boost::shared_ptr<IHttpResponse> HttpClient::sendRequest(const IHttpRequest& request) { KAA_MUTEX_LOCKING("guard_"); boost::unique_lock<boost::mutex> lock(guard_); KAA_MUTEX_LOCKED("guard_"); if (sock_.is_open()) { doSocketClose(); } KAA_LOG_INFO(boost::format("Sending request to the server %1%:%2%") % request.getHost() % request.getPort()); const auto& ep = HttpUtils::getEndpoint(request.getHost(), request.getPort()); const auto& data = request.getRequestData(); boost::system::error_code errorCode; sock_.open(ep.protocol(), errorCode); checkError(errorCode); sock_.connect(ep, errorCode); checkError(errorCode); boost::asio::write(sock_, boost::asio::buffer(data.data(), data.size()), errorCode); checkError(errorCode); std::ostringstream responseStream; boost::asio::streambuf responseBuf; while (boost::asio::read(sock_, responseBuf, boost::asio::transfer_at_least(1), errorCode)) { responseStream << &responseBuf; } checkError(errorCode); const std::string& responseStr = responseStream.str(); KAA_LOG_INFO(boost::format("Response from server %1%:%2% successfully received") % request.getHost() % request.getPort()); doSocketClose(); return boost::shared_ptr<IHttpResponse>(new HttpResponse(responseStr)); }
void DefaultClientAuthorizationFacade::makeAuthorizationRequestPage(const Grant &grant, const IHttpRequest &request,IHttpResponse &response) const { string msg = DefaultClientAuthorizationFacade::_authzPageBody; //HACK: <<CONST>> should be moved to static const; clientId, scope, userId should be moved to <<params>> instead of text std::ostringstream ostr; ostr << "Client '" << grant.clientId << "' requested access to '" << grant.scope.str() << "' for logged user " << grant.userId; msg = std::regex_replace(msg, std::regex("<<Text>>"), ostr.str()); msg = std::regex_replace(msg, std::regex("<<Action>>"), request.getRequestTarget()); //HACK: We don't need parameters consider using getHost+getPath // copy all request parameters to hidden form fields ostr.str(""); ostr.clear(); map<string,string> params = request.getParams(); for (map<string,string>::const_iterator it = params.begin(); it != params.end(); ++it) ostr << "<input type='hidden' name='" << it->first << "' value='" << it->second << "'>"; ostr << "<input type='hidden' name='" << _userIdFieldName << "' value='" << grant.userId << "'>"; ostr << "<input type='hidden' name='" << authorizationFormMarker << "'>"; msg = std::regex_replace(msg, std::regex("<<HiddenFormValues>>"), ostr.str()); msg = std::regex_replace(msg, std::regex("<<AcceptFieldName>>"), _acceptedFieldName); response.setBody(msg); };
bool RequestParameterClientAuthenticationFacade::hasClientCredentials(const IHttpRequest &request) const { clientid_t cid = static_cast<clientid_t>(request.getParam(Params::client_id)); string secret = request.getParam(Params::client_secret); return ! (cid.empty() || secret.empty()); }
virtual bool createHttpRequest(IHttpRequest** ppOut) { if(*ppOut != NULL) { return false; } IHttpRequest* p = new HttpRequest(this); p->add_ref(); *ppOut = p; return true; }
Client RequestParameterClientAuthenticationFacade::authenticateClient(const IHttpRequest &request) const { clientid_t cid = static_cast<clientid_t>(request.getParam(Params::client_id)); string secret = request.getParam(Params::client_secret); Client c = ServiceLocator::instance()->Storage->getClient(cid); if (c.empty() || secret.empty() || 0 != secret.compare(c.secret)) return Client::EmptyClient; return c; };
void HttpCompleteCallback(IHttpRequest Request, IHttpRequest Response, bool bWasSuccessful){ FString MessageBody = ""; // If HTTP fails client-side, this will still be called but with a NULL shared pointer! if (!Response.IsValid()) { MessageBody = "{\"success\":\"Error: Unable to process HTTP Request!\"}"; } else if (EHttpResponseCodes::IsOk(Response->GetResponseCode())) { MessageBody = Response->GetContentAsString(); } else { MessageBody = FString::Printf(TEXT("{\"success\":\"HTTP Error: %d\"}"), Response->GetResponseCode()); } }
apr_status_t WriteBodyCallback(request_rec *r, char *buf, unsigned int length) { REQUEST_STORED_CONTEXT *rsc = RetrieveIISContext(r); if(rsc == NULL || rsc->m_pRequestRec == NULL) return APR_SUCCESS; IHttpContext *pHttpContext = rsc->m_pHttpContext; IHttpRequest *pHttpRequest = pHttpContext->GetRequest(); CHAR szLength[21]; //Max length for a 64 bit int is 20 ZeroMemory(szLength, sizeof(szLength)); HRESULT hr = StringCchPrintfA( szLength, sizeof(szLength) / sizeof(CHAR) - 1, "%d", length); if(FAILED(hr)) { // not possible } hr = pHttpRequest->SetHeader( HttpHeaderContentLength, szLength, (USHORT)strlen(szLength), TRUE); if(FAILED(hr)) { // possible, but there's nothing we can do } // since we clean the APR pool at the end of OnSendRequest, we must get IIS-managed memory chunk // void *reqbuf = pHttpContext->AllocateRequestMemory(length); memcpy(reqbuf, buf, length); pHttpRequest->InsertEntityBody(reqbuf, length); return APR_SUCCESS; }
REQUEST_NOTIFICATION_STATUS CCacheHelperModule::OnSendResponse( IN IHttpContext* pHttpContext, IN ISendResponseProvider* pProvider) { UNREFERENCED_PARAMETER(pProvider); IHttpResponse* pHttpResponse = pHttpContext->GetResponse(); IHttpRequest* pHttpRequest = pHttpContext->GetRequest(); if ((pHttpResponse != NULL) && (pHttpRequest != NULL)) { HTTP_COOKED_URL url = pHttpRequest->GetRawHttpRequest()->CookedUrl; if (!m_pConfig->UrlHasSitePrefix(url.pAbsPath)) return RQ_NOTIFICATION_CONTINUE; CachingBehavior behavior = CachingBehaviorIgnore; USHORT cchXCache; PCSTR szXCache = pHttpResponse->GetHeader((PCSTR)"X-Cache", &cchXCache); if (cchXCache > 0) { behavior = (CachingBehavior)StrToIntA(szXCache); pHttpResponse->DeleteHeader((PCSTR)"X-Cache"); } else { behavior = m_pConfig->GetCachePolicy(url.pAbsPath); } switch (behavior) { case CachingBehaviorPrivate: MakeUncacheable(pHttpResponse); break; case CachingBehaviorConditional: MakeConditionallyCacheable(pHttpResponse); break; case CachingBehaviorPublic: MakeCacheable(pHttpResponse); break; } } return RQ_NOTIFICATION_CONTINUE; }
Errors::Code DefaultClientAuthorizationFacade::processAuthorizationRequest(const IHttpRequest& request, IHttpResponse &response) const { if (!request.isParamExist(_acceptedFieldName)) { make_error_response(Errors::Code::access_denied, "user denided access to client", request, response); return Errors::Code::access_denied; } if (!request.isParamExist(_userIdFieldName) || !request.isParamExist(Params::client_id) || !request.isParamExist(Params::scope)) { make_error_response(Errors::Code::invalid_request, "no one or more required parameters user_id, client_id, scope", request, response); return Errors::Code::access_denied; } Grant grant(request.getParam(_userIdFieldName), request.getParam(Params::client_id), request.getParam(Params::scope)); ServiceLocator::instance()->Storage->saveGrant(grant); //HACK: should use POST UserAuthenticationFacadeMock::_originalRequestFieldName parameter response.addHeader("Location", request.getHeader("Referer")); response.setStatus(302); return Errors::ok; };
apr_status_t ReadBodyCallback(request_rec *r, char *buf, unsigned int length, unsigned int *readcnt, int *is_eos) { REQUEST_STORED_CONTEXT *rsc = RetrieveIISContext(r); *readcnt = 0; if(rsc == NULL) { *is_eos = 1; return APR_SUCCESS; } IHttpContext *pHttpContext = rsc->m_pHttpContext; IHttpRequest *pRequest = pHttpContext->GetRequest(); if(pRequest->GetRemainingEntityBytes() == 0) { *is_eos = 1; return APR_SUCCESS; } HRESULT hr = pRequest->ReadEntityBody(buf, length, false, (DWORD *)readcnt, NULL); if (FAILED(hr)) { // End of data is okay. if (ERROR_HANDLE_EOF != (hr & 0x0000FFFF)) { // Set the error status. rsc->m_pProvider->SetErrorStatus( hr ); } *is_eos = 1; } return APR_SUCCESS; }
REQUEST_NOTIFICATION_STATUS CMyHttpModule::OnBeginRequest( IN IHttpContext * pHttpContext, IN IHttpEventProvider * pProvider ) { HRESULT hr = S_OK; IHttpRequest* pRequest = NULL; MODSECURITY_STORED_CONTEXT* pConfig = NULL; UNREFERENCED_PARAMETER ( pProvider ); EnterCriticalSection(&m_csLock); if ( pHttpContext == NULL ) { hr = E_UNEXPECTED; goto Finished; } pRequest = pHttpContext->GetRequest(); if ( pRequest == NULL ) { hr = E_UNEXPECTED; goto Finished; } hr = MODSECURITY_STORED_CONTEXT::GetConfig(pHttpContext, &pConfig ); if ( FAILED( hr ) ) { //hr = E_UNEXPECTED; hr = S_OK; goto Finished; } // If module is disabled, dont go any further // if( pConfig->GetIsEnabled() == false ) { goto Finished; } // every 3 seconds we check for changes in config file // DWORD ctime = GetTickCount(); if(pConfig->m_Config == NULL || (ctime - pConfig->m_dwLastCheck) > 3000) { char *path; USHORT pathlen; hr = pConfig->GlobalWideCharToMultiByte(pConfig->GetPath(), wcslen(pConfig->GetPath()), &path, &pathlen); if ( FAILED( hr ) ) { hr = E_UNEXPECTED; goto Finished; } WIN32_FILE_ATTRIBUTE_DATA fdata; BOOL ret; ret = GetFileAttributesEx(path, GetFileExInfoStandard, &fdata); pConfig->m_dwLastCheck = ctime; if(pConfig->m_Config == NULL || (ret != 0 && (pConfig->m_LastChange.dwLowDateTime != fdata.ftLastWriteTime.dwLowDateTime || pConfig->m_LastChange.dwHighDateTime != fdata.ftLastWriteTime.dwHighDateTime))) { pConfig->m_LastChange.dwLowDateTime = fdata.ftLastWriteTime.dwLowDateTime; pConfig->m_LastChange.dwHighDateTime = fdata.ftLastWriteTime.dwHighDateTime; pConfig->m_Config = modsecGetDefaultConfig(); PCWSTR servpath = pHttpContext->GetApplication()->GetApplicationPhysicalPath(); char *apppath; USHORT apppathlen; hr = pConfig->GlobalWideCharToMultiByte((WCHAR *)servpath, wcslen(servpath), &apppath, &apppathlen); if ( FAILED( hr ) ) { delete path; hr = E_UNEXPECTED; goto Finished; } if(path[0] != 0) { const char * err = modsecProcessConfig((directory_config *)pConfig->m_Config, path, apppath); if(err != NULL) { WriteEventViewerLog(err, EVENTLOG_ERROR_TYPE); delete apppath; delete path; goto Finished; } } delete apppath; } delete path; } conn_rec *c; request_rec *r; c = modsecNewConnection(); modsecProcessConnection(c); r = modsecNewRequest(c, (directory_config *)pConfig->m_Config); // on IIS we force input stream inspection flag, because its absence does not add any performance gain // it's because on IIS request body must be restored each time it was read // modsecSetConfigForIISRequestBody(r); REQUEST_STORED_CONTEXT *rsc = new REQUEST_STORED_CONTEXT(); rsc->m_pConnRec = c; rsc->m_pRequestRec = r; rsc->m_pHttpContext = pHttpContext; rsc->m_pProvider = pProvider; pHttpContext->GetModuleContextContainer()->SetModuleContext(rsc, g_pModuleContext); StoreIISContext(r, rsc); HTTP_REQUEST *req = pRequest->GetRawHttpRequest(); r->hostname = ConvertUTF16ToUTF8(req->CookedUrl.pHost, req->CookedUrl.HostLength / sizeof(WCHAR), r->pool); r->path_info = ConvertUTF16ToUTF8(req->CookedUrl.pAbsPath, req->CookedUrl.AbsPathLength / sizeof(WCHAR), r->pool); if(r->hostname == NULL) { if(req->Headers.KnownHeaders[HttpHeaderHost].pRawValue != NULL) r->hostname = ZeroTerminate(req->Headers.KnownHeaders[HttpHeaderHost].pRawValue, req->Headers.KnownHeaders[HttpHeaderHost].RawValueLength, r->pool); } int port = 0; char *port_str = NULL; if(r->hostname != NULL) { int k = 0; char *ptr = (char *)r->hostname; while(*ptr != 0 && *ptr != ':') ptr++; if(*ptr == ':') { *ptr = 0; port_str = ptr + 1; port = atoi(port_str); } } if(req->CookedUrl.pQueryString != NULL && req->CookedUrl.QueryStringLength > 0) r->args = ConvertUTF16ToUTF8(req->CookedUrl.pQueryString + 1, (req->CookedUrl.QueryStringLength / sizeof(WCHAR)) - 1, r->pool); #define _TRANSHEADER(id,str) if(req->Headers.KnownHeaders[id].pRawValue != NULL) \ {\ apr_table_setn(r->headers_in, str, \ ZeroTerminate(req->Headers.KnownHeaders[id].pRawValue, req->Headers.KnownHeaders[id].RawValueLength, r->pool)); \ } _TRANSHEADER(HttpHeaderCacheControl, "Cache-Control"); _TRANSHEADER(HttpHeaderConnection, "Connection"); _TRANSHEADER(HttpHeaderDate, "Date"); _TRANSHEADER(HttpHeaderKeepAlive, "Keep-Alive"); _TRANSHEADER(HttpHeaderPragma, "Pragma"); _TRANSHEADER(HttpHeaderTrailer, "Trailer"); _TRANSHEADER(HttpHeaderTransferEncoding, "Transfer-Encoding"); _TRANSHEADER(HttpHeaderUpgrade, "Upgrade"); _TRANSHEADER(HttpHeaderVia, "Via"); _TRANSHEADER(HttpHeaderWarning, "Warning"); _TRANSHEADER(HttpHeaderAllow, "Allow"); _TRANSHEADER(HttpHeaderContentLength, "Content-Length"); _TRANSHEADER(HttpHeaderContentType, "Content-Type"); _TRANSHEADER(HttpHeaderContentEncoding, "Content-Encoding"); _TRANSHEADER(HttpHeaderContentLanguage, "Content-Language"); _TRANSHEADER(HttpHeaderContentLocation, "Content-Location"); _TRANSHEADER(HttpHeaderContentMd5, "Content-Md5"); _TRANSHEADER(HttpHeaderContentRange, "Content-Range"); _TRANSHEADER(HttpHeaderExpires, "Expires"); _TRANSHEADER(HttpHeaderLastModified, "Last-Modified"); _TRANSHEADER(HttpHeaderAccept, "Accept"); _TRANSHEADER(HttpHeaderAcceptCharset, "Accept-Charset"); _TRANSHEADER(HttpHeaderAcceptEncoding, "Accept-Encoding"); _TRANSHEADER(HttpHeaderAcceptLanguage, "Accept-Language"); _TRANSHEADER(HttpHeaderAuthorization, "Authorization"); _TRANSHEADER(HttpHeaderCookie, "Cookie"); _TRANSHEADER(HttpHeaderExpect, "Expect"); _TRANSHEADER(HttpHeaderFrom, "From"); _TRANSHEADER(HttpHeaderHost, "Host"); _TRANSHEADER(HttpHeaderIfMatch, "If-Match"); _TRANSHEADER(HttpHeaderIfModifiedSince, "If-Modified-Since"); _TRANSHEADER(HttpHeaderIfNoneMatch, "If-None-Match"); _TRANSHEADER(HttpHeaderIfRange, "If-Range"); _TRANSHEADER(HttpHeaderIfUnmodifiedSince, "If-Unmodified-Since"); _TRANSHEADER(HttpHeaderMaxForwards, "Max-Forwards"); _TRANSHEADER(HttpHeaderProxyAuthorization, "Proxy-Authorization"); _TRANSHEADER(HttpHeaderReferer, "Referer"); _TRANSHEADER(HttpHeaderRange, "Range"); _TRANSHEADER(HttpHeaderTe, "TE"); _TRANSHEADER(HttpHeaderTranslate, "Translate"); _TRANSHEADER(HttpHeaderUserAgent, "User-Agent"); #undef _TRANSHEADER for(int i = 0; i < req->Headers.UnknownHeaderCount; i++) { apr_table_setn(r->headers_in, ZeroTerminate(req->Headers.pUnknownHeaders[i].pName, req->Headers.pUnknownHeaders[i].NameLength, r->pool), ZeroTerminate(req->Headers.pUnknownHeaders[i].pRawValue, req->Headers.pUnknownHeaders[i].RawValueLength, r->pool)); } r->content_encoding = apr_table_get(r->headers_in, "Content-Encoding"); r->content_type = apr_table_get(r->headers_in, "Content-Type"); const char *lng = apr_table_get(r->headers_in, "Content-Languages"); if(lng != NULL) { r->content_languages = apr_array_make(r->pool, 1, sizeof(const char *)); *(const char **)apr_array_push(r->content_languages) = lng; } switch(req->Verb) { case HttpVerbUnparsed: case HttpVerbUnknown: case HttpVerbInvalid: case HttpVerbTRACK: // used by Microsoft Cluster Server for a non-logged trace case HttpVerbSEARCH: default: r->method = "INVALID"; r->method_number = M_INVALID; break; case HttpVerbOPTIONS: r->method = "OPTIONS"; r->method_number = M_OPTIONS; break; case HttpVerbGET: case HttpVerbHEAD: r->method = "GET"; r->method_number = M_GET; break; case HttpVerbPOST: r->method = "POST"; r->method_number = M_POST; break; case HttpVerbPUT: r->method = "PUT"; r->method_number = M_PUT; break; case HttpVerbDELETE: r->method = "DELETE"; r->method_number = M_DELETE; break; case HttpVerbTRACE: r->method = "TRACE"; r->method_number = M_TRACE; break; case HttpVerbCONNECT: r->method = "CONNECT"; r->method_number = M_CONNECT; break; case HttpVerbMOVE: r->method = "MOVE"; r->method_number = M_MOVE; break; case HttpVerbCOPY: r->method = "COPY"; r->method_number = M_COPY; break; case HttpVerbPROPFIND: r->method = "PROPFIND"; r->method_number = M_PROPFIND; break; case HttpVerbPROPPATCH: r->method = "PROPPATCH"; r->method_number = M_PROPPATCH; break; case HttpVerbMKCOL: r->method = "MKCOL"; r->method_number = M_MKCOL; break; case HttpVerbLOCK: r->method = "LOCK"; r->method_number = M_LOCK; break; case HttpVerbUNLOCK: r->method = "UNLOCK"; r->method_number = M_UNLOCK; break; } if(HTTP_EQUAL_VERSION(req->Version, 0, 9)) r->protocol = "HTTP/0.9"; else if(HTTP_EQUAL_VERSION(req->Version, 1, 0)) r->protocol = "HTTP/1.0"; else r->protocol = "HTTP/1.1"; r->request_time = apr_time_now(); r->parsed_uri.scheme = "http"; r->parsed_uri.path = r->path_info; r->parsed_uri.hostname = (char *)r->hostname; r->parsed_uri.is_initialized = 1; r->parsed_uri.port = port; r->parsed_uri.port_str = port_str; r->parsed_uri.query = r->args; r->parsed_uri.dns_looked_up = 0; r->parsed_uri.dns_resolved = 0; r->parsed_uri.password = NULL; r->parsed_uri.user = NULL; r->parsed_uri.fragment = NULL; r->unparsed_uri = ZeroTerminate(req->pRawUrl, req->RawUrlLength, r->pool); r->uri = r->unparsed_uri; r->the_request = (char *)apr_palloc(r->pool, strlen(r->method) + 1 + req->RawUrlLength + 1 + strlen(r->protocol) + 1); strcpy(r->the_request, r->method); strcat(r->the_request, " "); strcat(r->the_request, r->uri); strcat(r->the_request, " "); strcat(r->the_request, r->protocol); HTTP_REQUEST_ID httpRequestID; char *pszValue = (char *)apr_palloc(r->pool, 24); httpRequestID = pRequest->GetRawHttpRequest()->RequestId; _ui64toa(httpRequestID, pszValue, 10); apr_table_setn(r->subprocess_env, "UNIQUE_ID", pszValue); PSOCKADDR pAddr = pRequest->GetRemoteAddress(); #if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER < 3 c->remote_addr = CopySockAddr(r->pool, pAddr); c->remote_ip = GetIpAddr(r->pool, pAddr); #else c->client_addr = CopySockAddr(r->pool, pAddr); c->client_ip = GetIpAddr(r->pool, pAddr); #endif c->remote_host = NULL; int status = modsecProcessRequest(r); if(status != DECLINED) { pHttpContext->GetResponse()->SetStatus(status, "ModSecurity Action"); pHttpContext->SetRequestHandled(); hr = E_FAIL; goto Finished; } Finished: LeaveCriticalSection(&m_csLock); if ( FAILED( hr ) ) { return RQ_NOTIFICATION_FINISH_REQUEST; } return RQ_NOTIFICATION_CONTINUE; }
