Google Git
Sign in
nginx / nginx / b80a7f4318d13b3c2b030709beee99e6a159c0a5 / . / src / http / ngx_http_parse.c
blob: ddd8d77e6907641bcbaa6ee5420c4aa226a047fc [file] [log] [blame]
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]1
Igor Sysoevd90282d2004-09-28 08:34:51 +0000[diff] [blame]2/*
Igor Sysoevff8da912004-09-29 16:00:49 +0000[diff] [blame]3 * Copyright (C) Igor Sysoev
Igor Sysoevd90282d2004-09-28 08:34:51 +0000[diff] [blame]4 */
5
6
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]7#include <ngx_config.h>
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]8#include <ngx_core.h>
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]9#include <ngx_http.h>
10
Igor Sysoev59cf56c2004-09-07 15:29:22 +0000[diff] [blame]11
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]12/* gcc, icc, msvc and others compile these switches as an jump table */
13
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]14ngx_int_t
15ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]16{
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]17 u_char c, ch, *p, *m;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]18 enum {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]19 sw_start = 0,
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]20 sw_method,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]21 sw_space_after_method,
22 sw_spaces_before_uri,
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]23 sw_schema,
24 sw_schema_slash,
25 sw_schema_slash_slash,
26 sw_host,
27 sw_port,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]28 sw_after_slash_in_uri,
29 sw_check_uri,
30 sw_uri,
31 sw_http_09,
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]32 sw_http_H,
33 sw_http_HT,
34 sw_http_HTT,
35 sw_http_HTTP,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]36 sw_first_major_digit,
37 sw_major_digit,
38 sw_first_minor_digit,
39 sw_minor_digit,
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]40 sw_almost_done
Igor Sysoev481b6432002-12-04 16:29:40 +0000[diff] [blame]41 } state;
42
43 state = r->state;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]44
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]45 for (p = b->pos; p < b->last; p++) {
46 ch = *p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]47
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]48 switch (state) {
49
50 /* HTTP methods: GET, HEAD, POST */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]51 case sw_start:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]52 r->request_start = p;
Igor Sysoev3d062ad2003-03-05 06:37:42 +0000[diff] [blame]53
Igor Sysoev732a2712004-04-21 18:54:33 +0000[diff] [blame]54 if (ch == CR || ch == LF) {
55 break;
56 }
57
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]58 if (ch < 'A' || ch > 'Z') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]59 return NGX_HTTP_PARSE_INVALID_METHOD;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]60 }
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]61
62 state = sw_method;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]63 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]64
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]65 case sw_method:
66 if (ch == ' ') {
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]67 r->method_end = p - 1;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]68 m = r->request_start;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]69
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]70 switch (p - m) {
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]71
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]72 case 3:
Igor Sysoev2e6ba932004-09-09 15:40:48 +0000[diff] [blame]73 if (m[0] == 'G' && m[1] == 'E' && m[2] == 'T') {
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]74 r->method = NGX_HTTP_GET;
Igor Sysoev8a2b2fb2006-04-14 09:53:38 +0000[diff] [blame]75
76 } else if (m[0] == 'P' && m[1] == 'U' && m[2] == 'T') {
77 r->method = NGX_HTTP_PUT;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]78 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]79 break;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]80
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]81 case 4:
Igor Sysoev2e6ba932004-09-09 15:40:48 +0000[diff] [blame]82 if (m[0] == 'P' && m[1] == 'O'
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]83 && m[2] == 'S' && m[3] == 'T')
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]84 {
85 r->method = NGX_HTTP_POST;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]86
Igor Sysoev2e6ba932004-09-09 15:40:48 +0000[diff] [blame]87 } else if (m[0] == 'H' && m[1] == 'E'
88 && m[2] == 'A' && m[3] == 'D')
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]89 {
90 r->method = NGX_HTTP_HEAD;
91 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]92 break;
Igor Sysoev8a2b2fb2006-04-14 09:53:38 +0000[diff] [blame]93
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]94 case 5:
Igor Sysoev7bdb7202006-04-19 15:30:56 +0000[diff] [blame]95 if (m[0] == 'M' && m[1] == 'K'
96 && m[2] == 'C' && m[3] == 'O' && m[4] == 'L')
97 {
98 r->method = NGX_HTTP_MKCOL;
99 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]100 break;
Igor Sysoev7bdb7202006-04-19 15:30:56 +0000[diff] [blame]101
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]102 case 6:
Igor Sysoev8a2b2fb2006-04-14 09:53:38 +0000[diff] [blame]103 if (m[0] == 'D' && m[1] == 'E' && m[2] == 'L'
104 && m[3] == 'E' && m[4] == 'T' && m[5] == 'E')
105 {
106 r->method = NGX_HTTP_DELETE;
107 }
Igor Sysoev4ecb4d72006-04-21 12:06:44 +0000[diff] [blame]108 break;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]109 }
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]110
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]111 state = sw_spaces_before_uri;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]112 break;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]113 }
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]114
