Google Git
Sign in
nginx / nginx / 3338cfdfbc5522ca96319ece6d21ddc4d1dce45d / . / src / http / ngx_http_parse.c
blob: 426aa8a0ea23de06c30b25aed336ac8b02ddb9b4 [file] [log] [blame]
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]1
Igor Sysoevd90282d2004-09-28 08:34:51 +0000[diff] [blame]2/*
Igor Sysoevff8da912004-09-29 16:00:49 +0000[diff] [blame]3 * Copyright (C) Igor Sysoev
Igor Sysoevd90282d2004-09-28 08:34:51 +0000[diff] [blame]4 */
5
6
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]7#include <ngx_config.h>
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]8#include <ngx_core.h>
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]9#include <ngx_http.h>
10
Igor Sysoev59cf56c2004-09-07 15:29:22 +0000[diff] [blame]11
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]12/* gcc, icc, msvc and others compile these switches as an jump table */
13
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]14ngx_int_t
15ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]16{
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]17 u_char c, ch, *p, *m;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]18 enum {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]19 sw_start = 0,
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]20 sw_method,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]21 sw_space_after_method,
22 sw_spaces_before_uri,
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]23 sw_schema,
24 sw_schema_slash,
25 sw_schema_slash_slash,
26 sw_host,
27 sw_port,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]28 sw_after_slash_in_uri,
29 sw_check_uri,
30 sw_uri,
31 sw_http_09,
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]32 sw_http_H,
33 sw_http_HT,
34 sw_http_HTT,
35 sw_http_HTTP,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]36 sw_first_major_digit,
37 sw_major_digit,
38 sw_first_minor_digit,
39 sw_minor_digit,
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]40 sw_almost_done
Igor Sysoev481b6432002-12-04 16:29:40 +0000[diff] [blame]41 } state;
42
43 state = r->state;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]44
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]45 for (p = b->pos; p < b->last; p++) {
46 ch = *p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]47
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]48 switch (state) {
49
50 /* HTTP methods: GET, HEAD, POST */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]51 case sw_start:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]52 r->request_start = p;
Igor Sysoev3d062ad2003-03-05 06:37:42 +0000[diff] [blame]53
Igor Sysoev732a2712004-04-21 18:54:33 +0000[diff] [blame]54 if (ch == CR || ch == LF) {
55 break;
56 }
57
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]58 if (ch < 'A' || ch > 'Z') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]59 return NGX_HTTP_PARSE_INVALID_METHOD;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]60 }
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]61
62 state = sw_method;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]63 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]64
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]65 case sw_method:
66 if (ch == ' ') {
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]67 r->method_end = p - 1;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]68 m = r->request_start;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]69
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]70 switch (p - m) {
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]71
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]72 case 3:
Igor Sysoev2e6ba932004-09-09 15:40:48 +0000[diff] [blame]73 if (m[0] == 'G' && m[1] == 'E' && m[2] == 'T') {
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]74 r->method = NGX_HTTP_GET;
Igor Sysoev8a2b2fb2006-04-14 09:53:38 +0000[diff] [blame]75
76 } else if (m[0] == 'P' && m[1] == 'U' && m[2] == 'T') {
77 r->method = NGX_HTTP_PUT;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]78 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]79 break;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]80
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]81 case 4:
Igor Sysoev2e6ba932004-09-09 15:40:48 +0000[diff] [blame]82 if (m[0] == 'P' && m[1] == 'O'
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]83 && m[2] == 'S' && m[3] == 'T')
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]84 {
85 r->method = NGX_HTTP_POST;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]86
Igor Sysoev2e6ba932004-09-09 15:40:48 +0000[diff] [blame]87 } else if (m[0] == 'H' && m[1] == 'E'
88 && m[2] == 'A' && m[3] == 'D')
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]89 {
90 r->method = NGX_HTTP_HEAD;
91 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]92 break;
Igor Sysoev8a2b2fb2006-04-14 09:53:38 +0000[diff] [blame]93
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]94 case 5:
Igor Sysoev7bdb7202006-04-19 15:30:56 +0000[diff] [blame]95 if (m[0] == 'M' && m[1] == 'K'
96 && m[2] == 'C' && m[3] == 'O' && m[4] == 'L')
97 {
98 r->method = NGX_HTTP_MKCOL;
99 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]100 break;
Igor Sysoev7bdb7202006-04-19 15:30:56 +0000[diff] [blame]101
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]102 case 6:
Igor Sysoev8a2b2fb2006-04-14 09:53:38 +0000[diff] [blame]103 if (m[0] == 'D' && m[1] == 'E' && m[2] == 'L'
104 && m[3] == 'E' && m[4] == 'T' && m[5] == 'E')
105 {
106 r->method = NGX_HTTP_DELETE;
107 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]108 break;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]109 }
