net/http/proxy_client_socket.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/http/proxy_client_socket.h"
   6
   7 #include "base/metrics/histogram_macros.h"
   8 #include "base/strings/stringprintf.h"
   9 #include "net/base/host_port_pair.h"
  10 #include "net/base/net_errors.h"
  11 #include "net/base/net_util.h"
  12 #include "net/http/http_auth_controller.h"
  13 #include "net/http/http_request_info.h"
  14 #include "net/http/http_response_headers.h"
  15 #include "net/http/http_response_info.h"
  16 #include "url/gurl.h"
  17
  18 namespace net {
  19
  20 namespace {
  21
  22 void CopyHeaderValues(scoped_refptr<HttpResponseHeaders> source,
  23                       scoped_refptr<HttpResponseHeaders> dest,
  24                       const std::string& header_name) {
  25   void* iter = NULL;
  26   std::string header_value;
  27
  28   while (source->EnumerateHeader(&iter, header_name, &header_value))
  29     dest->AddHeader(header_name + ": " + header_value);
  30 }
  31
  32 }  // namespace
  33
  34 // static
  35 void ProxyClientSocket::BuildTunnelRequest(
  36     const HostPortPair& endpoint,
  37     const HttpRequestHeaders& auth_headers,
  38     const std::string& user_agent,
  39     std::string* request_line,
  40     HttpRequestHeaders* request_headers) {
  41   // RFC 7230 Section 5.4 says a client MUST send a Host header field in all
  42   // HTTP/1.1 request messages, and Host SHOULD be the first header field
  43   // following the request-line.  Add "Proxy-Connection: keep-alive" for compat
  44   // with HTTP/1.0 proxies such as Squid (required for NTLM authentication).
  45   std::string host_and_port = endpoint.ToString();
  46   *request_line =
  47       base::StringPrintf("CONNECT %s HTTP/1.1\r\n", host_and_port.c_str());
  48   request_headers->SetHeader(HttpRequestHeaders::kHost, endpoint.port() == 443
  49                                                             ? endpoint.host()
  50                                                             : host_and_port);
  51   request_headers->SetHeader(HttpRequestHeaders::kProxyConnection,
  52                              "keep-alive");
  53   if (!user_agent.empty())
  54     request_headers->SetHeader(HttpRequestHeaders::kUserAgent, user_agent);
  55
  56   request_headers->MergeFrom(auth_headers);
  57 }
  58
  59 // static
  60 int ProxyClientSocket::HandleProxyAuthChallenge(HttpAuthController* auth,
  61                                                 HttpResponseInfo* response,
  62                                                 const BoundNetLog& net_log) {
  63   DCHECK(response->headers.get());
  64   int rv = auth->HandleAuthChallenge(response->headers, false, true, net_log);
  65   response->auth_challenge = auth->auth_info();
  66   if (rv == OK)
  67     return ERR_PROXY_AUTH_REQUESTED;
  68   return rv;
  69 }
  70
  71 // static
  72 void ProxyClientSocket::LogBlockedTunnelResponse(int http_status_code,
  73                                                  bool is_https_proxy) {
  74   if (is_https_proxy) {
  75     UMA_HISTOGRAM_CUSTOM_ENUMERATION(
  76         "Net.BlockedTunnelResponse.HttpsProxy",
  77         HttpUtil::MapStatusCodeForHistogram(http_status_code),
  78         HttpUtil::GetStatusCodesForHistogram());
  79   } else {
  80     UMA_HISTOGRAM_CUSTOM_ENUMERATION(
  81         "Net.BlockedTunnelResponse.HttpProxy",
  82         HttpUtil::MapStatusCodeForHistogram(http_status_code),
  83         HttpUtil::GetStatusCodesForHistogram());
  84   }
  85 }
  86
  87 // static
  88 bool ProxyClientSocket::SanitizeProxyAuth(HttpResponseInfo* response) {
  89   DCHECK(response && response->headers.get());
  90
  91   scoped_refptr<HttpResponseHeaders> old_headers = response->headers;
  92
  93   const char kHeaders[] = "HTTP/1.1 407 Proxy Authentication Required\n\n";
  94   scoped_refptr<HttpResponseHeaders> new_headers = new HttpResponseHeaders(
  95       HttpUtil::AssembleRawHeaders(kHeaders, arraysize(kHeaders)));
  96
  97   // Copy status line and all hop-by-hop headers to preserve keep-alive
  98   // behavior.
  99   new_headers->ReplaceStatusLine(old_headers->GetStatusLine());
 100   CopyHeaderValues(old_headers, new_headers, "connection");
 101   CopyHeaderValues(old_headers, new_headers, "proxy-connection");
 102   CopyHeaderValues(old_headers, new_headers, "keep-alive");
 103   CopyHeaderValues(old_headers, new_headers, "trailer");
 104   CopyHeaderValues(old_headers, new_headers, "transfer-encoding");
 105   CopyHeaderValues(old_headers, new_headers, "upgrade");
 106
 107   CopyHeaderValues(old_headers, new_headers, "content-length");
 108
 109   CopyHeaderValues(old_headers, new_headers, "proxy-authenticate");
 110
 111   response->headers = new_headers;
 112   return true;
 113 }
 114
 115 // static
 116 bool ProxyClientSocket::SanitizeProxyRedirect(HttpResponseInfo* response) {
 117   DCHECK(response && response->headers.get());
 118
 119   std::string location;
 120   if (!response->headers->IsRedirect(&location))
 121     return false;
 122
 123   // Return minimal headers; set "Content-Length: 0" to ignore response body.
 124   std::string fake_response_headers = base::StringPrintf(
 125       "HTTP/1.0 302 Found\n"
 126       "Location: %s\n"
 127       "Content-Length: 0\n"
 128       "Connection: close\n"
 129       "\n",
 130       location.c_str());
 131   std::string raw_headers =
 132       HttpUtil::AssembleRawHeaders(fake_response_headers.data(),
 133                                    fake_response_headers.length());
 134   response->headers = new HttpResponseHeaders(raw_headers);
 135
 136   return true;
 137 }
 138
 139 }  // namespace net