search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add a function to create a bookmark app from a WebApplicationInfo.
[chromium-blink-merge.git] / net / http / http_response_headers.cc
blobc067e8f9e206d0bc8d2ddd3866758dd55be167e9
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // The rules for header parsing were borrowed from Firefox:
6 // http://lxr.mozilla.org/seamonkey/source/netwerk/protocol/http/src/nsHttpResponseHead.cpp
7 // The rules for parsing content-types were also borrowed from Firefox:
8 // http://lxr.mozilla.org/mozilla/source/netwerk/base/src/nsURLHelper.cpp#834
9
10 #include "net/http/http_response_headers.h"
11
12 #include <algorithm>
13
14 #include "base/format_macros.h"
15 #include "base/logging.h"
16 #include "base/metrics/histogram.h"
17 #include "base/pickle.h"
18 #include "base/strings/string_number_conversions.h"
19 #include "base/strings/string_piece.h"
20 #include "base/strings/string_util.h"
21 #include "base/strings/stringprintf.h"
22 #include "base/time/time.h"
23 #include "base/values.h"
24 #include "net/base/escape.h"
25 #include "net/http/http_byte_range.h"
26 #include "net/http/http_log_util.h"
27 #include "net/http/http_util.h"
28
29 #if defined(SPDY_PROXY_AUTH_ORIGIN)
30 #include "net/http/http_status_code.h"
31 #include "net/proxy/proxy_service.h"
32 #endif
33
34 using base::StringPiece;
35 using base::Time;
36 using base::TimeDelta;
37
38 namespace net {
39
40 //-----------------------------------------------------------------------------
41
42 namespace {
43
44 // These headers are RFC 2616 hop-by-hop headers;
45 // not to be stored by caches.
46 const char* const kHopByHopResponseHeaders[] = {
47 "connection",
48 "proxy-connection",
49 "keep-alive",
50 "trailer",
51 "transfer-encoding",
52 "upgrade"
53 };
54
55 // These headers are challenge response headers;
56 // not to be stored by caches.
57 const char* const kChallengeResponseHeaders[] = {
58 "www-authenticate",
59 "proxy-authenticate"
60 };
61
62 // These headers are cookie setting headers;
63 // not to be stored by caches or disclosed otherwise.
64 const char* const kCookieResponseHeaders[] = {
65 "set-cookie",
66 "set-cookie2"
67 };
68
69 // By default, do not cache Strict-Transport-Security or Public-Key-Pins.
70 // This avoids erroneously re-processing them on page loads from cache ---
71 // they are defined to be valid only on live and error-free HTTPS
72 // connections.
73 const char* const kSecurityStateHeaders[] = {
74 "strict-transport-security",
75 "public-key-pins"
76 };
77
78 // These response headers are not copied from a 304/206 response to the cached
79 // response headers. This list is based on Mozilla's nsHttpResponseHead.cpp.
80 const char* const kNonUpdatedHeaders[] = {
81 "connection",
82 "proxy-connection",
83 "keep-alive",
84 "www-authenticate",
85 "proxy-authenticate",
86 "trailer",
87 "transfer-encoding",
88 "upgrade",
89 "etag",
90 "x-frame-options",
91 "x-xss-protection",
92 };
93
94 // Some header prefixes mean "Don't copy this header from a 304 response.".
95 // Rather than listing all the relevant headers, we can consolidate them into
96 // this list:
97 const char* const kNonUpdatedHeaderPrefixes[] = {
98 "content-",
99 "x-content-",
100 "x-webkit-"
101 };
102
103 bool ShouldUpdateHeader(const std::string::const_iterator& name_begin,
104 const std::string::const_iterator& name_end) {
105 for (size_t i = 0; i < arraysize(kNonUpdatedHeaders); ++i) {
106 if (LowerCaseEqualsASCII(name_begin, name_end, kNonUpdatedHeaders[i]))
107 return false;
108 }
109 for (size_t i = 0; i < arraysize(kNonUpdatedHeaderPrefixes); ++i) {
110 if (StartsWithASCII(std::string(name_begin, name_end),
111 kNonUpdatedHeaderPrefixes[i], false))
112 return false;
113 }
114 return true;
115 }
116
117 void CheckDoesNotHaveEmbededNulls(const std::string& str) {
118 // Care needs to be taken when adding values to the raw headers string to
119 // make sure it does not contain embeded NULLs. Any embeded '\0' may be
120 // understood as line terminators and change how header lines get tokenized.
121 CHECK(str.find('\0') == std::string::npos);
122 }
123
124 } // namespace
125
126 const char HttpResponseHeaders::kContentRange[] = "Content-Range";
127
128 struct HttpResponseHeaders::ParsedHeader {
129 // A header "continuation" contains only a subsequent value for the
130 // preceding header. (Header values are comma separated.)
131 bool is_continuation() const { return name_begin == name_end; }
132
133 std::string::const_iterator name_begin;
134 std::string::const_iterator name_end;
135 std::string::const_iterator value_begin;
136 std::string::const_iterator value_end;
137 };
138
139 //-----------------------------------------------------------------------------
140
141 HttpResponseHeaders::HttpResponseHeaders(const std::string& raw_input)
142 : response_code_(-1) {
143 Parse(raw_input);
144
145 // The most important thing to do with this histogram is find out
146 // the existence of unusual HTTP status codes. As it happens
147 // right now, there aren't double-constructions of response headers
148 // using this constructor, so our counts should also be accurate,
149 // without instantiating the histogram in two places. It is also
150 // important that this histogram not collect data in the other
151 // constructor, which rebuilds an histogram from a pickle, since
152 // that would actually create a double call between the original
153 // HttpResponseHeader that was serialized, and initialization of the
154 // new object from that pickle.
155 UMA_HISTOGRAM_CUSTOM_ENUMERATION("Net.HttpResponseCode",
156 HttpUtil::MapStatusCodeForHistogram(
157 response_code_),
158 // Note the third argument is only
159 // evaluated once, see macro
160 // definition for details.
161 HttpUtil::GetStatusCodesForHistogram());
162 }
163
164 HttpResponseHeaders::HttpResponseHeaders(const Pickle& pickle,
165 PickleIterator* iter)
166 : response_code_(-1) {
167 std::string raw_input;
168 if (pickle.ReadString(iter, &raw_input))
169 Parse(raw_input);
170 }
171
172 void HttpResponseHeaders::Persist(Pickle* pickle, PersistOptions options) {
173 if (options == PERSIST_RAW) {
174 pickle->WriteString(raw_headers_);
175 return; // Done.
176 }
177
178 HeaderSet filter_headers;
179
180 // Construct set of headers to filter out based on options.
181 if ((options & PERSIST_SANS_NON_CACHEABLE) == PERSIST_SANS_NON_CACHEABLE)
182 AddNonCacheableHeaders(&filter_headers);
183
184 if ((options & PERSIST_SANS_COOKIES) == PERSIST_SANS_COOKIES)
185 AddCookieHeaders(&filter_headers);
186
187 if ((options & PERSIST_SANS_CHALLENGES) == PERSIST_SANS_CHALLENGES)
188 AddChallengeHeaders(&filter_headers);
189
190 if ((options & PERSIST_SANS_HOP_BY_HOP) == PERSIST_SANS_HOP_BY_HOP)
191 AddHopByHopHeaders(&filter_headers);
192
193 if ((options & PERSIST_SANS_RANGES) == PERSIST_SANS_RANGES)
194 AddHopContentRangeHeaders(&filter_headers);
195
196 if ((options & PERSIST_SANS_SECURITY_STATE) == PERSIST_SANS_SECURITY_STATE)
197 AddSecurityStateHeaders(&filter_headers);
198
199 std::string blob;
200 blob.reserve(raw_headers_.size());
201
202 // This copies the status line w/ terminator null.