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]115 if (ch < 'A' || ch > 'Z') {
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]116 return NGX_HTTP_PARSE_INVALID_METHOD;
117 }
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]118
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]119 break;
120
121 /* single space after method */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]122 case sw_space_after_method:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]123 switch (ch) {
124 case ' ':
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]125 state = sw_spaces_before_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]126 break;
127 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]128 return NGX_HTTP_PARSE_INVALID_METHOD;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]129 }
130 break;
131
132 /* space* before URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]133 case sw_spaces_before_uri:
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]134
135 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]136 if (c >= 'a' && c <= 'z') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]137 r->schema_start = p;
138 state = sw_schema;
139 break;
140 }
141
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]142 switch (ch) {
143 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]144 r->uri_start = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]145 state = sw_after_slash_in_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]146 break;
147 case ' ':
148 break;
149 default:
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]150 return NGX_HTTP_PARSE_INVALID_REQUEST;
151 }
152 break;
153
154 case sw_schema:
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]155
156 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]157 if (c >= 'a' && c <= 'z') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]158 break;
159 }
160
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]161 switch (ch) {
162 case ':':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]163 r->schema_end = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]164 state = sw_schema_slash;
165 break;
166 default:
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]167 return NGX_HTTP_PARSE_INVALID_REQUEST;
168 }
169 break;
170
171 case sw_schema_slash:
172 switch (ch) {
173 case '/':
174 state = sw_schema_slash_slash;
175 break;
176 default:
177 return NGX_HTTP_PARSE_INVALID_REQUEST;
178 }
179 break;
180
181 case sw_schema_slash_slash:
182 switch (ch) {
183 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]184 r->host_start = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]185 state = sw_host;
186 break;
187 default:
188 return NGX_HTTP_PARSE_INVALID_REQUEST;
189 }
190 break;
191
192 case sw_host:
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]193
194 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]195 if (c >= 'a' && c <= 'z') {
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]196 break;
197 }
198
199 if ((ch >= '0' && ch <= '9') || ch == '.' || ch == '-')
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]200 {
201 break;
202 }
203
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]204 switch (ch) {
205 case ':':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]206 r->host_end = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]207 state = sw_port;
208 break;
209 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]210 r->host_end = p;
211 r->uri_start = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]212 state = sw_after_slash_in_uri;
213 break;
214 default:
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]215 return NGX_HTTP_PARSE_INVALID_REQUEST;
216 }
217 break;
218
219 case sw_port:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]220 if (ch >= '0' && ch <= '9') {
221 break;
222 }
223
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]224 switch (ch) {
225 case '/':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]226 r->port_end = p;
227 r->uri_start = p;
Igor Sysoeva3677242004-04-14 05:57:36 +0000[diff] [blame]228 state = sw_after_slash_in_uri;
229 break;
230 default:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]231 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]232 }
233 break;
234
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]235 /* check "/.", "//", "%", and "\" (Win32) in URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]236 case sw_after_slash_in_uri:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]237
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]238 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]239 if (c >= 'a' && c <= 'z') {
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]240 state = sw_check_uri;
241 break;
242 }
243
244 if (ch >= '0' && ch <= '9') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]245 state = sw_check_uri;
246 break;
247 }
248
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]249 switch (ch) {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]250 case ' ':
251 r->uri_end = p;
252 state = sw_http_09;
253 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]254 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]255 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]256 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]257 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]258 break;
259 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]260 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]261 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]262 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]263 case '.':
264 r->complex_uri = 1;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]265 state = sw_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]266 break;
Igor Sysoev924bd792004-10-11 15:07:03 +0000[diff] [blame]267 case '%':
268 r->quoted_uri = 1;
269 state = sw_uri;
270 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]271 case '/':
