static ngx_int_t ngx_http_breach_header_filter(ngx_http_request_t *r)
{
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,"BREACH HEADER FILTER Start!.");
ngx_http_breach_conf_t *conf;
conf = ngx_http_get_module_loc_conf (r, ngx_http_breach_filter_module);
if ((r->headers_out.status != NGX_HTTP_OK &&
r->headers_out.status != NGX_HTTP_FORBIDDEN &&
r->headers_out.status != NGX_HTTP_NOT_FOUND) ||
r->header_only ||
r->headers_out.content_type.len == 0 ||
(r->headers_out.content_encoding &&
r->headers_out.content_encoding->value.len) ||
conf->enable == 0)
{
return ngx_http_next_header_filter(r);
}
if (ngx_strncasecmp(r->headers_out.content_type.data, (u_char *)"text/html", sizeof("text/html") - 1) != 0)
{
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,"BREACH HEADER FILTER: this is not text/html content!.");
return ngx_http_next_header_filter(r);
}
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,"BREACH HEADER FILTER: end!.");
return ngx_http_next_header_filter(r);
}
static ngx_int_t ngx_http_dynamic_etags_header_filter(ngx_http_request_t *r) {
ngx_http_dynamic_etags_module_ctx_t *ctx;
ctx = ngx_http_get_module_ctx(r, ngx_http_dynamic_etags_module);
if (ctx) {
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_dynamic_etags_module_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_dynamic_etags_module);
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
r->main_filter_need_in_memory = 1;
r->filter_need_in_memory = 1;
return NGX_OK;
}
ngx_int_t
ngx_http_lua_send_header_if_needed(ngx_http_request_t *r,
ngx_http_lua_ctx_t *ctx)
{
if ( ! ctx->headers_sent ) {
if (r->headers_out.status == 0) {
r->headers_out.status = NGX_HTTP_OK;
}
if (! ctx->headers_set && ngx_http_set_content_type(r) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
if (! ctx->headers_set) {
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
}
if (r->http_version >= NGX_HTTP_VERSION_11) {
/* Send response headers for HTTP version <= 1.0 elsewhere */
ctx->headers_sent = 1;
return ngx_http_send_header(r);
}
}
return NGX_OK;
}
static ngx_int_t
ngx_http_foo_header_filter(ngx_http_request_t *r)
{
ngx_log_error(NGX_LOG_NOTICE, r->connection->log, 0, "Header filter add header");
ngx_table_elt_t *h;
/*
* The filter handler adds "X-Foo: foo" header
* to every HTTP 200 response
*/
if (r->headers_out.status != NGX_HTTP_OK) {
return ngx_http_next_header_filter(r);
}
h = ngx_list_push(&r->headers_out.headers);
if (h == NULL) {
return NGX_ERROR;
}
h->hash = 1;
ngx_str_set(&h->key, "X-Foo");
ngx_str_set(&h->value, "foo");
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
ngx_http_weak_etag(r);
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_sub_header_filter(ngx_http_request_t *r)
{
ngx_http_sub_ctx_t *ctx;
ngx_http_sub_loc_conf_t *slcf;
slcf = ngx_http_get_module_loc_conf(r, ngx_http_sub_filter_module);
if (slcf->match.len == 0
|| r->headers_out.content_length_n == 0
|| ngx_http_test_content_type(r, &slcf->types) == NULL)
{
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_sub_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_sub_filter_module);
ctx->match = slcf->match;
ctx->last_out = &ctx->out;
r->filter_need_in_memory = 1;
if (r == r->main) {
ngx_http_clear_content_length(r);
ngx_http_clear_last_modified(r);
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_charset_ctx(ngx_http_request_t *r, ngx_http_charset_t *charsets,
ngx_int_t charset, ngx_int_t source_charset)
{
ngx_http_charset_ctx_t *ctx;
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_charset_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_charset_filter_module);
ctx->table = charsets[source_charset].tables[charset];
ctx->charset = charset;
