search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / net / http / http_stream_parser.cc
blob30a63015496ba00859eb6580ed45733d98c76cab
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/http/http_stream_parser.h"
6
7 #include "base/bind.h"
8 #include "base/compiler_specific.h"
9 #include "base/logging.h"
10 #include "base/metrics/histogram_macros.h"
11 #include "base/profiler/scoped_tracker.h"
12 #include "base/strings/string_util.h"
13 #include "base/values.h"
14 #include "net/base/io_buffer.h"
15 #include "net/base/ip_endpoint.h"
16 #include "net/base/upload_data_stream.h"
17 #include "net/http/http_chunked_decoder.h"
18 #include "net/http/http_request_headers.h"
19 #include "net/http/http_request_info.h"
20 #include "net/http/http_response_headers.h"
21 #include "net/http/http_util.h"
22 #include "net/socket/client_socket_handle.h"
23 #include "net/socket/ssl_client_socket.h"
24
25 namespace net {
26
27 namespace {
28
29 enum HttpHeaderParserEvent {
30 HEADER_PARSER_INVOKED = 0,
31 HEADER_HTTP_09_RESPONSE = 1,
32 HEADER_ALLOWED_TRUNCATED_HEADERS = 2,
33 HEADER_SKIPPED_WS_PREFIX = 3,
34 HEADER_SKIPPED_NON_WS_PREFIX = 4,
35 NUM_HEADER_EVENTS
36 };
37
38 void RecordHeaderParserEvent(HttpHeaderParserEvent header_event) {
39 UMA_HISTOGRAM_ENUMERATION("Net.HttpHeaderParserEvent", header_event,
40 NUM_HEADER_EVENTS);
41 }
42
43 const uint64 kMaxMergedHeaderAndBodySize = 1400;
44 const size_t kRequestBodyBufferSize = 1 << 14; // 16KB
45
46 std::string GetResponseHeaderLines(const HttpResponseHeaders& headers) {
47 std::string raw_headers = headers.raw_headers();
48 const char* null_separated_headers = raw_headers.c_str();
49 const char* header_line = null_separated_headers;
50 std::string cr_separated_headers;
51 while (header_line[0] != 0) {
52 cr_separated_headers += header_line;
53 cr_separated_headers += "\n";
54 header_line += strlen(header_line) + 1;
55 }
56 return cr_separated_headers;
57 }
58
59 // Return true if |headers| contain multiple |field_name| fields with different
60 // values.
61 bool HeadersContainMultipleCopiesOfField(const HttpResponseHeaders& headers,
62 const std::string& field_name) {
63 void* it = NULL;
64 std::string field_value;
65 if (!headers.EnumerateHeader(&it, field_name, &field_value))
66 return false;
67 // There's at least one |field_name| header. Check if there are any more
68 // such headers, and if so, return true if they have different values.
69 std::string field_value2;
70 while (headers.EnumerateHeader(&it, field_name, &field_value2)) {
71 if (field_value != field_value2)
72 return true;
73 }
74 return false;
75 }
76
77 base::Value* NetLogSendRequestBodyCallback(
78 uint64 length,
79 bool is_chunked,
80 bool did_merge,
81 NetLogCaptureMode /* capture_mode */) {
82 base::DictionaryValue* dict = new base::DictionaryValue();
83 dict->SetInteger("length", static_cast<int>(length));
84 dict->SetBoolean("is_chunked", is_chunked);
85 dict->SetBoolean("did_merge", did_merge);
86 return dict;
87 }
88
89 // Returns true if |error_code| is an error for which we give the server a
90 // chance to send a body containing error information, if the error was received
91 // while trying to upload a request body.
92 bool ShouldTryReadingOnUploadError(int error_code) {
93 return (error_code == ERR_CONNECTION_RESET);
94 }
95
96 } // namespace
97
98 // Similar to DrainableIOBuffer(), but this version comes with its own
99 // storage. The motivation is to avoid repeated allocations of
100 // DrainableIOBuffer.
101 //
102 // Example:
103 //
104 // scoped_refptr<SeekableIOBuffer> buf = new SeekableIOBuffer(1024);
105 // // capacity() == 1024. size() == BytesRemaining() == BytesConsumed() == 0.
106 // // data() points to the beginning of the buffer.
107 //
108 // // Read() takes an IOBuffer.
109 // int bytes_read = some_reader->Read(buf, buf->capacity());
110 // buf->DidAppend(bytes_read);
111 // // size() == BytesRemaining() == bytes_read. data() is unaffected.
112 //
113 // while (buf->BytesRemaining() > 0) {
114 // // Write() takes an IOBuffer. If it takes const char*, we could
115 /// // simply use the regular IOBuffer like buf->data() + offset.
116 // int bytes_written = Write(buf, buf->BytesRemaining());
117 // buf->DidConsume(bytes_written);
118 // }
119 // // BytesRemaining() == 0. BytesConsumed() == size().
120 // // data() points to the end of the consumed bytes (exclusive).
121 //
122 // // If you want to reuse the buffer, be sure to clear the buffer.
123 // buf->Clear();
124 // // size() == BytesRemaining() == BytesConsumed() == 0.
125 // // data() points to the beginning of the buffer.
126 //
127 class HttpStreamParser::SeekableIOBuffer : public IOBuffer {
128 public:
129 explicit SeekableIOBuffer(int capacity)
130 : IOBuffer(capacity),
131 real_data_(data_),
132 capacity_(capacity),
133 size_(0),
134 used_(0) {
135 }
136
137 // DidConsume() changes the |data_| pointer so that |data_| always points
138 // to the first unconsumed byte.
139 void DidConsume(int bytes) {
140 SetOffset(used_ + bytes);
141 }
142
143 // Returns the number of unconsumed bytes.