272 r->complex_uri = 1;
273 state = sw_uri;
274 break;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]275#if (NGX_WIN32)
276 case '\\':
277 r->complex_uri = 1;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]278 state = sw_uri;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]279 break;
280#endif
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]281 case '?':
282 r->args_start = p + 1;
283 state = sw_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]284 break;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]285 case '#':
286 r->complex_uri = 1;
287 state = sw_uri;
288 break;
Igor Sysoev805d9db2005-02-03 19:33:37 +0000[diff] [blame]289 case '+':
290 r->plus_in_uri = 1;
291 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]292 case '\0':
293 r->zero_in_uri = 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]294 break;
295 default:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]296 state = sw_check_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]297 break;
298 }
299 break;
300
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]301 /* check "/", "%" and "\" (Win32) in URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]302 case sw_check_uri:
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]303
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]304 c = (u_char) (ch | 0x20);
Igor Sysoev7b190b42005-06-07 15:56:31 +0000[diff] [blame]305 if (c >= 'a' && c <= 'z') {
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]306 break;
307 }
308
309 if (ch >= '0' && ch <= '9') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]310 break;
311 }
312
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]313 switch (ch) {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]314 case '/':
315 r->uri_ext = NULL;
316 state = sw_after_slash_in_uri;
317 break;
318 case '.':
319 r->uri_ext = p + 1;
320 break;
321 case ' ':
322 r->uri_end = p;
323 state = sw_http_09;
324 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]325 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]326 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]327 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]328 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]329 break;
330 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]331 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]332 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]333 goto done;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]334#if (NGX_WIN32)
335 case '\\':
336 r->complex_uri = 1;
337 state = sw_after_slash_in_uri;
338 break;
339#endif
Igor Sysoev7578ec92003-06-02 15:24:30 +0000[diff] [blame]340 case '%':
Igor Sysoev924bd792004-10-11 15:07:03 +0000[diff] [blame]341 r->quoted_uri = 1;
Igor Sysoev7578ec92003-06-02 15:24:30 +0000[diff] [blame]342 state = sw_uri;
343 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]344 case '?':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]345 r->args_start = p + 1;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]346 state = sw_uri;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]347 break;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]348 case '#':
349 r->complex_uri = 1;
350 state = sw_uri;
351 break;
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]352 case '+':
353 r->plus_in_uri = 1;
354 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]355 case '\0':
356 r->zero_in_uri = 1;
357 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]358 }
359 break;
360
361 /* URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]362 case sw_uri:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]363 switch (ch) {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]364 case ' ':
365 r->uri_end = p;
366 state = sw_http_09;
367 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]368 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]369 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]370 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]371 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]372 break;
373 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]374 r->uri_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]375 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]376 goto done;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]377 case '#':
378 r->complex_uri = 1;
379 break;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]380 case '\0':
381 r->zero_in_uri = 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]382 break;
383 }
384 break;
385
386 /* space+ after URI */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]387 case sw_http_09:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]388 switch (ch) {
389 case ' ':
390 break;
391 case CR:
392 r->http_minor = 9;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]393 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]394 break;
395 case LF:
396 r->http_minor = 9;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]397 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]398 case 'H':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]399 r->http_protocol.data = p;
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]400 state = sw_http_H;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]401 break;
402 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]403 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]404 }
405 break;
406
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]407 case sw_http_H:
408 switch (ch) {
409 case 'T':
410 state = sw_http_HT;
411 break;
412 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]413 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]414 }
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]415 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]416
Igor Sysoeva9830112003-05-19 16:39:14 +0000[diff] [blame]417 case sw_http_HT:
418 switch (ch) {
419 case 'T':
420 state = sw_http_HTT;
421 break;
422 default:
423 return NGX_HTTP_PARSE_INVALID_REQUEST;
