1 /* 2 * http_header - HTTP header manipulation interfaces 3 * 4 * Copyright(c) 2018 Glenn Strauss gstrauss()gluelogic.com All rights reserved 5 * License: BSD 3-clause (same as lighttpd) 6 */ 7 #include "first.h" 8 9 #include <string.h> 10 #include "sys-strings.h" 11 12 #include "http_header.h" 13 #include "base.h" 14 #include "array.h" 15 #include "buffer.h" 16 17 18 typedef struct keyvlenvalue { 19 const int key; 20 const uint32_t vlen; 21 const char value[24]; 22 } keyvlenvalue; 23 24 /* Note: must be sorted by length */ 25 /* Note: must be kept in sync with http_header.h enum http_header_e */ 26 /* Note: must be kept in sync http_headers[] and http_headers_off[] */ 27 /* http_headers_off lists first offset at which string of specific len occur */ 28 int8_t http_headers_off[] = { 29 -1, -1, -1, -1, 0, 4, 5, 9, 10, 11, 12, -1, 15, 16, 20, 22, 24, 26 30 }; 31 static const keyvlenvalue http_headers[] = { 32 { HTTP_HEADER_HOST, CONST_LEN_STR("host") } 33 ,{ HTTP_HEADER_DATE, CONST_LEN_STR("date") } 34 ,{ HTTP_HEADER_ETAG, CONST_LEN_STR("etag") } 35 ,{ HTTP_HEADER_VARY, CONST_LEN_STR("vary") } 36 ,{ HTTP_HEADER_RANGE, CONST_LEN_STR("range") } 37 ,{ HTTP_HEADER_COOKIE, CONST_LEN_STR("cookie") } 38 ,{ HTTP_HEADER_EXPECT, CONST_LEN_STR("expect") } 39 ,{ HTTP_HEADER_STATUS, CONST_LEN_STR("status") } 40 ,{ HTTP_HEADER_SERVER, CONST_LEN_STR("server") } 41 ,{ HTTP_HEADER_UPGRADE, CONST_LEN_STR("upgrade") } 42 ,{ HTTP_HEADER_LOCATION, CONST_LEN_STR("location") } 43 ,{ HTTP_HEADER_FORWARDED, CONST_LEN_STR("forwarded") } 44 ,{ HTTP_HEADER_CONNECTION, CONST_LEN_STR("connection") } 45 ,{ HTTP_HEADER_SET_COOKIE, CONST_LEN_STR("set-cookie") } 46 ,{ HTTP_HEADER_USER_AGENT, CONST_LEN_STR("user-agent") } 47 ,{ HTTP_HEADER_CONTENT_TYPE, CONST_LEN_STR("content-type") } 48 ,{ HTTP_HEADER_LAST_MODIFIED, CONST_LEN_STR("last-modified") } 49 ,{ HTTP_HEADER_AUTHORIZATION, CONST_LEN_STR("authorization") } 50 ,{ HTTP_HEADER_IF_NONE_MATCH, CONST_LEN_STR("if-none-match") } 51 ,{ HTTP_HEADER_CACHE_CONTROL, CONST_LEN_STR("cache-control") } 52 ,{ HTTP_HEADER_CONTENT_LENGTH, CONST_LEN_STR("content-length") } 53 ,{ HTTP_HEADER_HTTP2_SETTINGS, CONST_LEN_STR("http2-settings") } 54 ,{ HTTP_HEADER_ACCEPT_ENCODING, CONST_LEN_STR("accept-encoding") } 55 ,{ HTTP_HEADER_X_FORWARDED_FOR, CONST_LEN_STR("x-forwarded-for") } 56 ,{ HTTP_HEADER_CONTENT_ENCODING, CONST_LEN_STR("content-encoding") } 57 ,{ HTTP_HEADER_CONTENT_LOCATION, CONST_LEN_STR("content-location") } 58 ,{ HTTP_HEADER_IF_MODIFIED_SINCE, CONST_LEN_STR("if-modified-since") } 59 ,{ HTTP_HEADER_TRANSFER_ENCODING, CONST_LEN_STR("transfer-encoding") } 60 ,{ HTTP_HEADER_X_FORWARDED_PROTO, CONST_LEN_STR("x-forwarded-proto") } 61 ,{ HTTP_HEADER_OTHER, 0, "" } 62 }; 63 64 enum http_header_e http_header_hkey_get(const char * const s, const uint32_t slen) { 65 const struct keyvlenvalue * const kv = http_headers; 66 int i = slen < sizeof(http_headers_off) ? http_headers_off[slen] : -1; 67 if (i < 0) return HTTP_HEADER_OTHER; 68 do { 69 if (buffer_eq_icase_ssn(s, kv[i].value, slen)) 70 return (enum http_header_e)kv[i].key; 71 } while (slen == kv[++i].vlen); 72 return HTTP_HEADER_OTHER; 73 } 74 75 enum http_header_e http_header_hkey_get_lc(const char * const s, const uint32_t slen) { 76 const struct keyvlenvalue * const kv = http_headers; 77 int i = slen < sizeof(http_headers_off) ? http_headers_off[slen] : -1; 78 if (i < 0) return HTTP_HEADER_OTHER; 79 do { 80 if (0 == memcmp(s, kv[i].value, slen)) 81 return (enum http_header_e)kv[i].key; 82 } while (slen == kv[++i].vlen); 83 return HTTP_HEADER_OTHER; 84 } 85 86 87 int http_header_str_to_code (const char * const s) 88 { 89 /*(more strict than strtol(); exactly 3 digits followed by