144 int BytesRemaining() const {
145 return size_ - used_;
146 }
147
148 // Seeks to an arbitrary point in the buffer. The notion of bytes consumed
149 // and remaining are updated appropriately.
150 void SetOffset(int bytes) {
151 DCHECK_GE(bytes, 0);
152 DCHECK_LE(bytes, size_);
153 used_ = bytes;
154 data_ = real_data_ + used_;
155 }
156
157 // Called after data is added to the buffer. Adds |bytes| added to
158 // |size_|. data() is unaffected.
159 void DidAppend(int bytes) {
160 DCHECK_GE(bytes, 0);
161 DCHECK_GE(size_ + bytes, 0);
162 DCHECK_LE(size_ + bytes, capacity_);
163 size_ += bytes;
164 }
165
166 // Changes the logical size to 0, and the offset to 0.
167 void Clear() {
168 size_ = 0;
169 SetOffset(0);
170 }
171
172 // Returns the logical size of the buffer (i.e the number of bytes of data
173 // in the buffer).
174 int size() const { return size_; }
175
176 // Returns the capacity of the buffer. The capacity is the size used when
177 // the object is created.
178 int capacity() const { return capacity_; };
179
180 private:
181 ~SeekableIOBuffer() override {
182 // data_ will be deleted in IOBuffer::~IOBuffer().
183 data_ = real_data_;
184 }
185
186 char* real_data_;
187 const int capacity_;
188 int size_;
189 int used_;
190 };
191
192 // 2 CRLFs + max of 8 hex chars.
193 const size_t HttpStreamParser::kChunkHeaderFooterSize = 12;
194
195 HttpStreamParser::HttpStreamParser(ClientSocketHandle* connection,
196 const HttpRequestInfo* request,
197 GrowableIOBuffer* read_buffer,
198 const BoundNetLog& net_log)
199 : io_state_(STATE_NONE),
200 request_(request),
201 request_headers_(NULL),
202 request_headers_length_(0),
203 read_buf_(read_buffer),
204 read_buf_unused_offset_(0),
205 response_header_start_offset_(-1),
206 received_bytes_(0),
207 response_body_length_(-1),
208 response_body_read_(0),
209 user_read_buf_(NULL),
210 user_read_buf_len_(0),
211 connection_(connection),
212 net_log_(net_log),
213 sent_last_chunk_(false),
214 upload_error_(OK),
215 weak_ptr_factory_(this) {
216 io_callback_ = base::Bind(&HttpStreamParser::OnIOComplete,
217 weak_ptr_factory_.GetWeakPtr());
218 }
219
220 HttpStreamParser::~HttpStreamParser() {
221 }
222
223 int HttpStreamParser::SendRequest(const std::string& request_line,
224 const HttpRequestHeaders& headers,
225 HttpResponseInfo* response,
226 const CompletionCallback& callback) {
227 DCHECK_EQ(STATE_NONE, io_state_);
228 DCHECK(callback_.is_null());
229 DCHECK(!callback.is_null());
230 DCHECK(response);
231
232 net_log_.AddEvent(
233 NetLog::TYPE_HTTP_TRANSACTION_SEND_REQUEST_HEADERS,
234 base::Bind(&HttpRequestHeaders::NetLogCallback,
235 base::Unretained(&headers),
236 &request_line));
237
238 DVLOG(1) << __FUNCTION__ << "()"
239 << " request_line = \"" << request_line << "\""
240 << " headers = \"" << headers.ToString() << "\"";
241 response_ = response;
242
243 // Put the peer's IP address and port into the response.
244 IPEndPoint ip_endpoint;
245 int result = connection_->socket()->GetPeerAddress(&ip_endpoint);
246 if (result != OK)
247 return result;
248 response_->socket_address = HostPortPair::FromIPEndPoint(ip_endpoint);
249
250 std::string request = request_line + headers.ToString();
251 request_headers_length_ = request.size();
252
253 if (request_->upload_data_stream != NULL) {
254 request_body_send_buf_ = new SeekableIOBuffer(kRequestBodyBufferSize);
255 if (request_->upload_data_stream->is_chunked()) {
256 // Read buffer is adjusted to guarantee that |request_body_send_buf_| is
257 // large enough to hold the encoded chunk.
258 request_body_read_buf_ =
259 new SeekableIOBuffer(kRequestBodyBufferSize - kChunkHeaderFooterSize);
260 } else {
261 // No need to encode request body, just send the raw data.
262 request_body_read_buf_ = request_body_send_buf_;
263 }
264 }
265
266 io_state_ = STATE_SEND_HEADERS;
267
268 // If we have a small request body, then we'll merge with the headers into a
269 // single write.
270 bool did_merge = false;
271 if (ShouldMergeRequestHeadersAndBody(request, request_->upload_data_stream)) {
272 int merged_size = static_cast<int>(
273 request_headers_length_ + request_->upload_data_stream->size());
274 scoped_refptr<IOBuffer> merged_request_headers_and_body(
275 new IOBuffer(merged_size));
276 // We'll repurpose |request_headers_| to store the merged headers and
277 // body.
278 request_headers_ = new DrainableIOBuffer(
279 merged_request_headers_and_body.get(), merged_size);
280
281 memcpy(request_headers_->data(), request.data(), request_headers_length_);
282 request_headers_->DidConsume(request_headers_length_);
283
284 uint64 todo = request_->upload_data_stream->size();
285 while (todo) {
286 int consumed = request_->upload_data_stream->Read(
287 request_headers_.get(), static_cast<int>(todo), CompletionCallback());
288 DCHECK_GT(consumed, 0); // Read() won't fail if not chunked.
289 request_headers_->DidConsume(consumed);
290 todo -= consumed;
291 }
292 DCHECK(request_->upload_data_stream->IsEOF());
293 // Reset the offset, so the buffer can be read from the beginning.
