2885
2912
capture_headers(req->buf->p, &txn->hdr_idx,
2886
2913
txn->req.cap, s->fe->req_cap);
2888
/* 6: determine the transfer-length.
2889
* According to RFC2616 #4.4, amended by the HTTPbis working group,
2890
* the presence of a message-body in a REQUEST and its transfer length
2891
* must be determined that way (in order of precedence) :
2892
* 1. The presence of a message-body in a request is signaled by the
2893
* inclusion of a Content-Length or Transfer-Encoding header field
2894
* in the request's header fields. When a request message contains
2895
* both a message-body of non-zero length and a method that does
2896
* not define any semantics for that request message-body, then an
2897
* origin server SHOULD either ignore the message-body or respond
2898
* with an appropriate error message (e.g., 413). A proxy or
2899
* gateway, when presented the same request, SHOULD either forward
2900
* the request inbound with the message- body or ignore the
2901
* message-body when determining a response.
2903
* 2. If a Transfer-Encoding header field (Section 9.7) is present
2904
* and the "chunked" transfer-coding (Section 6.2) is used, the
2905
* transfer-length is defined by the use of this transfer-coding.
2906
* If a Transfer-Encoding header field is present and the "chunked"
2907
* transfer-coding is not present, the transfer-length is defined
2908
* by the sender closing the connection.
2910
* 3. If a Content-Length header field is present, its decimal value in
2911
* OCTETs represents both the entity-length and the transfer-length.
2912
* If a message is received with both a Transfer-Encoding header
2913
* field and a Content-Length header field, the latter MUST be ignored.
2915
* 4. By the server closing the connection. (Closing the connection
2916
* cannot be used to indicate the end of a request body, since that
2917
* would leave no possibility for the server to send back a response.)
2919
* Whenever a transfer-coding is applied to a message-body, the set of
2920
* transfer-codings MUST include "chunked", unless the message indicates
2921
* it is terminated by closing the connection. When the "chunked"
2922
* transfer-coding is used, it MUST be the last transfer-coding applied
2923
* to the message-body.
2915
/* 6: determine the transfer-length according to RFC2616 #4.4, updated
2916
* by RFC7230#3.3.3 :
2918
* The length of a message body is determined by one of the following
2919
* (in order of precedence):
2921
* 1. Any response to a HEAD request and any response with a 1xx
2922
* (Informational), 204 (No Content), or 304 (Not Modified) status
2923
* code is always terminated by the first empty line after the
2924
* header fields, regardless of the header fields present in the
2925
* message, and thus cannot contain a message body.
2927
* 2. Any 2xx (Successful) response to a CONNECT request implies that
2928
* the connection will become a tunnel immediately after the empty
2929
* line that concludes the header fields. A client MUST ignore any
2930
* Content-Length or Transfer-Encoding header fields received in
2933
* 3. If a Transfer-Encoding header field is present and the chunked
2934
* transfer coding (Section 4.1) is the final encoding, the message
2935
* body length is determined by reading and decoding the chunked
2936
* data until the transfer coding indicates the data is complete.
2938
* If a Transfer-Encoding header field is present in a response and
2939
* the chunked transfer coding is not the final encoding, the
2940
* message body length is determined by reading the connection until
2941
* it is closed by the server. If a Transfer-Encoding header field
2942
* is present in a request and the chunked transfer coding is not
2943
* the final encoding, the message body length cannot be determined
2944
* reliably; the server MUST respond with the 400 (Bad Request)
2945
* status code and then close the connection.
2947
* If a message is received with both a Transfer-Encoding and a
2948
* Content-Length header field, the Transfer-Encoding overrides the
2949
* Content-Length. Such a message might indicate an attempt to
2950
* perform request smuggling (Section 9.5) or response splitting
2951
* (Section 9.4) and ought to be handled as an error. A sender MUST
2952
* remove the received Content-Length field prior to forwarding such
2953
* a message downstream.