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]110
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]111 state = sw_spaces_before_uri;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]112 break;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]113 }
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]114
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]115 if (ch < 'A' || ch > 'Z') {
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]116 return NGX_HTTP_PARSE_INVALID_METHOD;
117 }
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]118
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]119 break;
120
121 /* single space after method */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]122 case sw_space_after_method:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]123 switch (ch) {
124 case ' ':
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]125 state = sw_spaces_before_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]126 break;
127 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]128 return NGX_HTTP_PARSE_INVALID_METHOD;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]129 }
130 break;
131
132 /* space* before URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]133 case sw_spaces_before_uri:
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]134
135 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]136 if (c >= 'a' && c <= 'z') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]137 r->schema_start = p;
138 state = sw_schema;
139 break;
140 }
141
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]142 switch (ch) {
143 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]144 r->uri_start = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]145 state = sw_after_slash_in_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]146 break;
147 case ' ':
148 break;
149 default:
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]150 return NGX_HTTP_PARSE_INVALID_REQUEST;
151 }
152 break;
153
154 case sw_schema:
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]155
156 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]157 if (c >= 'a' && c <= 'z') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]158 break;
159 }
160
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]161 switch (ch) {
162 case ':':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]163 r->schema_end = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]164 state = sw_schema_slash;
165 break;
166 default:
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]167 return NGX_HTTP_PARSE_INVALID_REQUEST;
168 }
169 break;
170
171 case sw_schema_slash:
172 switch (ch) {
173 case '/':
174 state = sw_schema_slash_slash;
175 break;
176 default:
177 return NGX_HTTP_PARSE_INVALID_REQUEST;
178 }
179 break;
180
181 case sw_schema_slash_slash:
182 switch (ch) {
183 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]184 r->host_start = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]185 state = sw_host;
186 break;
187 default:
188 return NGX_HTTP_PARSE_INVALID_REQUEST;
189 }
190 break;
191
192 case sw_host:
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]193
194 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]195 if (c >= 'a' && c <= 'z') {
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]196 break;
197 }
198
199 if ((ch >= '0' && ch <= '9') || ch == '.' || ch == '-')
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]200 {
201 break;
202 }
203
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]204 switch (ch) {
205 case ':':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]206 r->host_end = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]207 state = sw_port;
208 break;
209 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]210 r->host_end = p;
211 r->uri_start = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]212 state = sw_after_slash_in_uri;
213 break;
214 default:
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]215 return NGX_HTTP_PARSE_INVALID_REQUEST;
216 }
217 break;
218
219 case sw_port:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]220 if (ch >= '0' && ch <= '9') {
221 break;
222 }
223
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]224 switch (ch) {
225 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]226 r->port_end = p;
227 r->uri_start = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]228 state = sw_after_slash_in_uri;
229 break;
230 default:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]231 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]232 }
233 break;
234
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]235 /* check "/.", "//", "%", and "\" (Win32) in URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]236 case sw_after_slash_in_uri:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]237
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]238 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]239 if (c >= 'a' && c <= 'z') {
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]240 state = sw_check_uri;
241 break;
242 }
243
244 if (ch >= '0' && ch <= '9') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]245 state = sw_check_uri;
246 break;
247 }
248
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]249 switch (ch) {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]250 case ' ':
251 r->uri_end = p;
252 state = sw_http_09;