294 request_headers_->SetOffset(0);
295 did_merge = true;
296
297 net_log_.AddEvent(
298 NetLog::TYPE_HTTP_TRANSACTION_SEND_REQUEST_BODY,
299 base::Bind(&NetLogSendRequestBodyCallback,
300 request_->upload_data_stream->size(),
301 false, /* not chunked */
302 true /* merged */));
303 }
304
305 if (!did_merge) {
306 // If we didn't merge the body with the headers, then |request_headers_|
307 // contains just the HTTP headers.
308 scoped_refptr<StringIOBuffer> headers_io_buf(new StringIOBuffer(request));
309 request_headers_ =
310 new DrainableIOBuffer(headers_io_buf.get(), headers_io_buf->size());
311 }
312
313 result = DoLoop(OK);
314 if (result == ERR_IO_PENDING)
315 callback_ = callback;
316
317 return result > 0 ? OK : result;
318 }
319
320 int HttpStreamParser::ReadResponseHeaders(const CompletionCallback& callback) {
321 DCHECK(io_state_ == STATE_NONE || io_state_ == STATE_DONE);
322 DCHECK(callback_.is_null());
323 DCHECK(!callback.is_null());
324 DCHECK_EQ(0, read_buf_unused_offset_);
325
326 // This function can be called with io_state_ == STATE_DONE if the
327 // connection is closed after seeing just a 1xx response code.
328 if (io_state_ == STATE_DONE)
329 return ERR_CONNECTION_CLOSED;
330
331 int result = OK;
332 io_state_ = STATE_READ_HEADERS;
333
334 if (read_buf_->offset() > 0) {
335 // Simulate the state where the data was just read from the socket.
336 result = read_buf_->offset();
337 read_buf_->set_offset(0);
338 }
339 if (result > 0)
340 io_state_ = STATE_READ_HEADERS_COMPLETE;
341
342 result = DoLoop(result);
343 if (result == ERR_IO_PENDING)
344 callback_ = callback;
345
346 return result > 0 ? OK : result;
347 }
348
349 void HttpStreamParser::Close(bool not_reusable) {
350 if (not_reusable && connection_->socket())
351 connection_->socket()->Disconnect();
352 connection_->Reset();
353 }
354
355 int HttpStreamParser::ReadResponseBody(IOBuffer* buf, int buf_len,
356 const CompletionCallback& callback) {
357 DCHECK(io_state_ == STATE_NONE || io_state_ == STATE_DONE);
358 DCHECK(callback_.is_null());
359 DCHECK(!callback.is_null());
360 DCHECK_LE(buf_len, kMaxBufSize);
361
362 if (io_state_ == STATE_DONE)
363 return OK;
364
365 user_read_buf_ = buf;
366 user_read_buf_len_ = buf_len;
367 io_state_ = STATE_READ_BODY;
368
369 int result = DoLoop(OK);
370 if (result == ERR_IO_PENDING)
371 callback_ = callback;
372
373 return result;
374 }
375
376 void HttpStreamParser::OnIOComplete(int result) {
377 result = DoLoop(result);
378
379 // The client callback can do anything, including destroying this class,
380 // so any pending callback must be issued after everything else is done.
381 if (result != ERR_IO_PENDING && !callback_.is_null()) {
382 CompletionCallback c = callback_;
383 callback_.Reset();
384 c.Run(result);
385 }
386 }
387
388 int HttpStreamParser::DoLoop(int result) {
389 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
390 tracked_objects::ScopedTracker tracking_profile(
391 FROM_HERE_WITH_EXPLICIT_FUNCTION("424359 HttpStreamParser::DoLoop"));
392
393 do {
394 DCHECK_NE(ERR_IO_PENDING, result);
395 DCHECK_NE(STATE_DONE, io_state_);
396 DCHECK_NE(STATE_NONE, io_state_);
397 State state = io_state_;
398 io_state_ = STATE_NONE;
399 switch (state) {
400 case STATE_SEND_HEADERS:
401 DCHECK_EQ(OK, result);
402 result = DoSendHeaders();
403 break;
404 case STATE_SEND_HEADERS_COMPLETE:
405 result = DoSendHeadersComplete(result);
406 break;
407 case STATE_SEND_BODY:
408 DCHECK_EQ(OK, result);
409 result = DoSendBody();
410 break;
411 case STATE_SEND_BODY_COMPLETE:
412 result = DoSendBodyComplete(result);
413 break;
414 case STATE_SEND_REQUEST_READ_BODY_COMPLETE:
415 result = DoSendRequestReadBodyComplete(result);
416 break;
417 case STATE_READ_HEADERS:
418 net_log_.BeginEvent(NetLog::TYPE_HTTP_STREAM_PARSER_READ_HEADERS);
419 DCHECK_GE(result, 0);
420 result = DoReadHeaders();
421 break;
422 case STATE_READ_HEADERS_COMPLETE:
423 result = DoReadHeadersComplete(result);
424 net_log_.EndEventWithNetErrorCode(
425 NetLog::TYPE_HTTP_STREAM_PARSER_READ_HEADERS, result);
426 break;
427 case STATE_READ_BODY:
428 DCHECK_GE(result, 0);
429 result = DoReadBody();
430 break;
431 case STATE_READ_BODY_COMPLETE:
432 result = DoReadBodyComplete(result);
433 break;
434 default:
435 NOTREACHED();
436 break;
437 }
438 } while (result != ERR_IO_PENDING &&
439 (io_state_ != STATE_DONE && io_state_ != STATE_NONE));
440
441 return result;
442 }
443
444 int HttpStreamParser::DoSendHeaders() {
445 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
446 tracked_objects::ScopedTracker tracking_profile(
447 FROM_HERE_WITH_EXPLICIT_FUNCTION(
448 "424359 HttpStreamParser::DoSendHeaders"));
449
450 int bytes_remaining = request_headers_->BytesRemaining();
451 DCHECK_GT(bytes_remaining, 0);
452
453 // Record our best estimate of the 'request time' as the time when we send
454 // out the first bytes of the request headers.
