1 /* 2 * http_header - HTTP header manipulation interfaces 3 * 4 * Copyright(c) 2018 Glenn Strauss gstrauss()gluelogic.com All rights reserved 5 * License: BSD 3-clause (same as lighttpd) 6 */ 7 #include "first.h" 8 9 #include <string.h> 10 #include "sys-strings.h" 11 12 #include "http_header.h" 13 #include "base.h" 14 #include "array.h" 15 #include "buffer.h" 16 17 18 typedef struct keyvlenvalue { 19 const int key; 20 const uint32_t vlen; 21 const char value[24]; 22 } keyvlenvalue; 23 24 /* Note: must be sorted by length */ 25 /* Note: must be kept in sync with http_header.h enum http_header_e */ 26 /* Note: must be kept in sync http_headers[] and http_headers_off[] */ 27 /* http_headers_off lists first offset at which string of specific len occur */ 28 int8_t http_headers_off[] = { 29 -1, -1, -1, -1, 0, 4, 5, 9, 10, 11, 12, -1, 15, 16, 20, 22, 24, 26 30 }; 31 static const keyvlenvalue http_headers[] = { 32 { HTTP_HEADER_HOST, CONST_LEN_STR("Host") } 33 ,{ HTTP_HEADER_DATE, CONST_LEN_STR("Date") } 34 ,{ HTTP_HEADER_ETAG, CONST_LEN_STR("ETag") } 35 ,{ HTTP_HEADER_VARY, CONST_LEN_STR("Vary") } 36 ,{ HTTP_HEADER_RANGE, CONST_LEN_STR("Range") } 37 ,{ HTTP_HEADER_COOKIE, CONST_LEN_STR("Cookie") } 38 ,{ HTTP_HEADER_EXPECT, CONST_LEN_STR("Expect") } 39 ,{ HTTP_HEADER_STATUS, CONST_LEN_STR("Status") } 40 ,{ HTTP_HEADER_SERVER, CONST_LEN_STR("Server") } 41 ,{ HTTP_HEADER_UPGRADE, CONST_LEN_STR("Upgrade") } 42 ,{ HTTP_HEADER_LOCATION, CONST_LEN_STR("Location") } 43 ,{ HTTP_HEADER_FORWARDED, CONST_LEN_STR("Forwarded") } 44 ,{ HTTP_HEADER_CONNECTION, CONST_LEN_STR("Connection") } 45 ,{ HTTP_HEADER_SET_COOKIE, CONST_LEN_STR("Set-Cookie") } 46 ,{ HTTP_HEADER_USER_AGENT, CONST_LEN_STR("User-Agent") } 47 ,{ HTTP_HEADER_CONTENT_TYPE, CONST_LEN_STR("Content-Type") } 48 ,{ HTTP_HEADER_LAST_MODIFIED, CONST_LEN_STR("Last-Modified") } 49 ,{ HTTP_HEADER_AUTHORIZATION, CONST_LEN_STR("Authorization") } 50 ,{ HTTP_HEADER_IF_NONE_MATCH, CONST_LEN_STR("If-None-Match") } 51 ,{ HTTP_HEADER_CACHE_CONTROL, CONST_LEN_STR("Cache-Control") } 52 ,{ HTTP_HEADER_CONTENT_LENGTH, CONST_LEN_STR("Content-Length") } 53 ,{ HTTP_HEADER_HTTP2_SETTINGS, CONST_LEN_STR("HTTP2-Settings") } 54 ,{ HTTP_HEADER_ACCEPT_ENCODING, CONST_LEN_STR("Accept-Encoding") } 55 ,{ HTTP_HEADER_X_FORWARDED_FOR, CONST_LEN_STR("X-Forwarded-For") } 56 ,{ HTTP_HEADER_CONTENT_ENCODING, CONST_LEN_STR("Content-Encoding") } 57 ,{ HTTP_HEADER_CONTENT_LOCATION, CONST_LEN_STR("Content-Location") } 58 ,{ HTTP_HEADER_IF_MODIFIED_SINCE, CONST_LEN_STR("If-Modified-Since") } 59 ,{ HTTP_HEADER_TRANSFER_ENCODING, CONST_LEN_STR("Transfer-Encoding") } 60 ,{ HTTP_HEADER_X_FORWARDED_PROTO, CONST_LEN_STR("X-Forwarded-Proto") } 61 ,{ HTTP_HEADER_OTHER, 0, "" } 62 }; 63 64 enum http_header_e http_header_hkey_get(const char * const s, const uint32_t slen) { 65 const struct keyvlenvalue * const kv = http_headers; 66 int i = slen < sizeof(http_headers_off) ? http_headers_off[slen] : -1; 67 if (i < 0) return HTTP_HEADER_OTHER; 68 do { 69 if (buffer_eq_icase_ssn(s, kv[i].value, slen)) 70 return (enum http_header_e)kv[i].key; 71 } while (slen == kv[++i].vlen); 72 return HTTP_HEADER_OTHER; 73 } 74 75 76 int http_header_str_to_code (const char * const s) 77 { 78 /*(more strict than strtol(); exactly 3 digits followed by SP/TAB/NIL)*/ 79 return (light_isdigit(s[0]) && light_isdigit(s[1]) && light_isdigit(s[2]) 80 && (s[3] == '\0' || s[3] == ' ' || s[3] == '\t')) 81 ? (s[0]-'0')*100 + (s[1]-'0')*10 + (s[2]-'0') 82 : -1; 83 } 84 85 int http_header_str_contains_token (const char * const