Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / net / http / http_util.cc
blobbaa2eff1043a34926c328be9eeadf15d08cbf3cd
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // The rules for parsing content-types were borrowed from Firefox:
6 // http://lxr.mozilla.org/mozilla/source/netwerk/base/src/nsURLHelper.cpp#834
8 #include "net/http/http_util.h"
10 #include <algorithm>
12 #include "base/basictypes.h"
13 #include "base/logging.h"
14 #include "base/strings/string_number_conversions.h"
15 #include "base/strings/string_piece.h"
16 #include "base/strings/string_tokenizer.h"
17 #include "base/strings/string_util.h"
18 #include "base/strings/stringprintf.h"
19 #include "base/time/time.h"
22 namespace net {
24 // Helpers --------------------------------------------------------------------
26 // Returns the index of the closing quote of the string, if any. |start| points
27 // at the opening quote.
28 static size_t FindStringEnd(const std::string& line, size_t start, char delim) {
29 DCHECK_LT(start, line.length());
30 DCHECK_EQ(line[start], delim);
31 DCHECK((delim == '"') || (delim == '\''));
33 const char set[] = { delim, '\\', '\0' };
34 for (size_t end = line.find_first_of(set, start + 1);
35 end != std::string::npos; end = line.find_first_of(set, end + 2)) {
36 if (line[end] != '\\')
37 return end;
39 return line.length();
43 // HttpUtil -------------------------------------------------------------------
45 // static
46 size_t HttpUtil::FindDelimiter(const std::string& line,
47 size_t search_start,
48 char delimiter) {
49 do {
50 // search_start points to the spot from which we should start looking
51 // for the delimiter.
52 const char delim_str[] = { delimiter, '"', '\'', '\0' };
53 size_t cur_delim_pos = line.find_first_of(delim_str, search_start);
54 if (cur_delim_pos == std::string::npos)
55 return line.length();
57 char ch = line[cur_delim_pos];
58 if (ch == delimiter) {
59 // Found delimiter
60 return cur_delim_pos;
63 // We hit the start of a quoted string. Look for its end.
64 search_start = FindStringEnd(line, cur_delim_pos, ch);
65 if (search_start == line.length())
66 return search_start;
68 ++search_start;
70 // search_start now points to the first char after the end of the
71 // string, so just go back to the top of the loop and look for
72 // |delimiter| again.
73 } while (true);
75 NOTREACHED();
76 return line.length();
79 // static
80 void HttpUtil::ParseContentType(const std::string& content_type_str,
81 std::string* mime_type,
82 std::string* charset,
83 bool* had_charset,
84 std::string* boundary) {
85 const std::string::const_iterator begin = content_type_str.begin();
87 // Trim leading and trailing whitespace from type. We include '(' in
88 // the trailing trim set to catch media-type comments, which are not at all
89 // standard, but may occur in rare cases.
90 size_t type_val = content_type_str.find_first_not_of(HTTP_LWS);
91 type_val = std::min(type_val, content_type_str.length());
92 size_t type_end = content_type_str.find_first_of(HTTP_LWS ";(", type_val);
93 if (type_end == std::string::npos)
94 type_end = content_type_str.length();
96 size_t charset_val = 0;
97 size_t charset_end = 0;
98 bool type_has_charset = false;
100 // Iterate over parameters
101 size_t param_start = content_type_str.find_first_of(';', type_end);
102 if (param_start != std::string::npos) {
103 base::StringTokenizer tokenizer(begin + param_start, content_type_str.end(),
104 ";");
105 tokenizer.set_quote_chars("\"");
106 while (tokenizer.GetNext()) {
107 std::string::const_iterator equals_sign =
108 std::find(tokenizer.token_begin(), tokenizer.token_end(), '=');
109 if (equals_sign == tokenizer.token_end())
110 continue;
112 std::string::const_iterator param_name_begin = tokenizer.token_begin();
113 std::string::const_iterator param_name_end = equals_sign;
114 TrimLWS(&param_name_begin, &param_name_end);
116 std::string::const_iterator param_value_begin = equals_sign + 1;
117 std::string::const_iterator param_value_end = tokenizer.token_end();
118 DCHECK(param_value_begin <= tokenizer.token_end());
119 TrimLWS(&param_value_begin, &param_value_end);
121 if (LowerCaseEqualsASCII(param_name_begin, param_name_end, "charset")) {
122 // TODO(abarth): Refactor this function to consistently use iterators.