ctx->charset_name = charsets[charset].name;
ctx->length = charsets[charset].length;
ctx->from_utf8 = charsets[source_charset].utf8;
ctx->to_utf8 = charsets[charset].utf8;
r->filter_need_in_memory = 1;
if ((ctx->to_utf8 || ctx->from_utf8) && r == r->main) {
ngx_http_clear_content_length(r);
} else {
r->filter_need_temporary = 1;
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_addition_header_filter(ngx_http_request_t *r)
{
ngx_http_addition_ctx_t *ctx;
ngx_http_addition_conf_t *conf;
if (r->headers_out.status != NGX_HTTP_OK || r != r->main) {
return ngx_http_next_header_filter(r);
}
conf = ngx_http_get_module_loc_conf(r, ngx_http_addition_filter_module);
if (conf->before_body.len == 0 && conf->after_body.len == 0) {
return ngx_http_next_header_filter(r);
}
if (ngx_http_test_content_type(r, &conf->types) == NULL) {
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_addition_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_addition_filter_module);
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_range_not_satisfiable(ngx_http_request_t *r)
{
ngx_table_elt_t *content_range;
r->headers_out.status = NGX_HTTP_RANGE_NOT_SATISFIABLE;
content_range = ngx_list_push(&r->headers_out.headers);
if (content_range == NULL) {
return NGX_ERROR;
}
r->headers_out.content_range = content_range;
content_range->hash = 1;
ngx_str_set(&content_range->key, "Content-Range");
content_range->value.data = ngx_pnalloc(r->pool,
sizeof("bytes */") - 1 + NGX_OFF_T_LEN);
if (content_range->value.data == NULL) {
return NGX_ERROR;
}
content_range->value.len = ngx_sprintf(content_range->value.data,
"bytes */%O",
r->headers_out.content_length_n)
- content_range->value.data;
ngx_http_clear_content_length(r);
return NGX_HTTP_RANGE_NOT_SATISFIABLE;
}
ngx_int_t
ngx_http_echo_send_header_if_needed(ngx_http_request_t *r,
ngx_http_echo_ctx_t *ctx)
{
ngx_int_t rc;
ngx_http_echo_loc_conf_t *elcf;
if (!r->header_sent && !ctx->header_sent) {
elcf = ngx_http_get_module_loc_conf(r, ngx_http_echo_module);
r->headers_out.status = (ngx_uint_t) elcf->status;
if (ngx_http_set_content_type(r) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
rc = ngx_http_send_header(r);
ctx->header_sent = 1;
return rc;
}
return NGX_OK;
}
static ngx_int_t
ngx_http_gunzip_header_filter(ngx_http_request_t *r)
{
ngx_http_gunzip_ctx_t *ctx;
ngx_http_gunzip_conf_t *conf;
conf = ngx_http_get_module_loc_conf(r, ngx_http_gunzip_filter_module);
/* TODO support multiple content-codings */
/* TODO ignore content encoding? */
if (conf->enable == NGX_HTTP_GUNZIP_OFF
|| r->headers_out.content_encoding == NULL
|| r->headers_out.content_encoding->value.len != 4
|| ngx_strncasecmp(r->headers_out.content_encoding->value.data,
(u_char *) "gzip", 4) != 0)
{
return ngx_http_next_header_filter(r);
}
r->gzip_vary = 1;
if (conf->enable == NGX_HTTP_GUNZIP_ON) {
if (!r->gzip_tested) {
if (ngx_http_gzip_ok(r) == NGX_OK) {
return ngx_http_next_header_filter(r);
}
} else if (r->gzip_ok) {
return ngx_http_next_header_filter(r);
}
} else if (conf->enable == NGX_HTTP_GUNZIP_ALWAYS
&& ngx_http_test_content_type(r, &conf->types) == NULL)
{
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_gunzip_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_gunzip_filter_module);
ctx->request = r;
r->filter_need_in_memory = 1;
r->headers_out.content_encoding->hash = 0;
r->headers_out.content_encoding = NULL;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
ngx_http_weak_etag(r);
return ngx_http_next_header_filter(r);
}
ngx_int_t
ngx_postgres_output_chain(ngx_http_request_t *r, ngx_chain_t *cl)
{
ngx_http_upstream_t *u = r->upstream;
ngx_http_core_loc_conf_t *clcf;