203 // Note raw_headers_ has embedded nulls instead of \n,
204 // so this just copies the first header line.
205 blob.assign(raw_headers_.c_str(), strlen(raw_headers_.c_str()) + 1);
206
207 for (size_t i = 0; i < parsed_.size(); ++i) {
208 DCHECK(!parsed_[i].is_continuation());
209
210 // Locate the start of the next header.
211 size_t k = i;
212 while (++k < parsed_.size() && parsed_[k].is_continuation()) {}
213 --k;
214
215 std::string header_name(parsed_[i].name_begin, parsed_[i].name_end);
216 StringToLowerASCII(&header_name);
217
218 if (filter_headers.find(header_name) == filter_headers.end()) {
219 // Make sure there is a null after the value.
220 blob.append(parsed_[i].name_begin, parsed_[k].value_end);
221 blob.push_back('\0');
222 }
223
224 i = k;
225 }
226 blob.push_back('\0');
227
228 pickle->WriteString(blob);
229 }
230
231 void HttpResponseHeaders::Update(const HttpResponseHeaders& new_headers) {
232 DCHECK(new_headers.response_code() == 304 ||
233 new_headers.response_code() == 206);
234
235 // Copy up to the null byte. This just copies the status line.
236 std::string new_raw_headers(raw_headers_.c_str());
237 new_raw_headers.push_back('\0');
238
239 HeaderSet updated_headers;
240
241 // NOTE: we write the new headers then the old headers for convenience. The
242 // order should not matter.
243
244 // Figure out which headers we want to take from new_headers:
245 for (size_t i = 0; i < new_headers.parsed_.size(); ++i) {
246 const HeaderList& new_parsed = new_headers.parsed_;
247
248 DCHECK(!new_parsed[i].is_continuation());
249
250 // Locate the start of the next header.
251 size_t k = i;
252 while (++k < new_parsed.size() && new_parsed[k].is_continuation()) {}
253 --k;
254
255 const std::string::const_iterator& name_begin = new_parsed[i].name_begin;
256 const std::string::const_iterator& name_end = new_parsed[i].name_end;
257 if (ShouldUpdateHeader(name_begin, name_end)) {
258 std::string name(name_begin, name_end);
259 StringToLowerASCII(&name);
260 updated_headers.insert(name);
261
262 // Preserve this header line in the merged result, making sure there is
263 // a null after the value.
264 new_raw_headers.append(name_begin, new_parsed[k].value_end);
265 new_raw_headers.push_back('\0');
266 }
267
268 i = k;
269 }
270
271 // Now, build the new raw headers.
272 MergeWithHeaders(new_raw_headers, updated_headers);
273 }
274
275 void HttpResponseHeaders::MergeWithHeaders(const std::string& raw_headers,
276 const HeaderSet& headers_to_remove) {
277 std::string new_raw_headers(raw_headers);
278 for (size_t i = 0; i < parsed_.size(); ++i) {
279 DCHECK(!parsed_[i].is_continuation());
280
281 // Locate the start of the next header.
282 size_t k = i;
283 while (++k < parsed_.size() && parsed_[k].is_continuation()) {}
284 --k;
285
286 std::string name(parsed_[i].name_begin, parsed_[i].name_end);
287 StringToLowerASCII(&name);
288 if (headers_to_remove.find(name) == headers_to_remove.end()) {
289 // It's ok to preserve this header in the final result.
290 new_raw_headers.append(parsed_[i].name_begin, parsed_[k].value_end);
291 new_raw_headers.push_back('\0');
292 }
293
294 i = k;
295 }
296 new_raw_headers.push_back('\0');
297
298 // Make this object hold the new data.
299 raw_headers_.clear();
300 parsed_.clear();
301 Parse(new_raw_headers);
302 }
303
304 void HttpResponseHeaders::RemoveHeader(const std::string& name) {
305 // Copy up to the null byte. This just copies the status line.
306 std::string new_raw_headers(raw_headers_.c_str());
307 new_raw_headers.push_back('\0');
308
309 std::string lowercase_name(name);
310 StringToLowerASCII(&lowercase_name);
311 HeaderSet to_remove;
312 to_remove.insert(lowercase_name);
313 MergeWithHeaders(new_raw_headers, to_remove);
314 }
315
316 void HttpResponseHeaders::RemoveHeaderLine(const std::string& name,
317 const std::string& value) {
318 std::string name_lowercase(name);
319 StringToLowerASCII(&name_lowercase);
320
321 std::string new_raw_headers(GetStatusLine());
322 new_raw_headers.push_back('\0');
323
324 new_raw_headers.reserve(raw_headers_.size());
325
326 void* iter = NULL;
327 std::string old_header_name;
328 std::string old_header_value;
329 while (EnumerateHeaderLines(&iter, &old_header_name, &old_header_value)) {
330 std::string old_header_name_lowercase(name);
331 StringToLowerASCII(&old_header_name_lowercase);
332
333 if (name_lowercase == old_header_name_lowercase &&
334 value == old_header_value)
335 continue;
336
337 new_raw_headers.append(old_header_name);
338 new_raw_headers.push_back(':');
339 new_raw_headers.push_back(' ');
340 new_raw_headers.append(old_header_value);
341 new_raw_headers.push_back('\0');
342 }
343 new_raw_headers.push_back('\0');
344
345 // Make this object hold the new data.
346 raw_headers_.clear();
347 parsed_.clear();
348 Parse(new_raw_headers);
349 }
350
351 void HttpResponseHeaders::AddHeader(const std::string& header) {
352 CheckDoesNotHaveEmbededNulls(header);
353 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 2]);
354 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 1]);
355 // Don't copy the last null.
356 std::string new_raw_headers(raw_headers_, 0, raw_headers_.size() - 1);
357 new_raw_headers.append(header);
358 new_raw_headers.push_back('\0');
359 new_raw_headers.push_back('\0');
360
361 // Make this object hold the new data.
362 raw_headers_.clear();
363 parsed_.clear();
364 Parse(new_raw_headers);
365 }
366
367 void HttpResponseHeaders::ReplaceStatusLine(const std::string& new_status) {
368 CheckDoesNotHaveEmbededNulls(new_status);
369 // Copy up to the null byte. This just copies the status line.