253 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]254 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]255 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]256 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]257 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]258 break;
259 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]260 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]261 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]262 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]263 case '.':
264 r->complex_uri = 1;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]265 state = sw_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]266 break;
Igor Sysoev924bd792004-10-11 15:07:03 +0000[diff] [blame]267 case '%':
268 r->quoted_uri = 1;
269 state = sw_uri;
270 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]271 case '/':
272 r->complex_uri = 1;
273 state = sw_uri;
274 break;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]275#if (NGX_WIN32)
276 case '\\':
277 r->complex_uri = 1;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]278 state = sw_uri;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]279 break;
280#endif
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]281 case '?':
282 r->args_start = p + 1;
283 state = sw_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]284 break;
Igor Sysoev805d9db2005-02-03 19:33:37 +0000[diff] [blame]285 case '+':
286 r->plus_in_uri = 1;
287 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]288 case '\0':
289 r->zero_in_uri = 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]290 break;
291 default:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]292 state = sw_check_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]293 break;
294 }
295 break;
296
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]297 /* check "/", "%" and "\" (Win32) in URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]298 case sw_check_uri:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]299
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]300 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]301 if (c >= 'a' && c <= 'z') {
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]302 break;
303 }
304
305 if (ch >= '0' && ch <= '9') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]306 break;
307 }
308
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]309 switch (ch) {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]310 case '/':
311 r->uri_ext = NULL;
312 state = sw_after_slash_in_uri;
313 break;
314 case '.':
315 r->uri_ext = p + 1;
316 break;
317 case ' ':
318 r->uri_end = p;
319 state = sw_http_09;
320 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]321 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]322 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]323 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]324 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]325 break;
326 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]327 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]328 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]329 goto done;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]330#if (NGX_WIN32)
331 case '\\':
332 r->complex_uri = 1;
333 state = sw_after_slash_in_uri;
334 break;
335#endif
Igor Sysoev7578ec92003-06-02 15:24:30 +0000[diff] [blame]336 case '%':
Igor Sysoev924bd792004-10-11 15:07:03 +0000[diff] [blame]337 r->quoted_uri = 1;
Igor Sysoev7578ec92003-06-02 15:24:30 +0000[diff] [blame]338 state = sw_uri;
339 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]340 case '+':
341 r->plus_in_uri = 1;
342 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]343 case '?':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]344 r->args_start = p + 1;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]345 state = sw_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]346 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]347 case '\0':
348 r->zero_in_uri = 1;
349 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]350 }
351 break;
352
353 /* URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]354 case sw_uri:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]355 switch (ch) {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]356 case ' ':
357 r->uri_end = p;
358 state = sw_http_09;
359 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]360 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]361 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]362 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]363 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]364 break;
365 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]366 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]367 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]368 goto done;
Igor Sysoev805d9db2005-02-03 19:33:37 +0000[diff] [blame]369 case '+':
370 r->plus_in_uri = 1;
371 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]372 case '\0':
373 r->zero_in_uri = 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]374 break;
375 }
376 break;
377
378 /* space+ after URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]379 case sw_http_09:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]380 switch (ch) {
381 case ' ':
382 break;
383 case CR:
384 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]385 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]386 break;
387 case LF:
388 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]389 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]390 case 'H':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]391 r->http_protocol.data = p;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]392 state = sw_http_H;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]393 break;