424 }
425 break;
426
427 case sw_http_HTT:
428 switch (ch) {
429 case 'P':
430 state = sw_http_HTTP;
431 break;
432 default:
433 return NGX_HTTP_PARSE_INVALID_REQUEST;
434 }
435 break;
436
437 case sw_http_HTTP:
438 switch (ch) {
439 case '/':
440 state = sw_first_major_digit;
441 break;
442 default:
443 return NGX_HTTP_PARSE_INVALID_REQUEST;
444 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]445 break;
446
447 /* first digit of major HTTP version */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]448 case sw_first_major_digit:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]449 if (ch < '1' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]450 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]451 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]452
453 r->http_major = ch - '0';
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]454 state = sw_major_digit;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]455 break;
456
457 /* major HTTP version or dot */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]458 case sw_major_digit:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]459 if (ch == '.') {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]460 state = sw_first_minor_digit;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]461 break;
462 }
463
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]464 if (ch < '0' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]465 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]466 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]467
468 r->http_major = r->http_major * 10 + ch - '0';
469 break;
470
471 /* first digit of minor HTTP version */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]472 case sw_first_minor_digit:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]473 if (ch < '0' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]474 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]475 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]476
477 r->http_minor = ch - '0';
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]478 state = sw_minor_digit;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]479 break;
480
481 /* minor HTTP version or end of request line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]482 case sw_minor_digit:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]483 if (ch == CR) {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]484 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]485 break;
486 }
487
488 if (ch == LF) {
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]489 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]490 }
491
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]492 if (ch < '0' || ch > '9') {
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]493 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]494 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]495
496 r->http_minor = r->http_minor * 10 + ch - '0';
497 break;
498
499 /* end of request line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]500 case sw_almost_done:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]501 r->request_end = p - 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]502 switch (ch) {
503 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]504 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]505 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]506 return NGX_HTTP_PARSE_INVALID_REQUEST;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]507 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]508 }
509 }
510
Igor Sysoevdd888c42004-09-21 05:38:28 +0000[diff] [blame]511 b->pos = p;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]512 r->state = state;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]513
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]514 return NGX_AGAIN;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]515
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]516done:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]517
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]518 b->pos = p + 1;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]519
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]520 if (r->request_end == NULL) {
521 r->request_end = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]522 }
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]523
524 r->http_version = r->http_major * 1000 + r->http_minor;
525 r->state = sw_start;
526
527 if (r->http_version == 9 && r->method != NGX_HTTP_GET) {
528 return NGX_HTTP_PARSE_INVALID_09_METHOD;
529 }
530
531 return NGX_OK;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]532}
533
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]534
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]535ngx_int_t
536ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]537{
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]538 u_char c, ch, *p;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]539 ngx_uint_t hash, i;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]540 enum {
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]541 sw_start = 0,
542 sw_name,
543 sw_space_before_value,
544 sw_value,
545 sw_space_after_value,
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]546 sw_ignore_line,
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]547 sw_almost_done,
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]548 sw_header_almost_done
Igor Sysoev481b6432002-12-04 16:29:40 +0000[diff] [blame]549 } state;
550
Igor Sysoevbb8bbb72006-10-17 12:47:14 +0000[diff] [blame]551 /* the last '\0' is not needed because string is zero terminated */
552
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]553 static u_char lowcase[] =
554 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
555 "\0\0\0\0\0\0\0\0\0\0\0\0\0-\0\0" "0123456789\0\0\0\0\0\0"
556 "\0abcdefghijklmnopqrstuvwxyz\0\0\0\0\0"
557 "\0abcdefghijklmnopqrstuvwxyz\0\0\0\0\0"
