diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2021-08-01 15:31:30 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2021-08-01 15:31:30 +0300 |
commit | 39eb60df61232bfc7da8e2f7afc48efcad0f1019 (patch) | |
tree | b7b00049cf5c564ea75694fa65dec8ff9b65982c /src/microhttpd/response.c | |
parent | db2ab3a5aee00d9716523eb9b478b29dcb332f9a (diff) | |
download | libmicrohttpd-39eb60df61232bfc7da8e2f7afc48efcad0f1019.tar.gz libmicrohttpd-39eb60df61232bfc7da8e2f7afc48efcad0f1019.zip |
response header: more pre-processing, better docs
* Disallow "Transfer-encoding: identity", not allowed by RFC
* Allow only single "Date" header
Diffstat (limited to 'src/microhttpd/response.c')
-rw-r--r-- | src/microhttpd/response.c | 71 |
1 files changed, 49 insertions, 22 deletions
diff --git a/src/microhttpd/response.c b/src/microhttpd/response.c index 3833990c..fbe621c4 100644 --- a/src/microhttpd/response.c +++ b/src/microhttpd/response.c | |||
@@ -438,6 +438,7 @@ del_response_header_connection (struct MHD_Response *response, | |||
438 | * The list of automatic headers: | 438 | * The list of automatic headers: |
439 | * + "Date" header is added automatically unless already set by | 439 | * + "Date" header is added automatically unless already set by |
440 | * this function | 440 | * this function |
441 | * @see #MHD_USE_SUPPRESS_DATE_NO_CLOCK | ||
441 | * + "Content-Length" is added automatically when required, attempt to set | 442 | * + "Content-Length" is added automatically when required, attempt to set |
442 | * it manually by this function is ignored. | 443 | * it manually by this function is ignored. |
443 | * @see #MHD_RF_INSANITY_HEADER_CONTENT_LENGTH | 444 | * @see #MHD_RF_INSANITY_HEADER_CONTENT_LENGTH |
@@ -452,6 +453,16 @@ del_response_header_connection (struct MHD_Response *response, | |||
452 | * to enforce closure of the connection after sending this response. | 453 | * to enforce closure of the connection after sending this response. |
453 | * "Keep-Alive" cannot be enforced and will be removed automatically. | 454 | * "Keep-Alive" cannot be enforced and will be removed automatically. |
454 | * | 455 | * |
456 | * Some headers are pre-processed by this function: | ||
457 | * * "Connection" headers are combined into single header entry, value is | ||
458 | * normilised, "Keep-Alive" tokens are removed. | ||
459 | * * "Transfer-Encoding" header: the only one header is allowed, the only | ||
460 | * allowed value is "chunked". | ||
461 | * * "Date" header: the only one header is allowed, the second added header | ||
462 | * replaces the first one. | ||
463 | * * "Content-Length" manual header is now allowed. | ||
464 | * @see #MHD_RF_INSANITY_HEADER_CONTENT_LENGTH | ||
465 | * | ||
455 | * Headers are used in order as they were added. | 466 | * Headers are used in order as they were added. |
456 | * | 467 | * |
457 | * @param response the response to add a header to | 468 | * @param response the response to add a header to |
@@ -473,30 +484,40 @@ MHD_add_response_header (struct MHD_Response *response, | |||
473 | if (MHD_str_equal_caseless_ (header, | 484 | if (MHD_str_equal_caseless_ (header, |
474 | MHD_HTTP_HEADER_TRANSFER_ENCODING)) | 485 | MHD_HTTP_HEADER_TRANSFER_ENCODING)) |
475 | { | 486 | { |
476 | /* TODO: remove support for "identity" */ | 487 | if (! MHD_str_equal_caseless_ (content, "chunked")) |
477 | /* Only one "Transfer-Encoding" header is allowed */ | ||
478 | if (NULL != | ||
479 | MHD_get_response_header (response, MHD_HTTP_HEADER_TRANSFER_ENCODING) ) | ||
480 | return MHD_NO; | 488 | return MHD_NO; |
481 | /* Setting transfer encodings other than "identity" or | 489 | if (0 != (response->flags_auto & MHD_RAF_HAS_TRANS_ENC_CHUNKED)) |
482 | "chunked" is not allowed. Note that MHD will set the | 490 | return MHD_YES; |
483 | correct transfer encoding if required automatically. */ | 491 | if (MHD_NO != add_response_entry (response, |
484 | /* NOTE: for compressed bodies, use the "Content-encoding" header */ | 492 | MHD_HEADER_KIND, |
485 | if (MHD_str_equal_caseless_ (content, "identity")) | 493 | header, |
486 | return add_response_entry (response, | 494 | content)) |
487 | MHD_HEADER_KIND, | ||
488 | header, | ||
489 | content); | ||
490 | else if (MHD_str_equal_caseless_ (content, "chunked")) | ||
491 | { | 495 | { |
492 | if (MHD_NO != add_response_entry (response, | 496 | response->flags_auto |= MHD_RAF_HAS_TRANS_ENC_CHUNKED; |
493 | MHD_HEADER_KIND, | 497 | return MHD_YES; |
494 | header, | 498 | } |
495 | content)) | 499 | return MHD_NO; |
496 | { | 500 | } |
497 | response->flags_auto |= MHD_RAF_HAS_TRANS_ENC_CHUNKED; | 501 | if (MHD_str_equal_caseless_ (header, |
498 | return MHD_YES; | 502 | MHD_HTTP_HEADER_DATE)) |
499 | } | 503 | { |
504 | if (0 != (response->flags_auto & MHD_RAF_HAS_DATE_HDR)) | ||
505 | { | ||
506 | struct MHD_HTTP_Header *hdr; | ||
507 | hdr = MHD_get_response_element_n_ (response, MHD_HEADER_KIND, | ||
508 | MHD_HTTP_HEADER_DATE, | ||
509 | MHD_STATICSTR_LEN_ ( \ | ||
510 | MHD_HTTP_HEADER_DATE)); | ||
511 | mhd_assert (NULL != hdr); | ||
512 | _MHD_remove_header (response, hdr); | ||
513 | } | ||
514 | if (MHD_NO != add_response_entry (response, | ||
515 | MHD_HEADER_KIND, | ||
516 | header, | ||
517 | content)) | ||
518 | { | ||
519 | response->flags_auto |= MHD_RAF_HAS_DATE_HDR; | ||
520 | return MHD_YES; | ||
500 | } | 521 | } |
501 | return MHD_NO; | 522 | return MHD_NO; |
502 | } | 523 | } |
@@ -590,6 +611,12 @@ MHD_del_response_header (struct MHD_Response *response, | |||
590 | MHD_HTTP_HEADER_TRANSFER_ENCODING, | 611 | MHD_HTTP_HEADER_TRANSFER_ENCODING, |
591 | header_len) ) | 612 | header_len) ) |
592 | response->flags_auto &= ~(MHD_RAF_HAS_TRANS_ENC_CHUNKED); | 613 | response->flags_auto &= ~(MHD_RAF_HAS_TRANS_ENC_CHUNKED); |
614 | else if ( (MHD_STATICSTR_LEN_ (MHD_HTTP_HEADER_DATE) == | ||
615 | header_len) && | ||
616 | MHD_str_equal_caseless_bin_n_ (header, | ||
617 | MHD_HTTP_HEADER_DATE, | ||
618 | header_len) ) | ||
619 | response->flags_auto &= ~(MHD_RAF_HAS_DATE_HDR); | ||
593 | return MHD_YES; | 620 | return MHD_YES; |
594 | } | 621 | } |
595 | pos = pos->next; | 622 | pos = pos->next; |