<
getStringPrefix(header_start, header_end) << "}");
goto reset;
/* Barf on stray CR characters */
if (memchr(this_line, '\r', field_end - this_line)) {
- debugs(55, DBG_IMPORTANT, "WARNING: suspicious CR characters in HTTP header {" <<
+ debugs(55, warnOnError, "WARNING: suspicious CR characters in HTTP header {" <<
getStringPrefix(field_start, field_end) << "}");
if (Config.onoff.relaxed_header_parser) {
}
if (this_line + 1 == field_end && this_line > field_start) {
- debugs(55, DBG_IMPORTANT, "WARNING: Blank continuation line in HTTP header {" <<
+ debugs(55, warnOnError, "WARNING: Blank continuation line in HTTP header {" <<
getStringPrefix(header_start, header_end) << "}");
goto reset;
}
if (field_start == field_end) {
if (field_ptr < header_end) {
- debugs(55, DBG_IMPORTANT, "WARNING: unparseable HTTP header field near {" <<
+ debugs(55, warnOnError, "WARNING: unparseable HTTP header field near {" <<
getStringPrefix(field_start, header_end) << "}");
goto reset;
}
}
if ((e = HttpHeaderEntry::parse(field_start, field_end)) == NULL) {
- debugs(55, DBG_IMPORTANT, "WARNING: unparseable HTTP header field {" <<
+ debugs(55, warnOnError, "WARNING: unparseable HTTP header field {" <<
getStringPrefix(field_start, field_end) << "}");
- debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2,
- " in {" << getStringPrefix(header_start, header_end) << "}");
+ debugs(55, warnOnError, " in {" << getStringPrefix(header_start, header_end) << "}");
if (Config.onoff.relaxed_header_parser)
continue;
- else
- goto reset;
+
+ goto reset;
}
if (e->id == HDR_CONTENT_LENGTH && (e2 = findEntry(e->id)) != NULL) {
-// if (e->value.cmp(e2->value.termedBuf()) != 0) {
if (e->value != e2->value) {
int64_t l1, l2;
- debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2,
- "WARNING: found two conflicting content-length headers in {" << getStringPrefix(header_start, header_end) << "}");
+ debugs(55, warnOnError, "WARNING: found two conflicting content-length headers in {" <<
+ getStringPrefix(header_start, header_end) << "}");
if (!Config.onoff.relaxed_header_parser) {
delete e;
continue;
}
} else {
- debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2,
- "NOTICE: found double content-length header");
+ debugs(55, warnOnError, "NOTICE: found double content-length header");
+ delete e;
- if (Config.onoff.relaxed_header_parser) {
- delete e;
+ if (Config.onoff.relaxed_header_parser)
continue;
- } else {
- delete e;
- goto reset;
- }
+
+ goto reset;
}
}
if (e->id == HDR_OTHER && stringHasWhitespace(e->name.termedBuf())) {
- debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2,
- "WARNING: found whitespace in HTTP header name {" <<
+ debugs(55, warnOnError, "WARNING: found whitespace in HTTP header name {" <<
getStringPrefix(field_start, field_end) << "}");
if (!Config.onoff.relaxed_header_parser) {
projects / thirdparty / squid.git / commitdiff