558 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
559 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
560 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
Igor Sysoevbb8bbb72006-10-17 12:47:14 +0000[diff] [blame]561 "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]562
Igor Sysoev481b6432002-12-04 16:29:40 +0000[diff] [blame]563 state = r->state;
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]564 hash = r->header_hash;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]565 i = r->lowcase_index;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]566
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]567 for (p = b->pos; p < b->last; p++) {
568 ch = *p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]569
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]570 switch (state) {
571
572 /* first char */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]573 case sw_start:
Igor Sysoev3362b8d2005-05-14 18:42:03 +0000[diff] [blame]574 r->invalid_header = 0;
575
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]576 switch (ch) {
577 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]578 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]579 state = sw_header_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]580 break;
581 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]582 r->header_end = p;
583 goto header_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]584 default:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]585 state = sw_name;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]586 r->header_name_start = p;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]587
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]588 c = lowcase[ch];
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]589
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]590 if (c) {
591 hash = ngx_hash(0, c);
592 r->lowcase_header[0] = c;
593 i = 1;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]594 break;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]595 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]596
Igor Sysoev3362b8d2005-05-14 18:42:03 +0000[diff] [blame]597 r->invalid_header = 1;
598
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]599 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]600
601 }
602 break;
603
604 /* header name */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]605 case sw_name:
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]606 c = lowcase[ch];
607
608 if (c) {
609 hash = ngx_hash(hash, c);
610 r->lowcase_header[i++] = c;
611 i &= ~NGX_HTTP_LC_HEADER_LEN;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]612 break;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]613 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]614
615 if (ch == ':') {
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]616 r->header_name_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]617 state = sw_space_before_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]618 break;
619 }
620
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]621 if (ch == CR) {
622 r->header_name_end = p;
623 r->header_start = p;
624 r->header_end = p;
625 state = sw_almost_done;
626 break;
627 }
628
629 if (ch == LF) {
630 r->header_name_end = p;
631 r->header_start = p;
632 r->header_end = p;
633 goto done;
634 }
635
Igor Sysoev924bd792004-10-11 15:07:03 +0000[diff] [blame]636 /* IIS may send the duplicate "HTTP/1.1 ..." lines */
Igor Sysoev183f9a62003-04-09 15:42:08 +0000[diff] [blame]637 if (ch == '/'
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]638 && r->upstream
639 && p - r->header_name_start == 4
640 && ngx_strncmp(r->header_name_start, "HTTP", 4) == 0)
Igor Sysoev183f9a62003-04-09 15:42:08 +0000[diff] [blame]641 {
642 state = sw_ignore_line;
643 break;
Igor Sysoeve2a31542003-04-08 15:40:10 +0000[diff] [blame]644 }
645
Igor Sysoev3362b8d2005-05-14 18:42:03 +0000[diff] [blame]646 r->invalid_header = 1;
647
Igor Sysoev4d656dc2005-03-22 16:02:46 +0000[diff] [blame]648 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]649
650 /* space* before header value */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]651 case sw_space_before_value:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]652 switch (ch) {
653 case ' ':
654 break;
655 case CR:
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]656 r->header_start = p;
657 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]658 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]659 break;
660 case LF:
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]661 r->header_start = p;
662 r->header_end = p;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]663 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]664 default:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]665 r->header_start = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]666 state = sw_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]667 break;
668 }
669 break;
670
671 /* header value */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]672 case sw_value:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]673 switch (ch) {
674 case ' ':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]675 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]676 state = sw_space_after_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]677 break;
678 case CR:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]679 r->header_end = p;
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]680 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]681 break;
682 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]683 r->header_end = p;
684 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]685 }
686 break;
687
688 /* space* before end of header line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]689 case sw_space_after_value:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]690 switch (ch) {
691 case ' ':
692 break;