394 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]395 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]396 }
397 break;
398
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]399 case sw_http_H:
400 switch (ch) {
401 case 'T':
402 state = sw_http_HT;
403 break;
404 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]405 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]406 }
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]407 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]408
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]409 case sw_http_HT:
410 switch (ch) {
411 case 'T':
412 state = sw_http_HTT;
413 break;
414 default:
415 return NGX_HTTP_PARSE_INVALID_REQUEST;
416 }
417 break;
418
419 case sw_http_HTT:
420 switch (ch) {
421 case 'P':
422 state = sw_http_HTTP;
423 break;
424 default:
425 return NGX_HTTP_PARSE_INVALID_REQUEST;
426 }
427 break;
428
429 case sw_http_HTTP:
430 switch (ch) {
431 case '/':
432 state = sw_first_major_digit;
433 break;
434 default:
435 return NGX_HTTP_PARSE_INVALID_REQUEST;
436 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]437 break;
438
439 /* first digit of major HTTP version */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]440 case sw_first_major_digit:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]441 if (ch < '1' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]442 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]443 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]444
445 r->http_major = ch - '0';
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]446 state = sw_major_digit;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]447 break;
448
449 /* major HTTP version or dot */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]450 case sw_major_digit:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]451 if (ch == '.') {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]452 state = sw_first_minor_digit;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]453 break;
454 }
455
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]456 if (ch < '0' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]457 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]458 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]459
460 r->http_major = r->http_major * 10 + ch - '0';
461 break;
462
463 /* first digit of minor HTTP version */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]464 case sw_first_minor_digit:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]465 if (ch < '0' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]466 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]467 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]468
469 r->http_minor = ch - '0';
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]470 state = sw_minor_digit;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]471 break;
472
473 /* minor HTTP version or end of request line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]474 case sw_minor_digit:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]475 if (ch == CR) {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]476 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]477 break;
478 }
479
480 if (ch == LF) {
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]481 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]482 }
483
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]484 if (ch < '0' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]485 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]486 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]487
488 r->http_minor = r->http_minor * 10 + ch - '0';
489 break;
490
491 /* end of request line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]492 case sw_almost_done:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]493 r->request_end = p - 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]494 switch (ch) {
495 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]496 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]497 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]498 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]499 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]500 }
501 }
502
Igor Sysoevdd888c42004-09-21 05:38:28 +0000[diff] [blame]503 b->pos = p;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]504 r->state = state;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]505
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]506 return NGX_AGAIN;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]507
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]508done:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]509
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]510 b->pos = p + 1;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]511
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]512 if (r->request_end == NULL) {
513 r->request_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]514 }
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]515
516 r->http_version = r->http_major * 1000 + r->http_minor;
517 r->state = sw_start;
518
519 if (r->http_version == 9 && r->method != NGX_HTTP_GET) {
520 return NGX_HTTP_PARSE_INVALID_09_METHOD;
521 }
522
523 return NGX_OK;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]524}
525
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]526
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]527ngx_int_t
528ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]529{
