OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/http_stream_parser.h" | 5 #include "net/http/http_stream_parser.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 #include "base/metrics/histogram_macros.h" | 12 #include "base/metrics/histogram_macros.h" |
13 #include "base/profiler/scoped_tracker.h" | 13 #include "base/profiler/scoped_tracker.h" |
14 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
15 #include "base/values.h" | 15 #include "base/values.h" |
16 #include "net/base/io_buffer.h" | 16 #include "net/base/io_buffer.h" |
17 #include "net/base/ip_endpoint.h" | 17 #include "net/base/ip_endpoint.h" |
18 #include "net/base/upload_data_stream.h" | 18 #include "net/base/upload_data_stream.h" |
19 #include "net/http/http_chunked_decoder.h" | 19 #include "net/http/http_chunked_decoder.h" |
20 #include "net/http/http_request_headers.h" | 20 #include "net/http/http_request_headers.h" |
21 #include "net/http/http_request_info.h" | 21 #include "net/http/http_request_info.h" |
22 #include "net/http/http_response_headers.h" | 22 #include "net/http/http_response_headers.h" |
23 #include "net/http/http_status_line_validator.h" | 23 #include "net/http/http_status_line_validator.h" |
24 #include "net/http/http_util.h" | 24 #include "net/http/http_util.h" |
25 #include "net/socket/client_socket_handle.h" | 25 #include "net/socket/client_socket_handle.h" |
26 #include "net/socket/ssl_client_socket.h" | 26 #include "net/socket/ssl_client_socket.h" |
27 #include "net/ssl/token_binding.h" | 27 #include "net/ssl/token_binding.h" |
| 28 #include "url/url_canon.h" |
28 | 29 |
29 namespace net { | 30 namespace net { |
30 | 31 |
31 namespace { | 32 namespace { |
32 | 33 |
33 enum HttpHeaderParserEvent { | 34 enum HttpHeaderParserEvent { |
34 HEADER_PARSER_INVOKED = 0, | 35 HEADER_PARSER_INVOKED = 0, |
35 // Obsolete: HEADER_HTTP_09_RESPONSE = 1, | 36 // Obsolete: HEADER_HTTP_09_RESPONSE = 1, |
36 HEADER_ALLOWED_TRUNCATED_HEADERS = 2, | 37 HEADER_ALLOWED_TRUNCATED_HEADERS = 2, |
37 HEADER_SKIPPED_WS_PREFIX = 3, | 38 HEADER_SKIPPED_WS_PREFIX = 3, |
(...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
200 const size_t HttpStreamParser::kChunkHeaderFooterSize = 12; | 201 const size_t HttpStreamParser::kChunkHeaderFooterSize = 12; |
201 | 202 |
202 HttpStreamParser::HttpStreamParser(ClientSocketHandle* connection, | 203 HttpStreamParser::HttpStreamParser(ClientSocketHandle* connection, |
203 const HttpRequestInfo* request, | 204 const HttpRequestInfo* request, |
204 GrowableIOBuffer* read_buffer, | 205 GrowableIOBuffer* read_buffer, |
205 const BoundNetLog& net_log) | 206 const BoundNetLog& net_log) |
206 : io_state_(STATE_NONE), | 207 : io_state_(STATE_NONE), |
207 request_(request), | 208 request_(request), |
208 request_headers_(nullptr), | 209 request_headers_(nullptr), |
209 request_headers_length_(0), | 210 request_headers_length_(0), |
| 211 http_09_on_non_default_ports_enabled_(false), |
210 read_buf_(read_buffer), | 212 read_buf_(read_buffer), |
211 read_buf_unused_offset_(0), | 213 read_buf_unused_offset_(0), |
212 response_header_start_offset_(-1), | 214 response_header_start_offset_(-1), |
213 received_bytes_(0), | 215 received_bytes_(0), |
214 sent_bytes_(0), | 216 sent_bytes_(0), |
215 response_(nullptr), | 217 response_(nullptr), |
216 response_body_length_(-1), | 218 response_body_length_(-1), |
