From: Amos Jeffries <amosjeffries@squid-cache.org>
Date: Wed, 18 Aug 2010 01:45:20 +0000 (-0600)
Subject: HTTP/1.1 compliance: Stop using Proxy-Connection header
X-Git-Tag: SQUID_3_1_7~8
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a96ed08df9e05d1c5bee21f4b6c3f1881a720d79;p=thirdparty%2Fsquid.git

HTTP/1.1 compliance: Stop using Proxy-Connection header

The Proxy-Connection header is not part of any HTTP standard. It was added
by Netscape to differentiate persistent connections to intermediary proxies
but that duty has been formally superceded by the Connection: header.

This compliance update makes Squid stop sending Proxy-Connection on outbound
requests. Starts consistently using Connection: header instead.

The Proxy-Connection header is also ignored on HTTP-strict builds.
For compatibility we must do a small violation and drop it as a hop-by-hop
header despite strict-mode technically being required to pass it through.

For origin server connections the non-strict builds will retain the
status-quo: interpret it, but treat it as an HTTP/0.9 thing to be
upgraded to HTTP/1.1 Connection: header.

squidclient is also fixed not to send it.
---

diff --git a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc
index 8f5a35c684..5227902b0d 100644
--- a/src/HttpHeaderTools.cc
+++ b/src/HttpHeaderTools.cc
@@ -145,19 +145,19 @@ int
 httpHeaderHasConnDir(const HttpHeader * hdr, const char *directive)
 {
     String list;
-    http_hdr_type ht;
     int res;
     /* what type of header do we have? */
 
+#if HTTP_VIOLATIONS
     if (hdr->has(HDR_PROXY_CONNECTION))
-        ht = HDR_PROXY_CONNECTION;
-    else if (hdr->has(HDR_CONNECTION))
-        ht = HDR_CONNECTION;
+        list = hdr->getList(HDR_PROXY_CONNECTION);
+    else
+#endif
+    if (hdr->has(HDR_CONNECTION))
+        list = hdr->getList(HDR_CONNECTION);
     else
         return 0;
 
-    list = hdr->getList(ht);
-
     res = strListIsMember(&list, directive, ',');
 
     list.clean();
diff --git a/src/cf.data.pre b/src/cf.data.pre
index 0dd38a19ec..3a4bc557d1 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -3747,7 +3747,6 @@ DOC_START
 		request_header_access Retry-After allow all
 		request_header_access Title allow all
 		request_header_access Connection allow all
-		request_header_access Proxy-Connection allow all
 		request_header_access All deny all
 
 	although many of those are HTTP reply headers, and so should be
@@ -3823,7 +3822,6 @@ DOC_START
 		reply_header_access Retry-After allow all
 		reply_header_access Title allow all
 		reply_header_access Connection allow all
-		reply_header_access Proxy-Connection allow all
 		reply_header_access All deny all
 
 	although the HTTP request headers won't be usefully controlled
diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc
index 4e7243ae7d..f3b01c7f03 100644
--- a/src/client_side_reply.cc
+++ b/src/client_side_reply.cc
@@ -1405,9 +1405,8 @@ clientReplyContext::buildReplyHeader()
         hdr->delById(HDR_VIA);
         hdr->putStr(HDR_VIA, strVia.termedBuf());
     }
-    /* Signal keep-alive if needed */
-    hdr->putStr( (http->flags.accel || http->flags.intercepted)? HDR_CONNECTION : HDR_PROXY_CONNECTION,
-                 request->flags.proxy_keepalive ? "keep-alive" : "close");
+    /* Signal keep-alive or close explicitly */
+    hdr->putStr(HDR_CONNECTION, request->flags.proxy_keepalive ? "keep-alive" : "close");
 
 #if ADD_X_REQUEST_URI
     /*
diff --git a/src/http.cc b/src/http.cc
index 6f8b5b45d4..3c93e53150 100644
--- a/src/http.cc
+++ b/src/http.cc
@@ -1720,11 +1720,7 @@ HttpStateData::httpBuildRequestHeader(HttpRequest * request,
 
     /* maybe append Connection: keep-alive */
     if (flags.keepalive) {
-        if (flags.proxying) {
-            hdr_out->putStr(HDR_PROXY_CONNECTION, "keep-alive");
-        } else {
-            hdr_out->putStr(HDR_CONNECTION, "keep-alive");
-        }
+        hdr_out->putStr(HDR_CONNECTION, "keep-alive");
     }
 
     /* append Front-End-Https */
@@ -1870,12 +1866,13 @@ copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, co
 
         break;
 
-    case HDR_PROXY_CONNECTION:
+    case HDR_PROXY_CONNECTION: // SHOULD ignore. But doing so breaks things.
+        break;
 
     case HDR_X_FORWARDED_FOR:
 
     case HDR_CACHE_CONTROL:
-        /** \par Proxy-Connaction:, X-Forwarded-For:, Cache-Control:
+        /** \par X-Forwarded-For:, Cache-Control:
          * handled specially by Squid, so leave off for now.
          * append these after the loop if needed */
         break;
diff --git a/tools/squidclient.cc b/tools/squidclient.cc
index 479de4daad..200891516d 100644
--- a/tools/squidclient.cc
+++ b/tools/squidclient.cc
@@ -434,17 +434,11 @@ main(int argc, char *argv[])
             strcat(msg, buf);
         }
 
-        /* HTTP/1.0 may need keep-alive */
-        if (strcmp(version, "1.0") == 0) {
-            if (keep_alive) {
-                if (strchr(url, ':')) {
-                    snprintf(buf, BUFSIZ, "Proxy-Connection: keep-alive\r\n");
-                    strcat(msg, buf);
-                } else
-                    strcat(msg, "Connection: keep-alive\r\n");
-            }
-        }
-        /* HTTP/1.1 may need close */
+        /* HTTP/1.0 may need keep-alive explicitly */
+        if (strcmp(version, "1.0") == 0 && keep_alive)
+            strcat(msg, "Connection: keep-alive\r\n");
+
+        /* HTTP/1.1 may need close explicitly */
         if (!keep_alive)
             strcat(msg, "Connection: close\r\n");