예제 #1
0
REQUEST_NOTIFICATION_STATUS CCacheHelperModule::OnSendResponse(
    IN IHttpContext* pHttpContext, IN ISendResponseProvider* pProvider)
{
    UNREFERENCED_PARAMETER(pProvider);

    IHttpResponse* pHttpResponse = pHttpContext->GetResponse();
    IHttpRequest* pHttpRequest = pHttpContext->GetRequest();

    if ((pHttpResponse != NULL) && (pHttpRequest != NULL))
    {
        HTTP_COOKED_URL url = pHttpRequest->GetRawHttpRequest()->CookedUrl;

        if (!m_pConfig->UrlHasSitePrefix(url.pAbsPath))
            return RQ_NOTIFICATION_CONTINUE;

        CachingBehavior behavior = CachingBehaviorIgnore;

        USHORT cchXCache;
        PCSTR szXCache = pHttpResponse->GetHeader((PCSTR)"X-Cache", &cchXCache);
        if (cchXCache > 0)
        {
            behavior = (CachingBehavior)StrToIntA(szXCache);
            pHttpResponse->DeleteHeader((PCSTR)"X-Cache");
        }
        else
        {
            behavior = m_pConfig->GetCachePolicy(url.pAbsPath);
        }
        
        switch (behavior)
        {
        case CachingBehaviorPrivate:
            MakeUncacheable(pHttpResponse);
            break;
        case CachingBehaviorConditional:
            MakeConditionallyCacheable(pHttpResponse);
            break;
        case CachingBehaviorPublic:
            MakeCacheable(pHttpResponse);
            break;
        }
    }

    return RQ_NOTIFICATION_CONTINUE;
}
예제 #2
0
REQUEST_NOTIFICATION_STATUS
CMyHttpModule::OnSendResponse(
    IN IHttpContext * pHttpContext,
    IN ISendResponseProvider * pResponseProvider
)
{
	REQUEST_STORED_CONTEXT *rsc = NULL;

	rsc = (REQUEST_STORED_CONTEXT *)pHttpContext->GetModuleContextContainer()->GetModuleContext(g_pModuleContext);

	EnterCriticalSection(&m_csLock);

	// here we must check if response body processing is enabled
	//
	if(rsc == NULL || rsc->m_pRequestRec == NULL || rsc->m_pResponseBuffer != NULL || !modsecIsResponseBodyAccessEnabled(rsc->m_pRequestRec))
	{
		goto Exit;
	}

    HRESULT hr = S_OK;
	IHttpResponse *pHttpResponse = NULL;
    HTTP_RESPONSE *pRawHttpResponse = NULL;
    HTTP_BYTE_RANGE *pFileByteRange = NULL;
    HTTP_DATA_CHUNK *pSourceDataChunk = NULL;
    LARGE_INTEGER  lFileSize;
    REQUEST_NOTIFICATION_STATUS ret = RQ_NOTIFICATION_CONTINUE;
	ULONGLONG ulTotalLength = 0;
	DWORD c;
	request_rec *r = rsc->m_pRequestRec;

	pHttpResponse = pHttpContext->GetResponse();
	pRawHttpResponse = pHttpResponse->GetRawHttpResponse();

	// here we must add handling of chunked response
	// apparently IIS 7 calls this handler once per chunk
	// see: http://stackoverflow.com/questions/4385249/how-to-buffer-and-process-chunked-data-before-sending-headers-in-iis7-native-mod

	if(pRawHttpResponse->EntityChunkCount == 0)
		goto Exit;

	// here we must transfer response headers
	//
	USHORT ctcch = 0;
	char *ct = (char *)pHttpResponse->GetHeader(HttpHeaderContentType, &ctcch);
	char *ctz = ZeroTerminate(ct, ctcch, r->pool);

	// assume HTML if content type not set
	// without this output filter would not buffer response and processing would hang
	//
	if(ctz[0] == 0)
		ctz = "text/html";

	r->content_type = ctz;

#define _TRANSHEADER(id,str) if(pRawHttpResponse->Headers.KnownHeaders[id].pRawValue != NULL) \
	{\
		apr_table_setn(r->headers_out, str, \
			ZeroTerminate(pRawHttpResponse->Headers.KnownHeaders[id].pRawValue, pRawHttpResponse->Headers.KnownHeaders[id].RawValueLength, r->pool)); \
	}