370 std::string new_raw_headers(new_status);
371 new_raw_headers.push_back('\0');
372
373 HeaderSet empty_to_remove;
374 MergeWithHeaders(new_raw_headers, empty_to_remove);
375 }
376
377 void HttpResponseHeaders::UpdateWithNewRange(
378 const HttpByteRange& byte_range,
379 int64 resource_size,
380 bool replace_status_line) {
381 DCHECK(byte_range.IsValid());
382 DCHECK(byte_range.HasFirstBytePosition());
383 DCHECK(byte_range.HasLastBytePosition());
384
385 const char kLengthHeader[] = "Content-Length";
386 const char kRangeHeader[] = "Content-Range";
387
388 RemoveHeader(kLengthHeader);
389 RemoveHeader(kRangeHeader);
390
391 int64 start = byte_range.first_byte_position();
392 int64 end = byte_range.last_byte_position();
393 int64 range_len = end - start + 1;
394
395 if (replace_status_line)
396 ReplaceStatusLine("HTTP/1.1 206 Partial Content");
397
398 AddHeader(base::StringPrintf("%s: bytes %" PRId64 "-%" PRId64 "/%" PRId64,
399 kRangeHeader, start, end, resource_size));
400 AddHeader(base::StringPrintf("%s: %" PRId64, kLengthHeader, range_len));
401 }
402
403 void HttpResponseHeaders::Parse(const std::string& raw_input) {
404 raw_headers_.reserve(raw_input.size());
405
406 // ParseStatusLine adds a normalized status line to raw_headers_
407 std::string::const_iterator line_begin = raw_input.begin();
408 std::string::const_iterator line_end =
409 std::find(line_begin, raw_input.end(), '\0');
410 // has_headers = true, if there is any data following the status line.
411 // Used by ParseStatusLine() to decide if a HTTP/0.9 is really a HTTP/1.0.
412 bool has_headers = (line_end != raw_input.end() &&
413 (line_end + 1) != raw_input.end() &&
414 *(line_end + 1) != '\0');
415 ParseStatusLine(line_begin, line_end, has_headers);
416 raw_headers_.push_back('\0'); // Terminate status line with a null.
417
418 if (line_end == raw_input.end()) {
419 raw_headers_.push_back('\0'); // Ensure the headers end with a double null.
420
421 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 2]);
422 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 1]);
423 return;
424 }
425
426 // Including a terminating null byte.
427 size_t status_line_len = raw_headers_.size();
428
429 // Now, we add the rest of the raw headers to raw_headers_, and begin parsing
430 // it (to populate our parsed_ vector).
431 raw_headers_.append(line_end + 1, raw_input.end());
432
433 // Ensure the headers end with a double null.
434 while (raw_headers_.size() < 2 ||
435 raw_headers_[raw_headers_.size() - 2] != '\0' ||
436 raw_headers_[raw_headers_.size() - 1] != '\0') {
437 raw_headers_.push_back('\0');
438 }
439
440 // Adjust to point at the null byte following the status line
441 line_end = raw_headers_.begin() + status_line_len - 1;
442
443 HttpUtil::HeadersIterator headers(line_end + 1, raw_headers_.end(),
444 std::string(1, '\0'));
445 while (headers.GetNext()) {
446 AddHeader(headers.name_begin(),
447 headers.name_end(),
448 headers.values_begin(),
449 headers.values_end());
450 }
451
452 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 2]);
453 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 1]);
454 }
455
456 // Append all of our headers to the final output string.
457 void HttpResponseHeaders::GetNormalizedHeaders(std::string* output) const {
458 // copy up to the null byte. this just copies the status line.
459 output->assign(raw_headers_.c_str());
460
461 // headers may appear multiple times (not necessarily in succession) in the
462 // header data, so we build a map from header name to generated header lines.
463 // to preserve the order of the original headers, the actual values are kept
464 // in a separate list. finally, the list of headers is flattened to form
465 // the normalized block of headers.
466 //
467 // NOTE: We take special care to preserve the whitespace around any commas
468 // that may occur in the original response headers. Because our consumer may
469 // be a web app, we cannot be certain of the semantics of commas despite the
470 // fact that RFC 2616 says that they should be regarded as value separators.
471 //
472 typedef base::hash_map<std::string, size_t> HeadersMap;
473 HeadersMap headers_map;
474 HeadersMap::iterator iter = headers_map.end();
475
476 std::vector<std::string> headers;
477
478 for (size_t i = 0; i < parsed_.size(); ++i) {
479 DCHECK(!parsed_[i].is_continuation());
480
481 std::string name(parsed_[i].name_begin, parsed_[i].name_end);
482 std::string lower_name = StringToLowerASCII(name);
483
484 iter = headers_map.find(lower_name);
485 if (iter == headers_map.end()) {
486 iter = headers_map.insert(
487 HeadersMap::value_type(lower_name, headers.size())).first;
488 headers.push_back(name + ": ");
489 } else {
490 headers[iter->second].append(", ");
491 }
492
493 std::string::const_iterator value_begin = parsed_[i].value_begin;
494 std::string::const_iterator value_end = parsed_[i].value_end;
495 while (++i < parsed_.size() && parsed_[i].is_continuation())
496 value_end = parsed_[i].value_end;
497 --i;
498
499 headers[iter->second].append(value_begin, value_end);
500 }
501
502 for (size_t i = 0; i < headers.size(); ++i) {
503 output->push_back('\n');
504 output->append(headers[i]);
505 }
506
507 output->push_back('\n');
508 }
509
510 bool HttpResponseHeaders::GetNormalizedHeader(const std::string& name,
511 std::string* value) const {
512 // If you hit this assertion, please use EnumerateHeader instead!
513 DCHECK(!HttpUtil::IsNonCoalescingHeader(name));
514
515 value->clear();
516
517 bool found = false;
518 size_t i = 0;
519 while (i < parsed_.size()) {
520 i = FindHeader(i, name);
521 if (i == std::string::npos)
522 break;
523
524 found = true;
525
526 if (!value->empty())
527 value->append(", ");
528
529 std::string::const_iterator value_begin = parsed_[i].value_begin;
530 std::string::const_iterator value_end = parsed_[i].value_end;
531 while (++i < parsed_.size() && parsed_[i].is_continuation())
532 value_end = parsed_[i].value_end;
533 value->append(value_begin, value_end);
534 }
535
536 return found;
537 }
538
539 std::string HttpResponseHeaders::GetStatusLine() const {
540 // copy up to the null byte.
541 return std::string(raw_headers_.c_str());
542 }
543
544 std::string HttpResponseHeaders::GetStatusText() const {
545 // GetStatusLine() is already normalized, so it has the format:
546 // <http_version> SP <response_code> SP <status_text>
547 std::string status_text = GetStatusLine();
548 std::string::const_iterator begin = status_text.begin();
549 std::string::const_iterator end = status_text.end();
550 for (int i = 0; i < 2; ++i)
551 begin = std::find(begin, end, ' ') + 1;
552 return std::string(begin, end);
553 }
554
555 bool HttpResponseHeaders::EnumerateHeaderLines(void** iter,
556 std::string* name,
557 std::string* value) const {
558 size_t i = reinterpret_cast<size_t>(*iter);
559 if (i == parsed_.size())
560 return false;
561
562 DCHECK(!parsed_[i].is_continuation());
563
564 name->assign(parsed_[i].name_begin, parsed_[i].name_end);
565
566 std::string::const_iterator value_begin = parsed_[i].value_begin;
567 std::string::const_iterator value_end = parsed_[i].value_end;
568 while (++i < parsed_.size() && parsed_[i].is_continuation())
569 value_end = parsed_[i].value_end;
570
571 value->assign(value_begin, value_end);
572
573 *iter = reinterpret_cast<void*>(i);
574 return true;
575 }
576
577 bool HttpResponseHeaders::EnumerateHeader(void** iter,
578 const base::StringPiece& name,
579 std::string* value) const {
580 size_t i;
581 if (!iter || !*iter) {
582 i = FindHeader(0, name);
583 } else {
584 i = reinterpret_cast<size_t>(*iter);
585 if (i >= parsed_.size()) {
586 i = std::string::npos;
587 } else if (!parsed_[i].is_continuation()) {
588 i = FindHeader(i, name);
589 }
590 }
591
592 if (i == std::string::npos) {
593 value->clear();
594 return false;
595 }
596
597 if (iter)
598 *iter = reinterpret_cast<void*>(i + 1);
599 value->assign(parsed_[i].value_begin, parsed_[i].value_end);
600 return true;
601 }
602
603 bool HttpResponseHeaders::HasHeaderValue(const base::StringPiece& name,
604 const base::StringPiece& value) const {
605 // The value has to be an exact match. This is important since
606 // 'cache-control: no-cache' != 'cache-control: no-cache="foo"'
607 void* iter = NULL;
608 std::string temp;
609 while (EnumerateHeader(&iter, name, &temp)) {
610 if (value.size() == temp.size() &&
611 std::equal(temp.begin(), temp.end(), value.begin(),
612 base::CaseInsensitiveCompare<char>()))
613 return true;
614 }
615 return false;
616 }
617
618 bool HttpResponseHeaders::HasHeader(const base::StringPiece& name) const {
619 return FindHeader(0, name) != std::string::npos;
620 }
621
622 HttpResponseHeaders::HttpResponseHeaders() : response_code_(-1) {
623 }
624
625 HttpResponseHeaders::~HttpResponseHeaders() {
626 }
627
628 // Note: this implementation implicitly assumes that line_end points at a valid
629 // sentinel character (such as '\0').
