1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim:set ts=4 sw=2 sts=2 et cin: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 // HttpLog.h should generally be included first
8 #include "HttpLog.h"
9
10 #include "mozilla/Unused.h"
11 #include "nsHttpResponseHead.h"
12 #include "nsIHttpHeaderVisitor.h"
13 #include "nsPrintfCString.h"
14 #include "prtime.h"
15 #include "plstr.h"
16 #include "nsURLHelper.h"
17 #include "CacheControlParser.h"
18 #include <algorithm>
19
20 namespace mozilla {
21 namespace net {
22
23 //-----------------------------------------------------------------------------
24 // nsHttpResponseHead <public>
25 //-----------------------------------------------------------------------------
26
27 // Note that the code below MUST be synchronized with the IPC
28 // serialization/deserialization in PHttpChannelParams.h.
nsHttpResponseHead(const nsHttpResponseHead & aOther)29 nsHttpResponseHead::nsHttpResponseHead(const nsHttpResponseHead& aOther)
30 : mRecursiveMutex("nsHttpResponseHead.mRecursiveMutex"),
31 mInVisitHeaders(false) {
32 nsHttpResponseHead& other = const_cast<nsHttpResponseHead&>(aOther);
33 RecursiveMutexAutoLock monitor(other.mRecursiveMutex);
34
35 mHeaders = other.mHeaders;
36 mVersion = other.mVersion;
37 mStatus = other.mStatus;
38 mStatusText = other.mStatusText;
39 mContentLength = other.mContentLength;
40 mContentType = other.mContentType;
41 mContentCharset = other.mContentCharset;
42 mCacheControlPublic = other.mCacheControlPublic;
43 mCacheControlPrivate = other.mCacheControlPrivate;
44 mCacheControlNoStore = other.mCacheControlNoStore;
45 mCacheControlNoCache = other.mCacheControlNoCache;
46 mCacheControlImmutable = other.mCacheControlImmutable;
47 mCacheControlStaleWhileRevalidateSet =
48 other.mCacheControlStaleWhileRevalidateSet;
49 mCacheControlStaleWhileRevalidate = other.mCacheControlStaleWhileRevalidate;
50 mCacheControlMaxAgeSet = other.mCacheControlMaxAgeSet;
51 mCacheControlMaxAge = other.mCacheControlMaxAge;
52 mPragmaNoCache = other.mPragmaNoCache;
53 }
54
operator =(const nsHttpResponseHead & aOther)55 nsHttpResponseHead& nsHttpResponseHead::operator=(
56 const nsHttpResponseHead& aOther) {
57 nsHttpResponseHead& other = const_cast<nsHttpResponseHead&>(aOther);
58 RecursiveMutexAutoLock monitorOther(other.mRecursiveMutex);
59 RecursiveMutexAutoLock monitor(mRecursiveMutex);
60
61 mHeaders = other.mHeaders;
62 mVersion = other.mVersion;
63 mStatus = other.mStatus;
64 mStatusText = other.mStatusText;
65 mContentLength = other.mContentLength;
66 mContentType = other.mContentType;
67 mContentCharset = other.mContentCharset;
68 mCacheControlPublic = other.mCacheControlPublic;
69 mCacheControlPrivate = other.mCacheControlPrivate;
70 mCacheControlNoStore = other.mCacheControlNoStore;
71 mCacheControlNoCache = other.mCacheControlNoCache;
72 mCacheControlImmutable = other.mCacheControlImmutable;
73 mCacheControlStaleWhileRevalidateSet =
74 other.mCacheControlStaleWhileRevalidateSet;
75 mCacheControlStaleWhileRevalidate = other.mCacheControlStaleWhileRevalidate;
76 mCacheControlMaxAgeSet = other.mCacheControlMaxAgeSet;
77 mCacheControlMaxAge = other.mCacheControlMaxAge;
78 mPragmaNoCache = other.mPragmaNoCache;
79
80 return *this;
81 }
82
Version()83 HttpVersion nsHttpResponseHead::Version() {
84 RecursiveMutexAutoLock monitor(mRecursiveMutex);
85 return mVersion;
86 }
87
Status() const88 uint16_t nsHttpResponseHead::Status() const {
89 RecursiveMutexAutoLock monitor(mRecursiveMutex);
90 return mStatus;
91 }
92
StatusText(nsACString & aStatusText)93 void nsHttpResponseHead::StatusText(nsACString& aStatusText) {
94 RecursiveMutexAutoLock monitor(mRecursiveMutex);
95 aStatusText = mStatusText;
96 }
97
ContentLength()98 int64_t nsHttpResponseHead::ContentLength() {
99 RecursiveMutexAutoLock monitor(mRecursiveMutex);
100 return mContentLength;
101 }
102
ContentType(nsACString & aContentType) const103 void nsHttpResponseHead::ContentType(nsACString& aContentType) const {
104 RecursiveMutexAutoLock monitor(mRecursiveMutex);
105 aContentType = mContentType;
106 }
107
ContentCharset(nsACString & aContentCharset)108 void nsHttpResponseHead::ContentCharset(nsACString& aContentCharset) {
109 RecursiveMutexAutoLock monitor(mRecursiveMutex);
110 aContentCharset = mContentCharset;
111 }
112
Public()113 bool nsHttpResponseHead::Public() {
114 RecursiveMutexAutoLock monitor(mRecursiveMutex);
115 return mCacheControlPublic;
116 }
117
Private()118 bool nsHttpResponseHead::Private() {
119 RecursiveMutexAutoLock monitor(mRecursiveMutex);
120 return mCacheControlPrivate;
121 }
122
NoStore()123 bool nsHttpResponseHead::NoStore() {
124 RecursiveMutexAutoLock monitor(mRecursiveMutex);
125 return mCacheControlNoStore;
126 }
127
NoCache()128 bool nsHttpResponseHead::NoCache() {
129 RecursiveMutexAutoLock monitor(mRecursiveMutex);
130 return (mCacheControlNoCache || mPragmaNoCache);
131 }
132
Immutable()133 bool nsHttpResponseHead::Immutable() {
134 RecursiveMutexAutoLock monitor(mRecursiveMutex);
135 return mCacheControlImmutable;
136 }
137
SetHeader(const nsACString & hdr,const nsACString & val,bool merge)138 nsresult nsHttpResponseHead::SetHeader(const nsACString& hdr,
139 const nsACString& val, bool merge) {
140 RecursiveMutexAutoLock monitor(mRecursiveMutex);
141
142 if (mInVisitHeaders) {
143 return NS_ERROR_FAILURE;
144 }
145
146 nsHttpAtom atom = nsHttp::ResolveAtom(PromiseFlatCString(hdr).get());
147 if (!atom) {
148 NS_WARNING("failed to resolve atom");
149 return NS_ERROR_NOT_AVAILABLE;
150 }
151
152 return SetHeader_locked(atom, hdr, val, merge);
153 }
154
SetHeader(nsHttpAtom hdr,const nsACString & val,bool merge)155 nsresult nsHttpResponseHead::SetHeader(nsHttpAtom hdr, const nsACString& val,
156 bool merge) {
157 RecursiveMutexAutoLock monitor(mRecursiveMutex);
158
159 if (mInVisitHeaders) {
160 return NS_ERROR_FAILURE;
161 }
162
163 return SetHeader_locked(hdr, EmptyCString(), val, merge);
164 }
165
SetHeader_locked(nsHttpAtom atom,const nsACString & hdr,const nsACString & val,bool merge)166 nsresult nsHttpResponseHead::SetHeader_locked(nsHttpAtom atom,
167 const nsACString& hdr,
168 const nsACString& val,
169 bool merge) {
170 nsresult rv = mHeaders.SetHeader(atom, hdr, val, merge,
171 nsHttpHeaderArray::eVarietyResponse);
172 if (NS_FAILED(rv)) return rv;
173
174 // respond to changes in these headers. we need to reparse the entire
175 // header since the change may have merged in additional values.