REQUEST_NOTIFICATION_STATUS CIISxpressHttpModule::OnSendResponse(IN IHttpContext* pHttpContext, IN ISendResponseProvider* pProvider) { const TCHAR* const pszMethodName = __FUNCTIONT__; // only proceed if filter is enabled if (m_Config.GetEnabled() == false) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("module is disabled\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::FilterDisabled); return RQ_NOTIFICATION_CONTINUE; } IHttpRequest* pHttpRequest = pHttpContext->GetRequest(); if (pHttpRequest == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetRequest() returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } IHttpResponse* pHttpResponse = pHttpContext->GetResponse(); if (pHttpResponse == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetResponse() returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } const HTTP_REQUEST* pRawRequest = pHttpRequest->GetRawHttpRequest(); if (pRawRequest == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetRawHttpRequest() returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } const HTTP_RESPONSE* pRawResponse = pHttpResponse->GetRawHttpResponse(); if (pRawResponse == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetRawHttpResponse() returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } // we only handle GET or POST (if POST handling is enabled) if (pRawRequest->Verb != HttpVerbGET && !(pRawRequest->Verb == HttpVerbPOST && m_Config.HandlePOSTResponses())) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("request was not GET or POST\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::RequestMethod); return RQ_NOTIFICATION_CONTINUE; } // only handle status code 200 if (pRawResponse->StatusCode != 200) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response code is not 200 (%u)\n"), pRawResponse->StatusCode); PerfCountersAddRejectedResponse(IISxpressNativePerf::ResponseCode); return RQ_NOTIFICATION_CONTINUE; } // determine if the request came from localhost if (m_Config.GetCompressLocalhost() == false && IsUserLocalhost(pRawRequest) == true) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("localhost is disabled\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::LocalhostDisabled); return RQ_NOTIFICATION_CONTINUE; } // *********************************************************************************************************************************** const char* pszUserAgent = EnsureNotNull(pHttpRequest->GetHeader(HttpHeaderUserAgent)); bool excludedUserAgent = false; if (m_Config.GetUserAgentExclusionEnabled()) { DWORD dwUserAgentCacheCookie = m_Config.GetLoadCookie(); if (!m_UserAgentCache.GetUserAgentState(dwUserAgentCacheCookie, pszUserAgent, excludedUserAgent)) { HttpUserAgent::UserAgentProducts<std::string> agent; if (agent.ParseUserAgentString(pszUserAgent) == S_OK) { const HttpUserAgent::RuleUserAgents<std::string>& ruleAgents = m_Config.GetExcludedUserAgents(); if (ruleAgents.Compare(agent)) { excludedUserAgent = true; } m_UserAgentCache.AddUserAgentState(dwUserAgentCacheCookie, pszUserAgent, excludedUserAgent); } } } if (excludedUserAgent) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the user agent '%s' has been excluded\n"), pszUserAgent); PerfCountersAddRejectedResponse(IISxpressNativePerf::NeverRuleMatch); return RQ_NOTIFICATION_CONTINUE; } // *********************************************************************************************************************************** // we must have only one chunk and data from memory or file if (pRawResponse->EntityChunkCount == 0) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("can't convert multi-entity buffer, incoming buffer is zero length\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::InvalidContentLength); return RQ_NOTIFICATION_CONTINUE; } else if (pRawResponse->EntityChunkCount != 1) { // turn the multi-chunk response into a single chunk - NB. the response // must all be in memory if (MakeResponseSingleEntityBlock(pHttpContext, pHttpResponse, pRawResponse) == false) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("can't convert multi-entity buffer\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::MemoryAllocationFailed); return RQ_NOTIFICATION_CONTINUE; } } else if (pRawResponse->pEntityChunks->DataChunkType != HttpDataChunkFromMemory && pRawResponse->pEntityChunks->DataChunkType != HttpDataChunkFromFileHandle) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("response isn't HttpDataChunkFromMemory or HttpDataChunkFromFileHandle\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } PHTTP_DATA_CHUNK pEntityChunk = pRawResponse->pEntityChunks; if (pEntityChunk == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the response does not contain any data\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } // TODO: review max size here // we don't handle non-zero starting offsets or very large files (>250MB) if (pEntityChunk->DataChunkType == HttpDataChunkFromFileHandle && (pEntityChunk->FromFileHandle.ByteRange.StartingOffset.QuadPart > 0 || pEntityChunk->FromFileHandle.ByteRange.Length.QuadPart > (250 * 1024 * 1024))) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response has offset > 0 or is too big\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } PCSTR pszContentEncoding = pHttpResponse->GetHeader(HttpHeaderContentEncoding); if (pszContentEncoding != NULL && pszContentEncoding[0] != '\0') { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response already has content encoding\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::AlreadyEncoded); return RQ_NOTIFICATION_CONTINUE; } PCSTR pszTransferEncoding = pHttpResponse->GetHeader(HttpHeaderTransferEncoding); if (pszTransferEncoding != NULL && pszTransferEncoding[0] != '\0') { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response already has transfer encoding\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::AlreadyEncoded); return RQ_NOTIFICATION_CONTINUE; } USHORT nContentTypeLength = 0; PCSTR pszContentType = pHttpResponse->GetHeader(HttpHeaderContentType, &nContentTypeLength); if (pszContentType == NULL || nContentTypeLength == 0) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetHeader(HttpHeaderContentType) returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::MissingContentType); return RQ_NOTIFICATION_CONTINUE; } USHORT nLastModifiedLength = 0; PCSTR pszLastModified = pHttpResponse->GetHeader(HttpHeaderLastModified, &nLastModifiedLength); // *********************************************************************** USHORT nAcceptEncodingLength = 0; PCSTR pszAcceptEncoding = pHttpRequest->GetHeader(HttpHeaderAcceptEncoding, &nAcceptEncodingLength); if (pszAcceptEncoding == NULL || nAcceptEncodingLength == 0 || (strstr(pszAcceptEncoding, "deflate") == NULL && strstr(pszAcceptEncoding, "gzip") == NULL && strstr(pszAcceptEncoding, "bzip2") == NULL)) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the client does not accept compressed responses\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::IncompatibleClient); return