    _TRANSHEADER(HttpHeaderCacheControl, "Cache-Control");
    _TRANSHEADER(HttpHeaderConnection, "Connection");
    _TRANSHEADER(HttpHeaderDate, "Date");
    _TRANSHEADER(HttpHeaderKeepAlive, "Keep-Alive");             
    _TRANSHEADER(HttpHeaderPragma, "Pragma");                
    _TRANSHEADER(HttpHeaderTrailer, "Trailer");               
    _TRANSHEADER(HttpHeaderTransferEncoding, "Transfer-Encoding");      
    _TRANSHEADER(HttpHeaderUpgrade, "Upgrade");               
    _TRANSHEADER(HttpHeaderVia, "Via");                   
    _TRANSHEADER(HttpHeaderWarning, "Warning");               
    _TRANSHEADER(HttpHeaderAllow, "Allow");                 
    _TRANSHEADER(HttpHeaderContentLength, "Content-Length");         
    _TRANSHEADER(HttpHeaderContentType, "Content-Type");           
    _TRANSHEADER(HttpHeaderContentEncoding, "Content-Encoding");       
    _TRANSHEADER(HttpHeaderContentLanguage, "Content-Language");       
    _TRANSHEADER(HttpHeaderContentLocation, "Content-Location");       
    _TRANSHEADER(HttpHeaderContentMd5, "Content-Md5");            
    _TRANSHEADER(HttpHeaderContentRange, "Content-Range");          
    _TRANSHEADER(HttpHeaderExpires, "Expires");               
    _TRANSHEADER(HttpHeaderLastModified, "Last-Modified");          
	_TRANSHEADER(HttpHeaderAcceptRanges, "Accept-Ranges");
    _TRANSHEADER(HttpHeaderAge, "Age");                   
    _TRANSHEADER(HttpHeaderEtag, "Etag");                  
    _TRANSHEADER(HttpHeaderLocation, "Location");              
    _TRANSHEADER(HttpHeaderProxyAuthenticate, "Proxy-Authenticate");     
    _TRANSHEADER(HttpHeaderRetryAfter, "Retry-After");            
    _TRANSHEADER(HttpHeaderServer, "Server");                
    _TRANSHEADER(HttpHeaderSetCookie, "Set-Cookie");             
    _TRANSHEADER(HttpHeaderVary, "Vary");                  
    _TRANSHEADER(HttpHeaderWwwAuthenticate, "Www-Authenticate");

#undef	_TRANSHEADER

	for(int i = 0; i < pRawHttpResponse->Headers.UnknownHeaderCount; i++)
	{
		apr_table_setn(r->headers_out, 
			ZeroTerminate(pRawHttpResponse->Headers.pUnknownHeaders[i].pName, pRawHttpResponse->Headers.pUnknownHeaders[i].NameLength, r->pool), 
			ZeroTerminate(pRawHttpResponse->Headers.pUnknownHeaders[i].pRawValue, pRawHttpResponse->Headers.pUnknownHeaders[i].RawValueLength, r->pool));
	}

	r->content_encoding = apr_table_get(r->headers_out, "Content-Encoding");
	//r->content_type = apr_table_get(r->headers_out, "Content-Type");		-- already set above

	const char *lng = apr_table_get(r->headers_out, "Content-Languages");

	if(lng != NULL)
	{
		r->content_languages = apr_array_make(r->pool, 1, sizeof(const char *));

		*(const char **)apr_array_push(r->content_languages) = lng;
	}

	// Disable kernel caching for this response
	// Probably we don't have to do it for ModSecurity

    //pHttpContext->GetResponse()->DisableKernelCache(
    //        IISCacheEvents::HTTPSYS_CACHEABLE::HANDLER_HTTPSYS_UNFRIENDLY);

    for(c = 0; c < pRawHttpResponse->EntityChunkCount; c++ )
    {
        pSourceDataChunk = &pRawHttpResponse->pEntityChunks[ c ];

        switch( pSourceDataChunk->DataChunkType )
        {
            case HttpDataChunkFromMemory:
                ulTotalLength += pSourceDataChunk->FromMemory.BufferLength;
                break;
            case HttpDataChunkFromFileHandle:
                pFileByteRange = &pSourceDataChunk->FromFileHandle.ByteRange;
                //
                // File chunks may contain by ranges with unspecified length 
                // (HTTP_BYTE_RANGE_TO_EOF).  In order to send parts of such a chunk, 
                // its necessary to know when the chunk is finished, and
                // we need to move to the next chunk.
                //              
                if ( pFileByteRange->Length.QuadPart == HTTP_BYTE_RANGE_TO_EOF)
                {
                    if ( GetFileType( pSourceDataChunk->FromFileHandle.FileHandle ) == 
                                    FILE_TYPE_DISK )
                    {
                        if ( !GetFileSizeEx( pSourceDataChunk->FromFileHandle.FileHandle,
                                             &lFileSize ) )
                        {
                            DWORD dwError = GetLastError();
                            hr = HRESULT_FROM_WIN32(dwError);
                            goto Finished;
                        }