ngx_postgres_loc_conf_t *pglcf;
ngx_postgres_ctx_t *pgctx;
ngx_int_t rc;
dd("entering");
if (!r->header_sent) {
ngx_http_clear_content_length(r);
pglcf = ngx_http_get_module_loc_conf(r, ngx_postgres_module);
pgctx = ngx_http_get_module_ctx(r, ngx_postgres_module);
r->headers_out.status = pgctx->status ? abs(pgctx->status)
: NGX_HTTP_OK;
if (pglcf->output_handler == &ngx_postgres_output_rds) {
/* RDS for output rds */
r->headers_out.content_type.data = (u_char *) rds_content_type;
r->headers_out.content_type.len = rds_content_type_len;
r->headers_out.content_type_len = rds_content_type_len;
} else if (pglcf->output_handler != NULL) {
/* default type for output value|row */
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
r->headers_out.content_type = clcf->default_type;
r->headers_out.content_type_len = clcf->default_type.len;
}
r->headers_out.content_type_lowcase = NULL;
rc = ngx_http_send_header(r);
if (rc == NGX_ERROR || rc > NGX_OK || r->header_only) {
dd("returning rc:%d", (int) rc);
return rc;
}
}
if (cl == NULL) {
dd("returning NGX_DONE");
return NGX_DONE;
}
rc = ngx_http_output_filter(r, cl);
if (rc == NGX_ERROR || rc > NGX_OK) {
dd("returning rc:%d", (int) rc);
return rc;
}
ngx_chain_update_chains(&u->free_bufs, &u->busy_bufs, &cl, u->output.tag);
dd("returning rc:%d", (int) rc);
return rc;
}
static ngx_int_t
ngx_http_not_modified_header_filter(ngx_http_request_t *r)
{
if (r->headers_out.status != NGX_HTTP_OK
|| r != r->main
|| r->disable_not_modified)
{
return ngx_http_next_header_filter(r);
}
if (r->headers_in.if_unmodified_since
&& !ngx_http_test_if_unmodified(r))
{
return ngx_http_filter_finalize_request(r, NULL,
NGX_HTTP_PRECONDITION_FAILED);
}
if (r->headers_in.if_match
&& !ngx_http_test_if_match(r, r->headers_in.if_match, 0))
{
return ngx_http_filter_finalize_request(r, NULL,
NGX_HTTP_PRECONDITION_FAILED);
}
if (r->headers_in.if_modified_since || r->headers_in.if_none_match) {
if (r->headers_in.if_modified_since
&& ngx_http_test_if_modified(r))
{
return ngx_http_next_header_filter(r);
}
if (r->headers_in.if_none_match
&& !ngx_http_test_if_match(r, r->headers_in.if_none_match, 1))
{
return ngx_http_next_header_filter(r);
}
/* not modified */
r->headers_out.status = NGX_HTTP_NOT_MODIFIED;
r->headers_out.status_line.len = 0;
r->headers_out.content_type.len = 0;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
if (r->headers_out.content_encoding) {
r->headers_out.content_encoding->hash = 0;
r->headers_out.content_encoding = NULL;
}
return ngx_http_next_header_filter(r);
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_charset_set_charset(ngx_http_request_t *r,
ngx_http_charset_t *charsets, ngx_int_t charset, ngx_int_t source_charset)
{
ngx_http_charset_ctx_t *ctx;
if (r->headers_out.status == NGX_HTTP_MOVED_PERMANENTLY
|| r->headers_out.status == NGX_HTTP_MOVED_TEMPORARILY)
{
/*
* do not set charset for the redirect because NN 4.x
* use this charset instead of the next page charset
*/
r->headers_out.charset.len = 0;
return ngx_http_next_header_filter(r);
}
r->headers_out.charset = charsets[charset].name;
r->utf8 = charsets[charset].utf8;
if (source_charset == NGX_CONF_UNSET || source_charset == charset) {
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_charset_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_charset_filter_module);
ctx->table = charsets[source_charset].tables[charset];
ctx->charset = charset;
ctx->length = charsets[charset].length;
ctx->from_utf8 = charsets[source_charset].utf8;
ctx->to_utf8 = charsets[charset].utf8;
r->filter_need_in_memory = 1;
if ((ctx->to_utf8 || ctx->from_utf8) && r == r->main) {
ngx_http_clear_content_length(r);
} else {
r->filter_need_temporary = 1;