630 // static
631 HttpVersion HttpResponseHeaders::ParseVersion(
632 std::string::const_iterator line_begin,
633 std::string::const_iterator line_end) {
634 std::string::const_iterator p = line_begin;
635
636 // RFC2616 sec 3.1: HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT
637 // TODO: (1*DIGIT apparently means one or more digits, but we only handle 1).
638 // TODO: handle leading zeros, which is allowed by the rfc1616 sec 3.1.
639
640 if ((line_end - p < 4) || !LowerCaseEqualsASCII(p, p + 4, "http")) {
641 DVLOG(1) << "missing status line";
642 return HttpVersion();
643 }
644
645 p += 4;
646
647 if (p >= line_end || *p != '/') {
648 DVLOG(1) << "missing version";
649 return HttpVersion();
650 }
651
652 std::string::const_iterator dot = std::find(p, line_end, '.');
653 if (dot == line_end) {
654 DVLOG(1) << "malformed version";
655 return HttpVersion();
656 }
657
658 ++p; // from / to first digit.
659 ++dot; // from . to second digit.
660
661 if (!(*p >= '0' && *p <= '9' && *dot >= '0' && *dot <= '9')) {
662 DVLOG(1) << "malformed version number";
663 return HttpVersion();
664 }
665
666 uint16 major = *p - '0';
667 uint16 minor = *dot - '0';
668
669 return HttpVersion(major, minor);
670 }
671
672 // Note: this implementation implicitly assumes that line_end points at a valid
673 // sentinel character (such as '\0').
674 void HttpResponseHeaders::ParseStatusLine(
675 std::string::const_iterator line_begin,
676 std::string::const_iterator line_end,
677 bool has_headers) {
678 // Extract the version number
679 parsed_http_version_ = ParseVersion(line_begin, line_end);
680
681 // Clamp the version number to one of: {0.9, 1.0, 1.1}
682 if (parsed_http_version_ == HttpVersion(0, 9) && !has_headers) {
683 http_version_ = HttpVersion(0, 9);
684 raw_headers_ = "HTTP/0.9";
685 } else if (parsed_http_version_ >= HttpVersion(1, 1)) {
686 http_version_ = HttpVersion(1, 1);
687 raw_headers_ = "HTTP/1.1";
688 } else {
689 // Treat everything else like HTTP 1.0
690 http_version_ = HttpVersion(1, 0);
691 raw_headers_ = "HTTP/1.0";
692 }
693 if (parsed_http_version_ != http_version_) {
694 DVLOG(1) << "assuming HTTP/" << http_version_.major_value() << "."
695 << http_version_.minor_value();
696 }
697
698 // TODO(eroman): this doesn't make sense if ParseVersion failed.
699 std::string::const_iterator p = std::find(line_begin, line_end, ' ');
700
701 if (p == line_end) {
702 DVLOG(1) << "missing response status; assuming 200 OK";
703 raw_headers_.append(" 200 OK");
704 response_code_ = 200;
705 return;
706 }
707
708 // Skip whitespace.
709 while (*p == ' ')
710 ++p;
711
712 std::string::const_iterator code = p;
713 while (*p >= '0' && *p <= '9')
714 ++p;
715
716 if (p == code) {
717 DVLOG(1) << "missing response status number; assuming 200";
718 raw_headers_.append(" 200 OK");
719 response_code_ = 200;
720 return;
721 }
722 raw_headers_.push_back(' ');
723 raw_headers_.append(code, p);
724 raw_headers_.push_back(' ');
725 base::StringToInt(StringPiece(code, p), &response_code_);
726
727 // Skip whitespace.
728 while (*p == ' ')
729 ++p;
730
731 // Trim trailing whitespace.
732 while (line_end > p && line_end[-1] == ' ')
733 --line_end;
734
735 if (p == line_end) {
736 DVLOG(1) << "missing response status text; assuming OK";
737 // Not super critical what we put here. Just use "OK"
738 // even if it isn't descriptive of response_code_.
739 raw_headers_.append("OK");
740 } else {
741 raw_headers_.append(p, line_end);
742 }
743 }
744
745 size_t HttpResponseHeaders::FindHeader(size_t from,
746 const base::StringPiece& search) const {
747 for (size_t i = from; i < parsed_.size(); ++i) {
748 if (parsed_[i].is_continuation())
749 continue;
750 const std::string::const_iterator& name_begin = parsed_[i].name_begin;
751 const std::string::const_iterator& name_end = parsed_[i].name_end;
752 if (static_cast<size_t>(name_end - name_begin) == search.size() &&
753 std::equal(name_begin, name_end, search.begin(),
754 base::CaseInsensitiveCompare<char>()))
755 return i;
756 }
757
758 return std::string::npos;
759 }
760
761 void HttpResponseHeaders::AddHeader(std::string::const_iterator name_begin,
762 std::string::const_iterator name_end,
763 std::string::const_iterator values_begin,
764 std::string::const_iterator values_end) {
765 // If the header can be coalesced, then we should split it up.
766 if (values_begin == values_end ||
767 HttpUtil::IsNonCoalescingHeader(name_begin, name_end)) {
768 AddToParsed(name_begin, name_end, values_begin, values_end);
769 } else {
770 HttpUtil::ValuesIterator it(values_begin, values_end, ',');
771 while (it.GetNext()) {
772 AddToParsed(name_begin, name_end, it.value_begin(), it.value_end());
773 // clobber these so that subsequent values are treated as continuations
774 name_begin = name_end = raw_headers_.end();
775 }
776 }
777 }
778
779 void HttpResponseHeaders::AddToParsed(std::string::const_iterator name_begin,
780 std::string::const_iterator name_end,
781 std::string::const_iterator value_begin,
782 std::string::const_iterator value_end) {
783 ParsedHeader header;
784 header.name_begin = name_begin;
785 header.name_end = name_end;
786 header.value_begin = value_begin;
787 header.value_end = value_end;
788 parsed_.push_back(header);
789 }
790
791 void HttpResponseHeaders::AddNonCacheableHeaders(HeaderSet* result) const {
792 // Add server specified transients. Any 'cache-control: no-cache="foo,bar"'
793 // headers present in the response specify additional headers that we should
794 // not store in the cache.