455 if (bytes_remaining == request_headers_->size())
456 response_->request_time = base::Time::Now();
457
458 io_state_ = STATE_SEND_HEADERS_COMPLETE;
459 return connection_->socket()
460 ->Write(request_headers_.get(), bytes_remaining, io_callback_);
461 }
462
463 int HttpStreamParser::DoSendHeadersComplete(int result) {
464 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
465 tracked_objects::ScopedTracker tracking_profile(
466 FROM_HERE_WITH_EXPLICIT_FUNCTION(
467 "424359 HttpStreamParser::DoSendHeadersComplete"));
468
469 if (result < 0) {
470 // In the unlikely case that the headers and body were merged, all the
471 // the headers were sent, but not all of the body way, and |result| is
472 // an error that this should try reading after, stash the error for now and
473 // act like the request was successfully sent.
474 if (request_headers_->BytesConsumed() >= request_headers_length_ &&
475 ShouldTryReadingOnUploadError(result)) {
476 upload_error_ = result;
477 return OK;
478 }
479 return result;
480 }
481
482 request_headers_->DidConsume(result);
483 if (request_headers_->BytesRemaining() > 0) {
484 io_state_ = STATE_SEND_HEADERS;
485 return OK;
486 }
487
488 if (request_->upload_data_stream != NULL &&
489 (request_->upload_data_stream->is_chunked() ||
490 // !IsEOF() indicates that the body wasn't merged.
491 (request_->upload_data_stream->size() > 0 &&
492 !request_->upload_data_stream->IsEOF()))) {
493 net_log_.AddEvent(
494 NetLog::TYPE_HTTP_TRANSACTION_SEND_REQUEST_BODY,
495 base::Bind(&NetLogSendRequestBodyCallback,
496 request_->upload_data_stream->size(),
497 request_->upload_data_stream->is_chunked(),
498 false /* not merged */));
499 io_state_ = STATE_SEND_BODY;
500 return OK;
501 }
502
503 // Finished sending the request.
504 return OK;
505 }
506
507 int HttpStreamParser::DoSendBody() {
508 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
509 tracked_objects::ScopedTracker tracking_profile(
510 FROM_HERE_WITH_EXPLICIT_FUNCTION("424359 HttpStreamParser::DoSendBody"));
511
512 if (request_body_send_buf_->BytesRemaining() > 0) {
513 io_state_ = STATE_SEND_BODY_COMPLETE;
514 return connection_->socket()
515 ->Write(request_body_send_buf_.get(),
516 request_body_send_buf_->BytesRemaining(),
517 io_callback_);
518 }
519
520 if (request_->upload_data_stream->is_chunked() && sent_last_chunk_) {
521 // Finished sending the request.
522 return OK;
523 }
524
525 request_body_read_buf_->Clear();
526 io_state_ = STATE_SEND_REQUEST_READ_BODY_COMPLETE;
527 return request_->upload_data_stream->Read(request_body_read_buf_.get(),
528 request_body_read_buf_->capacity(),
529 io_callback_);
530 }
531
532 int HttpStreamParser::DoSendBodyComplete(int result) {
533 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
534 tracked_objects::ScopedTracker tracking_profile(
535 FROM_HERE_WITH_EXPLICIT_FUNCTION(
536 "424359 HttpStreamParser::DoSendBodyComplete"));
537
538 if (result < 0) {
539 // If |result| is an error that this should try reading after, stash the
540 // error for now and act like the request was successfully sent.
541 if (ShouldTryReadingOnUploadError(result)) {
542 upload_error_ = result;
543 return OK;
544 }
545 return result;
546 }
547
548 request_body_send_buf_->DidConsume(result);
549
550 io_state_ = STATE_SEND_BODY;
551 return OK;
552 }
553
554 int HttpStreamParser::DoSendRequestReadBodyComplete(int result) {
555 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
556 tracked_objects::ScopedTracker tracking_profile(
557 FROM_HERE_WITH_EXPLICIT_FUNCTION(
558 "424359 HttpStreamParser::DoSendRequestReadBodyComplete"));
559
560 // |result| is the result of read from the request body from the last call to
561 // DoSendBody().
562 DCHECK_GE(result, 0); // There won't be errors.
563
564 // Chunked data needs to be encoded.
565 if (request_->upload_data_stream->is_chunked()) {
566 if (result == 0) { // Reached the end.
567 DCHECK(request_->upload_data_stream->IsEOF());
568 sent_last_chunk_ = true;
569 }
570 // Encode the buffer as 1 chunk.
571 const base::StringPiece payload(request_body_read_buf_->data(), result);
572 request_body_send_buf_->Clear();
573 result = EncodeChunk(payload,
574 request_body_send_buf_->data(),
575 request_body_send_buf_->capacity());
576 }
577
578 if (result == 0) { // Reached the end.
579 // Reaching EOF means we can finish sending request body unless the data is
580 // chunked. (i.e. No need to send the terminal chunk.)
581 DCHECK(request_->upload_data_stream->IsEOF());
582 DCHECK(!request_->upload_data_stream->is_chunked());
583 // Finished sending the request.
