Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1723

Timestamp:

04/09/2007 06:12:43 PM (17 months ago)

Author:

jan

Message:

encode newlines in HTTP headers (fixes #1106)

Location:

branches/lighttpd-1.4.x/src

Files:

: 3 modified

buffer.c (modified) (4 diffs)
buffer.h (modified) (1 diff)
response.c (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

branches/lighttpd-1.4.x/src/buffer.c

r1371	r1723
730	730	};
731	731
	732	const char encoded_chars_http_header[] = {
	733	/*
	734	0 1 2 3 4 5 6 7 8 9 A B C D E F
	735	*/
	736	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, /* 00 - 0F */
	737	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 10 - 1F */
	738	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 20 - 2F */
	739	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 30 - 3F */
	740	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 40 - 4F */
	741	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 50 - 5F */
	742	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 60 - 6F */
	743	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 70 - 7F */
	744	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 80 - 8F */
	745	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 90 - 9F */
	746	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* A0 - AF */
	747	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* B0 - BF */
	748	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* C0 - CF */
	749	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* D0 - DF */
	750	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* E0 - EF */
	751	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* F0 - FF */
	752	};
	753
	754
732	755
733	756	int buffer_append_string_encoded(buffer b, const char s, size_t s_len, buffer_encoding_t encoding) {
…	…
760	783	map = encoded_chars_hex;
761	784	break;
	785	case ENCODING_HTTP_HEADER:
	786	map = encoded_chars_http_header;
	787	break;
762	788	case ENCODING_UNSET:
763	789	break;
…	…
778	804	d_len += 6;
779	805	break;
	806	case ENCODING_HTTP_HEADER:
780	807	case ENCODING_HEX:
781	808	d_len += 2;
…	…
813	840	d[d_len++] = hex_chars[(*ds) & 0x0F];
814	841	break;
	842	case ENCODING_HTTP_HEADER:
	843	d[d_len++] = *ds;
	844	d[d_len++] = '\t';
	845	break;
815	846	case ENCODING_UNSET:
816	847	break;

branches/lighttpd-1.4.x/src/buffer.h

r1371	r1723
88	88	ENCODING_REL_URI, /* for coding a rel-uri (/with space/and%percent) nicely as part of a href */
89	89	ENCODING_REL_URI_PART, /* same as ENC_REL_URL plus coding / too as %2F */
90		ENCODING_HTML, /* & becomes & and so on */
91		ENCODING_MINIMAL_XML, /* minimal encoding for xml */
92		ENCODING_HEX /* encode string as hex */
	90	ENCODING_HTML, /* & becomes & and so on */
	91	ENCODING_MINIMAL_XML, /* minimal encoding for xml */
	92	ENCODING_HEX, /* encode string as hex */
	93	ENCODING_HTTP_HEADER /* encode \n with \t\n */
93	94	} buffer_encoding_t;
94	95

branches/lighttpd-1.4.x/src/response.c

r1371	r1723
67	67	buffer_append_string_buffer(b, ds->key);
68	68	BUFFER_APPEND_STRING_CONST(b, ": ");
69		buffer_append_string_buffer(b, ds->value);
	69
	70	/**
	71	* the value might contain newlines, encode them with at least one white-space
	72	*/
	73	buffer_append_string_encoded(b, CONST_BUF_LEN(ds->value), ENCODING_HTTP_HEADER);
70	74	#if 0
71	75	log_error_write(srv, __FILE__, __LINE__, "bb",
…	…
99	103	} else {
100	104	BUFFER_APPEND_STRING_CONST(b, "\r\nServer: ");
101		buffer_append_string_~~buffer(b, con->conf.server_tag~~);
	105	buffer_append_string_encoded(b, CONST_BUF_LEN(con->conf.server_tag), ENCODING_HTTP_HEADER);
102	106	}
103	107	}

Download in other formats: