-const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.39 2008/04/22 16:27:42 fabiankeil Exp $";
+const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.46 2009/02/11 19:31:32 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/urlmatch.c,v $
* Purpose : Declares functions to match URLs against URL
* patterns.
*
- * Copyright : Written by and Copyright (C) 2001-2003, 2006-2008 the SourceForge
- * Privoxy team. http://www.privoxy.org/
+ * Copyright : Written by and Copyright (C) 2001-2009
+ * the Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
* by and Copyright (C) 1997 Anonymous Coders and
*
* Revisions :
* $Log: urlmatch.c,v $
+ * Revision 1.46 2009/02/11 19:31:32 fabiankeil
+ * Reject request lines that end with neither HTTP/1.0 nor HTTP/1.1.
+ *
+ * Revision 1.45 2008/06/21 21:19:18 fabiankeil
+ * Silence bogus compiler warning.
+ *
+ * Revision 1.44 2008/05/04 16:18:32 fabiankeil
+ * Provide parse_http_url() with a third parameter to specify
+ * whether or not URLs without protocol are acceptable.
+ *
+ * Revision 1.43 2008/05/04 13:30:55 fabiankeil
+ * Streamline parse_http_url()'s prototype.
+ *
+ * Revision 1.42 2008/05/04 13:24:16 fabiankeil
+ * If the method isn't CONNECT, reject URLs without protocol.
+ *
+ * Revision 1.41 2008/05/02 09:51:34 fabiankeil
+ * In parse_http_url(), don't muck around with values
+ * that are none of its business: require an initialized
+ * http structure and never unset http->ssl.
+ *
+ * Revision 1.40 2008/04/23 16:12:28 fabiankeil
+ * Free with freez().
+ *
* Revision 1.39 2008/04/22 16:27:42 fabiankeil
* In parse_http_request(), remove a pointless
* temporary variable and free the buffer earlier.
* Parameters :
* 1 : url = URL (or is it URI?) to break down
* 2 : http = pointer to the http structure to hold elements.
- * Will be zeroed before use. Note that this
- * function sets the http->gpc and http->ver
- * members to NULL.
- * 3 : csp = Current client state (buffers, headers, etc...)
+ * Must be initialized with valid values (like NULLs).
+ * 3 : require_protocol = Whether or not URLs without
+ * protocol are acceptable.
*
* Returns : JB_ERR_OK on success
* JB_ERR_MEMORY on out of memory
* or >100 domains deep.
*
*********************************************************************/
-jb_err parse_http_url(const char * url,
- struct http_request *http,
- const struct client_state *csp)
+jb_err parse_http_url(const char *url, struct http_request *http, int require_protocol)
{
int host_available = 1; /* A proxy can dream. */
- /*
- * Zero out the results structure
- */
- memset(http, '\0', sizeof(*http));
-
-
/*
* Save our initial URL
*/
if (strncmpic(url_noproto, "http://", 7) == 0)
{
url_noproto += 7;
- http->ssl = 0;
}
else if (strncmpic(url_noproto, "https://", 8) == 0)
{
+ /*
+ * Should only happen when called from cgi_show_url_info().
+ */
url_noproto += 8;
http->ssl = 1;
}
* Most likely because the client's request
* was intercepted and redirected into Privoxy.
*/
- http->ssl = 0;
http->host = NULL;
host_available = 0;
}
- else
+ else if (require_protocol)
{
- http->ssl = 0;
+ freez(buf);
+ return JB_ERR_PARSE;
}
url_path = strchr(url_noproto, '/');
* Parameters :
* 1 : req = HTTP request line to break down
* 2 : http = pointer to the http structure to hold elements
- * 3 : csp = Current client state (buffers, headers, etc...)
*
* Returns : JB_ERR_OK on success
* JB_ERR_MEMORY on out of memory
* or >100 domains deep.
*
*********************************************************************/
-jb_err parse_http_request(const char *req,
- struct http_request *http,
- const struct client_state *csp)
+jb_err parse_http_request(const char *req, struct http_request *http)
{
char *buf;
char *v[10]; /* XXX: Why 10? We should only need three. */
return JB_ERR_PARSE;
}
- err = parse_http_url(v[1], http, csp);
+ if (strcmpic(v[2], "HTTP/1.1") && strcmpic(v[2], "HTTP/1.0"))
+ {
+ log_error(LOG_LEVEL_ERROR, "The only supported HTTP "
+ "versions are 1.0 and 1.1. This rules out: %s", v[2]);
+ freez(buf);
+ return JB_ERR_PARSE;
+ }
+
+ http->ssl = !strcmpic(v[0], "CONNECT");
+
+ err = parse_http_url(v[1], http, !http->ssl);
if (err)
{
freez(buf);
/*
* Copy the details into the structure
*/
- http->ssl = !strcmpic(v[0], "CONNECT");
http->cmd = strdup(req);
http->gpc = strdup(v[0]);
http->ver = strdup(v[2]);
{
int errcode;
char rebuf[BUFFER_SIZE];
- const char *fmt;
+ const char *fmt = NULL;
assert(pattern);
assert(strlen(pattern) < sizeof(rebuf) - 2);
projects / privoxy.git / blobdiff