|
|
|
'use strict';
|
|
|
|
|
|
|
|
const FreeList = require('internal/freelist').FreeList;
|
|
|
|
const HTTPParser = process.binding('http_parser').HTTPParser;
|
|
|
|
|
|
|
|
const incoming = require('_http_incoming');
|
|
|
|
const IncomingMessage = incoming.IncomingMessage;
|
|
|
|
const readStart = incoming.readStart;
|
|
|
|
const readStop = incoming.readStop;
|
|
|
|
|
|
|
|
const debug = require('util').debuglog('http');
|
|
|
|
exports.debug = debug;
|
|
|
|
|
|
|
|
exports.CRLF = '\r\n';
|
|
|
|
exports.chunkExpression = /chunk/i;
|
|
|
|
exports.continueExpression = /100-continue/i;
|
|
|
|
exports.methods = HTTPParser.methods;
|
|
|
|
|
|
|
|
const kOnHeaders = HTTPParser.kOnHeaders | 0;
|
|
|
|
const kOnHeadersComplete = HTTPParser.kOnHeadersComplete | 0;
|
|
|
|
const kOnBody = HTTPParser.kOnBody | 0;
|
|
|
|
const kOnMessageComplete = HTTPParser.kOnMessageComplete | 0;
|
|
|
|
const kOnExecute = HTTPParser.kOnExecute | 0;
|
|
|
|
|
|
|
|
// Only called in the slow case where slow means
|
|
|
|
// that the request headers were either fragmented
|
|
|
|
// across multiple TCP packets or too large to be
|
|
|
|
// processed in a single run. This method is also
|
|
|
|
// called to process trailing HTTP headers.
|
|
|
|
function parserOnHeaders(headers, url) {
|
|
|
|
// Once we exceeded headers limit - stop collecting them
|
|
|
|
if (this.maxHeaderPairs <= 0 ||
|
|
|
|
this._headers.length < this.maxHeaderPairs) {
|
|
|
|
this._headers = this._headers.concat(headers);
|
|
|
|
}
|
|
|
|
this._url += url;
|
|
|
|
}
|
|
|
|
|
|
|
|
// `headers` and `url` are set only if .onHeaders() has not been called for
|
|
|
|
// this request.
|
|
|
|
// `url` is not set for response parsers but that's not applicable here since
|
|
|
|
// all our parsers are request parsers.
|
|
|
|
function parserOnHeadersComplete(versionMajor, versionMinor, headers, method,
|
|
|
|
url, statusCode, statusMessage, upgrade,
|
|
|
|
shouldKeepAlive) {
|
|
|
|
var parser = this;
|
|
|
|
|
|
|
|
if (!headers) {
|
|
|
|
headers = parser._headers;
|
|
|
|
parser._headers = [];
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!url) {
|
|
|
|
url = parser._url;
|
|
|
|
parser._url = '';
|
|
|
|
}
|
|
|
|
|
|
|
|
parser.incoming = new IncomingMessage(parser.socket);
|
|
|
|
parser.incoming.httpVersionMajor = versionMajor;
|
|
|
|
parser.incoming.httpVersionMinor = versionMinor;
|
|
|
|
parser.incoming.httpVersion = versionMajor + '.' + versionMinor;
|
|
|
|
parser.incoming.url = url;
|
|
|
|
|
|
|
|
var n = headers.length;
|
|
|
|
|
|
|
|
// If parser.maxHeaderPairs <= 0 assume that there's no limit.
|
|
|
|
if (parser.maxHeaderPairs > 0)
|
|
|
|
n = Math.min(n, parser.maxHeaderPairs);
|
|
|
|
|
|
|
|
parser.incoming._addHeaderLines(headers, n);
|
|
|
|
|
|
|
|
if (typeof method === 'number') {
|
|
|
|
// server only
|
|
|
|
parser.incoming.method = HTTPParser.methods[method];
|
|
|
|
} else {
|
|
|
|
// client only
|
|
|
|
parser.incoming.statusCode = statusCode;
|
|
|
|
parser.incoming.statusMessage = statusMessage;
|
|
|
|
}
|
|
|
|
|
|
|
|
// The client made non-upgrade request, and server is just advertising
|
|
|
|
// supported protocols.