584 } else if (result > 0) {
585 request_body_send_buf_->DidAppend(result);
586 result = 0;
587 io_state_ = STATE_SEND_BODY;
588 }
589 return result;
590 }
591
592 int HttpStreamParser::DoReadHeaders() {
593 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
594 tracked_objects::ScopedTracker tracking_profile(
595 FROM_HERE_WITH_EXPLICIT_FUNCTION(
596 "424359 HttpStreamParser::DoReadHeaders"));
597
598 io_state_ = STATE_READ_HEADERS_COMPLETE;
599
600 // Grow the read buffer if necessary.
601 if (read_buf_->RemainingCapacity() == 0)
602 read_buf_->SetCapacity(read_buf_->capacity() + kHeaderBufInitialSize);
603
604 // http://crbug.com/16371: We're seeing |user_buf_->data()| return NULL.
605 // See if the user is passing in an IOBuffer with a NULL |data_|.
606 CHECK(read_buf_->data());
607
608 return connection_->socket()
609 ->Read(read_buf_.get(), read_buf_->RemainingCapacity(), io_callback_);
610 }
611
612 int HttpStreamParser::DoReadHeadersComplete(int result) {
613 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
614 tracked_objects::ScopedTracker tracking_profile(
615 FROM_HERE_WITH_EXPLICIT_FUNCTION(
616 "424359 HttpStreamParser::DoReadHeadersComplete"));
617
618 result = HandleReadHeaderResult(result);
619
620 // TODO(mmenke): The code below is ugly and hacky. A much better and more
621 // flexible long term solution would be to separate out the read and write
622 // loops, though this would involve significant changes, both here and
623 // elsewhere (WebSockets, for instance).
624
625 // If still reading the headers, or there was no error uploading the request
626 // body, just return the result.
627 if (io_state_ == STATE_READ_HEADERS || upload_error_ == OK)
628 return result;
629
630 // If the result is ERR_IO_PENDING, |io_state_| should be STATE_READ_HEADERS.
631 DCHECK_NE(ERR_IO_PENDING, result);
632
633 // On errors, use the original error received when sending the request.
634 // The main cases where these are different is when there's a header-related
635 // error code, or when there's an ERR_CONNECTION_CLOSED, which can result in
636 // special handling of partial responses and HTTP/0.9 responses.
637 if (result < 0) {
638 // Nothing else to do. In the HTTP/0.9 or only partial headers received
639 // cases, can normally go to other states after an error reading headers.
640 io_state_ = STATE_DONE;
641 // Don't let caller see the headers.
642 response_->headers = NULL;
643 return upload_error_;
644 }
645
646 // Skip over 1xx responses as usual, and allow 4xx/5xx error responses to
647 // override the error received while uploading the body.
648 int response_code_class = response_->headers->response_code() / 100;
649 if (response_code_class == 1 || response_code_class == 4 ||
650 response_code_class == 5) {
651 return result;
652 }
653
654 // All other status codes are not allowed after an error during upload, to
655 // make sure the consumer has some indication there was an error.
656
657 // Nothing else to do.
658 io_state_ = STATE_DONE;
659 // Don't let caller see the headers.
660 response_->headers = NULL;
661 return upload_error_;
662 }
663
664 int HttpStreamParser::DoReadBody() {
665 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
666 tracked_objects::ScopedTracker tracking_profile(
667 FROM_HERE_WITH_EXPLICIT_FUNCTION("424359 HttpStreamParser::DoReadBody"));
668
669 io_state_ = STATE_READ_BODY_COMPLETE;
670
671 // There may be some data left over from reading the response headers.
672 if (read_buf_->offset()) {
673 int available = read_buf_->offset() - read_buf_unused_offset_;
674 if (available) {
675 CHECK_GT(available, 0);
676 int bytes_from_buffer = std::min(available, user_read_buf_len_);
677 memcpy(user_read_buf_->data(),
678 read_buf_->StartOfBuffer() + read_buf_unused_offset_,
679 bytes_from_buffer);
680 read_buf_unused_offset_ += bytes_from_buffer;
681 if (bytes_from_buffer == available) {
682 read_buf_->SetCapacity(0);
683 read_buf_unused_offset_ = 0;
684 }
685 return bytes_from_buffer;
686 } else {
687 read_buf_->SetCapacity(0);
688 read_buf_unused_offset_ = 0;
689 }
690 }
691
692 // Check to see if we're done reading.
693 if (IsResponseBodyComplete())
694 return 0;
695
696 DCHECK_EQ(0, read_buf_->offset());
697 return connection_->socket()
698 ->Read(user_read_buf_.get(), user_read_buf_len_, io_callback_);
699 }
700
701 int HttpStreamParser::DoReadBodyComplete(int result) {
702 // TODO(pkasting): Remove ScopedTracker below once crbug.com/424359 is fixed.
703 tracked_objects::ScopedTracker tracking_profile(
704 FROM_HERE_WITH_EXPLICIT_FUNCTION(
705 "424359 HttpStreamParser::DoReadBodyComplete"));
706
707 // When the connection is closed, there are numerous ways to interpret it.
708 //
709 // - If a Content-Length header is present and the body contains exactly that
710 // number of bytes at connection close, the response is successful.
711 //
712 // - If a Content-Length header is present and the body contains fewer bytes
713 // than promised by the header at connection close, it may indicate that
714 // the connection was closed prematurely, or it may indicate that the
715 // server sent an invalid Content-Length header. Unfortunately, the invalid
716 // Content-Length header case does occur in practice and other browsers are
717 // tolerant of it. We choose to treat it as an error for now, but the
718 // download system treats it as a non-error, and URLRequestHttpJob also
719 // treats it as OK if the Content-Length is the post-decoded body content
720 // length.
721 //
722 // - If chunked encoding is used and the terminating chunk has been processed
723 // when the connection is closed, the response is successful.