123 charset_val = param_value_begin - begin;
124 charset_end = param_value_end - begin;
125 type_has_charset = true;
126 } else if (LowerCaseEqualsASCII(param_name_begin, param_name_end,
127 "boundary")) {
128 if (boundary)
129 boundary->assign(param_value_begin, param_value_end);
134 if (type_has_charset) {
135 // Trim leading and trailing whitespace from charset_val. We include
136 // '(' in the trailing trim set to catch media-type comments, which are
137 // not at all standard, but may occur in rare cases.
138 charset_val = content_type_str.find_first_not_of(HTTP_LWS, charset_val);
139 charset_val = std::min(charset_val, charset_end);
140 char first_char = content_type_str[charset_val];
141 if (first_char == '"' || first_char == '\'') {
142 charset_end = FindStringEnd(content_type_str, charset_val, first_char);
143 ++charset_val;
144 DCHECK(charset_end >= charset_val);
145 } else {
146 charset_end = std::min(content_type_str.find_first_of(HTTP_LWS ";(",
147 charset_val),
148 charset_end);
152 // if the server sent "*/*", it is meaningless, so do not store it.
153 // also, if type_val is the same as mime_type, then just update the
154 // charset. however, if charset is empty and mime_type hasn't
155 // changed, then don't wipe-out an existing charset. We
156 // also want to reject a mime-type if it does not include a slash.
157 // some servers give junk after the charset parameter, which may
158 // include a comma, so this check makes us a bit more tolerant.
159 if (content_type_str.length() != 0 &&
160 content_type_str != "*/*" &&
161 content_type_str.find_first_of('/') != std::string::npos) {
162 // Common case here is that mime_type is empty
163 bool eq = !mime_type->empty() && LowerCaseEqualsASCII(begin + type_val,
164 begin + type_end,
165 mime_type->data());
166 if (!eq) {
167 mime_type->assign(begin + type_val, begin + type_end);
168 base::StringToLowerASCII(mime_type);
170 if ((!eq && *had_charset) || type_has_charset) {
171 *had_charset = true;
172 charset->assign(begin + charset_val, begin + charset_end);
173 base::StringToLowerASCII(charset);
178 // static
179 // Parse the Range header according to RFC 2616 14.35.1
180 // ranges-specifier = byte-ranges-specifier
181 // byte-ranges-specifier = bytes-unit "=" byte-range-set
182 // byte-range-set = 1#( byte-range-spec | suffix-byte-range-spec )
183 // byte-range-spec = first-byte-pos "-" [last-byte-pos]
184 // first-byte-pos = 1*DIGIT
185 // last-byte-pos = 1*DIGIT
186 bool HttpUtil::ParseRanges(const std::string& headers,
187 std::vector<HttpByteRange>* ranges) {
188 std::string ranges_specifier;
189 HttpUtil::HeadersIterator it(headers.begin(), headers.end(), "\r\n");
191 while (it.GetNext()) {
192 // Look for "Range" header.
193 if (!LowerCaseEqualsASCII(it.name(), "range"))
194 continue;
195 ranges_specifier = it.values();
196 // We just care about the first "Range" header, so break here.
197 break;
200 if (ranges_specifier.empty())
201 return false;
203 return ParseRangeHeader(ranges_specifier, ranges);
206 // static
207 bool HttpUtil::ParseRangeHeader(const std::string& ranges_specifier,
208 std::vector<HttpByteRange>* ranges) {
209 size_t equal_char_offset = ranges_specifier.find('=');
210 if (equal_char_offset == std::string::npos)
211 return false;
213 // Try to extract bytes-unit part.
214 std::string::const_iterator bytes_unit_begin = ranges_specifier.begin();
215 std::string::const_iterator bytes_unit_end = bytes_unit_begin +
216 equal_char_offset;
217 std::string::const_iterator byte_range_set_begin = bytes_unit_end + 1;
218 std::string::const_iterator byte_range_set_end = ranges_specifier.end();
220 TrimLWS(&bytes_unit_begin, &bytes_unit_end);
221 // "bytes" unit identifier is not found.
222 if (!LowerCaseEqualsASCII(bytes_unit_begin, bytes_unit_end, "bytes"))
223 return false;
225 ValuesIterator byte_range_set_iterator(byte_range_set_begin,
226 byte_range_set_end, ',');
227 while (byte_range_set_iterator.GetNext()) {
228 size_t minus_char_offset = byte_range_set_iterator.value().find('-');
229 // If '-' character is not found, reports failure.
230 if (minus_char_offset == std::string::npos)
231 return false;
233 std::string::const_iterator first_byte_pos_begin =
234 byte_range_set_iterator.value_begin();
235 std::string::const_iterator first_byte_pos_end =
236 first_byte_pos_begin + minus_char_offset;
237 TrimLWS(&first_byte_pos_begin, &first_byte_pos_end);
238 std::string first_byte_pos(first_byte_pos_begin, first_byte_pos_end);
240 HttpByteRange range;
241 // Try to obtain first-byte-pos.
242 if (!first_byte_pos.empty()) {
243 int64 first_byte_position = -1;
244 if (!base::StringToInt64(first_byte_pos, &first_byte_position))
245 return false;
246 range.set_first_byte_position(first_byte_position);
249 std::string::const_iterator last_byte_pos_begin =
250 byte_range_set_iterator.value_begin() + minus_char_offset + 1;
251 std::string::const_iterator last_byte_pos_end =
252 byte_range_set_iterator.value_end();
253 TrimLWS(&last_byte_pos_begin, &last_byte_pos_end);
254 std::string last_byte_pos(last_byte_pos_begin, last_byte_pos_end);
256 // We have last-byte-pos or suffix-byte-range-spec in this case.
257 if (!last_byte_pos.empty()) {
258 int64 last_byte_position;
259 if (!base::StringToInt64(last_byte_pos, &last_byte_position))
260 return false;
261 if (range.HasFirstBytePosition())
262 range.set_last_byte_position(last_byte_position);
263 else
264 range.set_suffix_length(last_byte_position);
265 } else if (!range.HasFirstBytePosition()) {
266 return false;
269 // Do a final check on the HttpByteRange object.
270 if (!range.IsValid())
271 return false;
272 ranges->push_back(range);
274 return !ranges->empty();
277 // static
278 bool HttpUtil::ParseRetryAfterHeader(const std::string& retry_after_string,
279 base::Time now,
280 base::TimeDelta* retry_after) {
281 int seconds;
282 base::Time time;
283 base::TimeDelta interval;
285 if (base::StringToInt(retry_after_string, &seconds)) {
286 interval = base::TimeDelta::FromSeconds(seconds);
287 } else if (base::Time::FromUTCString(retry_after_string.c_str(), &time)) {
288 interval = time - now;
289 } else {
290 return false;
293 if (interval < base::TimeDelta::FromSeconds(0))
294 return false;
296 *retry_after = interval;
297 return true;
300 // static
301 bool HttpUtil::HasHeader(const std::string& headers, const char* name) {
302 size_t name_len = strlen(name);
303 std::string::const_iterator it =
304 std::search(headers.begin(),
305 headers.end(),
306 name,
307 name + name_len,
308 base::CaseInsensitiveCompareASCII<char>());
309 if (it == headers.end())
310 return false;
312 // ensure match is prefixed by newline
313 if (it != headers.begin() && it[-1] != '\n')
314 return false;
316 // ensure match is suffixed by colon
317 if (it + name_len >= headers.end() || it[name_len] != ':')
318 return false;
320 return true;
323 namespace {
324 // A header string containing any of the following fields will cause
325 // an error. The list comes from the XMLHttpRequest standard.
326 // http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader-method
327 const char* const kForbiddenHeaderFields[] = {
328 "accept-charset",
329 "accept-encoding",
330 "access-control-request-headers",
331 "access-control-request-method",
332 "connection",
333 "content-length",
334 "cookie",
335 "cookie2",
336 "content-transfer-encoding",
337 "date",
338 "expect",
339 "host",
340 "keep-alive",
341 "origin",
342 "referer",
343 "te",
344 "trailer",
345 "transfer-encoding",
346 "upgrade",
347 "user-agent",
348 "via",
350 } // anonymous namespace
352 // static
353 bool HttpUtil::IsSafeHeader(const std::string& name) {
354 std::string lower_name(base::StringToLowerASCII(name));
355 if (StartsWithASCII(lower_name, "proxy-", true) ||
356 StartsWithASCII(lower_name, "sec-", true))
357 return false;
358 for (size_t i = 0; i < arraysize(kForbiddenHeaderFields); ++i) {
359 if (lower_name == kForbiddenHeaderFields[i])
360 return false;
362 return true;
365 // static
366 bool HttpUtil::IsValidHeaderName(const std::string& name) {
367 // Check whether the header name is RFC 2616-compliant.
368 return HttpUtil::IsToken(name);
371 // static
372 bool HttpUtil::IsValidHeaderValue(const std::string& value) {
373 // Just a sanity check: disallow NUL and CRLF.
374 return value.find('\0') == std::string::npos &&
375 value.find("\r\n") == std::string::npos;
378 // static
379 std::string HttpUtil::StripHeaders(const std::string& headers,
380 const char* const headers_to_remove[],
381 size_t headers_to_remove_len) {
382 std::string stripped_headers;
383 HttpUtil::HeadersIterator it(headers.begin(), headers.end(), "\r\n");
385 while (it.GetNext()) {
386 bool should_remove = false;
387 for (size_t i = 0; i < headers_to_remove_len; ++i) {
388 if (LowerCaseEqualsASCII(it.name_begin(), it.name_end(),
389 headers_to_remove[i])) {
390 should_remove = true;
391 break;
394 if (!should_remove) {
395 // Assume that name and values are on the same line.
396 stripped_headers.append(it.name_begin(), it.values_end());
397 stripped_headers.append("\r\n");
400 return stripped_headers;
403 // static
404 bool HttpUtil::IsNonCoalescingHeader(std::string::const_iterator name_begin,
405 std::string::const_iterator name_end) {
406 // NOTE: "set-cookie2" headers do not support expires attributes, so we don't
407 // have to list them here.
408 const char* const kNonCoalescingHeaders[] = {
409 "date",
410 "expires",
411 "last-modified",
412 "location", // See bug 1050541 for details
413 "retry-after",
414 "set-cookie",
415 // The format of auth-challenges mixes both space separated tokens and
416 // comma separated properties, so coalescing on comma won't work.
417 "www-authenticate",
418 "proxy-authenticate",
419 // STS specifies that UAs must not process any STS headers after the first
420 // one.
421 "strict-transport-security"
423 for (size_t i = 0; i < arraysize(kNonCoalescingHeaders); ++i) {
424 if (LowerCaseEqualsASCII(name_begin, name_end, kNonCoalescingHeaders[i]))
425 return true;
427 return false;
430 bool HttpUtil::IsLWS(char c) {
431 return strchr(HTTP_LWS, c) != NULL;
434 void HttpUtil::TrimLWS(std::string::const_iterator* begin,
435 std::string::const_iterator* end) {
436 // leading whitespace
437 while (*begin < *end && IsLWS((*begin)[0]))
438 ++(*begin);
440 // trailing whitespace
441 while (*begin < *end && IsLWS((*end)[-1]))
442 --(*end);
445 bool HttpUtil::IsQuote(char c) {
446 // Single quote mark isn't actually part of quoted-text production,
447 // but apparently some servers rely on this.
448 return c == '"' || c == '\'';
451 // See RFC 2616 Sec 2.2 for the definition of |token|.