|
|
|
|
//
|
|
|
|
// See RFC7230 Section 6.7
|
|
|
|
//
|
|
|
|
// NOTE: RegExp below matches `upgrade` in `Connection: abc, upgrade, def`
|
|
|
|
// header.
|
|
|
|
if (upgrade &&
|
|
|
|
parser.outgoing !== null &&
|
|
|
|
(parser.outgoing._headers.upgrade === undefined ||
|
|
|
|
!/(^|\W)upgrade(\W|$)/i.test(parser.outgoing._headers.connection))) {
|
|
|
|
upgrade = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
parser.incoming.upgrade = upgrade;
|
|
|
|
|
|
|
|
var skipBody = false; // response to HEAD or CONNECT
|
|
|
|
|
|
|
|
if (!upgrade) {
|
|
|
|
// For upgraded connections and CONNECT method request, we'll emit this
|
|
|
|
// after parser.execute so that we can capture the first part of the new
|
|
|
|
// protocol.
|
|
|
|
skipBody = parser.onIncoming(parser.incoming, shouldKeepAlive);
|
|
|
|
}
|
|
|
|
|
|
|
|
return skipBody;
|
|
|
|
}
|
|
|
|
|
|
|
|
// XXX This is a mess.
|
|
|
|
// TODO: http.Parser should be a Writable emits request/response events.
|
|
|
|
function parserOnBody(b, start, len) {
|
|
|
|
var parser = this;
|
|
|
|
var stream = parser.incoming;
|
|
|
|
|
|
|
|
// if the stream has already been removed, then drop it.
|
|
|
|
if (!stream)
|
|
|
|
return;
|
|
|
|
|
|
|
|
var socket = stream.socket;
|
|
|
|
|
|
|
|
// pretend this was the result of a stream._read call.
|
|
|
|
if (len > 0 && !stream._dumped) {
|
|
|
|
var slice = b.slice(start, start + len);
|
|
|
|
var ret = stream.push(slice);
|
|
|
|
if (!ret)
|
|
|
|
readStop(socket);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
function parserOnMessageComplete() {
|
|
|
|
var parser = this;
|
|
|
|
var stream = parser.incoming;
|
|
|
|
|
|
|
|
if (stream) {
|
|
|
|
stream.complete = true;
|
|
|
|
// Emit any trailing headers.
|
|
|
|
var headers = parser._headers;
|
|
|
|
if (headers) {
|
|
|
|
parser.incoming._addHeaderLines(headers, headers.length);
|
|
|
|
parser._headers = [];
|
|
|
|
parser._url = '';
|
|
|
|
}
|
|
|
|
|
|
|
|
// For emit end event
|
|
|
|
stream.push(null);
|
|
|
|
}
|
|
|
|
|
|
|
|
// force to read the next incoming message
|
|
|
|
readStart(parser.socket);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var parsers = new FreeList('parsers', 1000, function() {
|
|
|
|
var parser = new HTTPParser(HTTPParser.REQUEST);
|
|
|
|
|
|
|
|
parser._headers = [];
|
|
|
|
parser._url = '';
|
|
|
|
parser._consumed = false;
|
|
|
|
|
|
|
|
parser.socket = null;
|
|
|
|
parser.incoming = null;
|
|
|
|
parser.outgoing = null;
|
|
|
|
|
|
|
|
// Only called in the slow case where slow means
|
|
|
|
// that the request headers were either fragmented
|
|
|
|
// across multiple TCP packets or too large to be
|
|
|
|
// processed in a single run. This method is also
|
|
|
|
// called to process trailing HTTP headers.
|
|
|
|
parser[kOnHeaders] = parserOnHeaders;
|
|
|
|
parser[kOnHeadersComplete] = parserOnHeadersComplete;
|
|
|
|
parser[kOnBody] = parserOnBody;
|
|
|
|
parser[kOnMessageComplete] = parserOnMessageComplete;
|
|
|
|
parser[kOnExecute] = null;
|
|
|
|
|
|
|
|
return parser;
|
|
|
|
});
|
|
|
|
exports.parsers = parsers;
|
|
|
|
|
|
|
|
|
|
|
|
// Free the parser and also break any links that it
|
|
|
|
// might have to any other things.
