Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(324)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/proxy_client_socket.cc

Issue 982733002: SanitizeProxyAuth: Whitelist all hop-by-hop headers (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Expect specified content-length in BasicAuthProxyKeepAlive test Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/http_network_transaction_unittest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/proxy_client_socket.h" 5 #include "net/http/proxy_client_socket.h"
6 6
7 #include "base/metrics/histogram.h" 7 #include "base/metrics/histogram.h"
8 #include "base/strings/stringprintf.h" 8 #include "base/strings/stringprintf.h"
9 #include "net/base/host_port_pair.h" 9 #include "net/base/host_port_pair.h"
10 #include "net/base/net_errors.h" 10 #include "net/base/net_errors.h"
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after
88 // static 88 // static
89 bool ProxyClientSocket::SanitizeProxyAuth(HttpResponseInfo* response) { 89 bool ProxyClientSocket::SanitizeProxyAuth(HttpResponseInfo* response) {
90 DCHECK(response && response->headers.get()); 90 DCHECK(response && response->headers.get());
91 91
92 scoped_refptr<HttpResponseHeaders> old_headers = response->headers; 92 scoped_refptr<HttpResponseHeaders> old_headers = response->headers;
93 93
94 const char kHeaders[] = "HTTP/1.1 407 Proxy Authentication Required\n\n"; 94 const char kHeaders[] = "HTTP/1.1 407 Proxy Authentication Required\n\n";
95 scoped_refptr<HttpResponseHeaders> new_headers = new HttpResponseHeaders( 95 scoped_refptr<HttpResponseHeaders> new_headers = new HttpResponseHeaders(
96 HttpUtil::AssembleRawHeaders(kHeaders, arraysize(kHeaders))); 96 HttpUtil::AssembleRawHeaders(kHeaders, arraysize(kHeaders)));
97 97
98 // Copy status line and all hop-by-hop headers to preserve keep-alive
99 // behavior.
98 new_headers->ReplaceStatusLine(old_headers->GetStatusLine()); 100 new_headers->ReplaceStatusLine(old_headers->GetStatusLine());
99 CopyHeaderValues(old_headers, new_headers, "Connection"); 101 CopyHeaderValues(old_headers, new_headers, "connection");
100 CopyHeaderValues(old_headers, new_headers, "Proxy-Authenticate"); 102 CopyHeaderValues(old_headers, new_headers, "proxy-connection");
103 CopyHeaderValues(old_headers, new_headers, "keep-alive");
104 CopyHeaderValues(old_headers, new_headers, "trailer");
105 CopyHeaderValues(old_headers, new_headers, "transfer-encoding");
106 CopyHeaderValues(old_headers, new_headers, "upgrade");
107
108 CopyHeaderValues(old_headers, new_headers, "content-length");
cbentzel 2015/03/05 02:08:48 As we chatted, main thing I want to make sure is t
109
110 CopyHeaderValues(old_headers, new_headers, "proxy-authenticate");
101 111
102 response->headers = new_headers; 112 response->headers = new_headers;
103 return true; 113 return true;
104 } 114 }
105 115
106 // static 116 // static
107 bool ProxyClientSocket::SanitizeProxyRedirect(HttpResponseInfo* response) { 117 bool ProxyClientSocket::SanitizeProxyRedirect(HttpResponseInfo* response) {
108 DCHECK(response && response->headers.get()); 118 DCHECK(response && response->headers.get());
109 119
110 std::string location; 120 std::string location;
(...skipping 10 matching lines...) Expand all
121 location.c_str()); 131 location.c_str());
122 std::string raw_headers = 132 std::string raw_headers =
123 HttpUtil::AssembleRawHeaders(fake_response_headers.data(), 133 HttpUtil::AssembleRawHeaders(fake_response_headers.data(),
124 fake_response_headers.length()); 134 fake_response_headers.length());
125 response->headers = new HttpResponseHeaders(raw_headers); 135 response->headers = new HttpResponseHeaders(raw_headers);
126 136
127 return true; 137 return true;
128 } 138 }
129 139
130 } // namespace net 140 } // namespace net
OLDNEW
« no previous file with comments | « net/http/http_network_transaction_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698