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_not_modified_header_filter(ngx_http_request_t *r)
{
time_t ims;
ngx_http_core_loc_conf_t *clcf;
if (r->headers_out.status != NGX_HTTP_OK
|| r != r->main
|| r->headers_in.if_modified_since == NULL
|| r->headers_out.last_modified_time == -1)
{
return ngx_http_next_header_filter(r);
}
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
if (clcf->if_modified_since == NGX_HTTP_IMS_OFF) {
return ngx_http_next_header_filter(r);
}
ims = ngx_http_parse_time(r->headers_in.if_modified_since->value.data,
r->headers_in.if_modified_since->value.len);
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http ims:%d lm:%d", ims, r->headers_out.last_modified_time);
if (ims != r->headers_out.last_modified_time) {
if (clcf->if_modified_since == NGX_HTTP_IMS_EXACT
|| ims < r->headers_out.last_modified_time)
{
return ngx_http_next_header_filter(r);
}
}
r->headers_out.status = NGX_HTTP_NOT_MODIFIED;
r->headers_out.status_line.len = 0;
r->headers_out.content_type.len = 0;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
if (r->headers_out.content_encoding) {
r->headers_out.content_encoding->hash = 0;
r->headers_out.content_encoding = NULL;
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_trim_header_filter(ngx_http_request_t *r)
{
ngx_int_t rc;
ngx_str_t flag;
ngx_http_trim_ctx_t *ctx;
ngx_http_trim_loc_conf_t *conf;
conf = ngx_http_get_module_loc_conf(r, ngx_http_trim_filter_module);
if (!conf->trim_enable
|| r->headers_out.status != NGX_HTTP_OK
|| (r->method & NGX_HTTP_HEAD)
|| r->headers_out.content_length_n == 0
|| (r->headers_out.content_encoding
&& r->headers_out.content_encoding->value.len)
|| ngx_http_test_content_type(r, &conf->types) == NULL)
{
return ngx_http_next_header_filter(r);
}
rc = ngx_http_arg(r, (u_char *) NGX_HTTP_TRIM_FLAG,
sizeof(NGX_HTTP_TRIM_FLAG) - 1, &flag);
if(rc == NGX_OK
&& flag.len == sizeof("off") - 1
&& ngx_strncmp(flag.data, "off", sizeof("off") - 1) == 0)
{
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_trim_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ctx->prev = ' ';
ctx->first_line = 1;
ngx_http_set_ctx(r, ctx, ngx_http_trim_filter_module);
r->main_filter_need_in_memory = 1;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_srcache_send_not_modified(ngx_http_request_t *r)
{
r->headers_out.status = NGX_HTTP_NOT_MODIFIED;
r->headers_out.status_line.len = 0;
r->headers_out.content_type.len = 0;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
if (r->headers_out.content_encoding) {
r->headers_out.content_encoding->hash = 0;
r->headers_out.content_encoding = NULL;
}
return ngx_http_srcache_next_header_filter(r);
}
static ngx_int_t
ngx_http_subs_header_filter(ngx_http_request_t *r)
{
ngx_http_subs_loc_conf_t *slcf;
slcf = ngx_http_get_module_loc_conf(r, ngx_http_subs_filter_module);
if (slcf->sub_pairs->nelts == 0
|| r->header_only
|| r->headers_out.content_type.len == 0
|| r->headers_out.content_length_n == 0
|| r->headers_out.status != NGX_HTTP_OK)
{
return ngx_http_next_header_filter(r);
}
if (ngx_http_test_content_type(r, &slcf->types) == NULL) {
return ngx_http_next_header_filter(r);
}
/* Don't do substitution with the compressed content */
if (r->headers_out.content_encoding
&& r->headers_out.content_encoding->value.len) {
ngx_log_error(NGX_LOG_WARN, r->connection->log, 0,
"http subs filter header ignored, this may be a "
"compressed response.");
return ngx_http_next_header_filter(r);
}
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http subs filter header \"%V\"", &r->uri);
if (ngx_http_subs_init_context(r) == NGX_ERROR) {
return NGX_ERROR;
}
r->filter_need_in_memory = 1;
if (r == r->main) {
