net/http/http_network_transaction.cc - Issue 21158: Fix a logic error in the handling the response to an HTTP...

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/http/http_network_transaction.cc

Issue 21158: Fix a logic error in the handling the response to an HTTP... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: '' Created 11 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/http/http_network_transaction.cc

===================================================================

--- net/http/http_network_transaction.cc (revision 9548)

+++ net/http/http_network_transaction.cc (working copy)

@@ -827,6 +827,27 @@

return ERR_METHOD_NOT_SUPPORTED;

}

+ if (establishing_tunnel_) {

+ if (headers->response_code() == 200) {

+ if (header_buf_body_offset_ != header_buf_len_) {

+ // The proxy sent extraneous data after the headers.

+ return ERR_TUNNEL_CONNECTION_FAILED;

+ }

+ next_state_ = STATE_SSL_CONNECT_OVER_TUNNEL;

+ // Reset for the real request and response headers.

+ request_headers_.clear();

+ request_headers_bytes_sent_ = 0;

+ header_buf_len_ = 0;

+ header_buf_body_offset_ = 0;

+ establishing_tunnel_ = false;

+ return OK;

+ }

+ // Sanitize any illegal response code for CONNECT to prevent us from

+ // handling it by mistake. See http://crbug.com/7338.

+ if (headers->response_code() < 400 || headers->response_code() > 599)

+ headers->set_response_code(500); // Masquerade as a 500.

+ }

// Check for an intermediate 100 Continue response. An origin server is

// allowed to send this response even if we didn't ask for it, so we just

// need to skip over it.

@@ -843,21 +864,6 @@

return OK;

}

- if (establishing_tunnel_ && headers->response_code() == 200) {

- if (header_buf_body_offset_ != header_buf_len_) {

- // The proxy sent extraneous data after the headers.

- return ERR_TUNNEL_CONNECTION_FAILED;

- }

- next_state_ = STATE_SSL_CONNECT_OVER_TUNNEL;

- // Reset for the real request and response headers.

- request_headers_.clear();

- request_headers_bytes_sent_ = 0;

- header_buf_len_ = 0;

- header_buf_body_offset_ = 0;

- establishing_tunnel_ = false;

- return OK;

- }

response_.headers = headers;

response_.vary_data.Init(*request_, *response_.headers);

@@ -1216,6 +1222,9 @@

if (target == HttpAuth::AUTH_PROXY && proxy_info_.is_direct())

return ERR_UNEXPECTED_PROXY_AUTH;

+ if (target == HttpAuth::AUTH_SERVER && establishing_tunnel_)

+ return ERR_UNEXPECTED_SERVER_AUTH;

// The auth we tried just failed, hence it can't be valid. Remove it from

// the cache so it won't be used again.

if (HaveAuth(target))

« no previous file with comments | « net/base/net_error_list.h ('k') | net/http/http_network_transaction_unittest.cc » ('j') | no next file with comments »