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]530 u_char c, ch, *p;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]531 ngx_uint_t hash, i;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]532 enum {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]533 sw_start = 0,
534 sw_name,
535 sw_space_before_value,
536 sw_value,
537 sw_space_after_value,
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]538 sw_ignore_line,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]539 sw_almost_done,
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]540 sw_header_almost_done
Igor Sysoev481b6432002-12-04 16:29:40 +0000[diff] [blame]541 } state;
542
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]543 static u_char lowcase[] =
544 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
545 "\0\0\0\0\0\0\0\0\0\0\0\0\0-\0\0" "0123456789\0\0\0\0\0\0"
546 "\0abcdefghijklmnopqrstuvwxyz\0\0\0\0\0"
547 "\0abcdefghijklmnopqrstuvwxyz\0\0\0\0\0"
548 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
549 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
550 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
551 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
552
Igor Sysoev481b6432002-12-04 16:29:40 +0000[diff] [blame]553 state = r->state;
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]554 hash = r->header_hash;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]555 i = r->lowcase_index;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]556
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]557 for (p = b->pos; p < b->last; p++) {
558 ch = *p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]559
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]560 switch (state) {
561
562 /* first char */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]563 case sw_start:
Igor Sysoev3362b8d2005-05-14 18:42:03 +0000[diff] [blame]564 r->invalid_header = 0;
565
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]566 switch (ch) {
567 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]568 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]569 state = sw_header_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]570 break;
571 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]572 r->header_end = p;
573 goto header_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]574 default:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]575 state = sw_name;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]576 r->header_name_start = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]577
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]578 c = lowcase[ch];
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]579
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]580 if (c) {
581 hash = ngx_hash(0, c);
582 r->lowcase_header[0] = c;
583 i = 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]584 break;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]585 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]586
Igor Sysoev3362b8d2005-05-14 18:42:03 +0000[diff] [blame]587 r->invalid_header = 1;
588
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]589 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]590
591 }
592 break;
593
594 /* header name */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]595 case sw_name:
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]596 c = lowcase[ch];
597
598 if (c) {
599 hash = ngx_hash(hash, c);
600 r->lowcase_header[i++] = c;
601 i &= ~NGX_HTTP_LC_HEADER_LEN;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]602 break;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]603 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]604
605 if (ch == ':') {
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]606 r->header_name_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]607 state = sw_space_before_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]608 break;
609 }
610
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]611 if (ch == CR) {
612 r->header_name_end = p;
613 r->header_start = p;
614 r->header_end = p;
615 state = sw_almost_done;
616 break;
617 }
618
619 if (ch == LF) {
620 r->header_name_end = p;
621 r->header_start = p;
622 r->header_end = p;
623 goto done;
624 }
625
Igor Sysoev924bd792004-10-11 15:07:03 +0000[diff] [blame]626 /* IIS may send the duplicate "HTTP/1.1 ..." lines */
Igor Sysoev183f9a62003-04-09 15:42:08 +0000[diff] [blame]627 if (ch == '/'
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]628 && r->upstream
629 && p - r->header_name_start == 4
630 && ngx_strncmp(r->header_name_start, "HTTP", 4) == 0)
Igor Sysoev183f9a62003-04-09 15:42:08 +0000[diff] [blame]631 {
632 state = sw_ignore_line;
633 break;
Igor Sysoeve2a31542003-04-08 15:40:10 +0000[diff] [blame]634 }
635
Igor Sysoev3362b8d2005-05-14 18:42:03 +0000[diff] [blame]636 r->invalid_header = 1;
637
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]638 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]639
640 /* space* before header value */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]641 case sw_space_before_value:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]642 switch (ch) {
643 case ' ':
644 break;
645 case CR:
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]646 r->header_start = p;
647 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]648 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]649 break;
650 case LF:
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]651 r->header_start = p;