ngx_http_clear_content_length(r);
ngx_http_clear_last_modified(r);
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_echo_header_filter(ngx_http_request_t *r)
{
ngx_http_echo_loc_conf_t *conf;
ngx_http_echo_ctx_t *ctx;
dd("We're in the header filter...");
ctx = ngx_http_get_module_ctx(r, ngx_http_echo_module);
/* XXX we should add option to insert contents for responses
* of non-200 status code here... */
/*
if (r->headers_out.status != NGX_HTTP_OK) {
if (ctx != NULL) {
ctx->skip_filter = 1;
}
return ngx_http_echo_next_header_filter(r);
}
*/
conf = ngx_http_get_module_loc_conf(r, ngx_http_echo_module);
if (conf->before_body_cmds == NULL && conf->after_body_cmds == NULL) {
if (ctx != NULL) {
ctx->skip_filter = 1;
}
return ngx_http_echo_next_header_filter(r);
}
if (ctx == NULL) {
ctx = ngx_http_echo_create_ctx(r);
if (ctx == NULL) {
return NGX_ERROR;
}
ctx->headers_sent = 1;
ngx_http_set_ctx(r, ctx, ngx_http_echo_module);
}
/* enable streaming here (use chunked encoding) */
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
return ngx_http_echo_next_header_filter(r);
}
static ngx_int_t
ngx_http_echo_header_filter(ngx_http_request_t *r)
{
ngx_http_echo_loc_conf_t *conf;
ngx_http_echo_ctx_t *ctx;
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"echo header filter, uri \"%V?%V\"", &r->uri, &r->args);
ctx = ngx_http_get_module_ctx(r, ngx_http_echo_module);
/* XXX we should add option to insert contents for responses
* of non-200 status code here... */
/*
if (r->headers_out.status != NGX_HTTP_OK) {
if (ctx != NULL) {
ctx->skip_filter = 1;
}
return ngx_http_echo_next_header_filter(r);
}
*/
conf = ngx_http_get_module_loc_conf(r, ngx_http_echo_module);
if (conf->before_body_cmds == NULL && conf->after_body_cmds == NULL) {
if (ctx != NULL) {
ctx->skip_filter = 1;
}
return ngx_http_echo_next_header_filter(r);
}
if (ctx == NULL) {
ctx = ngx_http_echo_create_ctx(r);
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_echo_module);
}
/* enable streaming here (use chunked encoding) */
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
return ngx_http_echo_next_header_filter(r);
}
static ngx_int_t
ngx_http_iconv_header_filter(ngx_http_request_t *r)
{
ngx_http_iconv_loc_conf_t *ilcf;
ngx_http_iconv_ctx_t *ctx;
ilcf = ngx_http_get_module_loc_conf(r, ngx_http_iconv_module);
if (!ilcf->enabled) {
return ngx_http_next_header_filter(r);
}
if (r->http_version < NGX_HTTP_VERSION_10) {
ngx_log_error(NGX_LOG_WARN, r->connection->log, 0,
"iconv does not support HTTP < 1.0 yet");
return ngx_http_next_header_filter(r);
}
if (r->http_version == NGX_HTTP_VERSION_10) {
r->keepalive = 0;
}
iconv_buf_size = ilcf->buf_size;
r->filter_need_in_memory = 1;
ngx_http_clear_content_length(r);
ctx = ngx_http_get_module_ctx(r, ngx_http_iconv_module);
if (ctx == NULL) {
dd("create new context");
/*
* set by ngx_pcalloc()
* ctx->uc->len = 0
* ctx->uc->data = NULL
*/
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_iconv_module));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_iconv_module);
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_sub_header_filter(ngx_http_request_t *r)
{
ngx_http_sub_ctx_t *ctx;
ngx_http_sub_loc_conf_t *slcf;
slcf = ngx_http_get_module_loc_conf(r, ngx_http_sub_filter_module);
if (!slcf->wm_struct
|| r->headers_out.content_length_n == 0
|| ngx_http_test_content_type(r, &slcf->types) == NULL)
{
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_sub_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ctx->tmp.data = ngx_pnalloc(r->pool, slcf->tmp_buf_size);
if (ctx->tmp.data == NULL) {
return NGX_ERROR;
}
ctx->tmp.len = slcf->tmp_buf_size;
ctx->repl = ngx_pcalloc(r->pool, slcf->values->nelts * sizeof(ngx_str_t));
