| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_stream_parser.h" | 5 #include "net/http/http_stream_parser.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/metrics/histogram_macros.h" | 12 #include "base/metrics/histogram_macros.h" |
| 13 #include "base/profiler/scoped_tracker.h" | 13 #include "base/profiler/scoped_tracker.h" |
| 14 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
| 15 #include "base/values.h" | 15 #include "base/values.h" |
| 16 #include "net/base/io_buffer.h" | 16 #include "net/base/io_buffer.h" |
| 17 #include "net/base/ip_endpoint.h" | 17 #include "net/base/ip_endpoint.h" |
| 18 #include "net/base/upload_data_stream.h" | 18 #include "net/base/upload_data_stream.h" |
| 19 #include "net/http/http_chunked_decoder.h" | 19 #include "net/http/http_chunked_decoder.h" |
| 20 #include "net/http/http_request_headers.h" | 20 #include "net/http/http_request_headers.h" |
| 21 #include "net/http/http_request_info.h" | 21 #include "net/http/http_request_info.h" |
| 22 #include "net/http/http_response_headers.h" | 22 #include "net/http/http_response_headers.h" |
| 23 #include "net/http/http_status_line_validator.h" | 23 #include "net/http/http_status_line_validator.h" |
| 24 #include "net/http/http_util.h" | 24 #include "net/http/http_util.h" |
| 25 #include "net/socket/client_socket_handle.h" | 25 #include "net/socket/client_socket_handle.h" |
| 26 #include "net/socket/ssl_client_socket.h" | 26 #include "net/socket/ssl_client_socket.h" |
| 27 #include "net/ssl/token_binding.h" | 27 #include "net/ssl/token_binding.h" |
| 28 #include "url/url_canon.h" |
| 28 | 29 |
| 29 namespace net { | 30 namespace net { |
| 30 | 31 |
| 31 namespace { | 32 namespace { |
| 32 | 33 |
| 33 enum HttpHeaderParserEvent { | 34 enum HttpHeaderParserEvent { |
| 34 HEADER_PARSER_INVOKED = 0, | 35 HEADER_PARSER_INVOKED = 0, |
| 35 // Obsolete: HEADER_HTTP_09_RESPONSE = 1, | 36 // Obsolete: HEADER_HTTP_09_RESPONSE = 1, |
| 36 HEADER_ALLOWED_TRUNCATED_HEADERS = 2, | 37 HEADER_ALLOWED_TRUNCATED_HEADERS = 2, |
| 37 HEADER_SKIPPED_WS_PREFIX = 3, | 38 HEADER_SKIPPED_WS_PREFIX = 3, |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 200 const size_t HttpStreamParser::kChunkHeaderFooterSize = 12; | 201 const size_t HttpStreamParser::kChunkHeaderFooterSize = 12; |
| 201 | 202 |
| 202 HttpStreamParser::HttpStreamParser(ClientSocketHandle* connection, | 203 HttpStreamParser::HttpStreamParser(ClientSocketHandle* connection, |
| 203 const HttpRequestInfo* request, | 204 const HttpRequestInfo* request, |
| 204 GrowableIOBuffer* read_buffer, | 205 GrowableIOBuffer* read_buffer, |
| 205 const BoundNetLog& net_log) | 206 const BoundNetLog& net_log) |
| 206 : io_state_(STATE_NONE), | 207 : io_state_(STATE_NONE), |
| 207 request_(request), | 208 request_(request), |
| 208 request_headers_(nullptr), | 209 request_headers_(nullptr), |
| 209 request_headers_length_(0), | 210 request_headers_length_(0), |
| 211 http_09_on_non_default_ports_enabled_(false), |
| 210 read_buf_(read_buffer), | 212 read_buf_(read_buffer), |
| 211 read_buf_unused_offset_(0), | 213 read_buf_unused_offset_(0), |
| 212 response_header_start_offset_(-1), | 214 response_header_start_offset_(-1), |
| 213 received_bytes_(0), | 215 received_bytes_(0), |
| 214 sent_bytes_(0), | 216 sent_bytes_(0), |
| 215 response_(nullptr), | 217 response_(nullptr), |
| 216 response_body_length_(-1), | 218 response_body_length_(-1), |
| 217 response_is_keep_alive_(false), | 219 response_is_keep_alive_(false), |