217 response_is_keep_alive_(false), | 219 response_is_keep_alive_(false), |
218 response_body_read_(0), | 220 response_body_read_(0), |
219 user_read_buf_(nullptr), | 221 user_read_buf_(nullptr), |
(...skipping 770 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
990 } | 992 } |
991 | 993 |
992 if (response_header_start_offset_ >= 0) { | 994 if (response_header_start_offset_ >= 0) { |
993 received_bytes_ += end_offset; | 995 received_bytes_ += end_offset; |
994 std::string raw_headers = | 996 std::string raw_headers = |
995 HttpUtil::AssembleRawHeaders(read_buf_->StartOfBuffer(), end_offset); | 997 HttpUtil::AssembleRawHeaders(read_buf_->StartOfBuffer(), end_offset); |
996 ValidateStatusLine( | 998 ValidateStatusLine( |
997 std::string(read_buf_->StartOfBuffer(), raw_headers.find('\0'))); | 999 std::string(read_buf_->StartOfBuffer(), raw_headers.find('\0'))); |
998 headers = new HttpResponseHeaders(raw_headers); | 1000 headers = new HttpResponseHeaders(raw_headers); |
999 } else { | 1001 } else { |
1000 // Enough data was read -- there is no status line. | 1002 // Enough data was read -- there is no status line, so this is HTTP/0.9, or |
| 1003 // the server is broken / doesn't speak HTTP. |
| 1004 |
| 1005 // If the port is not the default for the scheme, assume it's not a real |
| 1006 // HTTP/0.9 response, and fail the request. |
| 1007 // TODO(crbug.com/624462): Further restrict the cases in which we allow |
| 1008 // HTTP/0.9. |
| 1009 std::string scheme(request_->url.scheme()); |
| 1010 if (!http_09_on_non_default_ports_enabled_ && |
| 1011 url::DefaultPortForScheme(scheme.c_str(), scheme.length()) != |
| 1012 request_->url.EffectiveIntPort()) { |
| 1013 return ERR_INVALID_HTTP_RESPONSE; |
| 1014 } |
| 1015 |
1001 headers = new HttpResponseHeaders(std::string("HTTP/0.9 200 OK")); | 1016 headers = new HttpResponseHeaders(std::string("HTTP/0.9 200 OK")); |
1002 | 1017 |
1003 if (request_->url.SchemeIsCryptographic()) { | 1018 if (request_->url.SchemeIsCryptographic()) { |
1004 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_SSL); | 1019 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_SSL); |
1005 } else { | 1020 } else { |
1006 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_HTTP); | 1021 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_HTTP); |
1007 } | 1022 } |
1008 if (connection_->is_reused()) | 1023 if (connection_->is_reused()) |
1009 RecordHeaderParserEvent(HEADER_HTTP_09_ON_REUSED_SOCKET); | 1024 RecordHeaderParserEvent(HEADER_HTTP_09_ON_REUSED_SOCKET); |
1010 } | 1025 } |
(...skipping 206 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1217 UMA_HISTOGRAM_ENUMERATION("Net.HttpStatusLineStatus", status, | 1232 UMA_HISTOGRAM_ENUMERATION("Net.HttpStatusLineStatus", status, |
1218 HttpStatusLineValidator::STATUS_LINE_MAX); | 1233 HttpStatusLineValidator::STATUS_LINE_MAX); |
1219 } | 1234 } |
1220 | 1235 |
1221 bool HttpStreamParser::SendRequestBuffersEmpty() { | 1236 bool HttpStreamParser::SendRequestBuffersEmpty() { |
1222 return request_headers_ == nullptr && request_body_send_buf_ == nullptr && | 1237 return request_headers_ == nullptr && request_body_send_buf_ == nullptr && |
1223 request_body_send_buf_ == nullptr; | 1238 request_body_send_buf_ == nullptr; |
1224 } | 1239 } |
1225 | 1240 |
1226 } // namespace net | 1241 } // namespace net |
OLD | NEW |