ctx->wm_struct = slcf->wm_struct;
ctx->values = slcf->values->elts;
ngx_http_set_ctx(r, ctx, ngx_http_sub_filter_module);
ctx->last_out = &ctx->out;
r->filter_need_in_memory = 1;
if (r == r->main) {
ngx_http_clear_content_length(r);
ngx_http_clear_last_modified(r);
ngx_http_clear_etag(r);
}
return ngx_http_next_header_filter(r);
}
ngx_int_t
ngx_http_echo_send_header_if_needed(ngx_http_request_t* r)
{
if (!r->header_sent) {
r->headers_out.status = 200;
if (ngx_http_set_content_type(r) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
return ngx_http_send_header(r);
}
return NGX_OK;
}
ngx_int_t
ngx_http_secure_token_init_body_filter(ngx_http_request_t *r, ngx_str_t* token)
{
ngx_http_secure_token_loc_conf_t *conf;
ngx_http_secure_token_ctx_t* ctx;
body_processor_t* processor;
conf = ngx_http_get_module_loc_conf(r, ngx_http_secure_token_filter_module);
// Note: content_type_lowcase is already initialized since we called ngx_http_test_content_type
processor = ngx_hash_find(&conf->processors_hash, r->headers_out.content_type_hash, r->headers_out.content_type_lowcase, r->headers_out.content_type_len);
if (processor == NULL)
{
return NGX_DONE;
}
// add the token to all the URLs in the response
ctx = ngx_pcalloc(r->pool, sizeof(*ctx));
if (ctx == NULL)
{
return NGX_ERROR;
}
ctx->token = *token;
ctx->process = processor->process;
ctx->processor_context_offset = processor->processor_context_offset;
ctx->processor_params = processor->processor_params;
ngx_http_set_ctx(r, ctx, ngx_http_secure_token_filter_module);
ctx->last_out = &ctx->out;
r->filter_need_in_memory = 1;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
ngx_http_clear_etag(r);
return NGX_OK;
}
static ngx_int_t
ngx_http_minify_header_filter(ngx_http_request_t *r)
{
ngx_http_minify_conf_t *conf;
conf = ngx_http_get_module_loc_conf(r, ngx_http_minify_filter_module);
if (!conf->enable
|| (r->headers_out.status != NGX_HTTP_OK
&& r->headers_out.status != NGX_HTTP_FORBIDDEN
&& r->headers_out.status != NGX_HTTP_NOT_FOUND)
|| (r->headers_out.content_encoding
&& r->headers_out.content_encoding->value.len)
|| ngx_http_test_content_type(r, &conf->types) == NULL
|| r->header_only)
{
return ngx_http_next_header_filter(r);
}
ngx_http_clear_content_length(r);
return ngx_http_next_header_filter(r);
}
static ngx_int_t ngx_http_no_newlines_header_filter (ngx_http_request_t *r)
{
ngx_http_no_newlines_ctx_t *ctx; /* to maintain state */
ngx_http_no_newlines_conf_t *conf; /* to check whether module is enabled or not */
conf = ngx_http_get_module_loc_conf (r, ngx_http_no_newlines_module);
/* step 1: decide whether to operate */
if ((r->headers_out.status != NGX_HTTP_OK &&
r->headers_out.status != NGX_HTTP_FORBIDDEN &&
r->headers_out.status != NGX_HTTP_NOT_FOUND) ||
r->header_only ||
r->headers_out.content_type.len == 0 ||
(r->headers_out.content_encoding &&
r->headers_out.content_encoding->value.len) ||
conf->enable == 0) {
return ngx_http_next_header_filter(r);
}
if (ngx_strncasecmp(r->headers_out.content_type.data, (u_char *)"text/html", sizeof("text/html") - 1) != 0) {
return ngx_http_next_header_filter(r);
}
/* step 2: operate on the header */
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_no_newlines_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ngx_http_set_ctx(r, ctx, ngx_http_no_newlines_module);
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
r->main_filter_need_in_memory = 1;
/* step 3: call the next filter */
return ngx_http_next_header_filter(r);
}
ngx_int_t
ngx_http_echo_send_header_if_needed(ngx_http_request_t* r,
ngx_http_echo_ctx_t *ctx) {
/* ngx_int_t rc; */
if ( ! ctx->headers_sent ) {