652 r->header_end = p;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]653 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]654 default:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]655 r->header_start = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]656 state = sw_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]657 break;
658 }
659 break;
660
661 /* header value */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]662 case sw_value:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]663 switch (ch) {
664 case ' ':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]665 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]666 state = sw_space_after_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]667 break;
668 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]669 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]670 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]671 break;
672 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]673 r->header_end = p;
674 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]675 }
676 break;
677
678 /* space* before end of header line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]679 case sw_space_after_value:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]680 switch (ch) {
681 case ' ':
682 break;
683 case CR:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]684 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]685 break;
686 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]687 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]688 default:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]689 state = sw_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]690 break;
691 }
692 break;
693
Igor Sysoeve2a31542003-04-08 15:40:10 +0000[diff] [blame]694 /* ignore header line */
695 case sw_ignore_line:
696 switch (ch) {
697 case LF:
698 state = sw_start;
699 break;
700 default:
701 break;
702 }
703 break;
704
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]705 /* end of header line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]706 case sw_almost_done:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]707 switch (ch) {
Igor Sysoev8fea8852006-03-15 09:53:04 +0000[diff] [blame]708 case CR:
709 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]710 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]711 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]712 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]713 return NGX_HTTP_PARSE_INVALID_HEADER;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]714 }
Igor Sysoev455a7fc2006-03-21 08:20:41 +0000[diff] [blame]715 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]716
717 /* end of header */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]718 case sw_header_almost_done:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]719 switch (ch) {
720 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]721 goto header_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]722 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]723 return NGX_HTTP_PARSE_INVALID_HEADER;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]724 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]725 }
726 }
727
Igor Sysoev369145c2004-05-28 15:49:23 +0000[diff] [blame]728 b->pos = p;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]729 r->state = state;
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]730 r->header_hash = hash;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]731 r->lowcase_index = i;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]732
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]733 return NGX_AGAIN;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]734
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]735done:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]736
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]737 b->pos = p + 1;
738 r->state = sw_start;
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]739 r->header_hash = hash;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame^]740 r->lowcase_index = i;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]741
742 return NGX_OK;
743
744header_done:
745
746 b->pos = p + 1;
747 r->state = sw_start;
748
749 return NGX_HTTP_PARSE_HEADER_DONE;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]750}
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]751
752
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]753ngx_int_t
754ngx_http_parse_complex_uri(ngx_http_request_t *r)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]755{
Igor Sysoev10a543a2004-03-16 07:10:12 +0000[diff] [blame]756 u_char c, ch, decoded, *p, *u;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]757 enum {
758 sw_usual = 0,
759 sw_slash,
760 sw_dot,
761 sw_dot_dot,
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]762#if (NGX_WIN32)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]763 sw_dot_dot_dot,
764#endif
765 sw_quoted,
766 sw_quoted_second
767 } state, quoted_state;
768
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]769#if (NGX_SUPPRESS_WARN)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]770 decoded = '\0';
771 quoted_state = sw_usual;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]772#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]773
774 state = sw_usual;
775 p = r->uri_start;
776 u = r->uri.data;
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]777 r->uri_ext = NULL;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]778 r->args_start = NULL;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]779
780 ch = *p++;
781
