1
2 /*
3 * Copyright (C) Igor Sysoev
4 * Copyright (C) Nginx, Inc.
5 */
6
7
8 #include <ngx_config.h>
9 #include <ngx_core.h>
10 #include <ngx_http.h>
11 #include <nginx.h>
12
13
14 static ngx_int_t ngx_http_header_filter_init(ngx_conf_t *cf);
15 static ngx_int_t ngx_http_header_filter(ngx_http_request_t *r);
16
17
18 static ngx_http_module_t ngx_http_header_filter_module_ctx = {
19 NULL, /* preconfiguration */
20 ngx_http_header_filter_init, /* postconfiguration */
21
22 NULL, /* create main configuration */
23 NULL, /* init main configuration */
24
25 NULL, /* create server configuration */
26 NULL, /* merge server configuration */
27
28 NULL, /* create location configuration */
29 NULL, /* merge location configuration */
30 };
31
32
33 ngx_module_t ngx_http_header_filter_module = {
34 NGX_MODULE_V1,
35 &ngx_http_header_filter_module_ctx, /* module context */
36 NULL, /* module directives */
37 NGX_HTTP_MODULE, /* module type */
38 NULL, /* init master */
39 NULL, /* init module */
40 NULL, /* init process */
41 NULL, /* init thread */
42 NULL, /* exit thread */
43 NULL, /* exit process */
44 NULL, /* exit master */
45 NGX_MODULE_V1_PADDING
46 };
47
48
49 static u_char ngx_http_server_string[] = "Server: nginx" CRLF;
50 static u_char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;
51 static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;
52
53
54 static ngx_str_t ngx_http_status_lines[] = {
55
56 ngx_string("200 OK"),
57 ngx_string("201 Created"),
58 ngx_string("202 Accepted"),
59 ngx_null_string, /* "203 Non-Authoritative Information" */
60 ngx_string("204 No Content"),
61 ngx_null_string, /* "205 Reset Content" */
62 ngx_string("206 Partial Content"),
63
64 /* ngx_null_string, */ /* "207 Multi-Status" */
65
66 #define NGX_HTTP_LAST_2XX 207
67 #define NGX_HTTP_OFF_3XX (NGX_HTTP_LAST_2XX - 200)
68
69 /* ngx_null_string, */ /* "300 Multiple Choices" */
70
71 ngx_string("301 Moved Permanently"),
72 ngx_string("302 Moved Temporarily"),
73 ngx_string("303 See Other"),
74 ngx_string("304 Not Modified"),
75 ngx_null_string, /* "305 Use Proxy" */
76 ngx_null_string, /* "306 unused" */
77 ngx_string("307 Temporary Redirect"),
78 ngx_string("308 Permanent Redirect"),
79
80 #define NGX_HTTP_LAST_3XX 309
81 #define NGX_HTTP_OFF_4XX (NGX_HTTP_LAST_3XX - 301 + NGX_HTTP_OFF_3XX)
82
83 ngx_string("400 Bad Request"),
84 ngx_string("401 Unauthorized"),
85 ngx_string("402 Payment Required"),
86 ngx_string("403 Forbidden"),
87 ngx_string("404 Not Found"),
88 ngx_string("405 Not Allowed"),
89 ngx_string("406 Not Acceptable"),
90 ngx_null_string, /* "407 Proxy Authentication Required" */
91 ngx_string("408 Request Time-out"),
92 ngx_string("409 Conflict"),
93 ngx_string("410 Gone"),
94 ngx_string("411 Length Required"),
95 ngx_string("412 Precondition Failed"),
96 ngx_string("413 Request Entity Too Large"),
97 ngx_string("414 Request-URI Too Large"),
98 ngx_string("415 Unsupported Media Type"),
99 ngx_string("416 Requested Range Not Satisfiable"),
100 ngx_null_string, /* "417 Expectation Failed" */
101 ngx_null_string, /* "418 unused" */
102 ngx_null_string, /* "419 unused" */
103 ngx_null_string, /* "420 unused" */
104 ngx_string("421 Misdirected Request"),
105 ngx_null_string, /* "422 Unprocessable Entity" */
106 ngx_null_string, /* "423 Locked" */
107 ngx_null_string, /* "424 Failed Dependency" */
108 ngx_null_string, /* "425 unused" */
109 ngx_null_string, /* "426 Upgrade Required" */
110 ngx_null_string, /* "427 unused" */
111 ngx_null_string, /* "428 Precondition Required" */
112 ngx_string("429 Too Many Requests"),
113
114 #define NGX_HTTP_LAST_4XX 430
115 #define NGX_HTTP_OFF_5XX (NGX_HTTP_LAST_4XX - 400 + NGX_HTTP_OFF_4XX)