724 //
725 // - If chunked encoding is used and the terminating chunk has not been
726 // processed when the connection is closed, it may indicate that the
727 // connection was closed prematurely or it may indicate that the server
728 // sent an invalid chunked encoding. We choose to treat it as
729 // an invalid chunked encoding.
730 //
731 // - If a Content-Length is not present and chunked encoding is not used,
732 // connection close is the only way to signal that the response is
733 // complete. Unfortunately, this also means that there is no way to detect
734 // early close of a connection. No error is returned.
735 if (result == 0 && !IsResponseBodyComplete() && CanFindEndOfResponse()) {
736 if (chunked_decoder_.get())
737 result = ERR_INCOMPLETE_CHUNKED_ENCODING;
738 else
739 result = ERR_CONTENT_LENGTH_MISMATCH;
740 }
741
742 if (result > 0)
743 received_bytes_ += result;
744
745 // Filter incoming data if appropriate. FilterBuf may return an error.
746 if (result > 0 && chunked_decoder_.get()) {
747 result = chunked_decoder_->FilterBuf(user_read_buf_->data(), result);
748 if (result == 0 && !chunked_decoder_->reached_eof()) {
749 // Don't signal completion of the Read call yet or else it'll look like
750 // we received end-of-file. Wait for more data.
751 io_state_ = STATE_READ_BODY;
752 return OK;
753 }
754 }
755
756 if (result > 0)
757 response_body_read_ += result;
758
759 if (result <= 0 || IsResponseBodyComplete()) {
760 io_state_ = STATE_DONE;
761
762 // Save the overflow data, which can be in two places. There may be
763 // some left over in |user_read_buf_|, plus there may be more
764 // in |read_buf_|. But the part left over in |user_read_buf_| must have
765 // come from the |read_buf_|, so there's room to put it back at the
766 // start first.
767 int additional_save_amount = read_buf_->offset() - read_buf_unused_offset_;
768 int save_amount = 0;
769 if (chunked_decoder_.get()) {
770 save_amount = chunked_decoder_->bytes_after_eof();
771 } else if (response_body_length_ >= 0) {
772 int64 extra_data_read = response_body_read_ - response_body_length_;
773 if (extra_data_read > 0) {
774 save_amount = static_cast<int>(extra_data_read);
775 if (result > 0)
776 result -= save_amount;
777 }
778 }
779
780 CHECK_LE(save_amount + additional_save_amount, kMaxBufSize);
781 if (read_buf_->capacity() < save_amount + additional_save_amount) {
782 read_buf_->SetCapacity(save_amount + additional_save_amount);
783 }
784
785 if (save_amount) {
786 received_bytes_ -= save_amount;
787 memcpy(read_buf_->StartOfBuffer(), user_read_buf_->data() + result,
788 save_amount);
789 }
790 read_buf_->set_offset(save_amount);
791 if (additional_save_amount) {
792 memmove(read_buf_->data(),
793 read_buf_->StartOfBuffer() + read_buf_unused_offset_,
794 additional_save_amount);
795 read_buf_->set_offset(save_amount + additional_save_amount);
796 }
797 read_buf_unused_offset_ = 0;
798 } else {
799 // Now waiting for more of the body to be read.
800 user_read_buf_ = NULL;
801 user_read_buf_len_ = 0;
802 }
803
804 return result;
805 }
806
807 int HttpStreamParser::HandleReadHeaderResult(int result) {
808 DCHECK_EQ(0, read_buf_unused_offset_);
809
810 if (result == 0)
811 result = ERR_CONNECTION_CLOSED;
812
813 if (result < 0 && result != ERR_CONNECTION_CLOSED) {
814 io_state_ = STATE_DONE;
815 return result;
816 }
817 // If we've used the connection before, then we know it is not a HTTP/0.9
818 // response and return ERR_CONNECTION_CLOSED.
819 if (result == ERR_CONNECTION_CLOSED && read_buf_->offset() == 0 &&
820 connection_->is_reused()) {
821 io_state_ = STATE_DONE;
822 return result;
823 }
824
825 // Record our best estimate of the 'response time' as the time when we read
826 // the first bytes of the response headers.
827 if (read_buf_->offset() == 0 && result != ERR_CONNECTION_CLOSED)
828 response_->response_time = base::Time::Now();
829
830 if (result == ERR_CONNECTION_CLOSED) {
831 // The connection closed before we detected the end of the headers.
832 if (read_buf_->offset() == 0) {
833 // The connection was closed before any data was sent. Likely an error
834 // rather than empty HTTP/0.9 response.
835 io_state_ = STATE_DONE;
836 return ERR_EMPTY_RESPONSE;
837 } else if (request_->url.SchemeIsSecure()) {
838 // The connection was closed in the middle of the headers. For HTTPS we
839 // don't parse partial headers. Return a different error code so that we
840 // know that we shouldn't attempt to retry the request.
841 io_state_ = STATE_DONE;
842 return ERR_RESPONSE_HEADERS_TRUNCATED;
843 }
844 // Parse things as well as we can and let the caller decide what to do.
845 int end_offset;
846 if (response_header_start_offset_ >= 0) {
847 // The response looks to be a truncated set of HTTP headers.
848 io_state_ = STATE_READ_BODY_COMPLETE;
849 end_offset = read_buf_->offset();
850 RecordHeaderParserEvent(HEADER_ALLOWED_TRUNCATED_HEADERS);
851 } else {
852 // The response is apparently using HTTP/0.9. Treat the entire response
853 // the body.