                        // put the resolved file length in the chunk, replacing 
                        // HTTP_BYTE_RANGE_TO_EOF
                        pFileByteRange->Length.QuadPart = 
                              lFileSize.QuadPart - pFileByteRange->StartingOffset.QuadPart;
                    }
                    else
                    {
                        hr = HRESULT_FROM_WIN32(ERROR_NOT_SUPPORTED);
                        goto Finished;                        
                    }
                }  

                ulTotalLength += pFileByteRange->Length.QuadPart;
                break;
            default:
                // TBD: consider implementing HttpDataChunkFromFragmentCache, 
                // and HttpDataChunkFromFragmentCacheEx
                hr = HRESULT_FROM_WIN32(ERROR_NOT_SUPPORTED);
                goto Finished;                        
        }
    }

	rsc->m_pResponseBuffer = (char *)apr_palloc(rsc->m_pRequestRec->pool, ulTotalLength);

	ulTotalLength = 0;

    for(c = 0; c < pRawHttpResponse->EntityChunkCount; c++ )
    {
        pSourceDataChunk = &pRawHttpResponse->pEntityChunks[ c ];

        switch( pSourceDataChunk->DataChunkType )
        {
            case HttpDataChunkFromMemory:
				memcpy(rsc->m_pResponseBuffer + ulTotalLength, pSourceDataChunk->FromMemory.pBuffer, pSourceDataChunk->FromMemory.BufferLength);
                ulTotalLength += pSourceDataChunk->FromMemory.BufferLength;
                break;
            case HttpDataChunkFromFileHandle:
                pFileByteRange = &pSourceDataChunk->FromFileHandle.ByteRange;

				if(ReadFileChunk(pSourceDataChunk, rsc->m_pResponseBuffer + ulTotalLength) != S_OK)
				{
			        DWORD dwErr = GetLastError();

					hr = HRESULT_FROM_WIN32(dwErr);
	                goto Finished;
				}

                ulTotalLength += pFileByteRange->Length.QuadPart;
                break;
            default:
                // TBD: consider implementing HttpDataChunkFromFragmentCache, 
                // and HttpDataChunkFromFragmentCacheEx
                hr = HRESULT_FROM_WIN32(ERROR_NOT_SUPPORTED);
                goto Finished;                        
        }
    }

	rsc->m_pResponseLength = ulTotalLength;

	//
    // If there's no content-length set, we need to set it to avoid chunked transfer mode
    // We can only do it if there is it's the only response to be sent.
    //

    DWORD dwFlags = pResponseProvider->GetFlags();

	if (pResponseProvider->GetHeadersBeingSent() && 
         (dwFlags & HTTP_SEND_RESPONSE_FLAG_MORE_DATA) == 0 &&
         pHttpContext->GetResponse()->GetHeader(HttpHeaderContentLength) == NULL)    
    {
        CHAR szLength[21]; //Max length for a 64 bit int is 20

         ZeroMemory(szLength, sizeof(szLength));

         hr = StringCchPrintfA(
                    szLength, 
                    sizeof(szLength) / sizeof(CHAR) - 1, "%d", 
                    ulTotalLength);

        if(FAILED(hr))
        {
            goto Finished;      
        }

         hr = pHttpContext->GetResponse()->SetHeader(
                    HttpHeaderContentLength, 
                    szLength, 
                    (USHORT)strlen(szLength),
                    TRUE);

        if(FAILED(hr))
        {
            goto Finished;      
        }
    }

Finished:

	int status = modsecProcessResponse(rsc->m_pRequestRec);

	// the logic here is temporary, needs clarification
	//
	if(status != 0 && status != -1)
	{
		pHttpContext->GetResponse()->Clear();
		pHttpContext->GetResponse()->SetStatus(status, "ModSecurity Action");
		pHttpContext->SetRequestHandled();

		rsc->FinishRequest();

		LeaveCriticalSection(&m_csLock);
		
		return RQ_NOTIFICATION_FINISH_REQUEST;
	}
Exit:
	// temporary hack, in reality OnSendRequest theoretically could possibly come before OnEndRequest
	//
	if(rsc != NULL)
		rsc->FinishRequest();

	LeaveCriticalSection(&m_csLock);
		
	return RQ_NOTIFICATION_CONTINUE;
}
예제 #3
0
REQUEST_NOTIFICATION_STATUS CIISxpressHttpModule::OnSendResponse(IN IHttpContext* pHttpContext, IN ISendResponseProvider* pProvider)
{
	const TCHAR* const pszMethodName = __FUNCTIONT__;	

	// only proceed if filter is enabled
	if (m_Config.GetEnabled() == false)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("module is disabled\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::FilterDisabled);
		return RQ_NOTIFICATION_CONTINUE;
	}

	IHttpRequest* pHttpRequest = pHttpContext->GetRequest();
	if (pHttpRequest == NULL)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetRequest() returned NULL\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}	

	IHttpResponse* pHttpResponse = pHttpContext->GetResponse();
	if (pHttpResponse == NULL)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetResponse() returned NULL\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}	

	const HTTP_REQUEST* pRawRequest = pHttpRequest->GetRawHttpRequest();
	if (pRawRequest == NULL)
	{		
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetRawHttpRequest() returned NULL\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}		

	const HTTP_RESPONSE* pRawResponse = pHttpResponse->GetRawHttpResponse();
	if (pRawResponse == NULL)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetRawHttpResponse() returned NULL\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}		