693 case CR:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]694 state = sw_almost_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]695 break;
696 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]697 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]698 default:
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]699 state = sw_value;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]700 break;
701 }
702 break;
703
Igor Sysoeve2a31542003-04-08 15:40:10 +0000[diff] [blame]704 /* ignore header line */
705 case sw_ignore_line:
706 switch (ch) {
707 case LF:
708 state = sw_start;
709 break;
710 default:
711 break;
712 }
713 break;
714
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]715 /* end of header line */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]716 case sw_almost_done:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]717 switch (ch) {
Igor Sysoev8fea8852006-03-15 09:53:04 +0000[diff] [blame]718 case CR:
719 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]720 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]721 goto done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]722 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]723 return NGX_HTTP_PARSE_INVALID_HEADER;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]724 }
Igor Sysoev455a7fc2006-03-21 08:20:41 +0000[diff] [blame]725 break;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]726
727 /* end of header */
Igor Sysoev016b8522002-08-29 16:59:54 +0000[diff] [blame]728 case sw_header_almost_done:
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]729 switch (ch) {
730 case LF:
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]731 goto header_done;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]732 default:
Igor Sysoev1af7c822002-09-13 14:47:42 +0000[diff] [blame]733 return NGX_HTTP_PARSE_INVALID_HEADER;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]734 }
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]735 }
736 }
737
Igor Sysoev369145c2004-05-28 15:49:23 +0000[diff] [blame]738 b->pos = p;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]739 r->state = state;
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]740 r->header_hash = hash;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]741 r->lowcase_index = i;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]742
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]743 return NGX_AGAIN;
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]744
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]745done:
Igor Sysoev4e9393a2003-01-09 05:36:00 +0000[diff] [blame]746
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]747 b->pos = p + 1;
748 r->state = sw_start;
Igor Sysoev02f742b2005-04-08 15:18:55 +0000[diff] [blame]749 r->header_hash = hash;
Igor Sysoev3338cfd2006-05-11 14:43:47 +0000[diff] [blame]750 r->lowcase_index = i;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]751
752 return NGX_OK;
753
754header_done:
755
756 b->pos = p + 1;
757 r->state = sw_start;
758
759 return NGX_HTTP_PARSE_HEADER_DONE;
Igor Sysoev0c331d92002-08-15 17:20:26 +0000[diff] [blame]760}
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]761
762
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]763ngx_int_t
764ngx_http_parse_complex_uri(ngx_http_request_t *r)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]765{
Igor Sysoev10a543a2004-03-16 07:10:12 +0000[diff] [blame]766 u_char c, ch, decoded, *p, *u;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]767 enum {
768 sw_usual = 0,
769 sw_slash,
770 sw_dot,
771 sw_dot_dot,
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]772#if (NGX_WIN32)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]773 sw_dot_dot_dot,
774#endif
775 sw_quoted,
776 sw_quoted_second
777 } state, quoted_state;
778
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]779#if (NGX_SUPPRESS_WARN)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]780 decoded = '\0';
781 quoted_state = sw_usual;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]782#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]783
784 state = sw_usual;
785 p = r->uri_start;
786 u = r->uri.data;
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]787 r->uri_ext = NULL;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]788 r->args_start = NULL;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]789
790 ch = *p++;
791
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]792 while (p <= r->uri_end) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]793
794 /*
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]795 * we use "ch = *p++" inside the cycle, but this operation is safe,
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]796 * because after the URI there is always at least one charcter:
797 * the line feed
798 */
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]799
Igor Sysoev54498db2004-02-11 17:08:49 +0000[diff] [blame]800 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]801 "s:%d in:'%Xd:%c', out:'%c'", state, ch, ch, *u);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]802
803 switch (state) {
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]804
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]805 case sw_usual:
806 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]807#if (NGX_WIN32)
808 case '\\':
809 r->uri_ext = NULL;
810
811 if (p == r->uri_start + r->uri.len) {
812
813 /*
814 * we omit the last "\" to cause redirect because
815 * the browsers do not treat "\" as "/" in relative URL path
816 */
817
818 break;
819 }
820
821 state = sw_slash;
822 *u++ = '/';
823 break;
824#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]825 case '/':
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]826 r->uri_ext = NULL;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]827 state = sw_slash;
828 *u++ = ch;
829 break;
830 case '%':
831 quoted_state = state;
832 state = sw_quoted;
833 break;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]834 case '?':