795 const char kCacheControl[] = "cache-control";
796 const char kPrefix[] = "no-cache=\"";
797 const size_t kPrefixLen = sizeof(kPrefix) - 1;
798
799 std::string value;
800 void* iter = NULL;
801 while (EnumerateHeader(&iter, kCacheControl, &value)) {
802 // If the value is smaller than the prefix and a terminal quote, skip
803 // it.
804 if (value.size() <= kPrefixLen ||
805 value.compare(0, kPrefixLen, kPrefix) != 0) {
806 continue;
807 }
808 // if it doesn't end with a quote, then treat as malformed
809 if (value[value.size()-1] != '\"')
810 continue;
811
812 // process the value as a comma-separated list of items. Each
813 // item can be wrapped by linear white space.
814 std::string::const_iterator item = value.begin() + kPrefixLen;
815 std::string::const_iterator end = value.end() - 1;
816 while (item != end) {
817 // Find the comma to compute the length of the current item,
818 // and the position of the next one.
819 std::string::const_iterator item_next = std::find(item, end, ',');
820 std::string::const_iterator item_end = end;
821 if (item_next != end) {
822 // Skip over comma for next position.
823 item_end = item_next;
824 item_next++;
825 }
826 // trim off leading and trailing whitespace in this item.
827 HttpUtil::TrimLWS(&item, &item_end);
828
829 // assuming the header is not empty, lowercase and insert into set
830 if (item_end > item) {
831 std::string name(&*item, item_end - item);
832 StringToLowerASCII(&name);
833 result->insert(name);
834 }
835
836 // Continue to next item.
837 item = item_next;
838 }
839 }
840 }
841
842 void HttpResponseHeaders::AddHopByHopHeaders(HeaderSet* result) {
843 for (size_t i = 0; i < arraysize(kHopByHopResponseHeaders); ++i)
844 result->insert(std::string(kHopByHopResponseHeaders[i]));
845 }
846
847 void HttpResponseHeaders::AddCookieHeaders(HeaderSet* result) {
848 for (size_t i = 0; i < arraysize(kCookieResponseHeaders); ++i)
849 result->insert(std::string(kCookieResponseHeaders[i]));
850 }
851
852 void HttpResponseHeaders::AddChallengeHeaders(HeaderSet* result) {
853 for (size_t i = 0; i < arraysize(kChallengeResponseHeaders); ++i)
854 result->insert(std::string(kChallengeResponseHeaders[i]));
855 }
856
857 void HttpResponseHeaders::AddHopContentRangeHeaders(HeaderSet* result) {
858 result->insert(kContentRange);
859 }
860
861 void HttpResponseHeaders::AddSecurityStateHeaders(HeaderSet* result) {
862 for (size_t i = 0; i < arraysize(kSecurityStateHeaders); ++i)
863 result->insert(std::string(kSecurityStateHeaders[i]));
864 }
865
866 void HttpResponseHeaders::GetMimeTypeAndCharset(std::string* mime_type,
867 std::string* charset) const {
868 mime_type->clear();
869 charset->clear();
870
871 std::string name = "content-type";
872 std::string value;
873
874 bool had_charset = false;
875
876 void* iter = NULL;
877 while (EnumerateHeader(&iter, name, &value))
878 HttpUtil::ParseContentType(value, mime_type, charset, &had_charset, NULL);
879 }
880
881 bool HttpResponseHeaders::GetMimeType(std::string* mime_type) const {
882 std::string unused;
883 GetMimeTypeAndCharset(mime_type, &unused);
884 return !mime_type->empty();
885 }
886
887 bool HttpResponseHeaders::GetCharset(std::string* charset) const {
888 std::string unused;
889 GetMimeTypeAndCharset(&unused, charset);
890 return !charset->empty();
891 }
892
893 bool HttpResponseHeaders::IsRedirect(std::string* location) const {
894 if (!IsRedirectResponseCode(response_code_))
895 return false;
896
897 // If we lack a Location header, then we can't treat this as a redirect.
898 // We assume that the first non-empty location value is the target URL that
899 // we want to follow. TODO(darin): Is this consistent with other browsers?
900 size_t i = std::string::npos;
901 do {
902 i = FindHeader(++i, "location");
903 if (i == std::string::npos)
904 return false;
905 // If the location value is empty, then it doesn't count.
906 } while (parsed_[i].value_begin == parsed_[i].value_end);
907
908 if (location) {
909 // Escape any non-ASCII characters to preserve them. The server should
910 // only be returning ASCII here, but for compat we need to do this.
911 *location = EscapeNonASCII(
912 std::string(parsed_[i].value_begin, parsed_[i].value_end));
913 }
914
915 return true;
916 }
917
918 // static
919 bool HttpResponseHeaders::IsRedirectResponseCode(int response_code) {
920 // Users probably want to see 300 (multiple choice) pages, so we don't count
921 // them as redirects that need to be followed.
922 return (response_code == 301 ||
923 response_code == 302 ||
924 response_code == 303 ||
925 response_code == 307);
926 }
927
928 // From RFC 2616 section 13.2.4:
929 //
930 // The calculation to determine if a response has expired is quite simple:
931 //
932 // response_is_fresh = (freshness_lifetime > current_age)
933 //
934 // Of course, there are other factors that can force a response to always be
935 // validated or re-fetched.
936 //
937 bool HttpResponseHeaders::RequiresValidation(const Time& request_time,
938 const Time& response_time,
939 const Time& current_time) const {
940 TimeDelta lifetime =
941 GetFreshnessLifetime(response_time);
942 if (lifetime == TimeDelta())
943 return true;
944
945 return lifetime <= GetCurrentAge(request_time, response_time, current_time);
946 }
947
948 // From RFC 2616 section 13.2.4:
949 //
950 // The max-age directive takes priority over Expires, so if max-age is present
951 // in a response, the calculation is simply:
952 //
953 // freshness_lifetime = max_age_value
954 //
955 // Otherwise, if Expires is present in the response, the calculation is:
956 //
957 // freshness_lifetime = expires_value - date_value
958 //
959 // Note that neither of these calculations is vulnerable to clock skew, since
960 // all of the information comes from the origin server.
961 //
962 // Also, if the response does have a Last-Modified time, the heuristic
963 // expiration value SHOULD be no more than some fraction of the interval since
964 // that time. A typical setting of this fraction might be 10%:
965 //
966 // freshness_lifetime = (date_value - last_modified_value) * 0.10
967 //
968 TimeDelta HttpResponseHeaders::GetFreshnessLifetime(
969 const Time& response_time) const {
970 // Check for headers that force a response to never be fresh. For backwards
971 // compat, we treat "Pragma: no-cache" as a synonym for "Cache-Control:
972 // no-cache" even though RFC 2616 does not specify it.
973 if (HasHeaderValue("cache-control", "no-cache") ||
974 HasHeaderValue("cache-control", "no-store") ||
975 HasHeaderValue("pragma", "no-cache") ||
976 HasHeaderValue("vary", "*")) // see RFC 2616 section 13.6
977 return TimeDelta(); // not fresh
978
979 // NOTE: "Cache-Control: max-age" overrides Expires, so we only check the
980 // Expires header after checking for max-age in GetFreshnessLifetime. This
981 // is important since "Expires: <date in the past>" means not fresh, but
982 // it should not trump a max-age value.