SP/TAB/NIL)*/ 90 return (light_isdigit(s[0]) && light_isdigit(s[1]) && light_isdigit(s[2]) 91 && (s[3] == '\0' || s[3] == ' ' || s[3] == '\t')) 92 ? (s[0]-'0')*100 + (s[1]-'0')*10 + (s[2]-'0') 93 : -1; 94 } 95 96 int http_header_str_contains_token (const char * const s, const uint32_t slen, const char * const m, const uint32_t mlen) 97 { 98 /*if (slen < mlen) return 0;*//*(possible optimizations for caller)*/ 99 /*if (slen == mlen && buffer_eq_icase_ssn(s, m, mlen)) return 1;*/ 100 /*(note: does not handle quoted-string)*/ 101 uint32_t i = 0; 102 do { 103 while (i < slen && (s[i]==' ' || s[i]=='\t' || s[i]==',')) ++i; 104 if (slen - i < mlen) return 0; 105 if (buffer_eq_icase_ssn(s+i, m, mlen)) { 106 i += mlen; 107 if (i == slen || s[i]==' ' || s[i]=='\t' || s[i]==',' || s[i]==';') 108 return 1; 109 } 110 while (i < slen && s[i]!=',') ++i; 111 } while (i < slen); 112 return 0; 113 } 114 115 116 int http_header_remove_token (buffer * const b, const char * const m, const uint32_t mlen) 117 { 118 /*(remove all instance of token from string)*/ 119 /*(note: does not handle quoted-string)*/ 120 int rc = 0; 121 for (char *s = b->ptr; s; ) { 122 while (*s == ' ' || *s == '\t' || *s == ',') ++s; 123 if (0 == strncasecmp(s, m, mlen)) { 124 s += mlen; 125 if (*s=='\0' || *s==' ' || *s=='\t' || *s==',' || *s==';') { 126 memset(s-mlen, ' ', mlen); 127 while (*s != '\0' && *s != ',') ++s; 128 rc = 1; 129 if (*s == ',') { 130 *s++ = ' '; 131 continue; 132 } 133 else { 134 for (s -= mlen; *s != ',' && s != b->ptr; --s) ; 135 buffer_string_set_length(b, (size_t)(s - b->ptr)); 136 break; 137 } 138 } 139 } 140 s = strchr(s, ','); 141 } 142 return rc; 143 } 144 145 146 static inline void http_header_token_append(buffer * const vb, const char * const v, const uint32_t vlen) { 147 if (!buffer_string_is_empty(vb)) 148 buffer_append_string_len(vb, CONST_STR_LEN(", ")); 149 buffer_append_string_len(vb, v, vlen); 150 } 151 152 __attribute_cold__ 153 static inline void http_header_token_append_cookie(buffer * const vb, const char * const v, const uint32_t vlen) { 154 /* Cookie request header must be special-cased to use ';' separator 155 * instead of ',' to combine multiple headers (if present) */ 156 if (!buffer_string_is_empty(vb)) 157 buffer_append_string_len(vb, CONST_STR_LEN("; ")); 158 buffer_append_string_len(vb, v, vlen); 159 } 160 161 __attribute_pure__ 162 static inline buffer * http_header_generic_get_ifnotempty(const array * const a, const char * const k, const uint32_t klen) { 163 data_string * const ds = 164 (data_string *)array_get_element_klen(a, k, klen); 165 return ds && !buffer_string_is_empty(&ds->value) ? &ds->value : NULL; 166 } 167 168 169 buffer * http_header_response_get(const request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 170 return (id <= HTTP_HEADER_OTHER || light_btst(r->resp_htags, id)) 171 ? http_header_generic_get_ifnotempty(&r->resp_headers, k, klen) 172 : NULL; 173 } 174 175 void http_header_response_unset(request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 176 if (id <= HTTP_HEADER_OTHER || light_btst(r->resp_htags, id)) { 177 if (id > HTTP_HEADER_OTHER) light_bclr(r->resp_htags, id); 178 array_set_key_value(&r->resp_headers, k, klen, CONST_STR_LEN("")); 179 } 180 } 181 182 void http_header_response_set(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 183 /* set value, including setting blank value if 0 == vlen 184 * (note: if 0 == vlen, header is still inserted with blank value, 185 * which is used to indicate a "removed" header) 186 */ 187 if (id > HTTP_HEADER_OTHER) 188 (vlen) ? light_bset(r->resp_htags, id) : light_bclr(r->resp_htags, id); 189 array_set_key_value(&r->resp_headers, k, klen, v, vlen); 190 } 191 192 void http_header_response_append(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 193 if (0 == vlen) return; 194 if (id > HTTP_HEADER_OTHER) light_bset(r->resp_htags, id); 195 buffer * const vb = array_get_buf_ptr(&r->resp_headers, k, klen); 196 http_header_token_append(vb, v, vlen); 197 } 198 199 void http_header_response_insert(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 200 if (0 == vlen) return; 201 if (id > HTTP_HEADER_OTHER) light_bset(r->resp_htags, id); 202 buffer * const vb = array_get_buf_ptr(&r->resp_headers, k, klen); 203 if (!buffer_string_is_empty(vb)) { /* append value */ 204 buffer_append_string_len(vb, CONST_STR_LEN("\r\n")); 205 if (r->http_version >= HTTP_VERSION_2) { 206 r->resp_header_repeated = 1; 207 char * const h = buffer_string_prepare_append(vb, klen + vlen + 2); 208 for (uint32_t i = 0; i < klen; ++i) 209 h[i] = !light_isupper(k[i]) ? k[i] : (k[i] | 0x20); 210 buffer_commit(vb, klen); 211 } 212 else 213 buffer_append_string_len(vb, k, klen); 214 buffer_append_string_len(vb, CONST_STR_LEN(": ")); 215 } 216 buffer_append_string_len(vb, v, vlen); 217 } 218 219 220 buffer * http_header_request_get(const request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 221 return (id <= HTTP_HEADER_OTHER || light_btst(r->rqst_htags, id)) 222 ? http_header_generic_get_ifnotempty(&r->rqst_headers, k, klen) 223 : NULL; 224 } 225 226 void http_header_request_unset(request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 227 if (id <= HTTP_HEADER_OTHER || light_btst(r->rqst_htags, id)) { 228 if (id > HTTP_HEADER_OTHER) light_bclr(r->rqst_htags, id); 229 array_set_key_value(&r->rqst_headers, k, klen, CONST_STR_LEN("")); 230 } 231 } 232 233 void http_header_request_set(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 234 /* set value, including setting blank value if 0 == vlen 235 * (note: if 0 == vlen, header is still inserted with blank value, 236 * which is used to indicate a "removed" header) 237 */ 238 if (id > HTTP_HEADER_OTHER) 239 (vlen) ? light_bset(r->rqst_htags, id) : light_bclr(r->rqst_htags, id); 240 array_set_key_value(&r->rqst_headers, k, klen, v, vlen); 241 } 242 243 void http_header_request_append(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 244 if (0 == vlen) return; 245 if (id > HTTP_HEADER_OTHER) light_bset(r->rqst_htags, id); 246 buffer * const vb = array_get_buf_ptr(&r->rqst_headers, k, klen); 247 if (id != HTTP_HEADER_COOKIE) 248 http_header_token_append(vb, v, vlen); 249 else 250 http_header_token_append_cookie(vb, v, vlen); 251 } 252 253 254 buffer * http_header_env_get(const request_st * const r, const char *k, uint32_t klen) { 255 return http_header_generic_get_ifnotempty(&r->env, k, klen); 256 } 257 258 void http_header_env_set(request_st * const r, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 259 array_set_key_value(&r->env, k, klen, v, vlen); 260 } 261 262 void http_header_env_append(request_st * const r, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 263 /*if (0 == vlen) return;*//* skip check; permit env var w/ blank value */ 264 buffer * const vb = array_get_buf_ptr(&r->env, k, klen); 265 if (0 == vlen) return; 266 http_header_token_append(vb, v, vlen); 267 } 268 269 270 uint32_t 271 http_header_parse_hoff (const char *n, const uint32_t clen, unsigned short hoff[8192]) 272 { 273 uint32_t hlen = 0; 274 for (const char *b; (n = memchr((b = n),'\n',clen-hlen)); ++n) { 275 uint32_t x = (uint32_t)(n - b + 1); 276 hlen += x; 277 if (x <= 2 && (x == 1 || n[-1] == '\r')) { 278 hoff[hoff[0]+1] = hlen; 279 return hlen; 280 } 281 if (++hoff[0] >= /*sizeof(hoff)/sizeof(hoff[0])-1*/ 8192-1) break; 282 hoff[hoff[0]] = hlen; 283 } 284 return 0; 285 } 286