116
117 ngx_string("500 Internal Server Error"),
118 ngx_string("501 Not Implemented"),
119 ngx_string("502 Bad Gateway"),
120 ngx_string("503 Service Temporarily Unavailable"),
121 ngx_string("504 Gateway Time-out"),
122 ngx_string("505 HTTP Version Not Supported"),
123 ngx_null_string, /* "506 Variant Also Negotiates" */
124 ngx_string("507 Insufficient Storage"),
125
126 /* ngx_null_string, */ /* "508 unused" */
127 /* ngx_null_string, */ /* "509 unused" */
128 /* ngx_null_string, */ /* "510 Not Extended" */
129
130 #define NGX_HTTP_LAST_5XX 508
131
132 };
133
134
135 ngx_http_header_out_t ngx_http_headers_out[] = {
136 { ngx_string("Server"), offsetof(ngx_http_headers_out_t, server) },
137 { ngx_string("Date"), offsetof(ngx_http_headers_out_t, date) },
138 { ngx_string("Content-Length"),
139 offsetof(ngx_http_headers_out_t, content_length) },
140 { ngx_string("Content-Encoding"),
141 offsetof(ngx_http_headers_out_t, content_encoding) },
142 { ngx_string("Location"), offsetof(ngx_http_headers_out_t, location) },
143 { ngx_string("Last-Modified"),
144 offsetof(ngx_http_headers_out_t, last_modified) },
145 { ngx_string("Accept-Ranges"),
146 offsetof(ngx_http_headers_out_t, accept_ranges) },
147 { ngx_string("Expires"), offsetof(ngx_http_headers_out_t, expires) },
148 { ngx_string("Cache-Control"),
149 offsetof(ngx_http_headers_out_t, cache_control) },
150 { ngx_string("ETag"), offsetof(ngx_http_headers_out_t, etag) },
151
152 { ngx_null_string, 0 }
153 };
154
155
156 static ngx_int_t
ngx_http_header_filter(ngx_http_request_t * r)157 ngx_http_header_filter(ngx_http_request_t *r)
158 {
159 u_char *p;
160 size_t len;
161 ngx_str_t host, *status_line;
162 ngx_buf_t *b;
163 ngx_uint_t status, i, port;
164 ngx_chain_t out;
165 ngx_list_part_t *part;
166 ngx_table_elt_t *header;
167 ngx_connection_t *c;
168 ngx_http_core_loc_conf_t *clcf;
169 ngx_http_core_srv_conf_t *cscf;
170 u_char addr[NGX_SOCKADDR_STRLEN];
171
172 if (r->header_sent) {
173 return NGX_OK;
174 }
175
176 r->header_sent = 1;
177
178 if (r != r->main) {
179 return NGX_OK;
180 }
181
182 if (r->http_version < NGX_HTTP_VERSION_10) {
183 return NGX_OK;
184 }
185
186 if (r->method == NGX_HTTP_HEAD) {
187 r->header_only = 1;
188 }
189
190 if (r->headers_out.last_modified_time != -1) {
191 if (r->headers_out.status != NGX_HTTP_OK
192 && r->headers_out.status != NGX_HTTP_PARTIAL_CONTENT
193 && r->headers_out.status != NGX_HTTP_NOT_MODIFIED)
194 {
195 r->headers_out.last_modified_time = -1;
196 r->headers_out.last_modified = NULL;
197 }
198 }
199
200 len = sizeof("HTTP/1.x ") - 1 + sizeof(CRLF) - 1
201 /* the end of the header */
202 + sizeof(CRLF) - 1;
203
204 /* status line */
205
206 if (r->headers_out.status_line.len) {
207 len += r->headers_out.status_line.len;
208 status_line = &r->headers_out.status_line;
209 #if (NGX_SUPPRESS_WARN)
210 status = 0;
211 #endif
212
213 } else {
214
215 status = r->headers_out.status;
216
217 if (status >= NGX_HTTP_OK
218 && status < NGX_HTTP_LAST_2XX)
219 {
220 /* 2XX */
221
222 if (status == NGX_HTTP_NO_CONTENT) {
223 r->header_only = 1;
224 ngx_str_null(&r->headers_out.content_type);
225 r->headers_out.last_modified_time = -1;
226 r->headers_out.last_modified = NULL;
227 r->headers_out.content_length = NULL;
228 r->headers_out.content_length_n = -1;
229 }
230
231 status -= NGX_HTTP_OK;
232 status_line = &ngx_http_status_lines[status];
233 len += ngx_http_status_lines[status].len;
234
235 } else if (status >= NGX_HTTP_MOVED_PERMANENTLY
236 && status < NGX_HTTP_LAST_3XX)
237 {
238 /* 3XX */
239
240 if (status == NGX_HTTP_NOT_MODIFIED) {
241 r->header_only = 1;
242 }
243
244 status = status - NGX_HTTP_MOVED_PERMANENTLY + NGX_HTTP_OFF_3XX;