	// we only handle GET or POST (if POST handling is enabled)
	if (pRawRequest->Verb != HttpVerbGET && !(pRawRequest->Verb == HttpVerbPOST && m_Config.HandlePOSTResponses()))
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("request was not GET or POST\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::RequestMethod);
		return RQ_NOTIFICATION_CONTINUE;
	}

	// only handle status code 200
	if (pRawResponse->StatusCode != 200)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response code is not 200 (%u)\n"),  pRawResponse->StatusCode);
		PerfCountersAddRejectedResponse(IISxpressNativePerf::ResponseCode);
		return RQ_NOTIFICATION_CONTINUE;
	}

	// determine if the request came from localhost
	if (m_Config.GetCompressLocalhost() == false && IsUserLocalhost(pRawRequest) == true)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("localhost is disabled\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::LocalhostDisabled);
		return RQ_NOTIFICATION_CONTINUE;
	}

	// ***********************************************************************************************************************************

	const char* pszUserAgent = EnsureNotNull(pHttpRequest->GetHeader(HttpHeaderUserAgent));	

	bool excludedUserAgent = false;
	if (m_Config.GetUserAgentExclusionEnabled())
	{
		DWORD dwUserAgentCacheCookie = m_Config.GetLoadCookie();
		
		if (!m_UserAgentCache.GetUserAgentState(dwUserAgentCacheCookie, pszUserAgent, excludedUserAgent))
		{
			HttpUserAgent::UserAgentProducts<std::string> agent;
			if (agent.ParseUserAgentString(pszUserAgent) == S_OK)
			{
				const HttpUserAgent::RuleUserAgents<std::string>& ruleAgents = m_Config.GetExcludedUserAgents();
				if (ruleAgents.Compare(agent))
				{
					excludedUserAgent = true;
				}

				m_UserAgentCache.AddUserAgentState(dwUserAgentCacheCookie, pszUserAgent, excludedUserAgent);
			}
		}
	}

	if (excludedUserAgent)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the user agent '%s' has been excluded\n"),  pszUserAgent);		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::NeverRuleMatch);
		return RQ_NOTIFICATION_CONTINUE;
	}	

	// ***********************************************************************************************************************************

	// we must have only one chunk and data from memory or file
	if (pRawResponse->EntityChunkCount == 0)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("can't convert multi-entity buffer, incoming buffer is zero length\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::InvalidContentLength);
		return RQ_NOTIFICATION_CONTINUE;
	}
	else if (pRawResponse->EntityChunkCount != 1)
	{		
		// turn the multi-chunk response into a single chunk - NB. the response
		// must all be in memory
		if (MakeResponseSingleEntityBlock(pHttpContext, pHttpResponse, pRawResponse) == false)
		{
			AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("can't convert multi-entity buffer\n"));
			PerfCountersAddRejectedResponse(IISxpressNativePerf::MemoryAllocationFailed);
			return RQ_NOTIFICATION_CONTINUE;
		}				
	}	
	else if (pRawResponse->pEntityChunks->DataChunkType != HttpDataChunkFromMemory &&
			pRawResponse->pEntityChunks->DataChunkType != HttpDataChunkFromFileHandle)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext,_T("response isn't HttpDataChunkFromMemory or HttpDataChunkFromFileHandle\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}

	PHTTP_DATA_CHUNK pEntityChunk = pRawResponse->pEntityChunks;

	if (pEntityChunk == NULL)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the response does not contain any data\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;	
	}

	// TODO: review max size here
	// we don't handle non-zero starting offsets or very large files (>250MB)
	if (pEntityChunk->DataChunkType == HttpDataChunkFromFileHandle &&
		(pEntityChunk->FromFileHandle.ByteRange.StartingOffset.QuadPart > 0 ||
		pEntityChunk->FromFileHandle.ByteRange.Length.QuadPart > (250 * 1024 * 1024)))
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response has offset > 0 or is too big\n"));
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}

	PCSTR pszContentEncoding = pHttpResponse->GetHeader(HttpHeaderContentEncoding);
	if (pszContentEncoding != NULL && pszContentEncoding[0] != '\0')
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response already has content encoding\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::AlreadyEncoded);
		return RQ_NOTIFICATION_CONTINUE;
	}

	PCSTR pszTransferEncoding = pHttpResponse->GetHeader(HttpHeaderTransferEncoding);
	if (pszTransferEncoding != NULL && pszTransferEncoding[0] != '\0')
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("response already has transfer encoding\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::AlreadyEncoded);
		return RQ_NOTIFICATION_CONTINUE;
	}

	USHORT nContentTypeLength = 0;
	PCSTR pszContentType = pHttpResponse->GetHeader(HttpHeaderContentType, &nContentTypeLength);			
	if (pszContentType == NULL || nContentTypeLength == 0)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetHeader(HttpHeaderContentType) returned NULL\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::MissingContentType);
		return RQ_NOTIFICATION_CONTINUE;
	}