854 end_offset = 0;
855 }
856 int rv = ParseResponseHeaders(end_offset);
857 if (rv < 0)
858 return rv;
859 return result;
860 }
861
862 read_buf_->set_offset(read_buf_->offset() + result);
863 DCHECK_LE(read_buf_->offset(), read_buf_->capacity());
864 DCHECK_GE(result, 0);
865
866 int end_of_header_offset = FindAndParseResponseHeaders();
867
868 // Note: -1 is special, it indicates we haven't found the end of headers.
869 // Anything less than -1 is a net::Error, so we bail out.
870 if (end_of_header_offset < -1)
871 return end_of_header_offset;
872
873 if (end_of_header_offset == -1) {
874 io_state_ = STATE_READ_HEADERS;
875 // Prevent growing the headers buffer indefinitely.
876 if (read_buf_->offset() >= kMaxHeaderBufSize) {
877 io_state_ = STATE_DONE;
878 return ERR_RESPONSE_HEADERS_TOO_BIG;
879 }
880 } else {
881 CalculateResponseBodySize();
882 // If the body is zero length, the caller may not call ReadResponseBody,
883 // which is where any extra data is copied to read_buf_, so we move the
884 // data here.
885 if (response_body_length_ == 0) {
886 int extra_bytes = read_buf_->offset() - end_of_header_offset;
887 if (extra_bytes) {
888 CHECK_GT(extra_bytes, 0);
889 memmove(read_buf_->StartOfBuffer(),
890 read_buf_->StartOfBuffer() + end_of_header_offset,
891 extra_bytes);
892 }
893 read_buf_->SetCapacity(extra_bytes);
894 if (response_->headers->response_code() / 100 == 1) {
895 // After processing a 1xx response, the caller will ask for the next
896 // header, so reset state to support that. We don't completely ignore a
897 // 1xx response because it cannot be returned in reply to a CONNECT
898 // request so we return OK here, which lets the caller inspect the
899 // response and reject it in the event that we're setting up a CONNECT
900 // tunnel.
901 response_header_start_offset_ = -1;
902 response_body_length_ = -1;
903 // Now waiting for the second set of headers to be read.
904 } else {
905 io_state_ = STATE_DONE;
906 }
907 return OK;
908 }
909
910 // Note where the headers stop.
911 read_buf_unused_offset_ = end_of_header_offset;
912 // Now waiting for the body to be read.
913 }
914 return result;
915 }
916
917 int HttpStreamParser::FindAndParseResponseHeaders() {
918 int end_offset = -1;
919 DCHECK_EQ(0, read_buf_unused_offset_);
920
921 // Look for the start of the status line, if it hasn't been found yet.
922 if (response_header_start_offset_ < 0) {
923 response_header_start_offset_ = HttpUtil::LocateStartOfStatusLine(
924 read_buf_->StartOfBuffer(), read_buf_->offset());
925 }
926
927 if (response_header_start_offset_ >= 0) {
928 end_offset = HttpUtil::LocateEndOfHeaders(read_buf_->StartOfBuffer(),
929 read_buf_->offset(),
930 response_header_start_offset_);
931 } else if (read_buf_->offset() >= 8) {
932 // Enough data to decide that this is an HTTP/0.9 response.
933 // 8 bytes = (4 bytes of junk) + "http".length()
934 end_offset = 0;
935 }
936
937 if (end_offset == -1)
938 return -1;
939
940 int rv = ParseResponseHeaders(end_offset);
941 if (rv < 0)
942 return rv;
943 return end_offset;
944 }
945
946 int HttpStreamParser::ParseResponseHeaders(int end_offset) {
947 scoped_refptr<HttpResponseHeaders> headers;
948 DCHECK_EQ(0, read_buf_unused_offset_);
949
950 RecordHeaderParserEvent(HEADER_PARSER_INVOKED);
951
952 if (response_header_start_offset_ > 0) {
953 bool has_non_whitespace_in_prefix = false;
954 for (int i = 0; i < response_header_start_offset_; ++i) {
955 if (!strchr(" \t\r\n", read_buf_->StartOfBuffer()[i])) {
956 has_non_whitespace_in_prefix = true;
957 break;
958 }
959 }
960 if (has_non_whitespace_in_prefix) {
961 RecordHeaderParserEvent(HEADER_SKIPPED_NON_WS_PREFIX);
962 } else {
963 RecordHeaderParserEvent(HEADER_SKIPPED_WS_PREFIX);
964 }
965 }
966
967 if (response_header_start_offset_ >= 0) {
968 received_bytes_ += end_offset;
969 headers = new HttpResponseHeaders(HttpUtil::AssembleRawHeaders(
970 read_buf_->StartOfBuffer(), end_offset));
971 } else {
972 // Enough data was read -- there is no status line.
973 headers = new HttpResponseHeaders(std::string("HTTP/0.9 200 OK"));
974 RecordHeaderParserEvent(HEADER_HTTP_09_RESPONSE);
975 }
976
977 // Check for multiple Content-Length headers with no Transfer-Encoding header.
978 // If they exist, and have distinct values, it's a potential response
979 // smuggling attack.
980 if (!headers->HasHeader("Transfer-Encoding")) {
981 if (HeadersContainMultipleCopiesOfField(*headers.get(), "Content-Length"))
982 return ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_LENGTH;
983 }
984
985 // Check for multiple Content-Disposition or Location headers. If they exist,
986 // it's also a potential response smuggling attack.
