diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-02-11 02:48:15 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-02-11 02:48:15 +0000 |
| commit | d1ec590811a1d4e593c1ba7ad52cee26cef16305 (patch) | |
| tree | f79245a0252441ad145e3b41c991b3ebd7e28eb9 /net/http | |
| parent | 3431b8926e2332f47f5e5eb6f78f512ca6ba286c (diff) | |
| download | chromium_src-d1ec590811a1d4e593c1ba7ad52cee26cef16305.zip chromium_src-d1ec590811a1d4e593c1ba7ad52cee26cef16305.tar.gz chromium_src-d1ec590811a1d4e593c1ba7ad52cee26cef16305.tar.bz2 | |
Sanitize proxy response codes to CONNECT requests. For
anything other than 200 (success) or 400-599 (error), we
rewrite the response code as 500 (internal server error)
to prevent any special handling of the proxy's response to
CONNECT by mistake.
Add a new error code ERR_UNEXPECTED_SERVER_AUTH for a 401
response to a CONNECT request.
Fix nits reported by cpplint.py.
R=darin,eroman
BUG=7338
Review URL: http://codereview.chromium.org/21158
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@9549 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http')
| -rw-r--r-- | net/http/http_network_transaction.cc | 39 | ||||
| -rw-r--r-- | net/http/http_network_transaction_unittest.cc | 3 | ||||
| -rw-r--r-- | net/http/http_response_headers.h | 4 |
3 files changed, 29 insertions, 17 deletions
diff --git a/net/http/http_network_transaction.cc b/net/http/http_network_transaction.cc index 25b21d6..9667cb0 100644 --- a/net/http/http_network_transaction.cc +++ b/net/http/http_network_transaction.cc @@ -827,6 +827,27 @@ int HttpNetworkTransaction::DidReadResponseHeaders() { return ERR_METHOD_NOT_SUPPORTED; } + if (establishing_tunnel_) { + if (headers->response_code() == 200) { + if (header_buf_body_offset_ != header_buf_len_) { + // The proxy sent extraneous data after the headers. + return ERR_TUNNEL_CONNECTION_FAILED; + } + next_state_ = STATE_SSL_CONNECT_OVER_TUNNEL; + // Reset for the real request and response headers. + request_headers_.clear(); + request_headers_bytes_sent_ = 0; + header_buf_len_ = 0; + header_buf_body_offset_ = 0; + establishing_tunnel_ = false; + return OK; + } + // Sanitize any illegal response code for CONNECT to prevent us from + // handling it by mistake. See http://crbug.com/7338. + if (headers->response_code() < 400 || headers->response_code() > 599) + headers->set_response_code(500); // Masquerade as a 500. + } + // Check for an intermediate 100 Continue response. An origin server is // allowed to send this response even if we didn't ask for it, so we just // need to skip over it. @@ -843,21 +864,6 @@ int HttpNetworkTransaction::DidReadResponseHeaders() { return OK; } - if (establishing_tunnel_ && headers->response_code() == 200) { - if (header_buf_body_offset_ != header_buf_len_) { - // The proxy sent extraneous data after the headers. - return ERR_TUNNEL_CONNECTION_FAILED; - } - next_state_ = STATE_SSL_CONNECT_OVER_TUNNEL; - // Reset for the real request and response headers. - request_headers_.clear(); - request_headers_bytes_sent_ = 0; - header_buf_len_ = 0; - header_buf_body_offset_ = 0; - establishing_tunnel_ = false; - return OK; - } - response_.headers = headers; response_.vary_data.Init(*request_, *response_.headers); @@ -1216,6 +1222,9 @@ int HttpNetworkTransaction::HandleAuthChallenge() { if (target == HttpAuth::AUTH_PROXY && proxy_info_.is_direct()) return ERR_UNEXPECTED_PROXY_AUTH; + if (target == HttpAuth::AUTH_SERVER && establishing_tunnel_) + return ERR_UNEXPECTED_SERVER_AUTH; + // The auth we tried just failed, hence it can't be valid. Remove it from // the cache so it won't be used again. if (HaveAuth(target)) diff --git a/net/http/http_network_transaction_unittest.cc b/net/http/http_network_transaction_unittest.cc index 375d62d..1e9f6aad 100644 --- a/net/http/http_network_transaction_unittest.cc +++ b/net/http/http_network_transaction_unittest.cc @@ -207,8 +207,7 @@ net::ProxyService* CreateNullProxyService() { net::ProxyService* CreateFixedProxyService(const std::string& proxy) { net::ProxyInfo proxy_info; proxy_info.UseNamedProxy(proxy); - return new net::ProxyService( - new net::ProxyConfigServiceFixed(proxy_info), NULL); + return net::ProxyService::Create(&proxy_info); } diff --git a/net/http/http_response_headers.h b/net/http/http_response_headers.h index ddd23ac..4158d79 100644 --- a/net/http/http_response_headers.h +++ b/net/http/http_response_headers.h @@ -201,6 +201,10 @@ class HttpResponseHeaders : // response code is not found in the raw headers. int response_code() const { return response_code_; } + // Sets the HTTP response code to the new code. The original HTTP response + // code is still available in the raw and parsed headers. + void set_response_code(int new_code) { response_code_ = new_code; } + // Returns the raw header string. const std::string& raw_headers() const { return raw_headers_; } |