	USHORT nLastModifiedLength = 0;
	PCSTR pszLastModified = pHttpResponse->GetHeader(HttpHeaderLastModified, &nLastModifiedLength);			

	// ***********************************************************************
	
	USHORT nAcceptEncodingLength = 0;
	PCSTR pszAcceptEncoding = pHttpRequest->GetHeader(HttpHeaderAcceptEncoding, &nAcceptEncodingLength);	
	if (pszAcceptEncoding == NULL || nAcceptEncodingLength == 0 ||
		(strstr(pszAcceptEncoding, "deflate") == NULL && strstr(pszAcceptEncoding, "gzip") == NULL && strstr(pszAcceptEncoding, "bzip2") == NULL))
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the client does not accept compressed responses\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::IncompatibleClient);
		return RQ_NOTIFICATION_CONTINUE;
	}

	// ***********************************************************************

	const WCHAR* pszScriptTranslated = pHttpContext->GetScriptTranslated();
	if (pszScriptTranslated == NULL)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetScriptTranslated() returned NULL\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}
		
	// get the url
	CAtlStringA sScriptTranslated(pszScriptTranslated);

	// get the site id
	CAtlStringA sInstanceId;
	sInstanceId.Format("%u", pHttpRequest->GetSiteId());
	
	// get the server name
	PCSTR pszServerName = NULL;		
	DWORD dwServerNameLength = 0;
	pHttpContext->GetServerVariable("SERVER_NAME", &pszServerName, &dwServerNameLength);
	if (pszServerName == NULL || dwServerNameLength == 0)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetServerVariable(\"SERVER_NAME\") returned NULL\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}

	// get the server port 		
	PCSTR pszServerPort = NULL;		
	DWORD dwServerPortLength = 0;
	pHttpContext->GetServerVariable("SERVER_PORT", &pszServerPort, &dwServerPortLength);
	if (pszServerPort == NULL || dwServerPortLength == 0)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetServerVariable(\"SERVER_PORT\") returned NULL\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}

	DWORD dwContentLength = 0;
	if (pEntityChunk->DataChunkType == HttpDataChunkFromMemory)
	{
		dwContentLength = pRawResponse->pEntityChunks->FromMemory.BufferLength;
	}
	else if (pEntityChunk->DataChunkType == HttpDataChunkFromFileHandle)
	{
		dwContentLength = pEntityChunk->FromFileHandle.ByteRange.Length.LowPart;
	}
	else
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("the DataChunkType (%u) is not supported\n"), pEntityChunk->DataChunkType);		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}
	
	IISInfo iisinfo;
	iisinfo.pszInstanceId = sInstanceId;		
	iisinfo.pszServerName = pszServerName;
	iisinfo.pszServerPort = pszServerPort;
	iisinfo.pszURLMapPath = sScriptTranslated;		

	if (m_Config.GetDebugEnabled() || m_Config.GetLoggingLevel() >= IISXPRESS_LOGGINGLEVEL_ENH)	
	{				
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: server name='%hs'\n"), pszServerName);		
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: server port='%hs'\n"), pszServerPort);
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: instance id='%hs'\n"), sInstanceId);
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("IIS: URL map path='%hs'\n"), sScriptTranslated);
	}			

	// ***********************************************************************

	const WCHAR* pszURI = pHttpContext->GetScriptName();
	if (pszURI == NULL)
	{
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("GetScriptName() returned NULL\n"));		
		PerfCountersAddRejectedResponse(IISxpressNativePerf::Internal);
		return RQ_NOTIFICATION_CONTINUE;
	}

	// get the uri
	CAtlStringA sURI(pszURI);

	// get the query string
	CAtlStringA sQueryString;
	if (pRawRequest->CookedUrl.pQueryString != NULL)
	{
		sQueryString = pRawRequest->CookedUrl.pQueryString + 1;
	}

	// get the remote address
	// TODO: consider using a cache lookup here 
	CAtlStringA sRemoteAddress;
	if (pRawRequest != NULL && pRawRequest->Address.pRemoteAddress != NULL)			
	{
		if (pRawRequest->Address.pRemoteAddress->sa_family == AF_INET)
		{
			struct sockaddr_in* paddrin = (struct sockaddr_in*) pRawRequest->Address.pRemoteAddress;

			// TODO: make this a bit more efficient
			sRemoteAddress.Format("%u.%u.%u.%u", 
				(unsigned) paddrin->sin_addr.S_un.S_un_b.s_b1,
				(unsigned) paddrin->sin_addr.S_un.S_un_b.s_b2,
				(unsigned) paddrin->sin_addr.S_un.S_un_b.s_b3,
				(unsigned) paddrin->sin_addr.S_un.S_un_b.s_b4);
		}
		else if (pRawRequest->Address.pRemoteAddress->sa_family == AF_INET6)
		{
			SOCKADDR_IN6* paddrin = (SOCKADDR_IN6*) pRawRequest->Address.pRemoteAddress;