2955
* 4. If a message is received without Transfer-Encoding and with
2956
* either multiple Content-Length header fields having differing
2957
* field-values or a single Content-Length header field having an
2958
* invalid value, then the message framing is invalid and the
2959
* recipient MUST treat it as an unrecoverable error. If this is a
2960
* request message, the server MUST respond with a 400 (Bad Request)
2961
* status code and then close the connection. If this is a response
2962
* message received by a proxy, the proxy MUST close the connection
2963
* to the server, discard the received response, and send a 502 (Bad
2964
* Gateway) response to the client. If this is a response message
2965
* received by a user agent, the user agent MUST close the
2966
* connection to the server and discard the received response.
2968
* 5. If a valid Content-Length header field is present without
2969
* Transfer-Encoding, its decimal value defines the expected message
2970
* body length in octets. If the sender closes the connection or
2971
* the recipient times out before the indicated number of octets are
2972
* received, the recipient MUST consider the message to be
2973
* incomplete and close the connection.
2975
* 6. If this is a request message and none of the above are true, then
2976
* the message body length is zero (no message body is present).
2978
* 7. Otherwise, this is a response message without a declared message
2979
* body length, so the message body length is determined by the
2980
* number of octets received prior to the server closing the
2928
2985
/* set TE_CHNK and XFER_LEN only if "chunked" is seen last */
2929
while ((msg->flags & HTTP_MSGF_VER_11) &&
2930
http_find_header2("Transfer-Encoding", 17, req->buf->p, &txn->hdr_idx, &ctx)) {
2986
while (http_find_header2("Transfer-Encoding", 17, req->buf->p, &txn->hdr_idx, &ctx)) {
2931
2987
if (ctx.vlen == 7 && strncasecmp(ctx.line + ctx.val, "chunked", 7) == 0)
2932
2988
msg->flags |= (HTTP_MSGF_TE_CHNK | HTTP_MSGF_XFER_LEN);
2933
2989
else if (msg->flags & HTTP_MSGF_TE_CHNK) {
2934
/* bad transfer-encoding (chunked followed by something else) */
2936
msg->flags &= ~(HTTP_MSGF_TE_CHNK | HTTP_MSGF_XFER_LEN);
2990
/* chunked not last, return badreq */
2991
goto return_bad_req;
2995
/* Chunked requests must have their content-length removed */
2942
while (!(msg->flags & HTTP_MSGF_TE_CHNK) && !use_close_only &&
2943
http_find_header2("Content-Length", 14, req->buf->p, &txn->hdr_idx, &ctx)) {
2997
if (msg->flags & HTTP_MSGF_TE_CHNK) {
2998
while (http_find_header2("Content-Length", 14, req->buf->p, &txn->hdr_idx, &ctx))
2999
http_remove_header2(msg, &txn->hdr_idx, &ctx);
3001
else while (http_find_header2("Content-Length", 14, req->buf->p, &txn->hdr_idx, &ctx)) {
2944
3002
signed long long cl;
2946
3004
if (!ctx.vlen) {
3182
/* Returns the number of characters written to destination,
3183
* -1 on internal error and -2 if no replacement took place.
3185
static int http_replace_header(struct my_regex *re, char *dst, uint dst_size, char *val, int len,
3186
const char *rep_str)
3188
if (!regex_exec_match2(re, val, len, MAX_MATCH, pmatch))
3191
return exp_replace(dst, dst_size, val, rep_str, pmatch);
3194
/* Returns the number of characters written to destination,
3195
* -1 on internal error and -2 if no replacement took place.
