Branch: Tag:

2008-02-18

2008-02-18 11:50:28 by Martin Stjernholm <mast@lysator.liu.se>

Added some comments and made the CRLF trimming kludge of POST form
data more precise.

Rev: server/protocols/http.pike:1.545

2:   // Modified by Francesco Chemolli to add throttling capabilities.   // Copyright © 1996 - 2004, Roxen IS.    - constant cvs_version = "$Id: http.pike,v 1.544 2008/02/15 16:40:23 mast Exp $"; + constant cvs_version = "$Id: http.pike,v 1.545 2008/02/18 11:50:28 mast Exp $";   // #define REQUEST_DEBUG   #define MAGIC_ERROR   
404:       if (search("&" + query, "&roxen_magic_per_u=%25") != -1) {    // Broken Safari detected -  // (http://bugzilla.opendarwin.org/show_bug.cgi?id=6452) +  // (http://bugs.webkit.org/show_bug.cgi?id=6452, historically +  // http://bugzilla.opendarwin.org/show_bug.cgi?id=6452)    // Assume that %u and %U won't occur naturally.    REQUEST_WERR(sprintf("Broken http encoding detected. query=%O\n",    query));
592: Inside #if undefined(DISABLE_SUPPORTS)
   client_var = s_and_v[1];    }    } +     if ( client_var->charset && client_var->charset != "iso-8859-1" )    {    // FIXME: This code is suspect, and probably ought to be removed.
604:   #else    supports = (< "images", "gifinline", "forms", "mailto">);   #endif +     {    int i = search (client, "MSIE");    if (i < 0)
616:    supports->vary = 1;    }    } +     //REQUEST_WERR("HTTP: parse_got(): supports");    if(!referer) referer = ({ }); -  +     if(misc->proxyauth)    {    // The Proxy-authorization header should be removed... So there.
629:    }    raw = tmp2 * "\n";    } +    #ifdef OLD_RXML_CONFIG    if(config_in_url) {    //REQUEST_WERR("HTTP: parse_got(): config_in_url");
636: Inside #if defined(OLD_RXML_CONFIG)
   return 1;    }   #endif +     if(!supports->cookies && !sizeof(config))    config = prestate;    else {
879:       switch(method) {    case "POST": +  // See http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4 +  // for spec of the format of form submissions.    switch(lower_case((((misc["content-type"]||"")+";")/";")[0]-" "))    { -  default: +  default: {    // Normal form data. -  +  // +  // FIXME: This assumes only html forms are ever submitted +  // using http POST, thereby possibly precluding other +  // applications of the http protocol. Using +  // "application/x-www-form-urlencoded" above instead of going +  // here by default would fix that, and I don't think even the +  // lowliest client gets the content type wrong. But still, I +  // refrain from introducing a possible interoperability +  // problem without any tangible benefit. /mast +     string v;       // Oh, the joy of supporting all clients is endless.
900:    // Ok.. This might seem somewhat odd, but IE seems to add a    // (spurious) \r\n to the end of the data, and some versions of    // opera seem to add (spurious) \r\n to the start of the data. -  data = String.trim_all_whites(data); -  l = misc->len = strlen(data); +  if (has_prefix (data, "\r\n")) +  data = data[2..], l = misc->len = l - 2; +  if (has_suffix (data, "\r\n")) +  data = data[..sizeof (data) - 3], l = misc->len = l - 2;    }       foreach(replace(data,"+"," ")/"&", v)
912:    real_variables[ a ] += ({ b });    }    break; +  }    -  case "multipart/form-data": +  case "multipart/form-data": {    object messg = MIME.Message(data, request_headers);    if (!messg->body_parts) {    report_error("HTTP: Bad multipart/form-data.\n"
942:    }    break;    } +  }    break;    }    } else {