452 bool HttpUtil::IsToken(std::string::const_iterator begin,
453 std::string::const_iterator end) {
454 if (begin == end)
455 return false;
456 for (std::string::const_iterator iter = begin; iter != end; ++iter) {
457 unsigned char c = *iter;
458 if (c >= 0x80 || c <= 0x1F || c == 0x7F ||
459 c == '(' || c == ')' || c == '<' || c == '>' || c == '@' ||
460 c == ',' || c == ';' || c == ':' || c == '\\' || c == '"' ||
461 c == '/' || c == '[' || c == ']' || c == '?' || c == '=' ||
462 c == '{' || c == '}' || c == ' ' || c == '\t')
463 return false;
465 return true;
468 std::string HttpUtil::Unquote(std::string::const_iterator begin,
469 std::string::const_iterator end) {
470 // Empty string
471 if (begin == end)
472 return std::string();
474 // Nothing to unquote.
475 if (!IsQuote(*begin))
476 return std::string(begin, end);
478 // No terminal quote mark.
479 if (end - begin < 2 || *begin != *(end - 1))
480 return std::string(begin, end);
482 // Strip quotemarks
483 ++begin;
484 --end;
486 // Unescape quoted-pair (defined in RFC 2616 section 2.2)
487 std::string unescaped;
488 bool prev_escape = false;
489 for (; begin != end; ++begin) {
490 char c = *begin;
491 if (c == '\\' && !prev_escape) {
492 prev_escape = true;
493 continue;
495 prev_escape = false;
496 unescaped.push_back(c);
498 return unescaped;
501 // static
502 std::string HttpUtil::Unquote(const std::string& str) {
503 return Unquote(str.begin(), str.end());
506 // static
507 std::string HttpUtil::Quote(const std::string& str) {
508 std::string escaped;
509 escaped.reserve(2 + str.size());
511 std::string::const_iterator begin = str.begin();
512 std::string::const_iterator end = str.end();
514 // Esape any backslashes or quotemarks within the string, and
515 // then surround with quotes.
516 escaped.push_back('"');
517 for (; begin != end; ++begin) {
518 char c = *begin;
519 if (c == '"' || c == '\\')
520 escaped.push_back('\\');
521 escaped.push_back(c);
523 escaped.push_back('"');
524 return escaped;
527 // Find the "http" substring in a status line. This allows for
528 // some slop at the start. If the "http" string could not be found
529 // then returns -1.
530 // static
531 int HttpUtil::LocateStartOfStatusLine(const char* buf, int buf_len) {
532 const int slop = 4;
533 const int http_len = 4;
535 if (buf_len >= http_len) {
536 int i_max = std::min(buf_len - http_len, slop);
537 for (int i = 0; i <= i_max; ++i) {
538 if (LowerCaseEqualsASCII(buf + i, buf + i + http_len, "http"))
539 return i;
542 return -1; // Not found
545 int HttpUtil::LocateEndOfHeaders(const char* buf, int buf_len, int i) {
546 bool was_lf = false;
547 char last_c = '\0';
548 for (; i < buf_len; ++i) {
549 char c = buf[i];
550 if (c == '\n') {
551 if (was_lf)
552 return i + 1;
553 was_lf = true;
554 } else if (c != '\r' || last_c != '\n') {
555 was_lf = false;
557 last_c = c;
559 return -1;
562 // In order for a line to be continuable, it must specify a
563 // non-blank header-name. Line continuations are specifically for
564 // header values -- do not allow headers names to span lines.
565 static bool IsLineSegmentContinuable(const char* begin, const char* end) {
566 if (begin == end)
567 return false;
569 const char* colon = std::find(begin, end, ':');
570 if (colon == end)
571 return false;
573 const char* name_begin = begin;
574 const char* name_end = colon;
576 // Name can't be empty.
577 if (name_begin == name_end)
578 return false;
580 // Can't start with LWS (this would imply the segment is a continuation)
581 if (HttpUtil::IsLWS(*name_begin))
582 return false;
584 return true;
587 // Helper used by AssembleRawHeaders, to find the end of the status line.
588 static const char* FindStatusLineEnd(const char* begin, const char* end) {
589 size_t i = base::StringPiece(begin, end - begin).find_first_of("\r\n");
590 if (i == base::StringPiece::npos)
591 return end;
592 return begin + i;
595 // Helper used by AssembleRawHeaders, to skip past leading LWS.