3197
static int http_replace_value(struct my_regex *re, char *dst, uint dst_size, char *val, int len, char delim,
3198
const char *rep_str)
3201
char* dst_end = dst + dst_size;
3207
/* look for delim. */
3209
while (p_delim < p + len && *p_delim != delim)
3212
if (regex_exec_match2(re, p, p_delim-p, MAX_MATCH, pmatch)) {
3213
int replace_n = exp_replace(dst_p, dst_end - dst_p, p, rep_str, pmatch);
3220
uint len = p_delim - p;
3222
if (dst_p + len >= dst_end)
3225
memcpy(dst_p, p, len);
3229
if (dst_p >= dst_end)
3232
/* end of the replacements. */
3233
if (p_delim >= p + len)
3244
3239
static int http_transform_header(struct session* s, struct http_msg *msg, const char* name, uint name_len,
3245
3240
char* buf, struct hdr_idx* idx, struct list *fmt, struct my_regex *re,
3246
3241
struct hdr_ctx* ctx, int action)
3243
int (*http_find_hdr_func)(const char *name, int len, char *sol,
3244
struct hdr_idx *idx, struct hdr_ctx *ctx);
3245
struct chunk *replace = get_trash_chunk();
3246
struct chunk *output = get_trash_chunk();
3248
replace->len = build_logline(s, replace->str, replace->size, fmt);
3249
if (replace->len >= replace->size - 1)
3250
while (http_find_full_header2(name, name_len, buf, idx, ctx)) {
3254
/* Choose the header browsing function. */
3256
case HTTP_REQ_ACT_REPLACE_VAL:
3257
case HTTP_RES_ACT_REPLACE_VAL:
3258
http_find_hdr_func = http_find_header2;
3260
case HTTP_REQ_ACT_REPLACE_HDR:
3261
case HTTP_RES_ACT_REPLACE_HDR:
3262
http_find_hdr_func = http_find_full_header2;
3264
default: /* impossible */
3268
while (http_find_hdr_func(name, name_len, buf, idx, ctx)) {
3251
3269
struct hdr_idx_elem *hdr = idx->v + ctx->idx;
3253
char* val = (char*)ctx->line + ctx->val;
3254
char* val_end = (char*)ctx->line + hdr->len;
3256
uint reg_dst_buf_size;
3259
trash.len = build_logline(s, trash.str, trash.size, fmt);
3261
if (trash.len >= trash.size - 1)
3264
reg_dst_buf = trash.str + trash.len + 1;
3265
reg_dst_buf_size = trash.size - trash.len - 1;
3268
case HTTP_REQ_ACT_REPLACE_VAL:
3269
case HTTP_RES_ACT_REPLACE_VAL:
3270
n_replaced = http_replace_value(re, reg_dst_buf, reg_dst_buf_size, val, val_end-val, ',', trash.str);
3272
case HTTP_REQ_ACT_REPLACE_HDR:
3273
case HTTP_RES_ACT_REPLACE_HDR:
3274
n_replaced = http_replace_header(re, reg_dst_buf, reg_dst_buf_size, val, val_end-val, trash.str);
3276
default: /* impossible */
3280
switch (n_replaced) {
3285
delta = buffer_replace2(msg->chn->buf, val, val_end, reg_dst_buf, n_replaced);
3271
char *val = ctx->line + ctx->val;
3272
char* val_end = val + ctx->vlen;
3274
if (!regex_exec_match2(re, val, val_end-val, MAX_MATCH, pmatch))
3277
output->len = exp_replace(output->str, output->size, val, replace->str, pmatch);
3278
if (output->len == -1)
3281
delta = buffer_replace2(msg->chn->buf, val, val_end, output->str, output->len);
3287
3283
hdr->len += delta;
3288
3284
http_msg_move_end(msg, delta);
3286
/* Adjust the length of the current value of the index. */
5976
5995
capture_headers(rep->buf->p, &txn->hdr_idx,
5977
5996
txn->rsp.cap, s->fe->rsp_cap);
5979
/* 4: determine the transfer-length.
5980
* According to RFC2616 #4.4, amended by the HTTPbis working group,
5981
* the presence of a message-body in a RESPONSE and its transfer length
5982
* must be determined that way :
5984
* All responses to the HEAD request method MUST NOT include a
5985
* message-body, even though the presence of entity-header fields
5986
* might lead one to believe they do. All 1xx (informational), 204
5987
* (No Content), and 304 (Not Modified) responses MUST NOT include a
5988
* message-body. All other responses do include a message-body,
5989
* although it MAY be of zero length.
5991
* 1. Any response which "MUST NOT" include a message-body (such as the
5992
* 1xx, 204 and 304 responses and any response to a HEAD request) is
5993
* always terminated by the first empty line after the header fields,
5994
* regardless of the entity-header fields present in the message.
5996
* 2. If a Transfer-Encoding header field (Section 9.7) is present and
5997
* the "chunked" transfer-coding (Section 6.2) is used, the
5998
* transfer-length is defined by the use of this transfer-coding.