r->headers_out.status = NGX_HTTP_OK;
if (ngx_http_set_content_type(r) != NGX_OK) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
if (r->http_version >= NGX_HTTP_VERSION_11) {
ctx->headers_sent = 1;
return ngx_http_send_header(r);
}
}
return NGX_OK;
}
static ngx_int_t ngx_http_pb_msgpack_header_filter(ngx_http_request_t* r )
{
if(r->headers_out.status != NGX_HTTP_OK)
{
return ngx_http_next_header_filter(r);
}
ngx_http_pb_msgpack_transfer_loc_conf_t* loc_conf = NULL;
loc_conf = (ngx_http_pb_msgpack_transfer_loc_conf_t*) ngx_http_get_module_loc_conf(r, ngx_http_pb_msgpack_transfer_module);
// flag is unset/0 , skip deal it
if(0 == loc_conf->pbmsgpack_filter_flag || NGX_CONF_UNSET == loc_conf->pbmsgpack_filter_flag )
{
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "output transfer flag is 0!");
return ngx_http_next_header_filter(r);
}
if( r == r->main)
{
ngx_http_clear_content_length(r);
}
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_rds_json_header_filter(ngx_http_request_t *r)
{
ngx_http_rds_json_ctx_t *ctx;
ngx_http_rds_json_conf_t *conf;
/* XXX maybe we can generate stub JSON strings like
* {"errcode":403,"error":"Permission denied"}
* for HTTP error pages? */
if ((r->headers_out.status < NGX_HTTP_OK)
|| (r->headers_out.status >= NGX_HTTP_SPECIAL_RESPONSE)
|| (r->headers_out.status == NGX_HTTP_NO_CONTENT)
|| (r->headers_out.status == NGX_HTTP_RESET_CONTENT))
{
ngx_http_set_ctx(r, NULL, ngx_http_rds_json_filter_module);
dd("status is not OK: %d, skipping", (int) r->headers_out.status);
return ngx_http_rds_json_next_header_filter(r);
}
/* r->headers_out.status = 0; */
conf = ngx_http_get_module_loc_conf(r, ngx_http_rds_json_filter_module);
if ( ! conf->enabled) {
return ngx_http_rds_json_next_header_filter(r);
}
if (ngx_http_rds_json_test_content_type(r) != NGX_OK) {
return ngx_http_rds_json_next_header_filter(r);
}
r->headers_out.content_type = conf->content_type;
r->headers_out.content_type_len = conf->content_type.len;
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_rds_json_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
ctx->tag = (ngx_buf_tag_t) &ngx_http_rds_json_filter_module;
ctx->state = state_expect_header;
ctx->header_sent = 0;
ctx->last_out = &ctx->out;
/* set by ngx_pcalloc
* ctx->out = NULL
* ctx->busy_bufs = NULL
* ctx->free_bufs = NULL
* ctx->cached = (ngx_buf_t) 0
* ctx->postponed = (ngx_buf_t) 0
* ctx->avail_out = 0
* ctx->col_names = NULL
* ctx->col_count = 0
* ctx->cur_col = 0
* ctx->field_offset = 0
* ctx->field_total = 0
* ctx->field_data_rest = 0
*/
ngx_http_set_ctx(r, ctx, ngx_http_rds_json_filter_module);
ngx_http_clear_content_length(r);
r->filter_need_in_memory = 1;
/* we do postpone the header sending to the body filter */
return NGX_OK;
}
static ngx_int_t
ngx_http_brotli_header_filter(ngx_http_request_t *r)
{
ngx_table_elt_t *h;
ngx_http_brotli_ctx_t *ctx;
ngx_http_brotli_conf_t *conf;
conf = ngx_http_get_module_loc_conf(r, ngx_http_brotli_filter_module);
if (!conf->enable
|| (r->headers_out.status != NGX_HTTP_OK
&& r->headers_out.status != NGX_HTTP_FORBIDDEN
&& r->headers_out.status != NGX_HTTP_NOT_FOUND)
|| (r->headers_out.content_length_n != -1
&& r->headers_out.content_length_n < conf->min_length)
|| ngx_http_test_content_type(r, &conf->types) == NULL
|| r->header_only)
{
return ngx_http_next_header_filter(r);
}
if (r->headers_out.content_encoding
&& r->headers_out.content_encoding->value.len)
{
return ngx_http_next_header_filter(r);
}
/* Check that brotli is supported. We do not check possible q value
* if brotli is supported it takes precendence over gzip if size >
* brotli_min_length */
if (accept_br(r->headers_in.accept_encoding) != NGX_OK) {