983
984 TimeDelta max_age_value;
985 if (GetMaxAgeValue(&max_age_value))
986 return max_age_value;
987
988 // If there is no Date header, then assume that the server response was
989 // generated at the time when we received the response.
990 Time date_value;
991 if (!GetDateValue(&date_value))
992 date_value = response_time;
993
994 Time expires_value;
995 if (GetExpiresValue(&expires_value)) {
996 // The expires value can be a date in the past!
997 if (expires_value > date_value)
998 return expires_value - date_value;
999
1000 return TimeDelta(); // not fresh
1001 }
1002
1003 // From RFC 2616 section 13.4:
1004 //
1005 // A response received with a status code of 200, 203, 206, 300, 301 or 410
1006 // MAY be stored by a cache and used in reply to a subsequent request,
1007 // subject to the expiration mechanism, unless a cache-control directive
1008 // prohibits caching.
1009 // ...
1010 // A response received with any other status code (e.g. status codes 302
1011 // and 307) MUST NOT be returned in a reply to a subsequent request unless
1012 // there are cache-control directives or another header(s) that explicitly
1013 // allow it.
1014 //
1015 // From RFC 2616 section 14.9.4:
1016 //
1017 // When the must-revalidate directive is present in a response received by
1018 // a cache, that cache MUST NOT use the entry after it becomes stale to
1019 // respond to a subsequent request without first revalidating it with the
1020 // origin server. (I.e., the cache MUST do an end-to-end revalidation every
1021 // time, if, based solely on the origin server's Expires or max-age value,
1022 // the cached response is stale.)
1023 //
1024 if ((response_code_ == 200 || response_code_ == 203 ||
1025 response_code_ == 206) &&
1026 !HasHeaderValue("cache-control", "must-revalidate")) {
1027 // TODO(darin): Implement a smarter heuristic.
1028 Time last_modified_value;
1029 if (GetLastModifiedValue(&last_modified_value)) {
1030 // The last-modified value can be a date in the past!
1031 if (last_modified_value <= date_value)
1032 return (date_value - last_modified_value) / 10;
1033 }
1034 }
1035
1036 // These responses are implicitly fresh (unless otherwise overruled):
1037 if (response_code_ == 300 || response_code_ == 301 || response_code_ == 410)
1038 return TimeDelta::Max();
1039
1040 return TimeDelta(); // not fresh
1041 }
1042
1043 // From RFC 2616 section 13.2.3:
1044 //
1045 // Summary of age calculation algorithm, when a cache receives a response:
1046 //
1047 // /*
1048 // * age_value
1049 // * is the value of Age: header received by the cache with
1050 // * this response.
1051 // * date_value
1052 // * is the value of the origin server's Date: header
1053 // * request_time
1054 // * is the (local) time when the cache made the request
1055 // * that resulted in this cached response
1056 // * response_time
1057 // * is the (local) time when the cache received the
1058 // * response
1059 // * now
1060 // * is the current (local) time
1061 // */
1062 // apparent_age = max(0, response_time - date_value);
1063 // corrected_received_age = max(apparent_age, age_value);
1064 // response_delay = response_time - request_time;
1065 // corrected_initial_age = corrected_received_age + response_delay;
1066 // resident_time = now - response_time;
1067 // current_age = corrected_initial_age + resident_time;
1068 //
1069 TimeDelta HttpResponseHeaders::GetCurrentAge(const Time& request_time,
1070 const Time& response_time,
1071 const Time& current_time) const {
1072 // If there is no Date header, then assume that the server response was
1073 // generated at the time when we received the response.
1074 Time date_value;
1075 if (!GetDateValue(&date_value))
1076 date_value = response_time;
1077
1078 // If there is no Age header, then assume age is zero. GetAgeValue does not
1079 // modify its out param if the value does not exist.
1080 TimeDelta age_value;
1081 GetAgeValue(&age_value);
1082
1083 TimeDelta apparent_age = std::max(TimeDelta(), response_time - date_value);
1084 TimeDelta corrected_received_age = std::max(apparent_age, age_value);
1085 TimeDelta response_delay = response_time - request_time;
1086 TimeDelta corrected_initial_age = corrected_received_age + response_delay;
1087 TimeDelta resident_time = current_time - response_time;
1088 TimeDelta current_age = corrected_initial_age + resident_time;
1089
1090 return current_age;
1091 }
1092
1093 bool HttpResponseHeaders::GetMaxAgeValue(TimeDelta* result) const {
1094 std::string name = "cache-control";
1095 std::string value;
1096
1097 const char kMaxAgePrefix[] = "max-age=";
1098 const size_t kMaxAgePrefixLen = arraysize(kMaxAgePrefix) - 1;
1099
1100 void* iter = NULL;
1101 while (EnumerateHeader(&iter, name, &value)) {
1102 if (value.size() > kMaxAgePrefixLen) {
1103 if (LowerCaseEqualsASCII(value.begin(),
1104 value.begin() + kMaxAgePrefixLen,
1105 kMaxAgePrefix)) {
1106 int64 seconds;
1107 base::StringToInt64(StringPiece(value.begin() + kMaxAgePrefixLen,
1108 value.end()),
1109 &seconds);
1110 *result = TimeDelta::FromSeconds(seconds);
1111 return true;
1112 }
1113 }
1114 }
1115
1116 return false;
1117 }
1118
1119 bool HttpResponseHeaders::GetAgeValue(TimeDelta* result) const {
1120 std::string value;
1121 if (!EnumerateHeader(NULL, "Age", &value))
1122 return false;
1123
1124 int64 seconds;
1125 base::StringToInt64(value, &seconds);
1126 *result = TimeDelta::FromSeconds(seconds);
1127 return true;
1128 }
1129
1130 bool HttpResponseHeaders::GetDateValue(Time* result) const {
1131 return GetTimeValuedHeader("Date", result);
1132 }
1133
1134 bool HttpResponseHeaders::GetLastModifiedValue(Time* result) const {
1135 return GetTimeValuedHeader("Last-Modified", result);
1136 }
1137
1138 bool HttpResponseHeaders::GetExpiresValue(Time* result) const {
1139 return GetTimeValuedHeader("Expires", result);
1140 }
1141
1142 bool HttpResponseHeaders::GetTimeValuedHeader(const std::string& name,
1143 Time* result) const {
1144 std::string value;
1145 if (!EnumerateHeader(NULL, name, &value))
1146 return false;
1147
1148 // When parsing HTTP dates it's beneficial to default to GMT because:
1149 // 1. RFC2616 3.3.1 says times should always be specified in GMT
1150 // 2. Only counter-example incorrectly appended "UTC" (crbug.com/153759)
1151 // 3. When adjusting cookie expiration times for clock skew
1152 // (crbug.com/135131) this better matches our cookie expiration
1153 // time parser which ignores timezone specifiers and assumes GMT.
1154 // 4. This is exactly what Firefox does.