RQ_NOTIFICATION_CONTINUE; } // *********************************************************************** const WCHAR* pszScriptTranslated = pHttpContext->GetScriptTranslated(); if (pszScriptTranslated == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetScriptTranslated() returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } // get the url CAtlStringA sScriptTranslated(pszScriptTranslated); // get the site id CAtlStringA sInstanceId; sInstanceId.Format("%u", pHttpRequest->GetSiteId()); // get the server name PCSTR pszServerName = NULL; DWORD dwServerNameLength = 0; pHttpContext->GetServerVariable("SERVER_NAME", &pszServerName, &dwServerNameLength); if (pszServerName == NULL || dwServerNameLength == 0) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetServerVariable(\"SERVER_NAME\") returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } // get the server port PCSTR pszServerPort = NULL; DWORD dwServerPortLength = 0; pHttpContext->GetServerVariable("SERVER_PORT", &pszServerPort, &dwServerPortLength); if (pszServerPort == NULL || dwServerPortLength == 0) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetServerVariable(\"SERVER_PORT\") returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } DWORD dwContentLength = 0; if (pEntityChunk->DataChunkType == HttpDataChunkFromMemory) { dwContentLength = pRawResponse->pEntityChunks->FromMemory.BufferLength; } else if (pEntityChunk->DataChunkType == HttpDataChunkFromFileHandle) { dwContentLength = pEntityChunk->FromFileHandle.ByteRange.Length.LowPart; } else { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the DataChunkType (%u) is not supported\n"), pEntityChunk->DataChunkType); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } IISInfo iisinfo; iisinfo.pszInstanceId = sInstanceId; iisinfo.pszServerName = pszServerName; iisinfo.pszServerPort = pszServerPort; iisinfo.pszURLMapPath = sScriptTranslated; if (m_Config.GetDebugEnabled() || m_Config.GetLoggingLevel() >= IISXPRESS_LOGGINGLEVEL_ENH) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: server name='%hs'\n"), pszServerName); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: server port='%hs'\n"), pszServerPort); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: instance id='%hs'\n"), sInstanceId); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: URL map path='%hs'\n"), sScriptTranslated); } // *********************************************************************** const WCHAR* pszURI = pHttpContext->GetScriptName(); if (pszURI == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetScriptName() returned NULL\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal); return RQ_NOTIFICATION_CONTINUE; } // get the uri CAtlStringA sURI(pszURI); // get the query string CAtlStringA sQueryString; if (pRawRequest->CookedUrl.pQueryString != NULL) { sQueryString = pRawRequest->CookedUrl.pQueryString + 1; } // get the remote address // TODO: consider using a cache lookup here CAtlStringA sRemoteAddress; if (pRawRequest != NULL && pRawRequest->Address.pRemoteAddress != NULL) { if (pRawRequest->Address.pRemoteAddress->sa_family == AF_INET) { struct sockaddr_in* paddrin = (struct sockaddr_in*) pRawRequest->Address.pRemoteAddress; // TODO: make this a bit more efficient sRemoteAddress.Format("%u.%u.%u.%u", (unsigned) paddrin->sin_addr.S_un.S_un_b.s_b1, (unsigned) paddrin->sin_addr.S_un.S_un_b.s_b2, (unsigned) paddrin->sin_addr.S_un.S_un_b.s_b3, (unsigned) paddrin->sin_addr.S_un.S_un_b.s_b4); } else if (pRawRequest->Address.pRemoteAddress->sa_family == AF_INET6) { SOCKADDR_IN6* paddrin = (SOCKADDR_IN6*) pRawRequest->Address.pRemoteAddress; // TODO: make this a bit more efficient sRemoteAddress.Format("%0x:%0x:%0x:%0x:%0x:%0x:%0x:%0x", ::htons(paddrin->sin6_addr.u.Word[0]), ::htons(paddrin->sin6_addr.u.Word[1]), ::htons(paddrin->sin6_addr.u.Word[2]), ::htons(paddrin->sin6_addr.u.Word[3]), ::htons(paddrin->sin6_addr.u.Word[4]), ::htons(paddrin->sin6_addr.u.Word[5]), ::htons(paddrin->sin6_addr.u.Word[6]), ::htons(paddrin->sin6_addr.u.Word[7])); } } RequestInfo requestinfo; requestinfo.pszAcceptEncoding = pszAcceptEncoding; requestinfo.pszHostname = EnsureNotNull(pHttpRequest->GetHeader(HttpHeaderHost)); requestinfo.pszQueryString = sQueryString; requestinfo.pszRemoteAddress = sRemoteAddress; requestinfo.pszURI = sURI; requestinfo.pszUserAgent = pszUserAgent; if (m_Config.GetDebugEnabled() || m_Config.GetLoggingLevel() >= IISXPRESS_LOGGINGLEVEL_BASIC) { char* pszMethod = "Unknown"; switch (pRawRequest->Verb) { case HttpVerbGET: pszMethod = "GET"; break; case HttpVerbPOST: pszMethod = "POST"; break; } AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: method='%hs'\n"), pszMethod); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: hostname='%hs'\n"), requestinfo.pszHostname); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: user agent='%hs'\n"), requestinfo.pszUserAgent); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: URI='%hs'\n"), requestinfo.pszURI); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: accept-encoding='%hs'\n"), requestinfo.pszAcceptEncoding); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: client address='%hs'\n"), requestinfo.pszRemoteAddress); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: query string='%hs'\n"), requestinfo.pszQueryString); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: content-type='%hs'\n"), pszContentType); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: content-length=%u\n"), dwContentLength); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: response code=%u\n"), pRawResponse->StatusCode); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: last-modified='%hs'\n"), pszLastModified != NULL ? pszLastModified : "null"); } // *********************************************************************** ResponseInfo responseinfo; responseinfo.dwContentLength = dwContentLength; responseinfo.dwResponseCode = pRawResponse->StatusCode; responseinfo.pszContentType = pszContentType; responseinfo.pszLastModified = pszLastModified; // get a connection to the server from the GIT (if it is connected) CComPtr<IIISxpressHTTPRequest> pIISxpressHTTPRequest; if (m_pGlobalIISxpressHTTPRequest.GetCookie() != 0) { m_pGlobalIISxpressHTTPRequest.CopyTo(&pIISxpressHTTPRequest); } if (pIISxpressHTTPRequest == NULL) { // revoke the pointer in the GIT m_pGlobalIISxpressHTTPRequest.Revoke(); // try to connect to the server if (GetHTTPRequestObject(pHttpContext, &pIISxpressHTTPRequest) == false || pIISxpressHTTPRequest == NULL) { AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("unable to connect to server\n")); PerfCountersAddRejectedResponse(IISxpressNativePerf::NoCompressionServer); return RQ_NOTIFICATION_CONTINUE; } // store the resulting pointer in the GIT m_pGlobalIISxpressHTTPRequest = pIISxpressHTTPRequest; } const DWORD dwTimerLoggingLevel = IISXPRESS_LOGGINGLEVEL_FULL; bool useTimer = (m_Config.GetDebugEnabled() || m_Config.GetLoggingLevel() >= dwTimerLoggingLevel); // start timer __int64 nStartTimer = useTimer ? g_Timer.GetMicroSecTimerCount() : 0; CAtlStringA sCacheKey; if (m_nCacheEnabled != 0) { // update the cache perf counters based on the cache cookie PerfCountersUpdateCacheStatus(false); if (pszLastModified != NULL && sQueryString.GetLength() == 0) { ATLASSERT(pszAcceptEncoding != NULL); // create the unique key for the response ResponseCache::CreateResponseCacheKey( sInstanceId, sInstanceId.GetLength(), sURI, sURI.GetLength(), responseinfo.pszContentType, nContentTypeLength, dwContentLength, pszLastModified, nLastModifiedLength, pszAcceptEncoding, nAcceptEncodingLength, sCacheKey); // try to get a compressed response from the cache HCACHEITEM hCacheItem = NULL; HRESULT hr = m_ResponseCache.LookupEntry(sCacheKey, &hCacheItem); if (hr == S_OK) { // get the item from the cache ResponseCacheItem* pCacheItem; DWORD dwCacheItemSize = 0; hr = m_ResponseCache.GetData(hCacheItem, (void**) &pCacheItem, &dwCacheItemSize); void* pBuffer = pHttpContext->AllocateRequestMemory(pCacheItem->dwContentLength); if (pBuffer != NULL) { pHttpResponse->SetHeader(HttpHeaderContentLength, pCacheItem->sContentLength, (USHORT) pCacheItem->sContentLength.GetLength(), TRUE); pHttpResponse->SetHeader(HttpHeaderContentEncoding, pCacheItem->sContentEncoding, (USHORT) pCacheItem->sContentEncoding.GetLength(), TRUE); pEntityChunk->DataChunkType = HttpDataChunkFromMemory; pEntityChunk->FromMemory.pBuffer = pBuffer; pEntityChunk->FromMemory.BufferLength = pCacheItem->dwContentLength; memcpy(pEntityChunk->FromMemory.pBuffer, pCacheItem->pbyData, pCacheItem->dwContentLength); hr = m_ResponseCache.ReleaseEntry(hCacheItem); pIISxpressHTTPRequest->NotifyCacheHit(&iisinfo, &requestinfo, &responseinfo, pCacheItem->dwContentLength); PerfCountersAddCachedResponse(dwContentLength, pCacheItem->dwContentLength); // calculate timer duration __int64 nEndTimer = useTimer ? g_Timer.GetMicroSecTimerCount() : 0; __int64 nInterval = nEndTimer - nStartTimer; AppendLogMessage(dwTimerLoggingLevel, pszMethodName, pHttpContext, _T("response resolved from cache, call took %I64d us\n"), nInterval); return RQ_NOTIFICATION_CONTINUE; } // we failed to handle the cached response, so just proceed as normal (we need to free the // cache entry tho) hr = m_ResponseCache.ReleaseEntry(hCacheItem); } } } DWORD dwFilterContext = 0; HRESULT hr = pIISxpressHTTPRequest->OnSendResponse(&iisinfo, &requestinfo, &responseinfo, &dwFilterContext); // calculate timer duration __int64 nEndTimer = useTimer ? g_Timer.GetMicroSecTimerCount() : 0; __int64 nInterval = nEndTimer - nStartTimer; if (FAILED(hr) == TRUE) { // get the facility code of the failure DWORD dwFacility = HRESULT_FACILITY(hr); // if it isn't NULL or ITF then assume the server is now invalid if (dwFacility != FACILITY_NULL && dwFacility != FACILITY_ITF) { // the GIT is invalid, dump it m_pGlobalIISxpressHTTPRequest.Revoke(); // the server connection is invalid, dump it pIISxpressHTTPRequest = NULL; } } AppendLogMessage(dwTimerLoggingLevel, pszMethodName, pHttpContext, _T("OnSendResponse() returns 0x%08x, call took %I64d us\n"), hr, nInterval); if (FAILED(hr) == TRUE) { // TODO: need to handle generic HRs PerfCountersAddRejectedResponse(hr); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("won't handle response (0x%08x)\n"), hr); return RQ_NOTIFICATION_CONTINUE; } AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("will handle response (0x%08x)\n"), hr); if (pEntityChunk->DataChunkType == HttpDataChunkFromFileHandle) { DWORD dwAllocatedBlockSize = 0; BYTE* pbyData = AllocateMemoryBlockForOverlappedIO(pHttpContext, dwContentLength, dwAllocatedBlockSize); if (pbyData != NULL) { // we are about to perform overlapped IO, so setup the OVERLAPPED struct into a default state OVERLAPPED overlapped; memset(&overlapped, 0, sizeof(overlapped)); HandleObject FileEvent; bool bHandleFromPool = m_hEventHandlePool.GetHandleObject(FileEvent); // if we failed to get a handle from the pool then we need to make one if (bHandleFromPool == false) { HANDLE hReadOK = ::CreateEvent(NULL, TRUE, FALSE, NULL); FileEvent = HandleObject(hReadOK); } // use the event handle so we can track the IO completion overlapped.hEvent = FileEvent; // ask for a file read (asynchronous) DWORD dwStatus = ::ReadFile(pEntityChunk->FromFileHandle.FileHandle, pbyData, dwAllocatedBlockSize, NULL, &overlapped); // wait for the IO to complete (NB. don't really use this since INFINITE can block forever) ::WaitForSingleObject(FileEvent, INFINITE); // we must return the handle (if it came from the pool) if (bHandleFromPool == true) { m_hEventHandlePool.ReturnHandleObject(FileEvent); } pEntityChunk->DataChunkType = HttpDataChunkFromMemory; pEntityChunk->FromMemory.BufferLength = dwContentLength; pEntityChunk->FromMemory.pBuffer = pbyData; } else { hr = E_OUTOFMEMORY; } } else if (pEntityChunk->DataChunkType == HttpDataChunkFromMemory) { // allocate the memory block BYTE* pbyData = (BYTE*) pHttpContext->AllocateRequestMemory(dwContentLength); if (pbyData != NULL) { // copy the response data memcpy(pbyData, pEntityChunk->FromMemory.pBuffer, pEntityChunk->FromMemory.BufferLength); // change the buffer pointer pEntityChunk->FromMemory.pBuffer = pbyData; } else { hr = E_OUTOFMEMORY; } } // allocate the response stream CComPtr<IStream> pStream; CComObject<CResponseStream>* pResponseStream = NULL; if (hr == S_OK) { hr = CComObject<CResponseStream>::CreateInstance(&pResponseStream); if (hr == S_OK) { pStream = pResponseStream; } } // catch any memory issues if (FAILED(hr) == TRUE) { // abort the compression pIISxpressHTTPRequest->AbortRequest(dwFilterContext); // TODO: need to handle generic HRs PerfCountersAddRejectedResponse(hr); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("won't handle response (0x%08x)\n"), hr); return RQ_NOTIFICATION_CONTINUE; } pResponseStream->AttachBuffer(pEntityChunk->FromMemory.pBuffer, dwContentLength, 0); char szContentEncoding[32] = ""; hr = pIISxpressHTTPRequest->OnSendRawData(dwFilterContext, pStream, dwContentLength, FALSE, (signed char*) szContentEncoding, _countof(szContentEncoding)); if (hr == S_OK) { DWORD dwOriginalSize = dwContentLength; DWORD dwCompressedSize = pResponseStream->GetOffset(); // set the new content length into the header CAtlStringA sContentLength; sContentLength.Format("%u", dwCompressedSize); pHttpResponse->SetHeader(HttpHeaderContentLength, sContentLength, (USHORT) sContentLength.GetLength(), TRUE); // set the new size into the buffer pRawResponse->pEntityChunks->FromMemory.BufferLength = dwCompressedSize; pHttpResponse->SetHeader(HttpHeaderContentEncoding, szContentEncoding, (USHORT) strlen(szContentEncoding), TRUE); // add the item to the cache if we have a key (it means the data is cachable) if (dwCompressedSize < dwOriginalSize && m_nCacheEnabled != 0 && sCacheKey.GetLength() > 0) { ResponseCacheItem* pCacheItem = new ResponseCacheItem(); if (pCacheItem != NULL) { pCacheItem->sContentEncoding = szContentEncoding; pCacheItem->sContentLength = sContentLength; pCacheItem->dwContentLength = dwCompressedSize; pCacheItem->pbyData = new BYTE[dwCompressedSize]; if (pCacheItem->pbyData != NULL) { // copy the compressed data and add it to the cache memcpy(pCacheItem->pbyData, pEntityChunk->FromMemory.pBuffer, dwCompressedSize); m_ResponseCache.Add(sCacheKey, pCacheItem, pCacheItem->dwContentLength, NULL, NULL, NULL, m_ResponseCacheItemDeallocator); PerfCountersUpdateCacheStatus(true); } } } PerfCountersAddCompressedResponse(dwContentLength, dwCompressedSize); // make sure the context is released hr = pIISxpressHTTPRequest->OnEndOfRequest(dwFilterContext, NULL, 0, FALSE, NULL, 0); } else { // abort the compression pIISxpressHTTPRequest->AbortRequest(dwFilterContext); // TODO: need to handle generic HRs PerfCountersAddRejectedResponse(hr); AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("won't handle response (0x%08x)\n"), hr); } return RQ_NOTIFICATION_CONTINUE; }
HRESULT CHttpProtocol::SerializeRequestHeaders(CNodeHttpStoredContext* ctx, void** result, DWORD* resultSize, DWORD* resultLength) { HRESULT hr; PCSTR originalUrl = NULL; USHORT originalUrlLength; DWORD remoteHostSize = INET6_ADDRSTRLEN + 1; char remoteHost[INET6_ADDRSTRLEN + 1]; BOOL addXFF; char** serverVars; int serverVarCount; CheckNull(ctx); CheckNull(result); CheckNull(resultSize); CheckNull(resultLength); IHttpContext* context = ctx->GetHttpContext(); DWORD bufferLength = CModuleConfiguration::GetInitialRequestBufferSize(context); DWORD offset = 0; IHttpRequest* request = context->GetRequest(); HTTP_REQUEST* raw = request->GetRawHttpRequest(); USHORT major, minor; const int tmpSize = 256; char tmp[tmpSize]; PCSTR method = request->GetHttpMethod(); ErrorIf(NULL == (*result = context->AllocateRequestMemory(bufferLength)), ERROR_NOT_ENOUGH_MEMORY); // Determine whether response entity body is to be expected if (method && 0 == strcmpi("HEAD", method)) { // HEAD requests do not have response entity body // http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.4 ctx->SetExpectResponseBody(FALSE); } // Request-Line CheckError(CHttpProtocol::Append(context, method, 0, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, " ", 1, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ctx->GetTargetUrl(), ctx->GetTargetUrlLength(), result, &bufferLength, &offset)); request->GetHttpVersion(&major, &minor); if (1 == major && 1 == minor) { CheckError(CHttpProtocol::Append(context, " HTTP/1.1\r\n", 11, result, &bufferLength, &offset)); } else if (1 == major && 0 == minor) { CheckError(CHttpProtocol::Append(context, " HTTP/1.0\r\n", 11, result, &bufferLength, &offset)); } else { sprintf(tmp, " HTTP/%d.%d\r\n", major, minor); CheckError(CHttpProtocol::Append(context, tmp, 0, result, &bufferLength, &offset)); } // Known headers for (int i = 0; i < HttpHeaderRequestMaximum; i++) { if (raw->Headers.KnownHeaders[i].RawValueLength > 0) { CheckError(CHttpProtocol::Append(context, CHttpProtocol::httpRequestHeaders[i], 0, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ": ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, raw->Headers.KnownHeaders[i].pRawValue, raw->Headers.KnownHeaders[i].RawValueLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } } // Unknown headers if (TRUE == (addXFF = CModuleConfiguration::GetEnableXFF(context))) { PSOCKADDR addr = request->GetRemoteAddress(); DWORD addrSize = addr->sa_family == AF_INET ? sizeof SOCKADDR_IN : sizeof SOCKADDR_IN6; ErrorIf(0 != WSAAddressToString(addr, addrSize, NULL, remoteHost, &remoteHostSize), GetLastError()); } for (int i = 0; i < raw->Headers.UnknownHeaderCount; i++) { CheckError(CHttpProtocol::Append(context, raw->Headers.pUnknownHeaders[i].pName, raw->Headers.pUnknownHeaders[i].NameLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ": ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, raw->Headers.pUnknownHeaders[i].pRawValue, raw->Headers.pUnknownHeaders[i].RawValueLength, result, &bufferLength, &offset)); if (addXFF && 15 == raw->Headers.pUnknownHeaders[i].NameLength && 0 == strcmpi("X-Forwarded-For", raw->Headers.pUnknownHeaders[i].pName)) { // augment existing X-Forwarded-For header CheckError(CHttpProtocol::Append(context, ", ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, remoteHost, remoteHostSize - 1, result, &bufferLength, &offset)); addXFF = FALSE; } CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } if (addXFF) { // add a new X-Forwarded-For header CheckError(CHttpProtocol::Append(context, "X-Forwarded-For: ", 17, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, remoteHost, remoteHostSize - 1, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } // promote server variables CheckError(CModuleConfiguration::GetPromoteServerVars(context, &serverVars, &serverVarCount)); while (serverVarCount) { serverVarCount--; PCSTR varValue; DWORD varValueLength; if (S_OK == context->GetServerVariable(serverVars[serverVarCount], &varValue, &varValueLength)) { CheckError(CHttpProtocol::Append(context, "X-iisnode-", 10, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, serverVars[serverVarCount], 0, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ": ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, varValue, varValueLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } } // CRLF CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); *resultSize = bufferLength; *resultLength = offset; return S_OK; Error: if (NULL != result) { *result = NULL; } if (NULL != resultLength) { *resultLength = 0; } if (NULL != resultSize) { *resultSize = 0; } return hr; }
HRESULT CHttpProtocol::SerializeRequestHeaders(IHttpContext* context, void** result, DWORD* resultSize, DWORD* resultLength) { HRESULT hr; CheckNull(context); CheckNull(result); CheckNull(resultSize); CheckNull(resultLength); DWORD bufferLength = CModuleConfiguration::GetInitialRequestBufferSize(context); DWORD offset = 0; IHttpRequest* request = context->GetRequest(); HTTP_REQUEST* raw = request->GetRawHttpRequest(); USHORT major, minor; char tmp[256]; ErrorIf(NULL == (*result = context->AllocateRequestMemory(bufferLength)), ERROR_NOT_ENOUGH_MEMORY); // Request-Line CheckError(CHttpProtocol::Append(context, request->GetHttpMethod(), 0, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, " ", 1, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, raw->pRawUrl, raw->RawUrlLength, result, &bufferLength, &offset)); request->GetHttpVersion(&major, &minor); sprintf(tmp, " HTTP/%d.%d\r\n", major, minor); CheckError(CHttpProtocol::Append(context, tmp, 0, result, &bufferLength, &offset)); // Known headers for (int i = 0; i < HttpHeaderRequestMaximum; i++) { if (raw->Headers.KnownHeaders[i].RawValueLength > 0) { CheckError(CHttpProtocol::Append(context, CHttpProtocol::httpRequestHeaders[i], 0, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ": ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, raw->Headers.KnownHeaders[i].pRawValue, raw->Headers.KnownHeaders[i].RawValueLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } } // Unknown headers for (int i = 0; i < raw->Headers.UnknownHeaderCount; i++) { CheckError(CHttpProtocol::Append(context, raw->Headers.pUnknownHeaders[i].pName, raw->Headers.pUnknownHeaders[i].NameLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ": ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, raw->Headers.pUnknownHeaders[i].pRawValue, raw->Headers.pUnknownHeaders[i].RawValueLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } // CRLF CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); *resultSize = bufferLength; *resultLength = offset; return S_OK; Error: if (NULL != result) { *result = NULL; } if (NULL != resultLength) { *resultLength = 0; } if (NULL != resultSize) { *resultSize = 0; } return hr; }
HRESULT CHttpProtocol::SerializeRequestHeaders(CNodeHttpStoredContext* ctx, void** result, DWORD* resultSize, DWORD* resultLength) { HRESULT hr; PCSTR originalUrl = NULL; USHORT originalUrlLength; CheckNull(ctx); CheckNull(result); CheckNull(resultSize); CheckNull(resultLength); IHttpContext* context = ctx->GetHttpContext(); DWORD bufferLength = CModuleConfiguration::GetInitialRequestBufferSize(context); DWORD offset = 0; IHttpRequest* request = context->GetRequest(); HTTP_REQUEST* raw = request->GetRawHttpRequest(); USHORT major, minor; char tmp[256]; PCSTR method = request->GetHttpMethod(); ErrorIf(NULL == (*result = context->AllocateRequestMemory(bufferLength)), ERROR_NOT_ENOUGH_MEMORY); // Determine whether response entity body is to be expected if (method && 0 == strcmpi("HEAD", method)) { // HEAD requests do not have response entity body // http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.4 ctx->SetExpectResponseBody(FALSE); } // Request-Line CheckError(CHttpProtocol::Append(context, method, 0, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, " ", 1, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ctx->GetTargetUrl(), ctx->GetTargetUrlLength(), result, &bufferLength, &offset)); request->GetHttpVersion(&major, &minor); if (1 == major && 1 == minor) { CheckError(CHttpProtocol::Append(context, " HTTP/1.1\r\n", 11, result, &bufferLength, &offset)); } else if (1 == major && 0 == minor) { CheckError(CHttpProtocol::Append(context, " HTTP/1.0\r\n", 11, result, &bufferLength, &offset)); } else { sprintf(tmp, " HTTP/%d.%d\r\n", major, minor); CheckError(CHttpProtocol::Append(context, tmp, 0, result, &bufferLength, &offset)); } // Known headers for (int i = 0; i < HttpHeaderRequestMaximum; i++) { if (raw->Headers.KnownHeaders[i].RawValueLength > 0) { CheckError(CHttpProtocol::Append(context, CHttpProtocol::httpRequestHeaders[i], 0, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ": ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, raw->Headers.KnownHeaders[i].pRawValue, raw->Headers.KnownHeaders[i].RawValueLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } } // Unknown headers for (int i = 0; i < raw->Headers.UnknownHeaderCount; i++) { CheckError(CHttpProtocol::Append(context, raw->Headers.pUnknownHeaders[i].pName, raw->Headers.pUnknownHeaders[i].NameLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, ": ", 2, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, raw->Headers.pUnknownHeaders[i].pRawValue, raw->Headers.pUnknownHeaders[i].RawValueLength, result, &bufferLength, &offset)); CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); } // CRLF CheckError(CHttpProtocol::Append(context, "\r\n", 2, result, &bufferLength, &offset)); *resultSize = bufferLength; *resultLength = offset; return S_OK; Error: if (NULL != result) { *result = NULL; } if (NULL != resultLength) { *resultLength = 0; } if (NULL != resultSize) { *resultSize = 0; } return hr; }