| 218 response_body_read_(0), | 220 response_body_read_(0), |
| 219 user_read_buf_(nullptr), | 221 user_read_buf_(nullptr), |
| (...skipping 770 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 990 } | 992 } |
| 991 | 993 |
| 992 if (response_header_start_offset_ >= 0) { | 994 if (response_header_start_offset_ >= 0) { |
| 993 received_bytes_ += end_offset; | 995 received_bytes_ += end_offset; |
| 994 std::string raw_headers = | 996 std::string raw_headers = |
| 995 HttpUtil::AssembleRawHeaders(read_buf_->StartOfBuffer(), end_offset); | 997 HttpUtil::AssembleRawHeaders(read_buf_->StartOfBuffer(), end_offset); |
| 996 ValidateStatusLine( | 998 ValidateStatusLine( |
| 997 std::string(read_buf_->StartOfBuffer(), raw_headers.find('\0'))); | 999 std::string(read_buf_->StartOfBuffer(), raw_headers.find('\0'))); |
| 998 headers = new HttpResponseHeaders(raw_headers); | 1000 headers = new HttpResponseHeaders(raw_headers); |
| 999 } else { | 1001 } else { |
| 1000 // Enough data was read -- there is no status line. | 1002 // Enough data was read -- there is no status line, so this is HTTP/0.9, or |
| 1003 // the server is broken / doesn't speak HTTP. |
| 1004 |
| 1005 // If the port is not the default for the scheme, assume it's not a real |
| 1006 // HTTP/0.9 response, and fail the request. |
| 1007 // TODO(crbug.com/624462): Further restrict the cases in which we allow |
| 1008 // HTTP/0.9. |
| 1009 std::string scheme(request_->url.scheme()); |
| 1010 if (!http_09_on_non_default_ports_enabled_ && |
| 1011 url::DefaultPortForScheme(scheme.c_str(), scheme.length()) != |
| 1012 request_->url.EffectiveIntPort()) { |
| 1013 return ERR_INVALID_HTTP_RESPONSE; |
| 1014 } |
| 1015 |
| 1001 headers = new HttpResponseHeaders(std::string("HTTP/0.9 200 OK")); | 1016 headers = new HttpResponseHeaders(std::string("HTTP/0.9 200 OK")); |
| 1002 | 1017 |
| 1003 if (request_->url.SchemeIsCryptographic()) { | 1018 if (request_->url.SchemeIsCryptographic()) { |
| 1004 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_SSL); | 1019 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_SSL); |
| 1005 } else { | 1020 } else { |
| 1006 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_HTTP); | 1021 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE_OVER_HTTP); |
| 1007 } | 1022 } |
| 1008 if (connection_->is_reused()) | 1023 if (connection_->is_reused()) |
| 1009 RecordHeaderParserEvent(HEADER_HTTP_09_ON_REUSED_SOCKET); | 1024 RecordHeaderParserEvent(HEADER_HTTP_09_ON_REUSED_SOCKET); |
| 1010 } | 1025 } |
| (...skipping 206 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1217 UMA_HISTOGRAM_ENUMERATION("Net.HttpStatusLineStatus", status, | 1232 UMA_HISTOGRAM_ENUMERATION("Net.HttpStatusLineStatus", status, |
| 1218 HttpStatusLineValidator::STATUS_LINE_MAX); | 1233 HttpStatusLineValidator::STATUS_LINE_MAX); |
| 1219 } | 1234 } |
| 1220 | 1235 |
| 1221 bool HttpStreamParser::SendRequestBuffersEmpty() { | 1236 bool HttpStreamParser::SendRequestBuffersEmpty() { |
| 1222 return request_headers_ == nullptr && request_body_send_buf_ == nullptr && | 1237 return request_headers_ == nullptr && request_body_send_buf_ == nullptr && |
| 1223 request_body_send_buf_ == nullptr; | 1238 request_body_send_buf_ == nullptr; |
| 1224 } | 1239 } |
| 1225 | 1240 |
| 1226 } // namespace net | 1241 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2299703003:
Re-land: Only allow HTTP/0.9 support on default ports. (Closed)