245 status_line = &ngx_http_status_lines[status];
246 len += ngx_http_status_lines[status].len;
247
248 } else if (status >= NGX_HTTP_BAD_REQUEST
249 && status < NGX_HTTP_LAST_4XX)
250 {
251 /* 4XX */
252 status = status - NGX_HTTP_BAD_REQUEST
253 + NGX_HTTP_OFF_4XX;
254
255 status_line = &ngx_http_status_lines[status];
256 len += ngx_http_status_lines[status].len;
257
258 } else if (status >= NGX_HTTP_INTERNAL_SERVER_ERROR
259 && status < NGX_HTTP_LAST_5XX)
260 {
261 /* 5XX */
262 status = status - NGX_HTTP_INTERNAL_SERVER_ERROR
263 + NGX_HTTP_OFF_5XX;
264
265 status_line = &ngx_http_status_lines[status];
266 len += ngx_http_status_lines[status].len;
267
268 } else {
269 len += NGX_INT_T_LEN + 1 /* SP */;
270 status_line = NULL;
271 }
272
273 if (status_line && status_line->len == 0) {
274 status = r->headers_out.status;
275 len += NGX_INT_T_LEN + 1 /* SP */;
276 status_line = NULL;
277 }
278 }
279
280 clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
281
282 if (r->headers_out.server == NULL) {
283 if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_ON) {
284 len += sizeof(ngx_http_server_full_string) - 1;
285
286 } else if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_BUILD) {
287 len += sizeof(ngx_http_server_build_string) - 1;
288
289 } else {
290 len += sizeof(ngx_http_server_string) - 1;
291 }
292 }
293
294 if (r->headers_out.date == NULL) {
295 len += sizeof("Date: Mon, 28 Sep 1970 06:00:00 GMT" CRLF) - 1;
296 }
297
298 if (r->headers_out.content_type.len) {
299 len += sizeof("Content-Type: ") - 1
300 + r->headers_out.content_type.len + 2;
301
302 if (r->headers_out.content_type_len == r->headers_out.content_type.len
303 && r->headers_out.charset.len)
304 {
305 len += sizeof("; charset=") - 1 + r->headers_out.charset.len;
306 }
307 }
308
309 if (r->headers_out.content_length == NULL
310 && r->headers_out.content_length_n >= 0)
311 {
312 len += sizeof("Content-Length: ") - 1 + NGX_OFF_T_LEN + 2;
313 }
314
315 if (r->headers_out.last_modified == NULL
316 && r->headers_out.last_modified_time != -1)
317 {
318 len += sizeof("Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT" CRLF) - 1;
319 }
320
321 c = r->connection;
322
323 if (r->headers_out.location
324 && r->headers_out.location->value.len
325 && r->headers_out.location->value.data[0] == '/'
326 && clcf->absolute_redirect)
327 {
328 r->headers_out.location->hash = 0;
329
330 if (clcf->server_name_in_redirect) {
331 cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
332 host = cscf->server_name;
333
334 } else if (r->headers_in.server.len) {
335 host = r->headers_in.server;
336
337 } else {
338 host.len = NGX_SOCKADDR_STRLEN;
339 host.data = addr;
340
341 if (ngx_connection_local_sockaddr(c, &host, 0) != NGX_OK) {
342 return NGX_ERROR;
343 }
344 }
345
346 port = ngx_inet_get_port(c->local_sockaddr);
347
348 len += sizeof("Location: https://") - 1
349 + host.len
350 + r->headers_out.location->value.len + 2;
351
352 if (clcf->port_in_redirect) {
353
354 #if (NGX_HTTP_SSL)
355 if (c->ssl)
356 port = (port == 443) ? 0 : port;
357 else
358 #endif
359 port = (port == 80) ? 0 : port;
360
361 } else {
362 port = 0;
363 }
364
365 if (port) {
366 len += sizeof(":65535") - 1;
367 }
368
369 } else {
370 ngx_str_null(&host);
371 port = 0;
372 }
373
374 if (r->chunked) {
375 len += sizeof("Transfer-Encoding: chunked" CRLF) - 1;
376 }
377
378 if (r->headers_out.status == NGX_HTTP_SWITCHING_PROTOCOLS) {
379 len += sizeof("Connection: upgrade" CRLF) - 1;
380
381 } else if (r->keepalive) {
382 len += sizeof("Connection: keep-alive" CRLF) - 1;
383
384 /*
385 * MSIE and Opera ignore the "Keep-Alive: timeout=<N>" header.