			// TODO: make this a bit more efficient
			sRemoteAddress.Format("%0x:%0x:%0x:%0x:%0x:%0x:%0x:%0x",				
				::htons(paddrin->sin6_addr.u.Word[0]), ::htons(paddrin->sin6_addr.u.Word[1]),
				::htons(paddrin->sin6_addr.u.Word[2]), ::htons(paddrin->sin6_addr.u.Word[3]),
				::htons(paddrin->sin6_addr.u.Word[4]), ::htons(paddrin->sin6_addr.u.Word[5]),
				::htons(paddrin->sin6_addr.u.Word[6]), ::htons(paddrin->sin6_addr.u.Word[7]));
		}
	}	
		
	RequestInfo requestinfo;				
	requestinfo.pszAcceptEncoding = pszAcceptEncoding;
	requestinfo.pszHostname = EnsureNotNull(pHttpRequest->GetHeader(HttpHeaderHost));
	requestinfo.pszQueryString = sQueryString;
	requestinfo.pszRemoteAddress = sRemoteAddress;
	requestinfo.pszURI = sURI;
	requestinfo.pszUserAgent = pszUserAgent;

	if (m_Config.GetDebugEnabled() || m_Config.GetLoggingLevel() >= IISXPRESS_LOGGINGLEVEL_BASIC)	
	{				
		char* pszMethod = "Unknown";		
		switch (pRawRequest->Verb)
		{
		case HttpVerbGET: pszMethod = "GET"; break;
		case HttpVerbPOST: pszMethod = "POST"; break;
		}

		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: method='%hs'\n"), pszMethod);		
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: hostname='%hs'\n"), requestinfo.pszHostname);		
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: user agent='%hs'\n"), requestinfo.pszUserAgent);		
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: URI='%hs'\n"), requestinfo.pszURI);	
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: accept-encoding='%hs'\n"), requestinfo.pszAcceptEncoding);	
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: client address='%hs'\n"), requestinfo.pszRemoteAddress);	
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: query string='%hs'\n"), requestinfo.pszQueryString);	
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: content-type='%hs'\n"), pszContentType);	
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: content-length=%u\n"), dwContentLength);	
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: response code=%u\n"), pRawResponse->StatusCode);	
		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("REQUEST: last-modified='%hs'\n"), pszLastModified != NULL ? pszLastModified : "null");	
	}			

	// ***********************************************************************	
	
	ResponseInfo responseinfo;		
	responseinfo.dwContentLength = dwContentLength;
	responseinfo.dwResponseCode = pRawResponse->StatusCode;	
	responseinfo.pszContentType = pszContentType;
	responseinfo.pszLastModified = pszLastModified;

	// get a connection to the server from the GIT (if it is connected)
	CComPtr<IIISxpressHTTPRequest> pIISxpressHTTPRequest;
	if (m_pGlobalIISxpressHTTPRequest.GetCookie() != 0)	
	{
		m_pGlobalIISxpressHTTPRequest.CopyTo(&pIISxpressHTTPRequest);
	}

	if (pIISxpressHTTPRequest == NULL)
	{
		// revoke the pointer in the GIT
		m_pGlobalIISxpressHTTPRequest.Revoke();

		// try to connect to the server
		if (GetHTTPRequestObject(pHttpContext, &pIISxpressHTTPRequest) == false || pIISxpressHTTPRequest == NULL)	
		{
			AppendLogMessage(IISXPRESS_LOGGINGLEVEL_ENH, pszMethodName, pHttpContext, _T("unable to connect to server\n"));					
			PerfCountersAddRejectedResponse(IISxpressNativePerf::NoCompressionServer);
			return RQ_NOTIFICATION_CONTINUE;
		}		

		// store the resulting pointer in the GIT
		m_pGlobalIISxpressHTTPRequest = pIISxpressHTTPRequest;
	}			

	const DWORD dwTimerLoggingLevel = IISXPRESS_LOGGINGLEVEL_FULL;
	bool useTimer = (m_Config.GetDebugEnabled() || m_Config.GetLoggingLevel() >= dwTimerLoggingLevel);

	// start timer
	__int64 nStartTimer = useTimer ? g_Timer.GetMicroSecTimerCount() : 0;

	CAtlStringA sCacheKey;
	if (m_nCacheEnabled != 0)
	{	
		// update the cache perf counters based on the cache cookie
		PerfCountersUpdateCacheStatus(false);	

		if (pszLastModified != NULL && sQueryString.GetLength() == 0)
		{
			ATLASSERT(pszAcceptEncoding != NULL);

			// create the unique key for the response
			ResponseCache::CreateResponseCacheKey(
				sInstanceId, sInstanceId.GetLength(),
				sURI, sURI.GetLength(),
				responseinfo.pszContentType, nContentTypeLength,
				dwContentLength, 
				pszLastModified, nLastModifiedLength,
				pszAcceptEncoding, nAcceptEncodingLength,
				sCacheKey);