596 static const char* FindFirstNonLWS(const char* begin, const char* end) {
597 for (const char* cur = begin; cur != end; ++cur) {
598 if (!HttpUtil::IsLWS(*cur))
599 return cur;
601 return end; // Not found.
604 std::string HttpUtil::AssembleRawHeaders(const char* input_begin,
605 int input_len) {
606 std::string raw_headers;
607 raw_headers.reserve(input_len);
609 const char* input_end = input_begin + input_len;
611 // Skip any leading slop, since the consumers of this output
612 // (HttpResponseHeaders) don't deal with it.
613 int status_begin_offset = LocateStartOfStatusLine(input_begin, input_len);
614 if (status_begin_offset != -1)
615 input_begin += status_begin_offset;
617 // Copy the status line.
618 const char* status_line_end = FindStatusLineEnd(input_begin, input_end);
619 raw_headers.append(input_begin, status_line_end);
621 // After the status line, every subsequent line is a header line segment.
622 // Should a segment start with LWS, it is a continuation of the previous
623 // line's field-value.
625 // TODO(ericroman): is this too permissive? (delimits on [\r\n]+)
626 base::CStringTokenizer lines(status_line_end, input_end, "\r\n");
628 // This variable is true when the previous line was continuable.
629 bool prev_line_continuable = false;
631 while (lines.GetNext()) {
632 const char* line_begin = lines.token_begin();
633 const char* line_end = lines.token_end();
635 if (prev_line_continuable && IsLWS(*line_begin)) {
636 // Join continuation; reduce the leading LWS to a single SP.
637 raw_headers.push_back(' ');
638 raw_headers.append(FindFirstNonLWS(line_begin, line_end), line_end);
639 } else {
640 // Terminate the previous line.
641 raw_headers.push_back('\n');
643 // Copy the raw data to output.
644 raw_headers.append(line_begin, line_end);
646 // Check if the current line can be continued.
647 prev_line_continuable = IsLineSegmentContinuable(line_begin, line_end);
651 raw_headers.append("\n\n", 2);
653 // Use '\0' as the canonical line terminator. If the input already contained
654 // any embeded '\0' characters we will strip them first to avoid interpreting
655 // them as line breaks.
656 raw_headers.erase(std::remove(raw_headers.begin(), raw_headers.end(), '\0'),
657 raw_headers.end());
658 std::replace(raw_headers.begin(), raw_headers.end(), '\n', '\0');
660 return raw_headers;
663 std::string HttpUtil::ConvertHeadersBackToHTTPResponse(const std::string& str) {
664 std::string disassembled_headers;
665 base::StringTokenizer tokenizer(str, std::string(1, '\0'));
666 while (tokenizer.GetNext()) {
667 disassembled_headers.append(tokenizer.token_begin(), tokenizer.token_end());
668 disassembled_headers.append("\r\n");
670 disassembled_headers.append("\r\n");
672 return disassembled_headers;
675 // TODO(jungshik): 1. If the list is 'fr-CA,fr-FR,en,de', we have to add
676 // 'fr' after 'fr-CA' with the same q-value as 'fr-CA' because
677 // web servers, in general, do not fall back to 'fr' and may end up picking
678 // 'en' which has a lower preference than 'fr-CA' and 'fr-FR'.
679 // 2. This function assumes that the input is a comma separated list
680 // without any whitespace. As long as it comes from the preference and
681 // a user does not manually edit the preference file, it's the case. Still,
682 // we may have to make it more robust.
683 std::string HttpUtil::GenerateAcceptLanguageHeader(
684 const std::string& raw_language_list) {
685 // We use integers for qvalue and qvalue decrement that are 10 times
686 // larger than actual values to avoid a problem with comparing
687 // two floating point numbers.
688 const unsigned int kQvalueDecrement10 = 2;
689 unsigned int qvalue10 = 10;
690 base::StringTokenizer t(raw_language_list, ",");
691 std::string lang_list_with_q;
692 while (t.GetNext()) {
693 std::string language = t.token();
694 if (qvalue10 == 10) {
695 // q=1.0 is implicit.
696 lang_list_with_q = language;
697 } else {
698 DCHECK_LT(qvalue10, 10U);
699 base::StringAppendF(&lang_list_with_q, ",%s;q=0.%d", language.c_str(),
700 qvalue10);
702 // It does not make sense to have 'q=0'.