386 * MSIE keeps the connection alive for about 60-65 seconds.
387 * Opera keeps the connection alive very long.
388 * Mozilla keeps the connection alive for N plus about 1-10 seconds.
389 * Konqueror keeps the connection alive for about N seconds.
390 */
391
392 if (clcf->keepalive_header) {
393 len += sizeof("Keep-Alive: timeout=") - 1 + NGX_TIME_T_LEN + 2;
394 }
395
396 } else {
397 len += sizeof("Connection: close" CRLF) - 1;
398 }
399
400 #if (NGX_HTTP_GZIP)
401 if (r->gzip_vary) {
402 if (clcf->gzip_vary) {
403 len += sizeof("Vary: Accept-Encoding" CRLF) - 1;
404
405 } else {
406 r->gzip_vary = 0;
407 }
408 }
409 #endif
410
411 part = &r->headers_out.headers.part;
412 header = part->elts;
413
414 for (i = 0; /* void */; i++) {
415
416 if (i >= part->nelts) {
417 if (part->next == NULL) {
418 break;
419 }
420
421 part = part->next;
422 header = part->elts;
423 i = 0;
424 }
425
426 if (header[i].hash == 0) {
427 continue;
428 }
429
430 len += header[i].key.len + sizeof(": ") - 1 + header[i].value.len
431 + sizeof(CRLF) - 1;
432 }
433
434 b = ngx_create_temp_buf(r->pool, len);
435 if (b == NULL) {
436 return NGX_ERROR;
437 }
438
439 /* "HTTP/1.x " */
440 b->last = ngx_cpymem(b->last, "HTTP/1.1 ", sizeof("HTTP/1.x ") - 1);
441
442 /* status line */
443 if (status_line) {
444 b->last = ngx_copy(b->last, status_line->data, status_line->len);
445
446 } else {
447 b->last = ngx_sprintf(b->last, "%03ui ", status);
448 }
449 *b->last++ = CR; *b->last++ = LF;
450
451 if (r->headers_out.server == NULL) {
452 if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_ON) {
453 p = ngx_http_server_full_string;
454 len = sizeof(ngx_http_server_full_string) - 1;
455
456 } else if (clcf->server_tokens == NGX_HTTP_SERVER_TOKENS_BUILD) {
457 p = ngx_http_server_build_string;
458 len = sizeof(ngx_http_server_build_string) - 1;
459
460 } else {
461 p = ngx_http_server_string;
462 len = sizeof(ngx_http_server_string) - 1;
463 }
464
465 b->last = ngx_cpymem(b->last, p, len);
466 }
467
468 if (r->headers_out.date == NULL) {
469 b->last = ngx_cpymem(b->last, "Date: ", sizeof("Date: ") - 1);
470 b->last = ngx_cpymem(b->last, ngx_cached_http_time.data,
471 ngx_cached_http_time.len);
472
473 *b->last++ = CR; *b->last++ = LF;
474 }
475
476 if (r->headers_out.content_type.len) {
477 b->last = ngx_cpymem(b->last, "Content-Type: ",
478 sizeof("Content-Type: ") - 1);
479 p = b->last;
480 b->last = ngx_copy(b->last, r->headers_out.content_type.data,
481 r->headers_out.content_type.len);
482
483 if (r->headers_out.content_type_len == r->headers_out.content_type.len
484 && r->headers_out.charset.len)
485 {
486 b->last = ngx_cpymem(b->last, "; charset=",
487 sizeof("; charset=") - 1);
488 b->last = ngx_copy(b->last, r->headers_out.charset.data,
489 r->headers_out.charset.len);
490
491 /* update r->headers_out.content_type for possible logging */
492
493 r->headers_out.content_type.len = b->last - p;
494 r->headers_out.content_type.data = p;
495 }
496
497 *b->last++ = CR; *b->last++ = LF;
498 }
499
500 if (r->headers_out.content_length == NULL
501 && r->headers_out.content_length_n >= 0)
502 {
503 b->last = ngx_sprintf(b->last, "Content-Length: %O" CRLF,
504 r->headers_out.content_length_n);
505 }