987 if (HeadersContainMultipleCopiesOfField(*headers.get(),
988 "Content-Disposition"))
989 return ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION;
990 if (HeadersContainMultipleCopiesOfField(*headers.get(), "Location"))
991 return ERR_RESPONSE_HEADERS_MULTIPLE_LOCATION;
992
993 response_->headers = headers;
994 response_->connection_info = HttpResponseInfo::CONNECTION_INFO_HTTP1;
995 response_->vary_data.Init(*request_, *response_->headers.get());
996 DVLOG(1) << __FUNCTION__ << "()"
997 << " content_length = \"" << response_->headers->GetContentLength()
998 << "\n\""
999 << " headers = \""
1000 << GetResponseHeaderLines(*response_->headers.get()) << "\"";
1001 return OK;
1002 }
1003
1004 void HttpStreamParser::CalculateResponseBodySize() {
1005 // Figure how to determine EOF:
1006
1007 // For certain responses, we know the content length is always 0. From
1008 // RFC 2616 Section 4.3 Message Body:
1009 //
1010 // For response messages, whether or not a message-body is included with
1011 // a message is dependent on both the request method and the response
1012 // status code (section 6.1.1). All responses to the HEAD request method
1013 // MUST NOT include a message-body, even though the presence of entity-
1014 // header fields might lead one to believe they do. All 1xx
1015 // (informational), 204 (no content), and 304 (not modified) responses
1016 // MUST NOT include a message-body. All other responses do include a
1017 // message-body, although it MAY be of zero length.
1018 if (response_->headers->response_code() / 100 == 1) {
1019 response_body_length_ = 0;
1020 } else {
1021 switch (response_->headers->response_code()) {
1022 case 204: // No Content
1023 case 205: // Reset Content
1024 case 304: // Not Modified
1025 response_body_length_ = 0;
1026 break;
1027 }
1028 }
1029 if (request_->method == "HEAD")
1030 response_body_length_ = 0;
1031
1032 if (response_body_length_ == -1) {
1033 // "Transfer-Encoding: chunked" trumps "Content-Length: N"
1034 if (response_->headers->IsChunkEncoded()) {
1035 chunked_decoder_.reset(new HttpChunkedDecoder());
1036 } else {
1037 response_body_length_ = response_->headers->GetContentLength();
1038 // If response_body_length_ is still -1, then we have to wait
1039 // for the server to close the connection.
1040 }
1041 }
1042 }
1043
1044 UploadProgress HttpStreamParser::GetUploadProgress() const {
1045 if (!request_->upload_data_stream)
1046 return UploadProgress();
1047
1048 return UploadProgress(request_->upload_data_stream->position(),
1049 request_->upload_data_stream->size());
1050 }
1051
1052 bool HttpStreamParser::IsResponseBodyComplete() const {
1053 if (chunked_decoder_.get())
1054 return chunked_decoder_->reached_eof();
1055 if (response_body_length_ != -1)
1056 return response_body_read_ >= response_body_length_;
1057
1058 return false; // Must read to EOF.
1059 }
1060
1061 bool HttpStreamParser::CanFindEndOfResponse() const {
1062 return chunked_decoder_.get() || response_body_length_ >= 0;
1063 }
1064
1065 bool HttpStreamParser::IsMoreDataBuffered() const {
1066 return read_buf_->offset() > read_buf_unused_offset_;
1067 }
1068
1069 bool HttpStreamParser::IsConnectionReused() const {
1070 ClientSocketHandle::SocketReuseType reuse_type = connection_->reuse_type();
1071 return connection_->is_reused() ||
1072 reuse_type == ClientSocketHandle::UNUSED_IDLE;
1073 }
1074
1075 void HttpStreamParser::SetConnectionReused() {
1076 connection_->set_reuse_type(ClientSocketHandle::REUSED_IDLE);
1077 }
1078
1079 bool HttpStreamParser::IsConnectionReusable() const {
1080 return connection_->socket() && connection_->socket()->IsConnectedAndIdle();
1081 }
1082
1083 void HttpStreamParser::GetSSLInfo(SSLInfo* ssl_info) {
1084 if (request_->url.SchemeIsSecure() && connection_->socket()) {
1085 SSLClientSocket* ssl_socket =
1086 static_cast<SSLClientSocket*>(connection_->socket());
1087 ssl_socket->GetSSLInfo(ssl_info);
1088 }
1089 }
1090
1091 void HttpStreamParser::GetSSLCertRequestInfo(
1092 SSLCertRequestInfo* cert_request_info) {
1093 if (request_->url.SchemeIsSecure() && connection_->socket()) {
1094 SSLClientSocket* ssl_socket =
1095 static_cast<SSLClientSocket*>(connection_->socket());
1096 ssl_socket->GetSSLCertRequestInfo(cert_request_info);
1097 }
1098 }
1099
1100 int HttpStreamParser::EncodeChunk(const base::StringPiece& payload,
1101 char* output,
1102 size_t output_size) {
1103 if (output_size < payload.size() + kChunkHeaderFooterSize)
1104 return ERR_INVALID_ARGUMENT;
1105
1106 char* cursor = output;
1107 // Add the header.
1108 const int num_chars = base::snprintf(output, output_size,
1109 "%X\r\n",
1110 static_cast<int>(payload.size()));
1111 cursor += num_chars;
1112 // Add the payload if any.
1113 if (payload.size() > 0) {
1114 memcpy(cursor, payload.data(), payload.size());
1115 cursor += payload.size();
1116 }
1117 // Add the trailing CRLF.
1118 memcpy(cursor, "\r\n", 2);
1119 cursor += 2;
1120
1121 return cursor - output;
1122 }
1123
1124 // static
1125 bool HttpStreamParser::ShouldMergeRequestHeadersAndBody(
1126 const std::string& request_headers,
1127 const UploadDataStream* request_body) {
1128 if (request_body != NULL &&
1129 // IsInMemory() ensures that the request body is not chunked.
1130 request_body->IsInMemory() &&
1131 request_body->size() > 0) {
1132 uint64 merged_size = request_headers.size() + request_body->size();
1133 if (merged_size <= kMaxMergedHeaderAndBodySize)
1134 return true;
1135 }
1136 return false;
1137 }
1138
1139 } // namespace net