OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_network_transaction.h" | 5 #include "net/http/http_network_transaction.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
(...skipping 304 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
315 | 315 |
316 scoped_refptr<HttpResponseHeaders> headers = GetResponseHeaders(); | 316 scoped_refptr<HttpResponseHeaders> headers = GetResponseHeaders(); |
317 if (headers_valid_ && headers.get() && stream_request_.get()) { | 317 if (headers_valid_ && headers.get() && stream_request_.get()) { |
318 // We're trying to read the body of the response but we're still trying | 318 // We're trying to read the body of the response but we're still trying |
319 // to establish an SSL tunnel through the proxy. We can't read these | 319 // to establish an SSL tunnel through the proxy. We can't read these |
320 // bytes when establishing a tunnel because they might be controlled by | 320 // bytes when establishing a tunnel because they might be controlled by |
321 // an active network attacker. We don't worry about this for HTTP | 321 // an active network attacker. We don't worry about this for HTTP |
322 // because an active network attacker can already control HTTP sessions. | 322 // because an active network attacker can already control HTTP sessions. |
323 // We reach this case when the user cancels a 407 proxy auth prompt. | 323 // We reach this case when the user cancels a 407 proxy auth prompt. |
324 // See http://crbug.com/8473. | 324 // See http://crbug.com/8473. |
325 DCHECK(proxy_info_.is_http()); | 325 DCHECK(proxy_info_.is_http() || proxy_info_.is_https()); |
326 DCHECK_EQ(headers->response_code(), 407); | 326 DCHECK_EQ(headers->response_code(), 407); |
327 LOG(WARNING) << "Blocked proxy response with status " | 327 LOG(WARNING) << "Blocked proxy response with status " |
328 << headers->response_code() << " to CONNECT request for " | 328 << headers->response_code() << " to CONNECT request for " |
329 << GetHostAndPort(request_->url) << "."; | 329 << GetHostAndPort(request_->url) << "."; |
330 return ERR_TUNNEL_CONNECTION_FAILED; | 330 return ERR_TUNNEL_CONNECTION_FAILED; |
331 } | 331 } |
332 | 332 |
333 // Are we using SPDY or HTTP? | 333 // Are we using SPDY or HTTP? |
334 next_state = STATE_READ_BODY; | 334 next_state = STATE_READ_BODY; |
335 DCHECK(stream_->GetResponseInfo()->headers); | 335 DCHECK(stream_->GetResponseInfo()->headers); |
(...skipping 340 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
676 if (have_proxy_auth) | 676 if (have_proxy_auth) |
677 auth_controllers_[HttpAuth::AUTH_PROXY]->AddAuthorizationHeader( | 677 auth_controllers_[HttpAuth::AUTH_PROXY]->AddAuthorizationHeader( |
678 &authorization_headers); | 678 &authorization_headers); |
679 if (have_server_auth) | 679 if (have_server_auth) |
680 auth_controllers_[HttpAuth::AUTH_SERVER]->AddAuthorizationHeader( | 680 auth_controllers_[HttpAuth::AUTH_SERVER]->AddAuthorizationHeader( |
681 &authorization_headers); | 681 &authorization_headers); |
682 std::string request_line; | 682 std::string request_line; |
683 HttpRequestHeaders request_headers; | 683 HttpRequestHeaders request_headers; |
684 | 684 |
685 BuildRequestHeaders(request_, authorization_headers, request_body, | 685 BuildRequestHeaders(request_, authorization_headers, request_body, |
686 !is_https_request() && proxy_info_.is_http(), | 686 !is_https_request() && (proxy_info_.is_http() || |
| 687 proxy_info_.is_https()), |
687 &request_line, &request_headers); | 688 &request_line, &request_headers); |
688 | 689 |
689 if (session_->network_delegate()) | 690 if (session_->network_delegate()) |
690 session_->network_delegate()->OnSendHttpRequest(&request_headers); | 691 session_->network_delegate()->OnSendHttpRequest(&request_headers); |
691 | 692 |
692 if (net_log_.HasListener()) { | 693 if (net_log_.HasListener()) { |
693 net_log_.AddEvent( | 694 net_log_.AddEvent( |
694 NetLog::TYPE_HTTP_TRANSACTION_SEND_REQUEST_HEADERS, | 695 NetLog::TYPE_HTTP_TRANSACTION_SEND_REQUEST_HEADERS, |