835 r->args_start = p;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]836 goto args;
837 case '#':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]838 goto done;
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]839 case '.':
840 r->uri_ext = u + 1;
Igor Sysoev42b12b32004-12-02 18:40:46 +0000[diff] [blame]841 *u++ = ch;
842 break;
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]843 case '+':
844 r->plus_in_uri = 1;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]845 default:
846 *u++ = ch;
847 break;
848 }
849 ch = *p++;
850 break;
851
852 case sw_slash:
853 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]854#if (NGX_WIN32)
855 case '\\':
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]856#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]857 case '/':
858 break;
859 case '.':
860 state = sw_dot;
861 *u++ = ch;
862 break;
863 case '%':
864 quoted_state = state;
865 state = sw_quoted;
866 break;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]867 case '?':
868 r->args_start = p;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]869 goto args;
870 case '#':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]871 goto done;
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]872 case '+':
873 r->plus_in_uri = 1;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]874 default:
875 state = sw_usual;
876 *u++ = ch;
877 break;
878 }
879 ch = *p++;
880 break;
881
882 case sw_dot:
883 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]884#if (NGX_WIN32)
885 case '\\':
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]886#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]887 case '/':
888 state = sw_slash;
889 u--;
890 break;
891 case '.':
892 state = sw_dot_dot;
893 *u++ = ch;
894 break;
895 case '%':
896 quoted_state = state;
897 state = sw_quoted;
898 break;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]899 case '?':
900 r->args_start = p;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]901 goto args;
902 case '#':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]903 goto done;
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]904 case '+':
905 r->plus_in_uri = 1;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]906 default:
907 state = sw_usual;
908 *u++ = ch;
909 break;
910 }
911 ch = *p++;
912 break;
913
914 case sw_dot_dot:
915 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]916#if (NGX_WIN32)
917 case '\\':
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]918#endif
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]919 case '/':
920 state = sw_slash;
921 u -= 4;
922 if (u < r->uri.data) {
923 return NGX_HTTP_PARSE_INVALID_REQUEST;
924 }
925 while (*(u - 1) != '/') {
926 u--;
927 }
928 break;
929 case '%':
930 quoted_state = state;
931 state = sw_quoted;
932 break;
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]933 case '?':
934 r->args_start = p;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]935 goto args;
936 case '#':
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]937 goto done;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]938#if (NGX_WIN32)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]939 case '.':
940 state = sw_dot_dot_dot;
941 *u++ = ch;
942 break;
943#endif
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]944 case '+':
945 r->plus_in_uri = 1;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]946 default:
947 state = sw_usual;
948 *u++ = ch;
949 break;
950 }
951 ch = *p++;
952 break;
953
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]954#if (NGX_WIN32)
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]955 case sw_dot_dot_dot:
956 switch(ch) {
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]957 case '\\':
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]958 case '/':
959 state = sw_slash;
960 u -= 5;
961 if (u < r->uri.data) {
962 return NGX_HTTP_PARSE_INVALID_REQUEST;
963 }
964 while (*u != '/') {
965 u--;
966 }
967 if (u < r->uri.data) {
968 return NGX_HTTP_PARSE_INVALID_REQUEST;
969 }
970 while (*(u - 1) != '/') {
971 u--;
972 }
973 break;
974 case '%':
975 quoted_state = state;
976 state = sw_quoted;
977 break;
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]978 case '?':
979 r->args_start = p;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]980 goto args;
981 case '#':
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]982 goto done;
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]983 case '+':
984 r->plus_in_uri = 1;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]985 default:
986 state = sw_usual;
987 *u++ = ch;
988 break;
989 }
990 ch = *p++;
991 break;
992#endif
993
994 case sw_quoted:
Igor Sysoev8f125582006-07-28 15:16:17 +0000[diff] [blame]995 r->quoted_uri = 1;
996
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]997 if (ch >= '0' && ch <= '9') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]998 decoded = (u_char) (ch - '0');
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]999 state = sw_quoted_second;
1000 ch = *p++;
1001 break;
1002 }
1003
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]1004 c = (u_char) (ch | 0x20);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1005 if (c >= 'a' && c <= 'f') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]1006 decoded = (u_char) (c - 'a' + 10);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1007 state = sw_quoted_second;
1008 ch = *p++;
1009 break;
1010 }
1011
1012 return NGX_HTTP_PARSE_INVALID_REQUEST;
1013
1014 case sw_quoted_second:
1015 if (ch >= '0' && ch <= '9') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]1016 ch = (u_char) ((decoded << 4) + ch - '0');
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]1017
Igor Sysoev7adb8c02003-12-02 16:57:05 +0000[diff] [blame]1018 if (ch == '%') {
1019 state = sw_usual;
1020 *u++ = ch;
1021 ch = *p++;
1022 break;
1023 }
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]1024