1155 // TODO(pauljensen): The ideal solution would be to return false if the
1156 // timezone could not be understood so as to avoid makeing other calculations
1157 // based on an incorrect time. This would require modifying the time
1158 // library or duplicating the code. (http://crbug.com/158327)
1159 return Time::FromUTCString(value.c_str(), result);
1160 }
1161
1162 bool HttpResponseHeaders::IsKeepAlive() const {
1163 if (http_version_ < HttpVersion(1, 0))
1164 return false;
1165
1166 // NOTE: It is perhaps risky to assume that a Proxy-Connection header is
1167 // meaningful when we don't know that this response was from a proxy, but
1168 // Mozilla also does this, so we'll do the same.
1169 std::string connection_val;
1170 if (!EnumerateHeader(NULL, "connection", &connection_val))
1171 EnumerateHeader(NULL, "proxy-connection", &connection_val);
1172
1173 bool keep_alive;
1174
1175 if (http_version_ == HttpVersion(1, 0)) {
1176 // HTTP/1.0 responses default to NOT keep-alive
1177 keep_alive = LowerCaseEqualsASCII(connection_val, "keep-alive");
1178 } else {
1179 // HTTP/1.1 responses default to keep-alive
1180 keep_alive = !LowerCaseEqualsASCII(connection_val, "close");
1181 }
1182
1183 return keep_alive;
1184 }
1185
1186 bool HttpResponseHeaders::HasStrongValidators() const {
1187 std::string etag_header;
1188 EnumerateHeader(NULL, "etag", &etag_header);
1189 std::string last_modified_header;
1190 EnumerateHeader(NULL, "Last-Modified", &last_modified_header);
1191 std::string date_header;
1192 EnumerateHeader(NULL, "Date", &date_header);
1193 return HttpUtil::HasStrongValidators(GetHttpVersion(),
1194 etag_header,
1195 last_modified_header,
1196 date_header);
1197 }
1198
1199 // From RFC 2616:
1200 // Content-Length = "Content-Length" ":" 1*DIGIT
1201 int64 HttpResponseHeaders::GetContentLength() const {
1202 return GetInt64HeaderValue("content-length");
1203 }
1204
1205 int64 HttpResponseHeaders::GetInt64HeaderValue(
1206 const std::string& header) const {
1207 void* iter = NULL;
1208 std::string content_length_val;
1209 if (!EnumerateHeader(&iter, header, &content_length_val))
1210 return -1;
1211
1212 if (content_length_val.empty())
1213 return -1;
1214
1215 if (content_length_val[0] == '+')
1216 return -1;
1217
1218 int64 result;
1219 bool ok = base::StringToInt64(content_length_val, &result);
1220 if (!ok || result < 0)
1221 return -1;
1222
1223 return result;
1224 }
1225
1226 // From RFC 2616 14.16:
1227 // content-range-spec =
1228 // bytes-unit SP byte-range-resp-spec "/" ( instance-length | "*" )
1229 // byte-range-resp-spec = (first-byte-pos "-" last-byte-pos) | "*"
1230 // instance-length = 1*DIGIT
1231 // bytes-unit = "bytes"
1232 bool HttpResponseHeaders::GetContentRange(int64* first_byte_position,
1233 int64* last_byte_position,
1234 int64* instance_length) const {
1235 void* iter = NULL;
1236 std::string content_range_spec;
1237 *first_byte_position = *last_byte_position = *instance_length = -1;
1238 if (!EnumerateHeader(&iter, kContentRange, &content_range_spec))
1239 return false;
1240
1241 // If the header value is empty, we have an invalid header.
1242 if (content_range_spec.empty())
1243 return false;
1244
1245 size_t space_position = content_range_spec.find(' ');
1246 if (space_position == std::string::npos)
1247 return false;
1248
1249 // Invalid header if it doesn't contain "bytes-unit".
1250 std::string::const_iterator content_range_spec_begin =
1251 content_range_spec.begin();
1252 std::string::const_iterator content_range_spec_end =
1253 content_range_spec.begin() + space_position;
1254 HttpUtil::TrimLWS(&content_range_spec_begin, &content_range_spec_end);
1255 if (!LowerCaseEqualsASCII(content_range_spec_begin,
1256 content_range_spec_end,
1257 "bytes")) {
1258 return false;
1259 }
1260
1261 size_t slash_position = content_range_spec.find('/', space_position + 1);
1262 if (slash_position == std::string::npos)
1263 return false;
1264
1265 // Obtain the part behind the space and before slash.
1266 std::string::const_iterator byte_range_resp_spec_begin =
1267 content_range_spec.begin() + space_position + 1;
1268 std::string::const_iterator byte_range_resp_spec_end =
1269 content_range_spec.begin() + slash_position;
1270 HttpUtil::TrimLWS(&byte_range_resp_spec_begin, &byte_range_resp_spec_end);
1271
1272 // Parse the byte-range-resp-spec part.
1273 std::string byte_range_resp_spec(byte_range_resp_spec_begin,
1274 byte_range_resp_spec_end);
1275 // If byte-range-resp-spec != "*".
1276 if (!LowerCaseEqualsASCII(byte_range_resp_spec, "*")) {
1277 size_t minus_position = byte_range_resp_spec.find('-');
1278 if (minus_position != std::string::npos) {
1279 // Obtain first-byte-pos.
1280 std::string::const_iterator first_byte_pos_begin =
1281 byte_range_resp_spec.begin();
1282 std::string::const_iterator first_byte_pos_end =
1283 byte_range_resp_spec.begin() + minus_position;
1284 HttpUtil::TrimLWS(&first_byte_pos_begin, &first_byte_pos_end);
1285
1286 bool ok = base::StringToInt64(StringPiece(first_byte_pos_begin,
1287 first_byte_pos_end),
1288 first_byte_position);
1289
1290 // Obtain last-byte-pos.
1291 std::string::const_iterator last_byte_pos_begin =
1292 byte_range_resp_spec.begin() + minus_position + 1;
1293 std::string::const_iterator last_byte_pos_end =
1294 byte_range_resp_spec.end();
1295 HttpUtil::TrimLWS(&last_byte_pos_begin, &last_byte_pos_end);
1296
1297 ok &= base::StringToInt64(StringPiece(last_byte_pos_begin,
1298 last_byte_pos_end),
1299 last_byte_position);
1300 if (!ok) {
1301 *first_byte_position = *last_byte_position = -1;
1302 return false;
1303 }
1304 if (*first_byte_position < 0 || *last_byte_position < 0 ||
1305 *first_byte_position > *last_byte_position)
1306 return false;
1307 } else {
1308 return false;
1309 }
1310 }
1311
1312 // Parse the instance-length part.
1313 // If instance-length == "*".
1314 std::string::const_iterator instance_length_begin =
1315 content_range_spec.begin() + slash_position + 1;
1316 std::string::const_iterator instance_length_end =
1317 content_range_spec.end();
1318 HttpUtil::TrimLWS(&instance_length_begin, &instance_length_end);
1319
1320 if (LowerCaseEqualsASCII(instance_length_begin, instance_length_end, "*")) {
1321 return false;
1322 } else if (!base::StringToInt64(StringPiece(instance_length_begin,
1323 instance_length_end),
1324 instance_length)) {
1325 *instance_length = -1;
1326 return false;
1327 }
1328
1329 // We have all the values; let's verify that they make sense for a 206
1330 // response.