703 if (qvalue10 > kQvalueDecrement10)
704 qvalue10 -= kQvalueDecrement10;
706 return lang_list_with_q;
709 void HttpUtil::AppendHeaderIfMissing(const char* header_name,
710 const std::string& header_value,
711 std::string* headers) {
712 if (header_value.empty())
713 return;
714 if (HttpUtil::HasHeader(*headers, header_name))
715 return;
716 *headers += std::string(header_name) + ": " + header_value + "\r\n";
719 bool HttpUtil::HasStrongValidators(HttpVersion version,
720 const std::string& etag_header,
721 const std::string& last_modified_header,
722 const std::string& date_header) {
723 if (version < HttpVersion(1, 1))
724 return false;
726 if (!etag_header.empty()) {
727 size_t slash = etag_header.find('/');
728 if (slash == std::string::npos || slash == 0)
729 return true;
731 std::string::const_iterator i = etag_header.begin();
732 std::string::const_iterator j = etag_header.begin() + slash;
733 TrimLWS(&i, &j);
734 if (!LowerCaseEqualsASCII(i, j, "w"))
735 return true;
738 base::Time last_modified;
739 if (!base::Time::FromString(last_modified_header.c_str(), &last_modified))
740 return false;
742 base::Time date;
743 if (!base::Time::FromString(date_header.c_str(), &date))
744 return false;
746 return ((date - last_modified).InSeconds() >= 60);
749 // Functions for histogram initialization. The code 0 is put in the map to
750 // track status codes that are invalid.
751 // TODO(gavinp): Greatly prune the collected codes once we learn which
752 // ones are not sent in practice, to reduce upload size & memory use.
754 enum {
755 HISTOGRAM_MIN_HTTP_STATUS_CODE = 100,
756 HISTOGRAM_MAX_HTTP_STATUS_CODE = 599,
759 // static
760 std::vector<int> HttpUtil::GetStatusCodesForHistogram() {
761 std::vector<int> codes;
762 codes.reserve(
763 HISTOGRAM_MAX_HTTP_STATUS_CODE - HISTOGRAM_MIN_HTTP_STATUS_CODE + 2);
764 codes.push_back(0);
765 for (int i = HISTOGRAM_MIN_HTTP_STATUS_CODE;
766 i <= HISTOGRAM_MAX_HTTP_STATUS_CODE; ++i)
767 codes.push_back(i);
768 return codes;
771 // static
772 int HttpUtil::MapStatusCodeForHistogram(int code) {
773 if (HISTOGRAM_MIN_HTTP_STATUS_CODE <= code &&
774 code <= HISTOGRAM_MAX_HTTP_STATUS_CODE)
775 return code;
776 return 0;
779 // BNF from section 4.2 of RFC 2616:
781 // message-header = field-name ":" [ field-value ]
782 // field-name = token
783 // field-value = *( field-content | LWS )
784 // field-content = <the OCTETs making up the field-value
785 // and consisting of either *TEXT or combinations
786 // of token, separators, and quoted-string>
789 HttpUtil::HeadersIterator::HeadersIterator(
790 std::string::const_iterator headers_begin,
791 std::string::const_iterator headers_end,
792 const std::string& line_delimiter)
793 : lines_(headers_begin, headers_end, line_delimiter) {
796 HttpUtil::HeadersIterator::~HeadersIterator() {
799 bool HttpUtil::HeadersIterator::GetNext() {
800 while (lines_.GetNext()) {
801 name_begin_ = lines_.token_begin();
802 values_end_ = lines_.token_end();
804 std::string::const_iterator colon(std::find(name_begin_, values_end_, ':'));
805 if (colon == values_end_)
806 continue; // skip malformed header
808 name_end_ = colon;
810 // If the name starts with LWS, it is an invalid line.
811 // Leading LWS implies a line continuation, and these should have
812 // already been joined by AssembleRawHeaders().