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]1025 if (ch == '#') {
1026 *u++ = ch;
1027 ch = *p++;
1028
1029 } else if (ch == '\0') {
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]1030 r->zero_in_uri = 1;
Igor Sysoev1ebfead2005-02-16 13:40:36 +0000[diff] [blame]1031 }
1032
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1033 state = quoted_state;
1034 break;
1035 }
1036
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]1037 c = (u_char) (ch | 0x20);
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1038 if (c >= 'a' && c <= 'f') {
Igor Sysoev9c610952004-03-16 13:35:20 +0000[diff] [blame]1039 ch = (u_char) ((decoded << 4) + c - 'a' + 10);
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]1040
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]1041 if (ch == '?') {
Igor Sysoev7adb8c02003-12-02 16:57:05 +0000[diff] [blame]1042 *u++ = ch;
1043 ch = *p++;
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]1044
1045 } else if (ch == '+') {
1046 r->plus_in_uri = 1;
Igor Sysoev7adb8c02003-12-02 16:57:05 +0000[diff] [blame]1047 }
Igor Sysoevef809b82006-06-28 16:00:26 +0000[diff] [blame]1048
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1049 state = quoted_state;
1050 break;
1051 }
1052
1053 return NGX_HTTP_PARSE_INVALID_REQUEST;
1054 }
1055 }
1056
Igor Sysoev02025fd2005-01-18 13:03:58 +0000[diff] [blame]1057done:
1058
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1059 r->uri.len = u - r->uri.data;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1060
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]1061 if (r->uri_ext) {
1062 r->exten.len = u - r->uri_ext;
Igor Sysoev1b735832004-11-11 14:07:14 +0000[diff] [blame]1063 r->exten.data = r->uri_ext;
Igor Sysoev865c1502003-11-30 20:03:18 +0000[diff] [blame]1064 }
1065
1066 r->uri_ext = NULL;
1067
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1068 return NGX_OK;
Igor Sysoevb80a7f42006-10-28 10:15:31 +0000[diff] [blame^]1069
1070args:
1071
1072 while (p < r->uri_end) {
1073 if (*p++ != '#') {
1074 continue;
1075 }
1076
1077 r->args.len = p - 1 - r->args_start;
1078 r->args.data = r->args_start;
1079 r->args_start = NULL;
1080
1081 break;
1082 }
1083
1084 r->uri.len = u - r->uri.data;
1085
1086 if (r->uri_ext) {
1087 r->exten.len = u - r->uri_ext;
1088 r->exten.data = r->uri_ext;
1089 }
1090
1091 r->uri_ext = NULL;
1092
1093 return NGX_OK;
Igor Sysoevc2bba092003-11-28 17:41:47 +0000[diff] [blame]1094}
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1095
1096
1097ngx_int_t
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1098ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
1099 ngx_str_t *args, ngx_uint_t *flags)
1100{
1101 u_char ch, *p;
1102 size_t len;
1103
1104 len = uri->len;
1105 p = uri->data;
1106
1107 if (len == 0 || p[0] == '?') {
1108 goto unsafe;
1109 }
1110
1111 if (p[0] == '.' && len == 3 && p[1] == '.' && (p[2] == '/'
1112#if (NGX_WIN32)
1113 || p[2] == '\\'
1114#endif
1115 ))
1116 {
1117 goto unsafe;
1118 }
1119
1120 for ( /* void */ ; len; len--) {
1121
1122 ch = *p++;
1123
1124 if (ch == '?') {
1125 args->len = len - 1;
1126 args->data = p;
1127 uri->len -= len;
1128
1129 return NGX_OK;
1130 }
1131
1132 if (ch == '\0') {
1133 *flags |= NGX_HTTP_ZERO_IN_URI;
1134 continue;
1135 }
1136
1137 if (ch != '/'
1138#if (NGX_WIN32)
1139 && ch != '\\'
1140#endif
1141 )
1142 {
1143 continue;
1144 }
1145
1146 if (len > 2) {
1147
1148 /* detect "/../" */
1149
Igor Sysoev3fc6f642005-11-10 07:44:53 +0000[diff] [blame]1150 if (p[0] == '.' && p[1] == '.' && p[2] == '/') {
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1151 goto unsafe;
1152 }
1153
1154#if (NGX_WIN32)
1155
1156 if (p[2] == '\\') {
1157 goto unsafe;
1158 }
1159
1160 if (len > 3) {
1161
1162 /* detect "/.../" */
1163
Igor Sysoev3fc6f642005-11-10 07:44:53 +0000[diff] [blame]1164 if (p[0] == '.' && p[1] == '.' && p[2] == '.'
1165 && (p[3] == '/' || p[3] == '\\'))
1166 {
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1167 goto unsafe;
1168 }
1169 }
1170#endif
1171 }
1172 }
1173
1174 return NGX_OK;
1175
1176unsafe:
1177
1178 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
1179 "unsafe URI \"%V\" was detected", uri);
1180
1181 return NGX_ERROR;
1182}
1183
1184
1185ngx_int_t
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1186ngx_http_parse_multi_header_lines(ngx_array_t *headers, ngx_str_t *name,
1187 ngx_str_t *value)
1188{
1189 ngx_uint_t i;
1190 u_char *start, *last, *end, ch;
1191 ngx_table_elt_t **h;
1192
1193 h = headers->elts;
1194
1195 for (i = 0; i < headers->nelts; i++) {
1196
1197 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, headers->pool->log, 0,
1198 "parse header: \"%V: %V\"", &h[i]->key, &h[i]->value);
1199
1200 if (name->len > h[i]->value.len) {
1201 continue;
1202 }
Igor Sysoev0e5dc5c2005-11-15 13:30:52 +0000[diff] [blame]1203
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1204 start = h[i]->value.data;
1205 end = h[i]->value.data + h[i]->value.len;
1206
1207 while (start < end) {
1208
1209 if (ngx_strncasecmp(start, name->data, name->len) != 0) {
1210 goto skip;
1211 }
1212
1213 for (start += name->len; start < end && *start == ' '; start++) {
1214 /* void */
1215 }
1216
1217 if (value == NULL) {
1218 if (start == end || *start == ',') {
1219 return i;
1220 }
1221
1222 goto skip;
1223 }
1224
1225 if (start == end || *start++ != '=') {
1226 /* the invalid header value */
1227 goto skip;
1228 }
1229
1230 while (start < end && *start == ' ') { start++; }
1231
1232 for (last = start; last < end && *last != ';'; last++) {
1233 /* void */
1234 }
1235
1236 value->len = last - start;
1237 value->data = start;
1238
1239 return i;
1240
1241 skip:
Igor Sysoev09c684b2005-11-09 17:25:55 +0000[diff] [blame]1242
Igor Sysoev899b44e2005-05-12 14:58:06 +0000[diff] [blame]1243 while (start < end) {
1244 ch = *start++;
1245 if (ch == ';' || ch == ',') {
1246 break;
1247 }
1248 }
1249
1250 while (start < end && *start == ' ') { start++; }
1251 }
1252 }
1253
1254 return NGX_DECLINED;
1255}