5999
* If a Transfer-Encoding header field is present and the "chunked"
6000
* transfer-coding is not present, the transfer-length is defined by
6001
* the sender closing the connection.
6003
* 3. If a Content-Length header field is present, its decimal value in
6004
* OCTETs represents both the entity-length and the transfer-length.
6005
* If a message is received with both a Transfer-Encoding header
6006
* field and a Content-Length header field, the latter MUST be ignored.
6008
* 4. If the message uses the media type "multipart/byteranges", and
6009
* the transfer-length is not otherwise specified, then this self-
6010
* delimiting media type defines the transfer-length. This media
6011
* type MUST NOT be used unless the sender knows that the recipient
6012
* can parse it; the presence in a request of a Range header with
6013
* multiple byte-range specifiers from a 1.1 client implies that the
6014
* client can parse multipart/byteranges responses.
6016
* 5. By the server closing the connection.
5998
/* 4: determine the transfer-length according to RFC2616 #4.4, updated
5999
* by RFC7230#3.3.3 :
6001
* The length of a message body is determined by one of the following
6002
* (in order of precedence):
6004
* 1. Any response to a HEAD request and any response with a 1xx
6005
* (Informational), 204 (No Content), or 304 (Not Modified) status
6006
* code is always terminated by the first empty line after the
6007
* header fields, regardless of the header fields present in the
6008
* message, and thus cannot contain a message body.
6010
* 2. Any 2xx (Successful) response to a CONNECT request implies that
6011
* the connection will become a tunnel immediately after the empty
6012
* line that concludes the header fields. A client MUST ignore any
6013
* Content-Length or Transfer-Encoding header fields received in
6016
* 3. If a Transfer-Encoding header field is present and the chunked
6017
* transfer coding (Section 4.1) is the final encoding, the message
6018
* body length is determined by reading and decoding the chunked
6019
* data until the transfer coding indicates the data is complete.
6021
* If a Transfer-Encoding header field is present in a response and
6022
* the chunked transfer coding is not the final encoding, the
6023
* message body length is determined by reading the connection until
6024
* it is closed by the server. If a Transfer-Encoding header field
6025
* is present in a request and the chunked transfer coding is not
6026
* the final encoding, the message body length cannot be determined
6027
* reliably; the server MUST respond with the 400 (Bad Request)
6028
* status code and then close the connection.
6030
* If a message is received with both a Transfer-Encoding and a
6031
* Content-Length header field, the Transfer-Encoding overrides the
6032
* Content-Length. Such a message might indicate an attempt to
6033
* perform request smuggling (Section 9.5) or response splitting
6034
* (Section 9.4) and ought to be handled as an error. A sender MUST
6035
* remove the received Content-Length field prior to forwarding such
6036
* a message downstream.
6038
* 4. If a message is received without Transfer-Encoding and with
6039
* either multiple Content-Length header fields having differing
6040
* field-values or a single Content-Length header field having an
6041
* invalid value, then the message framing is invalid and the
6042
* recipient MUST treat it as an unrecoverable error. If this is a
6043
* request message, the server MUST respond with a 400 (Bad Request)
6044
* status code and then close the connection. If this is a response
6045
* message received by a proxy, the proxy MUST close the connection
6046
* to the server, discard the received response, and send a 502 (Bad
6047
* Gateway) response to the client. If this is a response message
6048
* received by a user agent, the user agent MUST close the
6049
* connection to the server and discard the received response.
6051
* 5. If a valid Content-Length header field is present without
6052
* Transfer-Encoding, its decimal value defines the expected message
6053
* body length in octets. If the sender closes the connection or
6054
* the recipient times out before the indicated number of octets are
6055
* received, the recipient MUST consider the message to be
6056
* incomplete and close the connection.
6058
* 6. If this is a request message and none of the above are true, then
6059
* the message body length is zero (no message body is present).
6061
* 7. Otherwise, this is a response message without a declared message
6062
* body length, so the message body length is determined by the
6063
* number of octets received prior to the server closing the
6019
6067
/* Skip parsing if no content length is possible. The response flags