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]782 while (p <= r->uri_end) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]783
784 /*
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]785 * we use "ch = *p++" inside the cycle, but this operation is safe,
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]786 * because after the URI there is always at least one charcter:
787 * the line feed
788 */
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]789
Igor Sysoev54498db2004-02-11 17:08:49 +0000[diff] [blame]790 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]791 "s:%d in:'%Xd:%c', out:'%c'", state, ch, ch, *u);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]792
793 switch (state) {
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]794
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]795 case sw_usual:
796 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]797#if (NGX_WIN32)
798 case '\\':
799 r->uri_ext = NULL;
800
801 if (p == r->uri_start + r->uri.len) {
802
803 /*
804 * we omit the last "\" to cause redirect because
805 * the browsers do not treat "\" as "/" in relative URL path
806 */
807
808 break;
809 }
810
811 state = sw_slash;
812 *u++ = '/';
813 break;
814#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]815 case '/':
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]816 r->uri_ext = NULL;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]817 state = sw_slash;
818 *u++ = ch;
819 break;
820 case '%':
821 quoted_state = state;
822 state = sw_quoted;
823 break;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]824 case '?':
825 r->args_start = p;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]826 goto done;
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]827 case '.':
828 r->uri_ext = u + 1;
Igor Sysoev42b12b32004-12-02 18:40:46 +0000[diff] [blame]829 *u++ = ch;
830 break;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]831 default:
832 *u++ = ch;
833 break;
834 }
835 ch = *p++;
836 break;
837
838 case sw_slash:
839 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]840#if (NGX_WIN32)
841 case '\\':
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]842#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]843 case '/':
844 break;
845 case '.':
846 state = sw_dot;
847 *u++ = ch;
848 break;
849 case '%':
850 quoted_state = state;
851 state = sw_quoted;
852 break;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]853 case '?':
854 r->args_start = p;
855 goto done;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]856 default:
857 state = sw_usual;
858 *u++ = ch;
859 break;
860 }
861 ch = *p++;
862 break;
863
864 case sw_dot:
865 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]866#if (NGX_WIN32)
867 case '\\':
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]868#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]869 case '/':
870 state = sw_slash;
871 u--;
872 break;
873 case '.':
874 state = sw_dot_dot;
875 *u++ = ch;
876 break;
877 case '%':
878 quoted_state = state;
879 state = sw_quoted;
880 break;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]881 case '?':
882 r->args_start = p;
883 goto done;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]884 default:
885 state = sw_usual;
886 *u++ = ch;
887 break;
888 }
889 ch = *p++;
890 break;
891
892 case sw_dot_dot:
893 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]894#if (NGX_WIN32)
895 case '\\':
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]896#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]897 case '/':
898 state = sw_slash;
899 u -= 4;
900 if (u < r->uri.data) {
901 return NGX_HTTP_PARSE_INVALID_REQUEST;
902 }
903 while (*(u - 1) != '/') {
904 u--;
905 }
906 break;
907 case '%':
908 quoted_state = state;
909 state = sw_quoted;
910 break;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]911 case '?':
912 r->args_start = p;
913 goto done;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]914#if (NGX_WIN32)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]915 case '.':
916 state = sw_dot_dot_dot;
917 *u++ = ch;
918 break;
919#endif
920 default:
921 state = sw_usual;
922 *u++ = ch;
923 break;
924 }
925 ch = *p++;
926 break;
927
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]928#if (NGX_WIN32)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]929 case sw_dot_dot_dot:
930 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]931 case '\\':
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]932 case '/':
933 state = sw_slash;
934 u -= 5;
935 if (u < r->uri.data) {
936 return NGX_HTTP_PARSE_INVALID_REQUEST;
937 }
938 while (*u != '/') {
939 u--;
940 }
941 if (u < r->uri.data) {
942 return NGX_HTTP_PARSE_INVALID_REQUEST;
943 }
944 while (*(u - 1) != '/') {
945 u--;
946 }
947 break;
948 case '%':
949 quoted_state = state;
950 state = sw_quoted;
951 break;
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]952 case '?':
953 r->args_start = p;
954 goto done;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]955 default:
956 state = sw_usual;
957 *u++ = ch;
958 break;
959 }
960 ch = *p++;
961 break;
962#endif
963
964 case sw_quoted:
965 if (ch >= '0' && ch <= '9') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]966 decoded = (u_char) (ch - '0');
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]967 state = sw_quoted_second;
968 ch = *p++;
969 break;
970 }
971
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]972 c = (u_char) (ch | 0x20);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]973 if (c >= 'a' && c <= 'f') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]974 decoded = (u_char) (c - 'a' + 10);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]975 state = sw_quoted_second;
