From: Amos Jeffries Date: Thu, 8 Sep 2016 13:14:40 +0000 (+1200) Subject: HTTP: do not allow Proxy-Connection to override Connection header X-Git-Tag: SQUID_3_5_21~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bcd52d378ef48770c4bd2586cb57ce373226033b;p=thirdparty%2Fsquid.git HTTP: do not allow Proxy-Connection to override Connection header Proxy-Connection header is never actually valid, it is relevant in HTTP/1.0 messages only when Connection header is missing and not relevant at all in HTTP/1.1 messages. This fixes part of the behaviour, making Squid use Connection header for persistence (keep-alive vs close) checking if one is present instead of letting Proxy-Connection override it. TODO: Proxy-Connection still needs to be ignored completely when the message version is HTTP/1.1. --- diff --git a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc index d8c29d8c98..011002c0d7 100644 --- a/src/HttpHeaderTools.cc +++ b/src/HttpHeaderTools.cc @@ -131,32 +131,30 @@ httpHeaderAddContRange(HttpHeader * hdr, HttpHdrRangeSpec spec, int64_t ent_len) } /** - * return true if a given directive is found in at least one of - * the "connection" header-fields note: if HDR_PROXY_CONNECTION is - * present we ignore HDR_CONNECTION. + * \return true if a given directive is found in the Connection header field-value. + * + * \note if no Connection header exists we may check the Proxy-Connection header */ -int +bool httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive) { String list; - int res; + /* what type of header do we have? */ + if (hdr->has(HDR_CONNECTION)) { + list = hdr->getList(HDR_CONNECTION); + return strListIsMember(&list, directive, ',') != 0; + } #if USE_HTTP_VIOLATIONS - if (hdr->has(HDR_PROXY_CONNECTION)) + if (hdr->has(HDR_PROXY_CONNECTION)) { list = hdr->getList(HDR_PROXY_CONNECTION); - else + return strListIsMember(&list, directive, ',') != 0; + } #endif - if (hdr->has(HDR_CONNECTION)) - list = hdr->getList(HDR_CONNECTION); - else - return 0; - - res = strListIsMember(&list, directive, ','); - - list.clean(); - return res; + // else, no connection header for it to exist in + return false; } /** handy to printf prefixes of potentially very long buffers */ diff --git a/src/HttpHeaderTools.h b/src/HttpHeaderTools.h index 509d940d3a..7eadc22104 100644 --- a/src/HttpHeaderTools.h +++ b/src/HttpHeaderTools.h @@ -120,7 +120,7 @@ void httpHeaderDestroyFieldsInfo(HttpHeaderFieldInfo * info, int count); http_hdr_type httpHeaderIdByName(const char *name, size_t name_len, const HttpHeaderFieldInfo * attrs, int end); http_hdr_type httpHeaderIdByNameDef(const char *name, int name_len); const char *httpHeaderNameById(int id); -int httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive); +bool httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive); int httpHeaderParseInt(const char *start, int *val); void httpHeaderPutStrf(HttpHeader * hdr, http_hdr_type id, const char *fmt,...) PRINTF_FORMAT_ARG3;