1331 if (*first_byte_position < 0 || *last_byte_position < 0 ||
1332 *instance_length < 0 || *instance_length - 1 < *last_byte_position)
1333 return false;
1334
1335 return true;
1336 }
1337
1338 base::Value* HttpResponseHeaders::NetLogCallback(
1339 NetLog::LogLevel log_level) const {
1340 base::DictionaryValue* dict = new base::DictionaryValue();
1341 base::ListValue* headers = new base::ListValue();
1342 headers->Append(new base::StringValue(GetStatusLine()));
1343 void* iterator = NULL;
1344 std::string name;
1345 std::string value;
1346 while (EnumerateHeaderLines(&iterator, &name, &value)) {
1347 std::string log_value = ElideHeaderValueForNetLog(log_level, name, value);
1348 headers->Append(
1349 new base::StringValue(
1350 base::StringPrintf("%s: %s", name.c_str(), log_value.c_str())));
1351 }
1352 dict->Set("headers", headers);
1353 return dict;
1354 }
1355
1356 // static
1357 bool HttpResponseHeaders::FromNetLogParam(
1358 const base::Value* event_param,
1359 scoped_refptr<HttpResponseHeaders>* http_response_headers) {
1360 *http_response_headers = NULL;
1361
1362 const base::DictionaryValue* dict = NULL;
1363 const base::ListValue* header_list = NULL;
1364
1365 if (!event_param ||
1366 !event_param->GetAsDictionary(&dict) ||
1367 !dict->GetList("headers", &header_list)) {
1368 return false;
1369 }
1370
1371 std::string raw_headers;
1372 for (base::ListValue::const_iterator it = header_list->begin();
1373 it != header_list->end();
1374 ++it) {
1375 std::string header_line;
1376 if (!(*it)->GetAsString(&header_line))
1377 return false;
1378
1379 raw_headers.append(header_line);
1380 raw_headers.push_back('\0');
1381 }
1382 raw_headers.push_back('\0');
1383 *http_response_headers = new HttpResponseHeaders(raw_headers);
1384 return true;
1385 }
1386
1387 bool HttpResponseHeaders::IsChunkEncoded() const {
1388 // Ignore spurious chunked responses from HTTP/1.0 servers and proxies.
1389 return GetHttpVersion() >= HttpVersion(1, 1) &&
1390 HasHeaderValue("Transfer-Encoding", "chunked");
1391 }
1392
1393 #if defined(SPDY_PROXY_AUTH_ORIGIN)
1394 bool HttpResponseHeaders::GetChromeProxyBypassDuration(
1395 const std::string& action_prefix,
1396 base::TimeDelta* duration) const {
1397 void* iter = NULL;
1398 std::string value;
1399 std::string name = "chrome-proxy";
1400
1401 while (EnumerateHeader(&iter, name, &value)) {
1402 if (value.size() > action_prefix.size()) {
1403 if (LowerCaseEqualsASCII(value.begin(),
1404 value.begin() + action_prefix.size(),
1405 action_prefix.c_str())) {
1406 int64 seconds;
1407 if (!base::StringToInt64(
1408 StringPiece(value.begin() + action_prefix.size(), value.end()),
1409 &seconds) || seconds < 0) {
1410 continue; // In case there is a well formed instruction.
1411 }
1412 *duration = TimeDelta::FromSeconds(seconds);
1413 return true;
1414 }
1415 }
1416 }
1417 return false;
1418 }
1419
1420 bool HttpResponseHeaders::GetChromeProxyInfo(
1421 ChromeProxyInfo* proxy_info) const {
1422 DCHECK(proxy_info);
1423 proxy_info->bypass_all = false;
1424 proxy_info->bypass_duration = base::TimeDelta();
1425 // Support header of the form Chrome-Proxy: bypass|block=<duration>, where
1426 // <duration> is the number of seconds to wait before retrying
1427 // the proxy. If the duration is 0, then the default proxy retry delay
1428 // (specified in |ProxyList::UpdateRetryInfoOnFallback|) will be used.
1429 // 'bypass' instructs Chrome to bypass the currently connected Chrome proxy,
1430 // whereas 'block' instructs Chrome to bypass all available Chrome proxies.
1431
1432 // 'block' takes precedence over 'bypass', so look for it first.
1433 // TODO(bengr): Reduce checks for 'block' and 'bypass' to a single loop.
1434 if (GetChromeProxyBypassDuration("block=", &proxy_info->bypass_duration)) {
1435 proxy_info->bypass_all = true;
1436 return true;
1437 }
1438
1439 // Next, look for 'bypass'.
1440 if (GetChromeProxyBypassDuration("bypass=", &proxy_info->bypass_duration))
1441 return true;
1442
1443 return false;
1444 }
1445
1446 bool HttpResponseHeaders::IsChromeProxyResponse() const {
1447 const size_t kVersionSize = 4;
1448 const char kChromeProxyViaValue[] = "Chrome-Compression-Proxy";
1449 size_t value_len = strlen(kChromeProxyViaValue);
1450 void* iter = NULL;
1451 std::string value;
1452
1453 // Case-sensitive comparison of |value|. Assumes the received protocol and the
1454 // space following it are always |kVersionSize| characters. E.g.,
1455 // 'Via: 1.1 Chrome-Compression-Proxy'
1456 while (EnumerateHeader(&iter, "via", &value)) {
1457 if (value.size() >= kVersionSize + value_len &&
1458 !value.compare(kVersionSize, value_len, kChromeProxyViaValue))
1459 return true;
1460 }
1461
1462 // TODO(bengr): Remove deprecated header value.
1463 const char kDeprecatedChromeProxyViaValue[] = "1.1 Chrome Compression Proxy";
1464 iter = NULL;
1465 while (EnumerateHeader(&iter, "via", &value))
1466 if (value == kDeprecatedChromeProxyViaValue)
1467 return true;
1468
1469 return false;
1470 }
1471
1472 ProxyService::DataReductionProxyBypassEventType
1473 HttpResponseHeaders::GetChromeProxyBypassEventType(
1474 ChromeProxyInfo* chrome_proxy_info) const {
1475 DCHECK(chrome_proxy_info);
1476 if (GetChromeProxyInfo(chrome_proxy_info)) {
1477 // A chrome-proxy response header is only present in a 502. For proper
1478 // reporting, this check must come before the 5xx checks below.
1479 if (chrome_proxy_info->bypass_duration < TimeDelta::FromMinutes(30))
1480 return ProxyService::SHORT_BYPASS;
1481 return ProxyService::LONG_BYPASS;
1482 }
1483 if (response_code() == HTTP_INTERNAL_SERVER_ERROR ||
1484 response_code() == HTTP_BAD_GATEWAY ||
1485 response_code() == HTTP_SERVICE_UNAVAILABLE) {
1486 // Fall back if a 500, 502 or 503 is returned.
1487 return ProxyService::INTERNAL_SERVER_ERROR_BYPASS;
1488 }
1489 if (!IsChromeProxyResponse() && (response_code() != HTTP_NOT_MODIFIED)) {
1490 // A Via header might not be present in a 304. Since the goal of a 304
1491 // response is to minimize information transfer, a sender in general
1492 // should not generate representation metadata other than Cache-Control,
1493 // Content-Location, Date, ETag, Expires, and Vary.
1494 return ProxyService::MISSING_VIA_HEADER;
1495 }
1496 // There is no bypass event.
1497 return ProxyService::BYPASS_EVENT_TYPE_MAX;
1498 }
1499 #endif // defined(SPDY_PROXY_AUTH_ORIGIN)
1500
1501 } // namespace net