			// try to get a compressed response from the cache
			HCACHEITEM hCacheItem = NULL;
			HRESULT hr = m_ResponseCache.LookupEntry(sCacheKey, &hCacheItem);
			if (hr == S_OK)
			{
				// get the item from the cache
				ResponseCacheItem* pCacheItem;
				DWORD dwCacheItemSize = 0;
				hr = m_ResponseCache.GetData(hCacheItem, (void**) &pCacheItem, &dwCacheItemSize);	

				void* pBuffer = pHttpContext->AllocateRequestMemory(pCacheItem->dwContentLength);
				if (pBuffer != NULL)
				{
					pHttpResponse->SetHeader(HttpHeaderContentLength, pCacheItem->sContentLength, 
						(USHORT) pCacheItem->sContentLength.GetLength(), TRUE);

					pHttpResponse->SetHeader(HttpHeaderContentEncoding, pCacheItem->sContentEncoding, 
						(USHORT) pCacheItem->sContentEncoding.GetLength(), TRUE);

					pEntityChunk->DataChunkType = HttpDataChunkFromMemory;
					pEntityChunk->FromMemory.pBuffer = pBuffer;
					pEntityChunk->FromMemory.BufferLength = pCacheItem->dwContentLength;
					memcpy(pEntityChunk->FromMemory.pBuffer, pCacheItem->pbyData, pCacheItem->dwContentLength);

					hr = m_ResponseCache.ReleaseEntry(hCacheItem);

					pIISxpressHTTPRequest->NotifyCacheHit(&iisinfo, &requestinfo, &responseinfo, pCacheItem->dwContentLength);

					PerfCountersAddCachedResponse(dwContentLength, pCacheItem->dwContentLength);

					// calculate timer duration
					__int64 nEndTimer = useTimer ? g_Timer.GetMicroSecTimerCount() : 0;
					__int64 nInterval = nEndTimer - nStartTimer;

					AppendLogMessage(dwTimerLoggingLevel, pszMethodName, pHttpContext, _T("response resolved from cache, call took %I64d us\n"), nInterval);

					return RQ_NOTIFICATION_CONTINUE;
				}
				
				// we failed to handle the cached response, so just proceed as normal (we need to free the
				// cache entry tho)
				hr = m_ResponseCache.ReleaseEntry(hCacheItem);
			}		
		}
	}

	DWORD dwFilterContext = 0;
	HRESULT hr = pIISxpressHTTPRequest->OnSendResponse(&iisinfo, &requestinfo, &responseinfo, &dwFilterContext);

	// calculate timer duration
	__int64 nEndTimer = useTimer ? g_Timer.GetMicroSecTimerCount() : 0;
	__int64 nInterval = nEndTimer - nStartTimer;

	if (FAILED(hr) == TRUE)
	{
		// get the facility code of the failure
		DWORD dwFacility = HRESULT_FACILITY(hr);

		// if it isn't NULL or ITF then assume the server is now invalid
		if (dwFacility != FACILITY_NULL && dwFacility != FACILITY_ITF)
		{
			// the GIT is invalid, dump it
			m_pGlobalIISxpressHTTPRequest.Revoke();

			// the server connection is invalid, dump it
			pIISxpressHTTPRequest = NULL;		
		}		
	}

	AppendLogMessage(dwTimerLoggingLevel, pszMethodName, pHttpContext, _T("OnSendResponse() returns 0x%08x, call took %I64d us\n"), hr, nInterval);	

	if (FAILED(hr) == TRUE)
	{			
		// TODO: need to handle generic HRs
		PerfCountersAddRejectedResponse(hr);

		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("won't handle response (0x%08x)\n"), hr);					

		return RQ_NOTIFICATION_CONTINUE;
	}

	AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("will handle response (0x%08x)\n"), hr);		

	if (pEntityChunk->DataChunkType == HttpDataChunkFromFileHandle)
	{
		DWORD dwAllocatedBlockSize = 0;
		BYTE* pbyData = AllocateMemoryBlockForOverlappedIO(pHttpContext, dwContentLength, dwAllocatedBlockSize);
		if (pbyData != NULL)
		{		
			// we are about to perform overlapped IO, so setup the OVERLAPPED struct into a default state
			OVERLAPPED overlapped;
			memset(&overlapped, 0, sizeof(overlapped));

			HandleObject FileEvent;
			bool bHandleFromPool = m_hEventHandlePool.GetHandleObject(FileEvent);									

			// if we failed to get a handle from the pool then we need to make one
			if (bHandleFromPool == false)
			{
				HANDLE hReadOK = ::CreateEvent(NULL, TRUE, FALSE, NULL);
				FileEvent = HandleObject(hReadOK);
			}

			// use the event handle so we can track the IO completion
			overlapped.hEvent = FileEvent;