176 if (atom == nsHttp::Cache_Control)
177 ParseCacheControl(mHeaders.PeekHeader(atom));
178 else if (atom == nsHttp::Pragma)
179 ParsePragma(mHeaders.PeekHeader(atom));
180
181 return NS_OK;
182 }
183
GetHeader(nsHttpAtom h,nsACString & v)184 nsresult nsHttpResponseHead::GetHeader(nsHttpAtom h, nsACString& v) {
185 v.Truncate();
186 RecursiveMutexAutoLock monitor(mRecursiveMutex);
187 return mHeaders.GetHeader(h, v);
188 }
189
ClearHeader(nsHttpAtom h)190 void nsHttpResponseHead::ClearHeader(nsHttpAtom h) {
191 RecursiveMutexAutoLock monitor(mRecursiveMutex);
192 mHeaders.ClearHeader(h);
193 }
194
ClearHeaders()195 void nsHttpResponseHead::ClearHeaders() {
196 RecursiveMutexAutoLock monitor(mRecursiveMutex);
197 mHeaders.Clear();
198 }
199
HasHeaderValue(nsHttpAtom h,const char * v)200 bool nsHttpResponseHead::HasHeaderValue(nsHttpAtom h, const char* v) {
201 RecursiveMutexAutoLock monitor(mRecursiveMutex);
202 return mHeaders.HasHeaderValue(h, v);
203 }
204
HasHeader(nsHttpAtom h) const205 bool nsHttpResponseHead::HasHeader(nsHttpAtom h) const {
206 RecursiveMutexAutoLock monitor(mRecursiveMutex);
207 return mHeaders.HasHeader(h);
208 }
209
SetContentType(const nsACString & s)210 void nsHttpResponseHead::SetContentType(const nsACString& s) {
211 RecursiveMutexAutoLock monitor(mRecursiveMutex);
212 mContentType = s;
213 }
214
SetContentCharset(const nsACString & s)215 void nsHttpResponseHead::SetContentCharset(const nsACString& s) {
216 RecursiveMutexAutoLock monitor(mRecursiveMutex);
217 mContentCharset = s;
218 }
219
SetContentLength(int64_t len)220 void nsHttpResponseHead::SetContentLength(int64_t len) {
221 RecursiveMutexAutoLock monitor(mRecursiveMutex);
222
223 mContentLength = len;
224 if (len < 0)
225 mHeaders.ClearHeader(nsHttp::Content_Length);
226 else {
227 DebugOnly<nsresult> rv = mHeaders.SetHeader(
228 nsHttp::Content_Length, nsPrintfCString("%" PRId64, len), false,
229 nsHttpHeaderArray::eVarietyResponse);
230 MOZ_ASSERT(NS_SUCCEEDED(rv));
231 }
232 }
233
Flatten(nsACString & buf,bool pruneTransients)234 void nsHttpResponseHead::Flatten(nsACString& buf, bool pruneTransients) {
235 RecursiveMutexAutoLock monitor(mRecursiveMutex);
236 if (mVersion == HttpVersion::v0_9) return;
237
238 buf.AppendLiteral("HTTP/");
239 if (mVersion == HttpVersion::v3_0) {
240 buf.AppendLiteral("3 ");
241 } else if (mVersion == HttpVersion::v2_0) {
242 buf.AppendLiteral("2 ");
243 } else if (mVersion == HttpVersion::v1_1) {
244 buf.AppendLiteral("1.1 ");
245 } else {
246 buf.AppendLiteral("1.0 ");
247 }
248
249 buf.Append(nsPrintfCString("%u", unsigned(mStatus)) +
250 NS_LITERAL_CSTRING(" ") + mStatusText +
251 NS_LITERAL_CSTRING("\r\n"));
252
253 mHeaders.Flatten(buf, false, pruneTransients);
254 }
255
FlattenNetworkOriginalHeaders(nsACString & buf)256 void nsHttpResponseHead::FlattenNetworkOriginalHeaders(nsACString& buf) {
257 RecursiveMutexAutoLock monitor(mRecursiveMutex);
258 if (mVersion == HttpVersion::v0_9) {
259 return;
260 }
261
262 mHeaders.FlattenOriginalHeader(buf);
263 }
264
ParseCachedHead(const char * block)265 nsresult nsHttpResponseHead::ParseCachedHead(const char* block) {
266 RecursiveMutexAutoLock monitor(mRecursiveMutex);
267 LOG(("nsHttpResponseHead::ParseCachedHead [this=%p]\n", this));
268
269 // this command works on a buffer as prepared by Flatten, as such it is
270 // not very forgiving ;-)
271
272 char* p = PL_strstr(block, "\r\n");
273 if (!p) return NS_ERROR_UNEXPECTED;
274
275 ParseStatusLine_locked(nsDependentCSubstring(block, p - block));
276
277 do {
278 block = p + 2;
279
280 if (*block == 0) break;
281
282 p = PL_strstr(block, "\r\n");
283 if (!p) return NS_ERROR_UNEXPECTED;
284
285 Unused << ParseHeaderLine_locked(nsDependentCSubstring(block, p - block),
286 false);
287
288 } while (true);
289
290 return NS_OK;
291 }
292
ParseCachedOriginalHeaders(char * block)293 nsresult nsHttpResponseHead::ParseCachedOriginalHeaders(char* block) {
294 RecursiveMutexAutoLock monitor(mRecursiveMutex);
295 LOG(("nsHttpResponseHead::ParseCachedOriginalHeader [this=%p]\n", this));
296
297 // this command works on a buffer as prepared by FlattenOriginalHeader,
298 // as such it is not very forgiving ;-)
299
300 if (!block) {
301 return NS_ERROR_UNEXPECTED;
302 }
303
304 char* p = block;
305 nsHttpAtom hdr;
306 nsAutoCString headerNameOriginal;
307 nsAutoCString val;
308 nsresult rv;
309
310 do {
311 block = p;
312
313 if (*block == 0) break;
314
315 p = PL_strstr(block, "\r\n");
316 if (!p) return NS_ERROR_UNEXPECTED;
317
318 *p = 0;
319 if (NS_FAILED(nsHttpHeaderArray::ParseHeaderLine(
320 nsDependentCString(block, p - block), &hdr, &headerNameOriginal,
321 &val))) {
322 return NS_OK;
323 }
324
325 rv = mHeaders.SetResponseHeaderFromCache(
326 hdr, headerNameOriginal, val,
327 nsHttpHeaderArray::eVarietyResponseNetOriginal);
328
329 if (NS_FAILED(rv)) {
330 return rv;
331 }
332
333 p = p + 2;
334 } while (true);
335
336 return NS_OK;
337 }
338
AssignDefaultStatusText()339 void nsHttpResponseHead::AssignDefaultStatusText() {
340 LOG(("response status line needs default reason phrase\n"));
341
342 // if a http response doesn't contain a reason phrase, put one in based
343 // on the status code. The reason phrase is totally meaningless so its
344 // ok to have a default catch all here - but this makes debuggers and addons
345 // a little saner to use if we don't map things to "404 OK" or other nonsense.
346 // In particular, HTTP/2 does not use reason phrases at all so they need to
347 // always be injected.
348
349 switch (mStatus) {
350 // start with the most common
351 case 200:
352 mStatusText.AssignLiteral("OK");
353 break;
354 case 404:
355 mStatusText.AssignLiteral("Not Found");
356 break;
357 case 301:
358 mStatusText.AssignLiteral("Moved Permanently");
359 break;
360 case 304:
361 mStatusText.AssignLiteral("Not Modified");
362 break;
363 case 307:
364 mStatusText.AssignLiteral("Temporary Redirect");
365 break;
366 case 500:
367 mStatusText.AssignLiteral("Internal Server Error");
368 break;
369
370 // also well known
371 case 100:
372 mStatusText.AssignLiteral("Continue");
373 break;
374 case 101:
375 mStatusText.AssignLiteral("Switching Protocols");
376 break;
377 case 201:
378 mStatusText.AssignLiteral("Created");
379 break;
380 case 202:
381 mStatusText.AssignLiteral("Accepted");
382 break;
383 case 203:
384 mStatusText.AssignLiteral("Non Authoritative");
385 break;
386 case 204:
387 mStatusText.AssignLiteral("No Content");
388 break;
389 case 205:
390 mStatusText.AssignLiteral("Reset Content");
391 break;
392 case 206:
393 mStatusText.AssignLiteral("Partial Content");
394 break;
395 case 207:
396 mStatusText.AssignLiteral("Multi-Status");
397 break;
398 case 208:
399 mStatusText.AssignLiteral("Already Reported");
400 break;
401 case 300:
402 mStatusText.AssignLiteral("Multiple Choices");
403 break;
404 case 302:
405 mStatusText.AssignLiteral("Found");
406 break;
407 case 303:
408 mStatusText.AssignLiteral("See Other");
409 break;
410 case 305:
411 mStatusText.AssignLiteral("Use Proxy");
412 break;
413 case 308:
414 mStatusText.AssignLiteral("Permanent Redirect");
415 break;
416 case 400:
417 mStatusText.AssignLiteral("Bad Request");
418 break;
419 case 401:
420 mStatusText.AssignLiteral("Unauthorized");
421 break;
422 case 402:
423 mStatusText.AssignLiteral("Payment Required");
424 break;
425 case 403:
426 mStatusText.AssignLiteral("Forbidden");
427 break;
428 case 405:
429 mStatusText.AssignLiteral("Method Not Allowed");
430 break;
431 case 406:
432 mStatusText.AssignLiteral("Not Acceptable");
433 break;
434 case 407:
435 mStatusText.AssignLiteral("Proxy Authentication Required");
436 break;
437 case 408:
438 mStatusText.AssignLiteral("Request Timeout");
439 break;
440 case 409:
441 mStatusText.AssignLiteral("Conflict");
442 break;
443 case 410:
444 mStatusText.AssignLiteral("Gone");
445 break;
446 case 411:
447 mStatusText.AssignLiteral("Length Required");
448 break;
449 case 412:
450 mStatusText.AssignLiteral("Precondition Failed");
451 break;
452 case 413:
453 mStatusText.AssignLiteral("Request Entity Too Large");
454 break;
455 case 414:
456 mStatusText.AssignLiteral("Request URI Too Long");
457 break;
458 case 415:
459 mStatusText.AssignLiteral("Unsupported Media Type");
460 break;
461 case 416:
462 mStatusText.AssignLiteral("Requested Range Not Satisfiable");
463 break;
464 case 417:
465 mStatusText.AssignLiteral("Expectation Failed");
466 break;
467 case 421:
468 mStatusText.AssignLiteral("Misdirected Request");
469 break;
470 case 501:
471 mStatusText.AssignLiteral("Not Implemented");
472 break;
473 case 502:
474 mStatusText.AssignLiteral("Bad Gateway");
475 break;
476 case 503:
477 mStatusText.AssignLiteral("Service Unavailable");
478 break;
479 case 504:
480 mStatusText.AssignLiteral("Gateway Timeout");
481 break;
482 case 505:
483 mStatusText.AssignLiteral("HTTP Version Unsupported");
484 break;
485 default:
486 mStatusText.AssignLiteral("No Reason Phrase");
487 break;
488 }
489 }
490
ParseStatusLine(const nsACString & line)491 void nsHttpResponseHead::ParseStatusLine(const nsACString& line) {
492 RecursiveMutexAutoLock monitor(mRecursiveMutex);
493 ParseStatusLine_locked(line);
494 }
495
ParseStatusLine_locked(const nsACString & line)496 void nsHttpResponseHead::ParseStatusLine_locked(const nsACString& line) {
497 //
498 // Parse Status-Line:: HTTP-Version SP Status-Code SP Reason-Phrase CRLF
499 //
500
501 const char* start = line.BeginReading();
502 const char* end = line.EndReading();
503 const char* p = start;
504
505 // HTTP-Version
506 ParseVersion(start);
507
508 int32_t index = line.FindChar(' ');
509
510 if ((mVersion == HttpVersion::v0_9) || (index == -1)) {
511 mStatus = 200;
512 AssignDefaultStatusText();
513 } else {
514 // Status-Code
515 p += index + 1;
516 mStatus = (uint16_t)atoi(p);
517 if (mStatus == 0) {
518 LOG(("mal-formed response status; assuming status = 200\n"));
519 mStatus = 200;
520 }
521
522 // Reason-Phrase is whatever is remaining of the line
523 index = line.FindChar(' ', p - start);
524 if (index == -1) {
525 AssignDefaultStatusText();
526 } else {
527 p = start + index + 1;
528 mStatusText = nsDependentCSubstring(p, end - p);
529 }
530 }
531
532 LOG1(("Have status line [version=%u status=%u statusText=%s]\n",
533 unsigned(mVersion), unsigned(mStatus), mStatusText.get()));
534 }
535
ParseHeaderLine(const nsACString & line)536 nsresult nsHttpResponseHead::ParseHeaderLine(const nsACString& line) {
537 RecursiveMutexAutoLock monitor(mRecursiveMutex);
538 return ParseHeaderLine_locked(line, true);
539 }
540
ParseHeaderLine_locked(const nsACString & line,bool originalFromNetHeaders)541 nsresult nsHttpResponseHead::ParseHeaderLine_locked(
542 const nsACString& line, bool originalFromNetHeaders) {
543 nsHttpAtom hdr;
544 nsAutoCString headerNameOriginal;
545 nsAutoCString val;
546
547 if (NS_FAILED(nsHttpHeaderArray::ParseHeaderLine(
548 line, &hdr, &headerNameOriginal, &val))) {
549 return NS_OK;
550 }
551 nsresult rv;
552 if (originalFromNetHeaders) {
553 rv = mHeaders.SetHeaderFromNet(hdr, headerNameOriginal, val, true);
554 } else {
555 rv = mHeaders.SetResponseHeaderFromCache(
556 hdr, headerNameOriginal, val, nsHttpHeaderArray::eVarietyResponse);
557 }
558 if (NS_FAILED(rv)) {
559 return rv;
560 }
561
562 // leading and trailing LWS has been removed from |val|
563
564 // handle some special case headers...
565 if (hdr == nsHttp::Content_Length) {
566 int64_t len;
567 const char* ignored;
568 // permit only a single value here.
569 if (nsHttp::ParseInt64(val.get(), &ignored, &len)) {
570 mContentLength = len;
571 } else {
572 // If this is a negative content length then just ignore it
573 LOG(("invalid content-length! %s\n", val.get()));
574 }
575 } else if (hdr == nsHttp::Content_Type) {
576 LOG(("ParseContentType [type=%s]\n", val.get()));
577 bool dummy;
578 net_ParseContentType(val, mContentType, mContentCharset, &dummy);
579 } else if (hdr == nsHttp::Cache_Control)
580 ParseCacheControl(val.get());
581 else if (hdr == nsHttp::Pragma)
582 ParsePragma(val.get());
583 return NS_OK;
584 }
585
586 // From section 13.2.3 of RFC2616, we compute the current age of a cached
587 // response as follows:
588 //
589 // currentAge = max(max(0, responseTime - dateValue), ageValue)
590 // + now - requestTime
591 //
592 // where responseTime == now
593 //
594 // This is typically a very small number.
595 //
ComputeCurrentAge(uint32_t now,uint32_t requestTime,uint32_t * result)596 nsresult nsHttpResponseHead::ComputeCurrentAge(uint32_t now,
597 uint32_t requestTime,
598 uint32_t* result) {
599 RecursiveMutexAutoLock monitor(mRecursiveMutex);
600 uint32_t dateValue;
601 uint32_t ageValue;
602
603 *result = 0;
604
605 if (requestTime > now) {
606 // for calculation purposes lets not allow the request to happen in the
607 // future
608 requestTime = now;
609 }
610
611 if (NS_FAILED(GetDateValue_locked(&dateValue))) {
612 LOG(
613 ("nsHttpResponseHead::ComputeCurrentAge [this=%p] "
614 "Date response header not set!\n",
615 this));
616 // Assume we have a fast connection and that our clock
617 // is in sync with the server.
618 dateValue = now;
619 }
620
621 // Compute apparent age
622 if (now > dateValue) *result = now - dateValue;
623
624 // Compute corrected received age
625 if (NS_SUCCEEDED(GetAgeValue_locked(&ageValue)))
626 *result = std::max(*result, ageValue);
627
628 // Compute current age
629 *result += (now - requestTime);
630 return NS_OK;
631 }
632
633 // From section 13.2.4 of RFC2616, we compute the freshness lifetime of a cached
634 // response as follows:
635 //
636 // freshnessLifetime = max_age_value
637 // <or>
638 // freshnessLifetime = expires_value - date_value
639 // <or>
640 // freshnessLifetime = min(one-week,
641 // (date_value - last_modified_value) * 0.10)
642 // <or>
643 // freshnessLifetime = 0
644 //
ComputeFreshnessLifetime(uint32_t * result)645 nsresult nsHttpResponseHead::ComputeFreshnessLifetime(uint32_t* result) {
646 RecursiveMutexAutoLock monitor(mRecursiveMutex);
647 *result = 0;
648
649 // Try HTTP/1.1 style max-age directive...
650 if (NS_SUCCEEDED(GetMaxAgeValue_locked(result))) return NS_OK;
651
652 *result = 0;
653
654 uint32_t date = 0, date2 = 0;
655 if (NS_FAILED(GetDateValue_locked(&date)))
656 date = NowInSeconds(); // synthesize a date header if none exists
657
658 // Try HTTP/1.0 style expires header...
659 if (NS_SUCCEEDED(GetExpiresValue_locked(&date2))) {
660 if (date2 > date) *result = date2 - date;
661 // the Expires header can specify a date in the past.
662 return NS_OK;
663 }
664
665 // These responses can be cached indefinitely.
666 if ((mStatus == 300) || (mStatus == 410) ||
667 nsHttp::IsPermanentRedirect(mStatus)) {
668 LOG(
669 ("nsHttpResponseHead::ComputeFreshnessLifetime [this = %p] "
670 "Assign an infinite heuristic lifetime\n",
671 this));
672 *result = uint32_t(-1);
673 return NS_OK;
674 }
675
676 if (mStatus >= 400) {
677 LOG(
678 ("nsHttpResponseHead::ComputeFreshnessLifetime [this = %p] "
679 "Do not calculate heuristic max-age for most responses >= 400\n",
680 this));
681 return NS_OK;
682 }
683
684 // From RFC 7234 Section 4.2.2, heuristics can only be used on responses
685 // without explicit freshness whose status codes are defined as cacheable
686 // by default, and those responses without explicit freshness that have been
687 // marked as explicitly cacheable.
688 // Note that |MustValidate| handled most of non-cacheable status codes.
689 if ((mStatus == 302 || mStatus == 304 || mStatus == 307) &&
690 !mCacheControlPublic && !mCacheControlPrivate) {
691 LOG((
692 "nsHttpResponseHead::ComputeFreshnessLifetime [this = %p] "
693 "Do not calculate heuristic max-age for non-cacheable status code %u\n",
694 this, unsigned(mStatus)));
695 return NS_OK;
696 }
697
698 // Fallback on heuristic using last modified header...
699 if (NS_SUCCEEDED(GetLastModifiedValue_locked(&date2))) {
700 LOG(("using last-modified to determine freshness-lifetime\n"));
701 LOG(("last-modified = %u, date = %u\n", date2, date));
702 if (date2 <= date) {
703 // this only makes sense if last-modified is actually in the past
704 *result = (date - date2) / 10;
705 const uint32_t kOneWeek = 60 * 60 * 24 * 7;
706 *result = std::min(kOneWeek, *result);
707 return NS_OK;
708 }
709 }
710
711 LOG(
712 ("nsHttpResponseHead::ComputeFreshnessLifetime [this = %p] "
713 "Insufficient information to compute a non-zero freshness "
714 "lifetime!\n",
715 this));
716
717 return NS_OK;
718 }
719
MustValidate()720 bool nsHttpResponseHead::MustValidate() {
721 RecursiveMutexAutoLock monitor(mRecursiveMutex);
722 LOG(("nsHttpResponseHead::MustValidate ??\n"));
723
724 // Some response codes are cacheable, but the rest are not. This switch should
725 // stay in sync with the list in nsHttpChannel::ContinueProcessResponse3
726 switch (mStatus) {
727 // Success codes
728 case 200:
729 case 203:
730 case 204:
731 case 206:
732 // Cacheable redirects
733 case 300:
734 case 301:
735 case 302:
736 case 304:
737 case 307:
738 case 308:
739 // Gone forever
740 case 410:
741 break;
742 // Uncacheable redirects
743 case 303:
744 case 305:
745 // Other known errors
746 case 401:
747 case 407:
748 case 412:
749 case 416:
750 case 425:
751 case 429:
752 default: // revalidate unknown error pages
753 LOG(("Must validate since response is an uncacheable error page\n"));
754 return true;
755 }
756
757 // The no-cache response header indicates that we must validate this
758 // cached response before reusing.
759 if (mCacheControlNoCache || mPragmaNoCache) {
760 LOG(("Must validate since response contains 'no-cache' header\n"));
761 return true;
762 }
763
764 // Likewise, if the response is no-store, then we must validate this
765 // cached response before reusing. NOTE: it may seem odd that a no-store
766 // response may be cached, but indeed all responses are cached in order
767 // to support File->SaveAs, View->PageSource, and other browser features.
768 if (mCacheControlNoStore) {
769 LOG(("Must validate since response contains 'no-store' header\n"));
770 return true;
771 }
772
773 // Compare the Expires header to the Date header. If the server sent an
774 // Expires header with a timestamp in the past, then we must validate this
775 // cached response before reusing.
776 if (ExpiresInPast_locked()) {
777 LOG(("Must validate since Expires < Date\n"));
778 return true;
779 }
780
781 LOG(("no mandatory validation requirement\n"));
782 return false;
783 }
784
MustValidateIfExpired()785 bool nsHttpResponseHead::MustValidateIfExpired() {
786 // according to RFC2616, section 14.9.4:
787 //
788 // When the must-revalidate directive is present in a response received by a
789 // cache, that cache MUST NOT use the entry after it becomes stale to respond
790 // to a subsequent request without first revalidating it with the origin
791 // server.
792 //
793 return HasHeaderValue(nsHttp::Cache_Control, "must-revalidate");
794 }
795
StaleWhileRevalidate(uint32_t now,uint32_t expiration)796 bool nsHttpResponseHead::StaleWhileRevalidate(uint32_t now,
797 uint32_t expiration) {
798 RecursiveMutexAutoLock monitor(mRecursiveMutex);
799
800 if (expiration <= 0 || !mCacheControlStaleWhileRevalidateSet) {
801 return false;
802 }
803
804 // 'expiration' is the expiration time (an absolute unit), the swr window
805 // extends the expiration time.
806 CheckedInt<uint32_t> stallValidUntil = expiration;
807 stallValidUntil += mCacheControlStaleWhileRevalidate;
808 if (!stallValidUntil.isValid()) {
809 // overflow means an indefinite stale window
810 return true;
811 }
812
813 if (now > stallValidUntil.value()) {
814 return false;
815 }
816
817 return true;
818 }
819
IsResumable()820 bool nsHttpResponseHead::IsResumable() {
821 RecursiveMutexAutoLock monitor(mRecursiveMutex);
822 // even though some HTTP/1.0 servers may support byte range requests, we're
823 // not going to bother with them, since those servers wouldn't understand
824 // If-Range. Also, while in theory it may be possible to resume when the
825 // status code is not 200, it is unlikely to be worth the trouble, especially
826 // for non-2xx responses.
827 return mStatus == 200 && mVersion >= HttpVersion::v1_1 &&
828 mHeaders.PeekHeader(nsHttp::Content_Length) &&
829 (mHeaders.PeekHeader(nsHttp::ETag) ||
830 mHeaders.PeekHeader(nsHttp::Last_Modified)) &&
831 mHeaders.HasHeaderValue(nsHttp::Accept_Ranges, "bytes");
832 }
833
ExpiresInPast()834 bool nsHttpResponseHead::ExpiresInPast() {
835 RecursiveMutexAutoLock monitor(mRecursiveMutex);
836 return ExpiresInPast_locked();
837 }
838
ExpiresInPast_locked() const839 bool nsHttpResponseHead::ExpiresInPast_locked() const {
840 uint32_t maxAgeVal, expiresVal, dateVal;
841
842 // Bug #203271. Ensure max-age directive takes precedence over Expires
843 if (NS_SUCCEEDED(GetMaxAgeValue_locked(&maxAgeVal))) {
844 return false;
845 }
846
847 return NS_SUCCEEDED(GetExpiresValue_locked(&expiresVal)) &&
848 NS_SUCCEEDED(GetDateValue_locked(&dateVal)) && expiresVal < dateVal;
849 }
850
UpdateHeaders(nsHttpResponseHead * aOther)851 void nsHttpResponseHead::UpdateHeaders(nsHttpResponseHead* aOther) {
852 LOG(("nsHttpResponseHead::UpdateHeaders [this=%p]\n", this));
853
854 RecursiveMutexAutoLock monitor(mRecursiveMutex);
855 RecursiveMutexAutoLock monitorOther(aOther->mRecursiveMutex);
856
857 uint32_t i, count = aOther->mHeaders.Count();
858 for (i = 0; i < count; ++i) {
859 nsHttpAtom header;
860 nsAutoCString headerNameOriginal;
861 const char* val =
862 aOther->mHeaders.PeekHeaderAt(i, header, headerNameOriginal);
863
864 if (!val) {
865 continue;
866 }
867
868 // Ignore any hop-by-hop headers...
869 if (header == nsHttp::Connection || header == nsHttp::Proxy_Connection ||
870 header == nsHttp::Keep_Alive || header == nsHttp::Proxy_Authenticate ||
871 header == nsHttp::Proxy_Authorization || // not a response header!
872 header == nsHttp::TE || header == nsHttp::Trailer ||
873 header == nsHttp::Transfer_Encoding || header == nsHttp::Upgrade ||
874 // Ignore any non-modifiable headers...
875 header == nsHttp::Content_Location || header == nsHttp::Content_MD5 ||
876 header == nsHttp::ETag ||
877 // Assume Cache-Control: "no-transform"
878 header == nsHttp::Content_Encoding || header == nsHttp::Content_Range ||
879 header == nsHttp::Content_Type ||
880 // Ignore wacky headers too...
881 // this one is for MS servers that send "Content-Length: 0"
882 // on 304 responses
883 header == nsHttp::Content_Length) {
884 LOG(("ignoring response header [%s: %s]\n", header.get(), val));
885 } else {
886 LOG(("new response header [%s: %s]\n", header.get(), val));
887
888 // overwrite the current header value with the new value...
889 DebugOnly<nsresult> rv =
890 SetHeader_locked(header, headerNameOriginal, nsDependentCString(val));
891 MOZ_ASSERT(NS_SUCCEEDED(rv));
892 }
893 }
894 }
895
Reset()896 void nsHttpResponseHead::Reset() {
897 LOG(("nsHttpResponseHead::Reset\n"));
898
899 RecursiveMutexAutoLock monitor(mRecursiveMutex);
900
901 mHeaders.Clear();
902
903 mVersion = HttpVersion::v1_1;
904 mStatus = 200;
905 mContentLength = -1;
906 mCacheControlPublic = false;
907 mCacheControlPrivate = false;
908 mCacheControlNoStore = false;
909 mCacheControlNoCache = false;
910 mCacheControlImmutable = false;
911 mCacheControlStaleWhileRevalidateSet = false;
912 mCacheControlStaleWhileRevalidate = 0;
913 mCacheControlMaxAgeSet = false;
914 mCacheControlMaxAge = 0;
915 mPragmaNoCache = false;
916 mStatusText.Truncate();
917 mContentType.Truncate();
918 mContentCharset.Truncate();
919 }
920
ParseDateHeader(nsHttpAtom header,uint32_t * result) const921 nsresult nsHttpResponseHead::ParseDateHeader(nsHttpAtom header,
922 uint32_t* result) const {
923 const char* val = mHeaders.PeekHeader(header);
924 if (!val) return NS_ERROR_NOT_AVAILABLE;
925
926 PRTime time;
927 PRStatus st = PR_ParseTimeString(val, true, &time);
928 if (st != PR_SUCCESS) return NS_ERROR_NOT_AVAILABLE;
929
930 *result = PRTimeToSeconds(time);
931 return NS_OK;
932 }
933
GetAgeValue(uint32_t * result)934 nsresult nsHttpResponseHead::GetAgeValue(uint32_t* result) {
935 RecursiveMutexAutoLock monitor(mRecursiveMutex);
936 return GetAgeValue_locked(result);
937 }
938
GetAgeValue_locked(uint32_t * result) const939 nsresult nsHttpResponseHead::GetAgeValue_locked(uint32_t* result) const {
940 const char* val = mHeaders.PeekHeader(nsHttp::Age);
941 if (!val) return NS_ERROR_NOT_AVAILABLE;
942
943 *result = (uint32_t)atoi(val);
944 return NS_OK;
945 }
946
947 // Return the value of the (HTTP 1.1) max-age directive, which itself is a
948 // component of the Cache-Control response header
GetMaxAgeValue(uint32_t * result)949 nsresult nsHttpResponseHead::GetMaxAgeValue(uint32_t* result) {
950 RecursiveMutexAutoLock monitor(mRecursiveMutex);
951 return GetMaxAgeValue_locked(result);
952 }
953
GetMaxAgeValue_locked(uint32_t * result) const954 nsresult nsHttpResponseHead::GetMaxAgeValue_locked(uint32_t* result) const {
955 if (!mCacheControlMaxAgeSet) {
956 return NS_ERROR_NOT_AVAILABLE;
957 }
958
959 *result = mCacheControlMaxAge;
960 return NS_OK;
961 }
962
GetDateValue(uint32_t * result)963 nsresult nsHttpResponseHead::GetDateValue(uint32_t* result) {
964 RecursiveMutexAutoLock monitor(mRecursiveMutex);
965 return GetDateValue_locked(result);
966 }
967
GetExpiresValue(uint32_t * result)968 nsresult nsHttpResponseHead::GetExpiresValue(uint32_t* result) {
969 RecursiveMutexAutoLock monitor(mRecursiveMutex);
970 return GetExpiresValue_locked(result);
971 }
972
GetExpiresValue_locked(uint32_t * result) const973 nsresult nsHttpResponseHead::GetExpiresValue_locked(uint32_t* result) const {
974 const char* val = mHeaders.PeekHeader(nsHttp::Expires);
975 if (!val) return NS_ERROR_NOT_AVAILABLE;
976
977 PRTime time;
978 PRStatus st = PR_ParseTimeString(val, true, &time);
979 if (st != PR_SUCCESS) {
980 // parsing failed... RFC 2616 section 14.21 says we should treat this
981 // as an expiration time in the past.
982 *result = 0;
983 return NS_OK;
984 }
985
986 if (time < 0)
987 *result = 0;
988 else
989 *result = PRTimeToSeconds(time);
990 return NS_OK;
991 }
992
GetLastModifiedValue(uint32_t * result)993 nsresult nsHttpResponseHead::GetLastModifiedValue(uint32_t* result) {
994 RecursiveMutexAutoLock monitor(mRecursiveMutex);
995 return ParseDateHeader(nsHttp::Last_Modified, result);
996 }
997
operator ==(const nsHttpResponseHead & aOther) const998 bool nsHttpResponseHead::operator==(const nsHttpResponseHead& aOther) const {
999 nsHttpResponseHead& curr = const_cast<nsHttpResponseHead&>(*this);
1000 nsHttpResponseHead& other = const_cast<nsHttpResponseHead&>(aOther);
1001 RecursiveMutexAutoLock monitorOther(other.mRecursiveMutex);
1002 RecursiveMutexAutoLock monitor(curr.mRecursiveMutex);
1003
1004 return mHeaders == aOther.mHeaders && mVersion == aOther.mVersion &&
1005 mStatus == aOther.mStatus && mStatusText == aOther.mStatusText &&
1006 mContentLength == aOther.mContentLength &&
1007 mContentType == aOther.mContentType &&
1008 mContentCharset == aOther.mContentCharset &&
1009 mCacheControlPublic == aOther.mCacheControlPublic &&
1010 mCacheControlPrivate == aOther.mCacheControlPrivate &&
1011 mCacheControlNoCache == aOther.mCacheControlNoCache &&
1012 mCacheControlNoStore == aOther.mCacheControlNoStore &&
1013 mCacheControlImmutable == aOther.mCacheControlImmutable &&
1014 mCacheControlStaleWhileRevalidateSet ==
1015 aOther.mCacheControlStaleWhileRevalidateSet &&
1016 mCacheControlStaleWhileRevalidate ==
1017 aOther.mCacheControlStaleWhileRevalidate &&
1018 mCacheControlMaxAgeSet == aOther.mCacheControlMaxAgeSet &&
1019 mCacheControlMaxAge == aOther.mCacheControlMaxAge &&
1020 mPragmaNoCache == aOther.mPragmaNoCache;
1021 }
1022
TotalEntitySize()1023 int64_t nsHttpResponseHead::TotalEntitySize() {
1024 RecursiveMutexAutoLock monitor(mRecursiveMutex);
1025 const char* contentRange = mHeaders.PeekHeader(nsHttp::Content_Range);
1026 if (!contentRange) return mContentLength;
1027
1028 // Total length is after a slash
1029 const char* slash = strrchr(contentRange, '/');
1030 if (!slash) return -1; // No idea what the length is
1031
1032 slash++;
1033 if (*slash == '*') // Server doesn't know the length
1034 return -1;
1035
1036 int64_t size;
1037 if (!nsHttp::ParseInt64(slash, &size)) size = UINT64_MAX;
1038 return size;
1039 }
1040
1041 //-----------------------------------------------------------------------------
1042 // nsHttpResponseHead <private>
1043 //-----------------------------------------------------------------------------
1044
ParseVersion(const char * str)1045 void nsHttpResponseHead::ParseVersion(const char* str) {
1046 // Parse HTTP-Version:: "HTTP" "/" 1*DIGIT "." 1*DIGIT
1047
1048 LOG(("nsHttpResponseHead::ParseVersion [version=%s]\n", str));
1049
1050 Tokenizer t(str, nullptr, "");
1051 // make sure we have HTTP at the beginning
1052 if (!t.CheckWord("HTTP")) {
1053 if (PL_strncasecmp(str, "ICY ", 4) == 0) {
1054 // ShoutCast ICY is HTTP/1.0-like. Assume it is HTTP/1.0.
1055 LOG(("Treating ICY as HTTP 1.0\n"));
1056 mVersion = HttpVersion::v1_0;
1057 return;
1058 }
1059 LOG(("looks like a HTTP/0.9 response\n"));
1060 mVersion = HttpVersion::v0_9;
1061 return;
1062 }
1063
1064 if (!t.CheckChar('/')) {
1065 LOG(("server did not send a version number; assuming HTTP/1.0\n"));
1066 // NCSA/1.5.2 has a bug in which it fails to send a version number
1067 // if the request version is HTTP/1.1, so we fall back on HTTP/1.0
1068 mVersion = HttpVersion::v1_0;
1069 return;
1070 }
1071
1072 uint32_t major;
1073 if (!t.ReadInteger(&major)) {
1074 LOG(("server did not send a correct version number; assuming HTTP/1.0"));
1075 mVersion = HttpVersion::v1_0;
1076 return;
1077 }
1078
1079 if (major == 3) {
1080 mVersion = HttpVersion::v3_0;
1081 return;
1082 }
1083
1084 if (major == 2) {
1085 mVersion = HttpVersion::v2_0;
1086 return;
1087 }
1088
1089 if (major != 1) {
1090 LOG(("server did not send a correct version number; assuming HTTP/1.0"));
1091 mVersion = HttpVersion::v1_0;
1092 return;
1093 }
1094
1095 if (!t.CheckChar('.')) {
1096 LOG(("mal-formed server version; assuming HTTP/1.0\n"));
1097 mVersion = HttpVersion::v1_0;
1098 return;
1099 }
1100
1101 uint32_t minor;
1102 if (!t.ReadInteger(&minor)) {
1103 LOG(("server did not send a correct version number; assuming HTTP/1.0"));
1104 mVersion = HttpVersion::v1_0;
1105 return;
1106 }
1107
1108 if (minor >= 1) {
1109 // at least HTTP/1.1
1110 mVersion = HttpVersion::v1_1;
1111 } else {
1112 // treat anything else as version 1.0
1113 mVersion = HttpVersion::v1_0;
1114 }
1115 }
1116
ParseCacheControl(const char * val)1117 void nsHttpResponseHead::ParseCacheControl(const char* val) {
1118 if (!(val && *val)) {
1119 // clear flags
1120 mCacheControlPublic = false;
1121 mCacheControlPrivate = false;
1122 mCacheControlNoCache = false;
1123 mCacheControlNoStore = false;
1124 mCacheControlImmutable = false;
1125 mCacheControlStaleWhileRevalidateSet = false;
1126 mCacheControlStaleWhileRevalidate = 0;
1127 mCacheControlMaxAgeSet = false;
1128 mCacheControlMaxAge = 0;
1129 return;
1130 }
1131
1132 nsDependentCString cacheControlRequestHeader(val);
1133 CacheControlParser cacheControlRequest(cacheControlRequestHeader);
1134
1135 mCacheControlPublic = cacheControlRequest.Public();
1136 mCacheControlPrivate = cacheControlRequest.Private();
1137 mCacheControlNoCache = cacheControlRequest.NoCache();
1138 mCacheControlNoStore = cacheControlRequest.NoStore();
1139 mCacheControlImmutable = cacheControlRequest.Immutable();
1140 mCacheControlStaleWhileRevalidateSet =
1141 cacheControlRequest.StaleWhileRevalidate(
1142 &mCacheControlStaleWhileRevalidate);
1143 mCacheControlMaxAgeSet = cacheControlRequest.MaxAge(&mCacheControlMaxAge);
1144 }
1145
ParsePragma(const char * val)1146 void nsHttpResponseHead::ParsePragma(const char* val) {
1147 LOG(("nsHttpResponseHead::ParsePragma [val=%s]\n", val));
1148
1149 if (!(val && *val)) {
1150 // clear no-cache flag
1151 mPragmaNoCache = false;
1152 return;
1153 }
1154
1155 // Although 'Pragma: no-cache' is not a standard HTTP response header (it's
1156 // a request header), caching is inhibited when this header is present so
1157 // as to match existing Navigator behavior.
1158 if (nsHttp::FindToken(val, "no-cache", HTTP_HEADER_VALUE_SEPS))
1159 mPragmaNoCache = true;
1160 }
1161
VisitHeaders(nsIHttpHeaderVisitor * visitor,nsHttpHeaderArray::VisitorFilter filter)1162 nsresult nsHttpResponseHead::VisitHeaders(
1163 nsIHttpHeaderVisitor* visitor, nsHttpHeaderArray::VisitorFilter filter) {
1164 RecursiveMutexAutoLock monitor(mRecursiveMutex);
1165 mInVisitHeaders = true;
1166 nsresult rv = mHeaders.VisitHeaders(visitor, filter);
1167 mInVisitHeaders = false;
1168 return rv;
1169 }
1170
GetOriginalHeader(nsHttpAtom aHeader,nsIHttpHeaderVisitor * aVisitor)1171 nsresult nsHttpResponseHead::GetOriginalHeader(nsHttpAtom aHeader,
1172 nsIHttpHeaderVisitor* aVisitor) {
1173 RecursiveMutexAutoLock monitor(mRecursiveMutex);
1174 mInVisitHeaders = true;
1175 nsresult rv = mHeaders.GetOriginalHeader(aHeader, aVisitor);
1176 mInVisitHeaders = false;
1177 return rv;
1178 }
1179
HasContentType() const1180 bool nsHttpResponseHead::HasContentType() const {
1181 RecursiveMutexAutoLock monitor(mRecursiveMutex);
1182 return !mContentType.IsEmpty();
1183 }
1184
HasContentCharset()1185 bool nsHttpResponseHead::HasContentCharset() {
1186 RecursiveMutexAutoLock monitor(mRecursiveMutex);
1187 return !mContentCharset.IsEmpty();
1188 }
1189
GetContentTypeOptionsHeader(nsACString & aOutput)1190 bool nsHttpResponseHead::GetContentTypeOptionsHeader(nsACString& aOutput) {
1191 aOutput.Truncate();
1192
1193 nsAutoCString contentTypeOptionsHeader;
1194 Unused << GetHeader(nsHttp::X_Content_Type_Options, contentTypeOptionsHeader);
1195 if (contentTypeOptionsHeader.IsEmpty()) {
1196 // if there is no XCTO header, then there is nothing to do.
1197 return false;
1198 }
1199
1200 // XCTO header might contain multiple values which are comma separated, so:
1201 // a) let's skip all subsequent values
1202 // e.g. " NoSniFF , foo " will be " NoSniFF "
1203 int32_t idx = contentTypeOptionsHeader.Find(",");
1204 if (idx > 0) {
1205 contentTypeOptionsHeader = Substring(contentTypeOptionsHeader, 0, idx);
1206 }
1207 // b) let's trim all surrounding whitespace
1208 // e.g. " NoSniFF " -> "NoSniFF"
1209 nsHttp::TrimHTTPWhitespace(contentTypeOptionsHeader,
1210 contentTypeOptionsHeader);
1211
1212 aOutput.Assign(contentTypeOptionsHeader);
1213 return true;
1214 }
1215
1216 } // namespace net
1217 } // namespace mozilla
1218