506
507 if (r->headers_out.last_modified == NULL
508 && r->headers_out.last_modified_time != -1)
509 {
510 b->last = ngx_cpymem(b->last, "Last-Modified: ",
511 sizeof("Last-Modified: ") - 1);
512 b->last = ngx_http_time(b->last, r->headers_out.last_modified_time);
513
514 *b->last++ = CR; *b->last++ = LF;
515 }
516
517 if (host.data) {
518
519 p = b->last + sizeof("Location: ") - 1;
520
521 b->last = ngx_cpymem(b->last, "Location: http",
522 sizeof("Location: http") - 1);
523
524 #if (NGX_HTTP_SSL)
525 if (c->ssl) {
526 *b->last++ ='s';
527 }
528 #endif
529
530 *b->last++ = ':'; *b->last++ = '/'; *b->last++ = '/';
531 b->last = ngx_copy(b->last, host.data, host.len);
532
533 if (port) {
534 b->last = ngx_sprintf(b->last, ":%ui", port);
535 }
536
537 b->last = ngx_copy(b->last, r->headers_out.location->value.data,
538 r->headers_out.location->value.len);
539
540 /* update r->headers_out.location->value for possible logging */
541
542 r->headers_out.location->value.len = b->last - p;
543 r->headers_out.location->value.data = p;
544 ngx_str_set(&r->headers_out.location->key, "Location");
545
546 *b->last++ = CR; *b->last++ = LF;
547 }
548
549 if (r->chunked) {
550 b->last = ngx_cpymem(b->last, "Transfer-Encoding: chunked" CRLF,
551 sizeof("Transfer-Encoding: chunked" CRLF) - 1);
552 }
553
554 if (r->headers_out.status == NGX_HTTP_SWITCHING_PROTOCOLS) {
555 b->last = ngx_cpymem(b->last, "Connection: upgrade" CRLF,
556 sizeof("Connection: upgrade" CRLF) - 1);
557
558 } else if (r->keepalive) {
559 b->last = ngx_cpymem(b->last, "Connection: keep-alive" CRLF,
560 sizeof("Connection: keep-alive" CRLF) - 1);
561
562 if (clcf->keepalive_header) {
563 b->last = ngx_sprintf(b->last, "Keep-Alive: timeout=%T" CRLF,
564 clcf->keepalive_header);
565 }
566
567 } else {
568 b->last = ngx_cpymem(b->last, "Connection: close" CRLF,
569 sizeof("Connection: close" CRLF) - 1);
570 }
571
572 #if (NGX_HTTP_GZIP)
573 if (r->gzip_vary) {
574 b->last = ngx_cpymem(b->last, "Vary: Accept-Encoding" CRLF,
575 sizeof("Vary: Accept-Encoding" CRLF) - 1);
576 }
577 #endif
578
579 part = &r->headers_out.headers.part;
580 header = part->elts;
581
582 for (i = 0; /* void */; i++) {
583
584 if (i >= part->nelts) {
585 if (part->next == NULL) {
586 break;
587 }
588
589 part = part->next;
590 header = part->elts;
591 i = 0;
592 }
593
594 if (header[i].hash == 0) {
595 continue;
596 }
597
598 b->last = ngx_copy(b->last, header[i].key.data, header[i].key.len);
599 *b->last++ = ':'; *b->last++ = ' ';
600
601 b->last = ngx_copy(b->last, header[i].value.data, header[i].value.len);
602 *b->last++ = CR; *b->last++ = LF;
603 }
604
605 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
606 "%*s", (size_t) (b->last - b->pos), b->pos);
607
608 /* the end of HTTP header */
609 *b->last++ = CR; *b->last++ = LF;
610
611 r->header_size = b->last - b->pos;
612
613 if (r->header_only) {
614 b->last_buf = 1;
615 }
616
617 out.buf = b;
618 out.next = NULL;
619
620 return ngx_http_write_filter(r, &out);
621 }
622
623
624 static ngx_int_t
ngx_http_header_filter_init(ngx_conf_t * cf)625 ngx_http_header_filter_init(ngx_conf_t *cf)
626 {
627 ngx_http_top_header_filter = ngx_http_header_filter;
628
629 return NGX_OK;
630 }
631