Commit 3893855a authored by Stewart Brodie's avatar Stewart Brodie
Browse files

* Duplicate header suppression code moved to later in the header generator so...

* Duplicate header suppression code moved to later in the header generator so that it actually does override user headers as it is supposed to.

  (affects Cookie2 and Accept-Encoding headers)

* Security code includes header exported by AcornSSL to <CExport$Dir>
  instead of requiring it to be present in a specific place relative to
  the HTTP sources.
parent b1271234
......@@ -572,7 +572,8 @@ int parse_http_header(char *const buffer, int buflen, Session *ses, _kernel_swi_
}
break;
#ifdef COMPRESSION
case header_CONTENT_ENCODING:
case header_CONTENT_ENCODING: {
int ret;
#ifdef TRACE
protocol_debug("Server sent us a Content-Encoding header: %s\n", value);
#endif
......@@ -580,37 +581,41 @@ int parse_http_header(char *const buffer, int buflen, Session *ses, _kernel_swi_
Strcmp_ci(value, "x-gzip") == 0) {
ses->compression = compression_GZIP;
ses->compstate = compress_READ_GZIP_HEADER;
goto prepare_compression;
}
else if (Strcmp_ci(value, "deflate") == 0) {
int ret;
ses->compression = compression_DEFLATE;
ses->compstate = compress_INFLATE;
prepare_compression:
suppress = 1;
ses->zstream.next_in=Z_NULL;
ses->zstream.avail_in=0;
ses->zstream.zalloc=Z_NULL;
ses->zstream.zfree=Z_NULL;
if (ses->compression == compression_DEFLATE)
ret = inflateInit(&ses->zstream);
else
ret = inflateInit2(&ses->zstream, -MAX_WBITS);
if (ret != Z_OK) {
ses->compression = compression_NONE;
#ifdef TRACE
protocol_debug("inflateInit error: %s\n", ses->zstream.msg);
#endif
} else
{
ses->compbuf = malloc(1024);
ses->compbufsize = 1024;
if (ses->compbuf == NULL) {
inflateEnd(&ses->zstream);
ses->compression = compression_NONE;
}
}
}
}
else {
break;
}
suppress = 1;
ses->zstream.next_in=Z_NULL;
ses->zstream.avail_in=0;
ses->zstream.zalloc=Z_NULL;
ses->zstream.zfree=Z_NULL;
if (ses->compression == compression_DEFLATE) {
ret = inflateInit(&ses->zstream);
}
else {
ret = inflateInit2(&ses->zstream, -MAX_WBITS);
}
if (ret != Z_OK) {
ses->compression = compression_NONE;
#ifdef TRACE
protocol_debug("inflateInit error: %s\n", ses->zstream.msg);
#endif
}
else {
ses->compbuf = malloc(1024);
ses->compbufsize = 1024;
if (ses->compbuf == NULL) {
inflateEnd(&ses->zstream);
ses->compression = compression_NONE;
}
}
}
break;
#endif
case header_CONNECTION:
......
......@@ -149,7 +149,7 @@ static int sec_recv(int s, void *data, size_t size, int flags)
#else
#include "^.SSL.h.SSLHdr"
#include "AcornSSL.h"
static int sec_socketioctl(int s, unsigned long op, ...)
{
......
......@@ -418,6 +418,7 @@ static int http_validate_user_supplied_data(Session *ses)
}
}
if (ses->method == method_HTTP_GET || ses->method == method_HTTP_HEAD) {
/* ... and add any other HTTP methods that MUST NOT include an entity
* body along with the request
......@@ -488,6 +489,20 @@ static int http_validate_user_supplied_data(Session *ses)
http_delete_header(&ses->headers, hdr);
} while (1);
do {
http_header *hdr = http_find_header(ses->headers, "cookie2");
if (hdr == NULL) break;
http_delete_header(&ses->headers, hdr);
} while (1);
#ifdef COMPRESSION
do {
http_header *hdr = http_find_header(ses->headers, "accept-encoding");
if (hdr == NULL) break;
http_delete_header(&ses->headers, hdr);
} while (1);
#endif
return 1;
}
......@@ -546,23 +561,6 @@ static int http_generate_request(Session *ses, _kernel_swi_regs *r)
http_add_header(&ses->headers, m, reqline);
free(reqline);
http_add_header(&ses->headers, "Connection", "close");
if (!http_find_header(ses->headers, "cookie2")) {
http_add_header(&ses->headers, "Cookie2", "$Version=\"1\"");
}
#if 0
/* Removed in version 0.57 because it is the *client's* responsibility to send this information */
http_add_header(&ses->headers, "Accept", "image/png; q=1.0, image/jpeg; q=0.9, image/*; q=0.8, */*");
#endif
#ifdef COMPRESSION
{
http_header *hdr;
if ((hdr = http_find_header(ses->headers, "accept-encoding")) != NULL) {
http_delete_header(&ses->headers, hdr);
}
http_add_header(&ses->headers, "Accept-Encoding", "deflate, gzip");
}
#endif
/* Construct the host header as required */
if (endport == ((ses->flags & flags_USING_HTTPS) ? CONNECT_DEFAULT_PORT_NUMBER2:CONNECT_DEFAULT_PORT_NUMBER) || endhost == 0) {
......@@ -602,6 +600,20 @@ static int http_generate_request(Session *ses, _kernel_swi_regs *r)
return 0;
}
if (!http_find_header(ses->headers, "cookie2")) {
http_add_header(&ses->headers, "Cookie2", "$Version=\"1\"");
}
#ifdef COMPRESSION
{
http_header *hdr;
if ((hdr = http_find_header(ses->headers, "accept-encoding")) != NULL) {
http_delete_header(&ses->headers, hdr);
}
http_add_header(&ses->headers, "Accept-Encoding", "deflate, gzip");
}
#endif
http_add_header(&ses->headers, "User-Agent",
ses->agent == NULL ? Module_Help "/" Module_VersionString : ses->agent);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment