sub get_request { my($self, $only_headers) = @_; if (${*$self}{'httpd_nomore'}) { $self->reason("No more requests from this connection"); return; } $self->reason(""); my $buf = ${*$self}{'httpd_rbuf'}; $buf = "" unless defined $buf; my $timeout = $ {*$self}{'io_socket_timeout'}; my $fdset = ""; vec($fdset, $self->fileno, 1) = 1; local($_); READ_HEADER: while (1) { # loop until we have the whole header in $buf $buf =~ s/^(?:\015?\012)+//; # ignore leading blank lines if ($buf =~ /\012/) { # potential, has at least one line if ($buf =~ /^\w+[^\012]+HTTP\/\d+\.\d+\015?\012/) { if ($buf =~ /\015?\012\015?\012/) { last READ_HEADER; # we have it } elsif (length($buf) > 16*1024) { $self->send_error(413); # REQUEST_ENTITY_TOO_LARGE $self->reason("Very long header"); return; } } else { last READ_HEADER; # HTTP/0.9 client } } elsif (length($buf) > 16*1024) { $self->send_error(414); # REQUEST_URI_TOO_LARGE $self->reason("Very long first line"); return; } print STDERR "Need more data for complete header\n" if $DEBUG; return unless $self->_need_more($buf, $timeout, $fdset); } if ($buf !~ s/^(\S+)[ \t]+(\S+)(?:[ \t]+(HTTP\/\d+\.\d+))?[^\012]*\012//) { ${*$self}{'httpd_client_proto'} = _http_version("HTTP/1.0"); $self->send_error(400); # BAD_REQUEST $self->reason("Bad request line: $buf"); return; } my $method = $1; my $uri = $2; my $proto = $3 || "HTTP/0.9"; $uri = "http://$uri" if $method eq "CONNECT"; $uri = $HTTP::URI_CLASS->new($uri, $self->daemon->url); my $r = HTTP::Request->new($method, $uri); $r->protocol($proto); ${*$self}{'httpd_client_proto'} = $proto = _http_version($proto); ${*$self}{'httpd_head'} = ($method eq "HEAD"); if ($proto >= $HTTP_1_0) { # we expect to find some headers my($key, $val); HEADER: while ($buf =~ s/^([^\012]*)\012//) { $_ = $1; s/\015$//; if (/^([^:\s]+)\s*:\s*(.*)/) { $r->push_header($key, $val) if $key; ($key, $val) = ($1, $2); } elsif (/^\s+(.*)/) { $val .= " $1"; } else { last HEADER; } } $r->push_header($key, $val) if $key; } my $conn = $r->header('Connection'); if ($proto >= $HTTP_1_1) { ${*$self}{'httpd_nomore'}++ if $conn && lc($conn) =~ /\bclose\b/; } else { ${*$self}{'httpd_nomore'}++ unless $conn && lc($conn) =~ /\bkeep-alive\b/; } ### insert content-length check here ### if client is sending more than 10k ### discard request somehow if ($only_headers) { ${*$self}{'httpd_rbuf'} = $buf; return $r; } # Find out how much content to read my $te = $r->header('Transfer-Encoding'); my $ct = $r->header('Content-Type'); my $len = $r->header('Content-Length'); # Act on the Expect header, if it's there for my $e ( $r->header('Expect') ) { if( lc($e) eq '100-continue' ) { $self->send_status_line(100); $self->send_crlf; } else { $self->send_error(417); $self->reason("Unsupported Expect header value"); return; } } if ($te && lc($te) eq 'chunked') { # Handle chunked transfer encoding my $body = ""; CHUNK: while (1) { print STDERR "Chunked\n" if $DEBUG; if ($buf =~ s/^([^\012]*)\012//) { my $chunk_head = $1; unless ($chunk_head =~ /^([0-9A-Fa-f]+)/) { $self->send_error(400); $self->reason("Bad chunk header $chunk_head"); return; } my $size = hex($1); last CHUNK if $size == 0; my $missing = $size - length($buf) + 2; # 2=CRLF at chunk end # must read until we have a complete chunk while ($missing > 0) { print STDERR "Need $missing more bytes\n" if $DEBUG; my $n = $self->_need_more($buf, $timeout, $fdset); return unless $n; $missing -= $n; } $body .= substr($buf, 0, $size); substr($buf, 0, $size+2) = ''; } else { # need more data in order to have a complete chunk header return unless $self->_need_more($buf, $timeout, $fdset); } } $r->content($body); # pretend it was a normal entity body $r->remove_header('Transfer-Encoding'); $r->header('Content-Length', length($body)); my($key, $val); FOOTER: while (1) { if ($buf !~ /\012/) { # need at least one line to look at return unless $self->_need_more($buf, $timeout, $fdset); } else { $buf =~ s/^([^\012]*)\012//; $_ = $1; s/\015$//; if (/^([\w\-]+)\s*:\s*(.*)/) { $r->push_header($key, $val) if $key; ($key, $val) = ($1, $2); } elsif (/^\s+(.*)/) { $val .= " $1"; } elsif (!length) { last FOOTER; } else { $self->reason("Bad footer syntax"); return; } } } $r->push_header($key, $val) if $key; } elsif ($te) { $self->send_error(501); # Unknown transfer encoding $self->reason("Unknown transfer encoding '$te'"); return; } elsif ($len) { # Plain body specified by "Content-Length" my $missing = $len - length($buf); while ($missing > 0) { print "Need $missing more bytes of content\n" if $DEBUG; my $n = $self->_need_more($buf, $timeout, $fdset); ############# insert 10k check here ############# if client lied about sending less than 10k ############# or didn't specify ############# discard request somehow ############# maybe do check in sub _need_more return unless $n; $missing -= $n; } if (length($buf) > $len) { $r->content(substr($buf,0,$len)); substr($buf, 0, $len) = ''; } else { $r->content($buf); $buf=''; } } elsif ($ct && $ct =~ m/^multipart\/\w+\s*;.*boundary\s*=\s*("?)(\w+)\1/i) { # Handle multipart content type my $boundary = "$CRLF--$2--"; my $index; while (1) { $index = index($buf, $boundary); last if $index >= 0; # end marker not yet found return unless $self->_need_more($buf, $timeout, $fdset); } $index += length($boundary); $r->content(substr($buf, 0, $index)); substr($buf, 0, $index) = ''; } ${*$self}{'httpd_rbuf'} = $buf; $r; }