diff options
| author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2023-06-12 20:22:34 +0300 |
|---|---|---|
| committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2023-06-20 22:59:07 +0300 |
| commit | eaf1fa0889e9f9621f115ad5f13084e693ddb981 (patch) | |
| tree | 8b6411cc48e50413269a12141bf4e7cc91186807 /src/microhttpd/internal.c | |
| parent | 69da856991eeb4fabf519552ff4c55708cb56d0a (diff) | |
| download | libmicrohttpd-eaf1fa0889e9f9621f115ad5f13084e693ddb981.tar.gz libmicrohttpd-eaf1fa0889e9f9621f115ad5f13084e693ddb981.zip | |
Re-implemented parsing of the request headers and footers from scratch.
* The new algorithm parse the headers in one pass (including folded
headers) thus multiple passes over the same memory area are avoided
(efficiency for large headers should be improved).
* Strict implementation of RFC 9110 and 9112 requirements, including
replacing or reporting error for unacceptable characters.
* Implemented various levels of strictness for requests interpretations:
three levels within RFC requirements (more strict and more secure; less
strict and more compatible with various clients; balanced (default)),
one more relaxed level with violation of RFC's SHOULD/SHOULD NOT,
one even more relaxed level with violation of MUST/MUST NOT,
one stricter level then required by RFC, but absolutely compatible with
clients following RFC's MUST/MUST NOT, and one more even stricter level
compatible with clients following both MUST/MUST NOT and
SHOULD/SHOULD NOT.
* Added detection and handling of more erroneous situations, like space
at the start of the first line (as recommended by RFC).
* Added more detailed responses for invalid requests with descriptions
of the found problems (as recommended by RFC).
* If many chars have been replaced, only summary is reported instead
of flooding logs with messages when request is badly constructed.
* Whitespaces in headers values are trimmed at start and at the end. No
need to handle extra spaces in the app or when using headers in other
MHD parts, like cookie parsing.
* In overall: increased flexibility, the security must be improved,
much better compliance with the standards.
Diffstat (limited to 'src/microhttpd/internal.c')
| -rw-r--r-- | src/microhttpd/internal.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/microhttpd/internal.c b/src/microhttpd/internal.c index 1d5af899..d7d470e8 100644 --- a/src/microhttpd/internal.c +++ b/src/microhttpd/internal.c | |||
| @@ -45,8 +45,8 @@ MHD_state_to_string (enum MHD_CONNECTION_STATE state) | |||
| 45 | return "receiving request line"; | 45 | return "receiving request line"; |
| 46 | case MHD_CONNECTION_REQ_LINE_RECEIVED: | 46 | case MHD_CONNECTION_REQ_LINE_RECEIVED: |
| 47 | return "request line received"; | 47 | return "request line received"; |
| 48 | case MHD_CONNECTION_HEADER_PART_RECEIVED: | 48 | case MHD_CONNECTION_REQ_HEADERS_RECEIVING: |
| 49 | return "header partially received"; | 49 | return "headers receiving"; |
| 50 | case MHD_CONNECTION_HEADERS_RECEIVED: | 50 | case MHD_CONNECTION_HEADERS_RECEIVED: |
| 51 | return "headers received"; | 51 | return "headers received"; |
| 52 | case MHD_CONNECTION_HEADERS_PROCESSED: | 52 | case MHD_CONNECTION_HEADERS_PROCESSED: |
| @@ -57,8 +57,8 @@ MHD_state_to_string (enum MHD_CONNECTION_STATE state) | |||
| 57 | return "body receiving"; | 57 | return "body receiving"; |
| 58 | case MHD_CONNECTION_BODY_RECEIVED: | 58 | case MHD_CONNECTION_BODY_RECEIVED: |
| 59 | return "body received"; | 59 | return "body received"; |
| 60 | case MHD_CONNECTION_FOOTER_PART_RECEIVED: | 60 | case MHD_CONNECTION_FOOTERS_RECEIVING: |
| 61 | return "footer partially received"; | 61 | return "footers receiving"; |
| 62 | case MHD_CONNECTION_FOOTERS_RECEIVED: | 62 | case MHD_CONNECTION_FOOTERS_RECEIVED: |
| 63 | return "footers received"; | 63 | return "footers received"; |
| 64 | case MHD_CONNECTION_FULL_REQ_RECEIVED: | 64 | case MHD_CONNECTION_FULL_REQ_RECEIVED: |