695 new NetLogHttpRequestParameter(request_line, request_headers)); | 696 new NetLogHttpRequestParameter(request_line, request_headers)); |
696 } | 697 } |
(...skipping 414 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1111 } | 1112 } |
1112 | 1113 |
1113 // We need to clear request_headers_ because it contains the real request | 1114 // We need to clear request_headers_ because it contains the real request |
1114 // headers, but we may need to resend the CONNECT request first to recreate | 1115 // headers, but we may need to resend the CONNECT request first to recreate |
1115 // the SSL tunnel. | 1116 // the SSL tunnel. |
1116 request_headers_.clear(); | 1117 request_headers_.clear(); |
1117 next_state_ = STATE_CREATE_STREAM; // Resend the request. | 1118 next_state_ = STATE_CREATE_STREAM; // Resend the request. |
1118 } | 1119 } |
1119 | 1120 |
1120 bool HttpNetworkTransaction::ShouldApplyProxyAuth() const { | 1121 bool HttpNetworkTransaction::ShouldApplyProxyAuth() const { |
1121 return !is_https_request() && proxy_info_.is_http(); | 1122 return !is_https_request() && |
| 1123 (proxy_info_.is_https() || proxy_info_.is_http()); |
1122 } | 1124 } |
1123 | 1125 |
1124 bool HttpNetworkTransaction::ShouldApplyServerAuth() const { | 1126 bool HttpNetworkTransaction::ShouldApplyServerAuth() const { |
1125 return !(request_->load_flags & LOAD_DO_NOT_SEND_AUTH_DATA); | 1127 return !(request_->load_flags & LOAD_DO_NOT_SEND_AUTH_DATA); |
1126 } | 1128 } |
1127 | 1129 |
1128 int HttpNetworkTransaction::HandleAuthChallenge() { | 1130 int HttpNetworkTransaction::HandleAuthChallenge() { |
1129 scoped_refptr<HttpResponseHeaders> headers = GetResponseHeaders(); | 1131 scoped_refptr<HttpResponseHeaders> headers = GetResponseHeaders(); |
1130 DCHECK(headers); | 1132 DCHECK(headers); |
1131 | 1133 |
(...skipping 20 matching lines...) Expand all Loading... |
1152 } | 1154 } |
1153 | 1155 |
1154 bool HttpNetworkTransaction::HaveAuth(HttpAuth::Target target) const { | 1156 bool HttpNetworkTransaction::HaveAuth(HttpAuth::Target target) const { |
1155 return auth_controllers_[target].get() && | 1157 return auth_controllers_[target].get() && |
1156 auth_controllers_[target]->HaveAuth(); | 1158 auth_controllers_[target]->HaveAuth(); |
1157 } | 1159 } |
1158 | 1160 |
1159 | 1161 |
1160 GURL HttpNetworkTransaction::AuthURL(HttpAuth::Target target) const { | 1162 GURL HttpNetworkTransaction::AuthURL(HttpAuth::Target target) const { |
1161 switch (target) { | 1163 switch (target) { |
1162 case HttpAuth::AUTH_PROXY: | 1164 case HttpAuth::AUTH_PROXY: { |
1163 if (!proxy_info_.proxy_server().is_valid() || | 1165 if (!proxy_info_.proxy_server().is_valid() || |
1164 proxy_info_.proxy_server().is_direct()) { | 1166 proxy_info_.proxy_server().is_direct()) { |
1165 return GURL(); // There is no proxy server. | 1167 return GURL(); // There is no proxy server. |
1166 } | 1168 } |
1167 return GURL("http://" + | 1169 const char* scheme = proxy_info_.is_https() ? "https://" : "http://"; |
| 1170 return GURL(scheme + |
1168 proxy_info_.proxy_server().host_port_pair().ToString()); | 1171 proxy_info_.proxy_server().host_port_pair().ToString()); |
| 1172 } |
1169 case HttpAuth::AUTH_SERVER: | 1173 case HttpAuth::AUTH_SERVER: |
1170 return request_->url; | 1174 return request_->url; |
1171 default: | 1175 default: |
1172 return GURL(); | 1176 return GURL(); |
1173 } | 1177 } |
1174 } | 1178 } |
1175 | 1179 |
1176 #define STATE_CASE(s) case s: \ | 1180 #define STATE_CASE(s) case s: \ |
1177 description = StringPrintf("%s (0x%08X)", #s, s); \ | 1181 description = StringPrintf("%s (0x%08X)", #s, s); \ |
1178 break | 1182 break |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1210 default: | 1214 default: |
1211 return priority; | 1215 return priority; |
1212 } | 1216 } |
1213 } | 1217 } |
1214 | 1218 |
1215 | 1219 |
1216 | 1220 |
1217 #undef STATE_CASE | 1221 #undef STATE_CASE |
1218 | 1222 |
1219 } // namespace net | 1223 } // namespace net |
OLD | NEW |