s, const uint32_t slen, const char * const m, const uint32_t mlen) 86 { 87 /*if (slen < mlen) return 0;*//*(possible optimizations for caller)*/ 88 /*if (slen == mlen && buffer_eq_icase_ssn(s, m, mlen)) return 1;*/ 89 /*(note: does not handle quoted-string)*/ 90 uint32_t i = 0; 91 do { 92 while (i < slen && (s[i]==' ' || s[i]=='\t' || s[i]==',')) ++i; 93 if (slen - i < mlen) return 0; 94 if (buffer_eq_icase_ssn(s+i, m, mlen)) { 95 i += mlen; 96 if (i == slen || s[i]==' ' || s[i]=='\t' || s[i]==',' || s[i]==';') 97 return 1; 98 } 99 while (i < slen && s[i]!=',') ++i; 100 } while (i < slen); 101 return 0; 102 } 103 104 105 int http_header_remove_token (buffer * const b, const char * const m, const uint32_t mlen) 106 { 107 /*(remove all instance of token from string)*/ 108 /*(note: does not handle quoted-string)*/ 109 int rc = 0; 110 for (char *s = b->ptr; s; ) { 111 while (*s == ' ' || *s == '\t' || *s == ',') ++s; 112 if (0 == strncasecmp(s, m, mlen)) { 113 s += mlen; 114 if (*s=='\0' || *s==' ' || *s=='\t' || *s==',' || *s==';') { 115 memset(s-mlen, ' ', mlen); 116 while (*s != '\0' && *s != ',') ++s; 117 rc = 1; 118 if (*s == ',') { 119 *s++ = ' '; 120 continue; 121 } 122 else { 123 for (s -= mlen; *s != ',' && s != b->ptr; --s) ; 124 buffer_string_set_length(b, (size_t)(s - b->ptr)); 125 break; 126 } 127 } 128 } 129 s = strchr(s, ','); 130 } 131 return rc; 132 } 133 134 135 static inline void http_header_token_append(buffer * const vb, const char * const v, const uint32_t vlen) { 136 if (!buffer_string_is_empty(vb)) 137 buffer_append_string_len(vb, CONST_STR_LEN(", ")); 138 buffer_append_string_len(vb, v, vlen); 139 } 140 141 __attribute_cold__ 142 static inline void http_header_token_append_cookie(buffer * const vb, const char * const v, const uint32_t vlen) { 143 /* Cookie request header must be special-cased to use ';' separator 144 * instead of ',' to combine multiple headers (if present) */ 145 if (!buffer_string_is_empty(vb)) 146 buffer_append_string_len(vb, CONST_STR_LEN("; ")); 147 buffer_append_string_len(vb, v, vlen); 148 } 149 150 __attribute_pure__ 151 static inline buffer * http_header_generic_get_ifnotempty(const array * const a, const char * const k, const uint32_t klen) { 152 data_string * const ds = 153 (data_string *)array_get_element_klen(a, k, klen); 154 return ds && !buffer_string_is_empty(&ds->value) ? &ds->value : NULL; 155 } 156 157 158 buffer * http_header_response_get(const request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 159 return (id <= HTTP_HEADER_OTHER || (r->resp_htags & id)) 160 ? http_header_generic_get_ifnotempty(&r->resp_headers, k, klen) 161 : NULL; 162 } 163 164 void http_header_response_unset(request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 165 if (id <= HTTP_HEADER_OTHER || (r->resp_htags & id)) { 166 if (id > HTTP_HEADER_OTHER) r->resp_htags &= ~id; 167 array_set_key_value(&r->resp_headers, k, klen, CONST_STR_LEN("")); 168 } 169 } 170 171 void http_header_response_set(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 172 /* set value, including setting blank value if 0 == vlen 173 * (note: if 0 == vlen, header is still inserted with blank value, 174 * which is used to indicate a "removed" header) 175 */ 176 if (id > HTTP_HEADER_OTHER) 177 (vlen) ? (r->resp_htags |= id) : (r->resp_htags &= ~id); 178 array_set_key_value(&r->resp_headers, k, klen, v, vlen); 179 } 180 181 void http_header_response_append(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 182 if (0 == vlen) return; 183 if (id > HTTP_HEADER_OTHER) r->resp_htags |= id; 184 buffer * const vb = array_get_buf_ptr(&r->resp_headers, k, klen); 185 http_header_token_append(vb, v, vlen); 186 } 187 188 void http_header_response_insert(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 189 if (0 == vlen) return; 190 if (id > HTTP_HEADER_OTHER) r->resp_htags |= id; 191 buffer * const vb = array_get_buf_ptr(&r->resp_headers, k, klen); 192 if (!buffer_string_is_empty(vb)) { /* append value */ 193 buffer_append_string_len(vb, CONST_STR_LEN("\r\n")); 194 if (r->http_version >= HTTP_VERSION_2) { 195 r->resp_header_repeated = 1; 196 char * const h = buffer_string_prepare_append(vb, klen + vlen + 2); 197 for (uint32_t i = 0; i < klen; ++i) 198 h[i] = !light_isupper(k[i]) ? k[i] : (k[i] | 0x20); 199 buffer_commit(vb, klen); 200 } 201 else 202 buffer_append_string_len(vb, k, klen); 203 buffer_append_string_len(vb, CONST_STR_LEN(": ")); 204 } 205 buffer_append_string_len(vb, v, vlen); 206 } 207 208 209 buffer * http_header_request_get(const request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 210 return (id <= HTTP_HEADER_OTHER || (r->rqst_htags & id)) 211 ? http_header_generic_get_ifnotempty(&r->rqst_headers, k, klen) 212 : NULL; 213 } 214 215 void http_header_request_unset(request_st * const r, enum http_header_e id, const char *k, uint32_t klen) { 216 if (id <= HTTP_HEADER_OTHER || (r->rqst_htags & id)) { 217 if (id > HTTP_HEADER_OTHER) r->rqst_htags &= ~id; 218 array_set_key_value(&r->rqst_headers, k, klen, CONST_STR_LEN("")); 219 } 220 } 221 222 void http_header_request_set(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 223 /* set value, including setting blank value if 0 == vlen 224 * (note: if 0 == vlen, header is still inserted with blank value, 225 * which is used to indicate a "removed" header) 226 */ 227 if (id > HTTP_HEADER_OTHER) 228 (vlen) ? (r->rqst_htags |= id) : (r->rqst_htags &= ~id); 229 array_set_key_value(&r->rqst_headers, k, klen, v, vlen); 230 } 231 232 void http_header_request_append(request_st * const r, enum http_header_e id, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 233 if (0 == vlen) return; 234 if (id > HTTP_HEADER_OTHER) r->rqst_htags |= id; 235 buffer * const vb = array_get_buf_ptr(&r->rqst_headers, k, klen); 236 if (id != HTTP_HEADER_COOKIE) 237 http_header_token_append(vb, v, vlen); 238 else 239 http_header_token_append_cookie(vb, v, vlen); 240 } 241 242 243 buffer * http_header_env_get(const request_st * const r, const char *k, uint32_t klen) { 244 return http_header_generic_get_ifnotempty(&r->env, k, klen); 245 } 246 247 void http_header_env_set(request_st * const r, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 248 array_set_key_value(&r->env, k, klen, v, vlen); 249 } 250 251 void http_header_env_append(request_st * const r, const char *k, uint32_t klen, const char *v, uint32_t vlen) { 252 /*if (0 == vlen) return;*//* skip check; permit env var w/ blank value */ 253 buffer * const vb = array_get_buf_ptr(&r->env, k, klen); 254 if (0 == vlen) return; 255 http_header_token_append(vb, v, vlen); 256 } 257 258 259 uint32_t 260 http_header_parse_hoff (const char *n, const uint32_t clen, unsigned short hoff[8192]) 261 { 262 uint32_t hlen = 0; 263 for (const char *b; (n = memchr((b = n),'\n',clen-hlen)); ++n) { 264 uint32_t x = (uint32_t)(n - b + 1); 265 hlen += x; 266 if (x <= 2 && (x == 1 || n[-1] == '\r')) { 267 hoff[hoff[0]+1] = hlen; 268 return hlen; 269 } 270 if (++hoff[0] >= /*sizeof(hoff)/sizeof(hoff[0])-1*/ 8192-1) break; 271 hoff[hoff[0]] = hlen; 272 } 273 return 0; 274 } 275