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_brotli_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
#if (NGX_HTTP_GZIP)
r->gzip_vary = 1;
/* Make sure gzip does not execute */
r->gzip_tested = 1;
r->gzip_ok = 0;
#endif
ngx_http_set_ctx(r, ctx, ngx_http_brotli_filter_module);
ctx->request = r;
h = ngx_list_push(&r->headers_out.headers);
if (h == NULL) {
return NGX_ERROR;
}
h->hash = 1;
ngx_str_set(&h->key, "Content-Encoding");
ngx_str_set(&h->value, "br");
r->headers_out.content_encoding = h;
r->main_filter_need_in_memory = 1;
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
ngx_http_weak_etag(r);
return ngx_http_next_header_filter(r);
}
static ngx_int_t
ngx_http_xss_header_filter(ngx_http_request_t *r)
{
ngx_http_xss_ctx_t *ctx;
ngx_http_xss_loc_conf_t *xlcf;
ngx_str_t callback;
u_char *p, *src, *dst;
if (r != r->main) {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"xss skipped in subrequests");
return ngx_http_next_header_filter(r);
}
xlcf = ngx_http_get_module_loc_conf(r, ngx_http_xss_filter_module);
if (!xlcf->get_enabled) {
return ngx_http_next_header_filter(r);
}
if (r->method != NGX_HTTP_GET) {
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"xss skipped due to the unmatched request method: %V",
&r->method_name);
return ngx_http_next_header_filter(r);
}
if (xlcf->check_status) {
if (r->headers_out.status != NGX_HTTP_OK
&& r->headers_out.status != NGX_HTTP_CREATED)
{
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"xss skipped due to unmatched response status "
"\"%ui\"", r->headers_out.status);
return ngx_http_next_header_filter(r);
}
}
if (xlcf->callback_arg.len == 0) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"xss: xss_get is enabled but no xss_callback_arg "
"specified");
return ngx_http_next_header_filter(r);
}
if (ngx_http_test_content_type(r, &xlcf->input_types) == NULL) {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"xss skipped due to unmatched Content-Type response "
"header");
return ngx_http_next_header_filter(r);
}
if (ngx_http_arg(r, xlcf->callback_arg.data, xlcf->callback_arg.len,
&callback)
!= NGX_OK)
{
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"xss skipped: no GET argument \"%V\" specified in "
"the request", &xlcf->callback_arg);
return ngx_http_next_header_filter(r);
}
p = ngx_palloc(r->pool, callback.len);
if (p == NULL) {
return NGX_ERROR;
}
src = callback.data; dst = p;
ngx_unescape_uri(&dst, &src, callback.len, NGX_UNESCAPE_URI_COMPONENT);
if (src != callback.data + callback.len) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"xss: unescape uri: input data not consumed completely");
return NGX_ERROR;
}
callback.data = p;
callback.len = dst - p;
if (ngx_http_xss_test_callback(callback.data, callback.len) != NGX_OK) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"xss: bad callback argument: \"%V\"", &callback);
return ngx_http_next_header_filter(r);
}
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_xss_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
}
/*
* set by ngx_pcalloc():
*
* ctx->callback = { 0, NULL };
* ctx->before_body_sent = 0;
*/
ctx->callback = callback;
ngx_http_set_ctx(r, ctx, ngx_http_xss_filter_module);
r->headers_out.content_type = xlcf->output_type;
r->headers_out.content_type_len = xlcf->output_type.len;
r->headers_out.content_type_lowcase = NULL;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"xss output Content-Type header \"%V\"",
&xlcf->output_type);
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
if (xlcf->override_status
&& r->headers_out.status >= NGX_HTTP_SPECIAL_RESPONSE)
{
r->headers_out.status = NGX_HTTP_OK;
}
return ngx_http_next_header_filter(r);
}