976 ch = *p++;
977 break;
978 }
979
980 return NGX_HTTP_PARSE_INVALID_REQUEST;
981
982 case sw_quoted_second:
983 if (ch >= '0' && ch <= '9') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]984 ch = (u_char) ((decoded << 4) + ch - '0');
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]985
Igor Sysoev7adb8c02003-12-02 16:57:05 +0000[diff] [blame]986 if (ch == '%') {
987 state = sw_usual;
988 *u++ = ch;
989 ch = *p++;
990 break;
991 }
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]992
993 if (ch == '\0') {
994 r->zero_in_uri = 1;
995 *u++ = ch;
996 ch = *p++;
997 }
998
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]999 state = quoted_state;
1000 break;
1001 }
1002
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]1003 c = (u_char) (ch | 0x20);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1004 if (c >= 'a' && c <= 'f') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]1005 ch = (u_char) ((decoded << 4) + c - 'a' + 10);
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]1006 if (ch == '?') {
Igor Sysoev7adb8c02003-12-02 16:57:05 +0000[diff] [blame]1007 *u++ = ch;
1008 ch = *p++;
Igor Sysoev7adb8c02003-12-02 16:57:05 +0000[diff] [blame]1009 }
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1010 state = quoted_state;
1011 break;
1012 }
1013
1014 return NGX_HTTP_PARSE_INVALID_REQUEST;
1015 }
1016 }
1017
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]1018done:
1019
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1020 r->uri.len = u - r->uri.data;
1021 r->uri.data[r->uri.len] = '\0';
1022
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]1023 if (r->uri_ext) {
1024 r->exten.len = u - r->uri_ext;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]1025 r->exten.data = r->uri_ext;
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]1026 }
1027
1028 r->uri_ext = NULL;
1029
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1030 return NGX_OK;
1031}
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1032
1033
1034ngx_int_t
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1035ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
1036 ngx_str_t *args, ngx_uint_t *flags)
1037{
1038 u_char ch, *p;
1039 size_t len;
1040
1041 len = uri->len;
1042 p = uri->data;
1043
1044 if (len == 0 || p[0] == '?') {
1045 goto unsafe;
1046 }
1047
1048 if (p[0] == '.' && len == 3 && p[1] == '.' && (p[2] == '/'
1049#if (NGX_WIN32)
1050 || p[2] == '\\'
1051#endif
1052 ))
1053 {
1054 goto unsafe;
1055 }
1056
1057 for ( /* void */ ; len; len--) {
1058
1059 ch = *p++;
1060
1061 if (ch == '?') {
1062 args->len = len - 1;
1063 args->data = p;
1064 uri->len -= len;
1065
1066 return NGX_OK;
1067 }
1068
1069 if (ch == '\0') {
1070 *flags |= NGX_HTTP_ZERO_IN_URI;
1071 continue;
1072 }
1073
1074 if (ch != '/'
1075#if (NGX_WIN32)
1076 && ch != '\\'
1077#endif
1078 )
1079 {
1080 continue;
1081 }
1082
1083 if (len > 2) {
1084
1085 /* detect "/../" */
1086
Igor Sysoev3fc6f642005-11-10 07:44:53 +0000[diff] [blame]1087 if (p[0] == '.' && p[1] == '.' && p[2] == '/') {
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1088 goto unsafe;
1089 }
1090
1091#if (NGX_WIN32)
1092
1093 if (p[2] == '\\') {
1094 goto unsafe;
1095 }
1096
1097 if (len > 3) {
1098
1099 /* detect "/.../" */
1100
Igor Sysoev3fc6f642005-11-10 07:44:53 +0000[diff] [blame]1101 if (p[0] == '.' && p[1] == '.' && p[2] == '.'
1102 && (p[3] == '/' || p[3] == '\\'))
1103 {
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1104 goto unsafe;
1105 }
1106 }
1107#endif
1108 }
1109 }
1110
1111 return NGX_OK;
1112
1113unsafe:
1114
1115 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
1116 "unsafe URI \"%V\" was detected", uri);
1117
1118 return NGX_ERROR;
1119}
1120
1121
1122ngx_int_t
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1123ngx_http_parse_multi_header_lines(ngx_array_t *headers, ngx_str_t *name,
1124 ngx_str_t *value)
1125{
1126 ngx_uint_t i;
1127 u_char *start, *last, *end, ch;
1128 ngx_table_elt_t **h;
1129
1130 h = headers->elts;
1131
1132 for (i = 0; i < headers->nelts; i++) {
1133
1134 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, headers->pool->log, 0,
1135 "parse header: \"%V: %V\"", &h[i]->key, &h[i]->value);
1136
1137 if (name->len > h[i]->value.len) {
1138 continue;
1139 }
Igor Sysoev0e5dc5c2005-11-15 13:30:52 +0000[diff] [blame]1140
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1141 start = h[i]->value.data;
1142 end = h[i]->value.data + h[i]->value.len;
1143
1144 while (start < end) {
1145
1146 if (ngx_strncasecmp(start, name->data, name->len) != 0) {
1147 goto skip;
1148 }
1149
1150 for (start += name->len; start < end && *start == ' '; start++) {
1151 /* void */
1152 }
1153
1154 if (value == NULL) {
1155 if (start == end || *start == ',') {
1156 return i;
1157 }
1158
1159 goto skip;
1160 }
1161
1162 if (start == end || *start++ != '=') {
1163 /* the invalid header value */
1164 goto skip;
1165 }
1166
1167 while (start < end && *start == ' ') { start++; }
1168
1169 for (last = start; last < end && *last != ';'; last++) {
1170 /* void */
1171 }
1172
1173 value->len = last - start;
1174 value->data = start;
1175
1176 return i;
1177
1178 skip:
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1179
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1180 while (start < end) {
1181 ch = *start++;
1182 if (ch == ';' || ch == ',') {
1183 break;
1184 }
1185 }
1186
1187 while (start < end && *start == ' ') { start++; }
1188 }
1189 }
1190
1191 return NGX_DECLINED;
1192}