813 if (name_begin_ == name_end_ || IsLWS(*name_begin_))
814 continue;
816 TrimLWS(&name_begin_, &name_end_);
817 if (name_begin_ == name_end_)
818 continue; // skip malformed header
820 values_begin_ = colon + 1;
821 TrimLWS(&values_begin_, &values_end_);
823 // if we got a header name, then we are done.
824 return true;
826 return false;
829 bool HttpUtil::HeadersIterator::AdvanceTo(const char* name) {
830 DCHECK(name != NULL);
831 DCHECK_EQ(0, base::StringToLowerASCII<std::string>(name).compare(name))
832 << "the header name must be in all lower case";
834 while (GetNext()) {
835 if (LowerCaseEqualsASCII(name_begin_, name_end_, name)) {
836 return true;
840 return false;
843 HttpUtil::ValuesIterator::ValuesIterator(
844 std::string::const_iterator values_begin,
845 std::string::const_iterator values_end,
846 char delimiter)
847 : values_(values_begin, values_end, std::string(1, delimiter)) {
848 values_.set_quote_chars("\'\"");
851 HttpUtil::ValuesIterator::~ValuesIterator() {
854 bool HttpUtil::ValuesIterator::GetNext() {
855 while (values_.GetNext()) {
856 value_begin_ = values_.token_begin();
857 value_end_ = values_.token_end();
858 TrimLWS(&value_begin_, &value_end_);
860 // bypass empty values.
861 if (value_begin_ != value_end_)
862 return true;
864 return false;
867 HttpUtil::NameValuePairsIterator::NameValuePairsIterator(
868 std::string::const_iterator begin,
869 std::string::const_iterator end,
870 char delimiter)
871 : props_(begin, end, delimiter),
872 valid_(true),
873 name_begin_(end),
874 name_end_(end),
875 value_begin_(end),
876 value_end_(end),
877 value_is_quoted_(false) {
880 HttpUtil::NameValuePairsIterator::~NameValuePairsIterator() {}
882 // We expect properties to be formatted as one of:
883 // name="value"
884 // name='value'
885 // name='\'value\''
886 // name=value
887 // name = value
888 // name=
889 // Due to buggy implementations found in some embedded devices, we also
890 // accept values with missing close quotemark (http://crbug.com/39836):
891 // name="value
892 bool HttpUtil::NameValuePairsIterator::GetNext() {
893 if (!props_.GetNext())
894 return false;
896 // Set the value as everything. Next we will split out the name.
897 value_begin_ = props_.value_begin();
898 value_end_ = props_.value_end();
899 name_begin_ = name_end_ = value_end_;
901 // Scan for the equals sign.
902 std::string::const_iterator equals = std::find(value_begin_, value_end_, '=');
903 if (equals == value_end_ || equals == value_begin_)
904 return valid_ = false; // Malformed, no equals sign
906 // Verify that the equals sign we found wasn't inside of quote marks.
907 for (std::string::const_iterator it = value_begin_; it != equals; ++it) {
908 if (HttpUtil::IsQuote(*it))
909 return valid_ = false; // Malformed, quote appears before equals sign
912 name_begin_ = value_begin_;
913 name_end_ = equals;
914 value_begin_ = equals + 1;
916 TrimLWS(&name_begin_, &name_end_);
917 TrimLWS(&value_begin_, &value_end_);
918 value_is_quoted_ = false;
919 unquoted_value_.clear();
921 if (value_begin_ == value_end_)
922 return valid_ = false; // Malformed, value is empty
924 if (HttpUtil::IsQuote(*value_begin_)) {
925 // Trim surrounding quotemarks off the value
926 if (*value_begin_ != *(value_end_ - 1) || value_begin_ + 1 == value_end_) {
927 // NOTE: This is not as graceful as it sounds:
928 // * quoted-pairs will no longer be unquoted
929 // (["\"hello] should give ["hello]).
930 // * Does not detect when the final quote is escaped
931 // (["value\"] should give [value"])
932 ++value_begin_; // Gracefully recover from mismatching quotes.
933 } else {
934 value_is_quoted_ = true;
935 // Do not store iterators into this. See declaration of unquoted_value_.
936 unquoted_value_ = HttpUtil::Unquote(value_begin_, value_end_);
940 return true;
943 } // namespace net