|
|
|
|
// TODO: All parser data should be attached to a
|
|
|
|
// single object, so that it can be easily cleaned
|
|
|
|
// up by doing `parser.data = {}`, which should
|
|
|
|
// be done in FreeList.free. `parsers.free(parser)`
|
|
|
|
// should be all that is needed.
|
|
|
|
function freeParser(parser, req, socket) {
|
|
|
|
if (parser) {
|
|
|
|
parser._headers = [];
|
|
|
|
parser.onIncoming = null;
|
|
|
|
if (parser._consumed)
|
|
|
|
parser.unconsume();
|
|
|
|
parser._consumed = false;
|
|
|
|
if (parser.socket)
|
|
|
|
parser.socket.parser = null;
|
|
|
|
parser.socket = null;
|
|
|
|
parser.incoming = null;
|
|
|
|
parser.outgoing = null;
|
|
|
|
parser[kOnExecute] = null;
|
|
|
|
if (parsers.free(parser) === false)
|
|
|
|
parser.close();
|
|
|
|
parser = null;
|
|
|
|
}
|
|
|
|
if (req) {
|
|
|
|
req.parser = null;
|
|
|
|
}
|
|
|
|
if (socket) {
|
|
|
|
socket.parser = null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
exports.freeParser = freeParser;
|
|
|
|
|
|
|
|
|
|
|
|
function ondrain() {
|
|
|
|
if (this._httpMessage) this._httpMessage.emit('drain');
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function httpSocketSetup(socket) {
|
|
|
|
socket.removeListener('drain', ondrain);
|
|
|
|
socket.on('drain', ondrain);
|
|
|
|
}
|
|
|
|
exports.httpSocketSetup = httpSocketSetup;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Verifies that the given val is a valid HTTP token
|
|
|
|
* per the rules defined in RFC 7230
|
|
|
|
* See https://tools.ietf.org/html/rfc7230#section-3.2.6
|
|
|
|
*
|
|
|
|
* This implementation of checkIsHttpToken() loops over the string instead of
|
|
|
|
* using a regular expression since the former is up to 180% faster with v8 4.9
|
|
|
|
* depending on the string length (the shorter the string, the larger the
|
|
|
|
* performance difference)
|
|
|
|
**/
|
|
|
|
function checkIsHttpToken(val) {
|
|
|
|
if (typeof val !== 'string' || val.length === 0)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
for (var i = 0, len = val.length; i < len; i++) {
|
|
|
|
var ch = val.charCodeAt(i);
|
|
|
|
|
|
|
|
if (ch >= 65 && ch <= 90) // A-Z
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (ch >= 97 && ch <= 122) // a-z
|
|
|
|
continue;
|
|
|
|
|
|
|
|
// ^ => 94
|
|
|
|
// _ => 95
|
|
|
|
// ` => 96
|
|
|
|
// | => 124
|
|
|
|
// ~ => 126
|
|
|
|
if (ch === 94 || ch === 95 || ch === 96 || ch === 124 || ch === 126)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
if (ch >= 48 && ch <= 57) // 0-9
|
|
|
|
continue;
|
|
|
|
|
|
|
|
// ! => 33
|
|
|
|
// # => 35
|
|
|
|
// $ => 36
|
|
|
|
// % => 37
|
|
|
|
// & => 38
|
|
|
|
// ' => 39
|
|
|
|
// * => 42
|
|
|
|
// + => 43
|
|
|
|
// - => 45
|
|
|
|
// . => 46
|
|
|
|
if (ch >= 33 && ch <= 46) {
|
|
|
|
if (ch === 34 || ch === 40 || ch === 41 || ch === 44)
|
|
|
|
return false;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
exports._checkIsHttpToken = checkIsHttpToken;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* True if val contains an invalid field-vchar
|
|
|
|
* field-value = *( field-content / obs-fold )
|
|
|
|
* field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
|
|
|
|
* field-vchar = VCHAR / obs-text
|
|
|
|
**/
|
|
|
|
function checkInvalidHeaderChar(val) {
|
|
|
|
val = '' + val;
|
|
|
|
for (var i = 0; i < val.length; i++) {
|
|
|
|
const ch = val.charCodeAt(i);
|
|
|
|
if (ch === 9) continue;
|
|
|
|
if (ch <= 31 || ch > 255 || ch === 127) return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
exports._checkInvalidHeaderChar = checkInvalidHeaderChar;
|