			// ask for a file read (asynchronous)		
			DWORD dwStatus = ::ReadFile(pEntityChunk->FromFileHandle.FileHandle, pbyData, dwAllocatedBlockSize, NULL, &overlapped);

			// wait for the IO to complete (NB. don't really use this since INFINITE can block forever)			
			::WaitForSingleObject(FileEvent, INFINITE);

			// we must return the handle (if it came from the pool)
			if (bHandleFromPool == true)
			{
				m_hEventHandlePool.ReturnHandleObject(FileEvent);
			}

			pEntityChunk->DataChunkType = HttpDataChunkFromMemory;
			pEntityChunk->FromMemory.BufferLength = dwContentLength;
			pEntityChunk->FromMemory.pBuffer = pbyData;
		}
		else
		{
			hr = E_OUTOFMEMORY;
		}
	}
	else if (pEntityChunk->DataChunkType == HttpDataChunkFromMemory)
	{
		// allocate the memory block
		BYTE* pbyData = (BYTE*) pHttpContext->AllocateRequestMemory(dwContentLength);			
		if (pbyData != NULL)
		{
			// copy the response data
			memcpy(pbyData, pEntityChunk->FromMemory.pBuffer, pEntityChunk->FromMemory.BufferLength);

			// change the buffer pointer
			pEntityChunk->FromMemory.pBuffer = pbyData;
		}
		else
		{
			hr = E_OUTOFMEMORY;
		}
	}		

	// allocate the response stream
	CComPtr<IStream> pStream;
	CComObject<CResponseStream>* pResponseStream = NULL;	
	if (hr == S_OK)
	{
		hr = CComObject<CResponseStream>::CreateInstance(&pResponseStream);
		if (hr == S_OK)
		{		
			pStream = pResponseStream;
		}
	}

	// catch any memory issues
	if (FAILED(hr) == TRUE)
	{			
		// abort the compression
		pIISxpressHTTPRequest->AbortRequest(dwFilterContext);

		// TODO: need to handle generic HRs
		PerfCountersAddRejectedResponse(hr);

		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("won't handle response (0x%08x)\n"), hr);					

		return RQ_NOTIFICATION_CONTINUE;
	}

	pResponseStream->AttachBuffer(pEntityChunk->FromMemory.pBuffer, dwContentLength, 0);

	char szContentEncoding[32] = "";
	hr = pIISxpressHTTPRequest->OnSendRawData(dwFilterContext, pStream, dwContentLength, FALSE, (signed char*) szContentEncoding, _countof(szContentEncoding));
	if (hr == S_OK)
	{		
		DWORD dwOriginalSize = dwContentLength;
		DWORD dwCompressedSize = pResponseStream->GetOffset();				

		// set the new content length into the header
		CAtlStringA sContentLength;
		sContentLength.Format("%u", dwCompressedSize);
		pHttpResponse->SetHeader(HttpHeaderContentLength, sContentLength, (USHORT) sContentLength.GetLength(), TRUE);

		// set the new size into the buffer
		pRawResponse->pEntityChunks->FromMemory.BufferLength = dwCompressedSize;
		
		pHttpResponse->SetHeader(HttpHeaderContentEncoding, szContentEncoding, (USHORT) strlen(szContentEncoding), TRUE);

		// add the item to the cache if we have a key (it means the data is cachable)
		if (dwCompressedSize < dwOriginalSize &&
			m_nCacheEnabled != 0 && sCacheKey.GetLength() > 0)
		{
			ResponseCacheItem* pCacheItem = new ResponseCacheItem();
			if (pCacheItem != NULL)
			{
				pCacheItem->sContentEncoding = szContentEncoding;
				pCacheItem->sContentLength = sContentLength;
				pCacheItem->dwContentLength = dwCompressedSize;
				pCacheItem->pbyData = new BYTE[dwCompressedSize];
				if (pCacheItem->pbyData != NULL)
				{
					// copy the compressed data and add it to the cache
					memcpy(pCacheItem->pbyData, pEntityChunk->FromMemory.pBuffer, dwCompressedSize);
					m_ResponseCache.Add(sCacheKey, pCacheItem, pCacheItem->dwContentLength, NULL, NULL, NULL, m_ResponseCacheItemDeallocator);

					PerfCountersUpdateCacheStatus(true);
				}
			}
		}

		PerfCountersAddCompressedResponse(dwContentLength, dwCompressedSize);

		// make sure the context is released
		hr = pIISxpressHTTPRequest->OnEndOfRequest(dwFilterContext, NULL, 0, FALSE, NULL, 0);		
	}
	else
	{
		// abort the compression
		pIISxpressHTTPRequest->AbortRequest(dwFilterContext);

		// TODO: need to handle generic HRs
		PerfCountersAddRejectedResponse(hr);

		AppendLogMessage(IISXPRESS_LOGGINGLEVEL_BASIC, pszMethodName, pHttpContext, _T("won't handle response (0x%08x)\n"), hr);							
	}

	return RQ_NOTIFICATION_CONTINUE;
}