1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // The rules for header parsing were borrowed from Firefox:
6 // http://lxr.mozilla.org/seamonkey/source/netwerk/protocol/http/src/nsHttpResponseHead.cpp
7 // The rules for parsing content-types were also borrowed from Firefox:
8 // http://lxr.mozilla.org/mozilla/source/netwerk/base/src/nsURLHelper.cpp#834
9
10 #include "net/http/http_response_headers.h"
11
12 #include <algorithm>
13 #include <limits>
14 #include <memory>
15 #include <utility>
16
17 #include "base/format_macros.h"
18 #include "base/logging.h"
19 #include "base/metrics/histogram_macros.h"
20 #include "base/pickle.h"
21 #include "base/ranges/algorithm.h"
22 #include "base/strings/escape.h"
23 #include "base/strings/strcat.h"
24 #include "base/strings/string_number_conversions.h"
25 #include "base/strings/string_piece.h"
26 #include "base/strings/string_util.h"
27 #include "base/strings/stringprintf.h"
28 #include "base/time/time.h"
29 #include "base/values.h"
30 #include "net/base/features.h"
31 #include "net/base/parse_number.h"
32 #include "net/base/tracing.h"
33 #include "net/http/http_byte_range.h"
34 #include "net/http/http_log_util.h"
35 #include "net/http/http_status_code.h"
36 #include "net/http/http_util.h"
37 #include "net/log/net_log_capture_mode.h"
38 #include "net/log/net_log_values.h"
39
40 using base::Time;
41
42 namespace net {
43
44 //-----------------------------------------------------------------------------
45
46 namespace {
47
48 // These headers are RFC 2616 hop-by-hop headers;
49 // not to be stored by caches.
50 const char* const kHopByHopResponseHeaders[] = {
51 "connection",
52 "proxy-connection",
53 "keep-alive",
54 "trailer",
55 "transfer-encoding",
56 "upgrade"
57 };
58
59 // These headers are challenge response headers;
60 // not to be stored by caches.
61 const char* const kChallengeResponseHeaders[] = {
62 "www-authenticate",
63 "proxy-authenticate"
64 };
65
66 // These headers are cookie setting headers;
67 // not to be stored by caches or disclosed otherwise.
68 const char* const kCookieResponseHeaders[] = {
69 "set-cookie",
70 "set-cookie2",
71 "clear-site-data",
72 };
73
74 // By default, do not cache Strict-Transport-Security.
75 // This avoids erroneously re-processing it on page loads from cache ---
76 // it is defined to be valid only on live and error-free HTTPS connections.
77 const char* const kSecurityStateHeaders[] = {
78 "strict-transport-security",
79 };
80
81 // These response headers are not copied from a 304/206 response to the cached
82 // response headers. This list is based on Mozilla's nsHttpResponseHead.cpp.
83 const char* const kNonUpdatedHeaders[] = {
84 "connection",
85 "proxy-connection",
86 "keep-alive",
87 "www-authenticate",
88 "proxy-authenticate",
89 "proxy-authorization",
90 "te",
91 "trailer",
92 "transfer-encoding",
93 "upgrade",
94 "content-location",
95 "content-md5",
96 "etag",
97 "content-encoding",
98 "content-range",
99 "content-type",
100 "content-length",
101 "x-frame-options",
102 "x-xss-protection",
103 };
104
105 // Some header prefixes mean "Don't copy this header from a 304 response.".
106 // Rather than listing all the relevant headers, we can consolidate them into
107 // this list:
108 const char* const kNonUpdatedHeaderPrefixes[] = {
109 "x-content-",
110 "x-webkit-"
111 };
112
ShouldUpdateHeader(base::StringPiece name)113 bool ShouldUpdateHeader(base::StringPiece name) {
114 for (const auto* header : kNonUpdatedHeaders) {
115 if (base::EqualsCaseInsensitiveASCII(name, header))
116 return false;
117 }
118 for (const auto* prefix : kNonUpdatedHeaderPrefixes) {
119 if (base::StartsWith(name, prefix, base::CompareCase::INSENSITIVE_ASCII))
120 return false;
121 }
122 return true;
123 }
124
HasEmbeddedNulls(base::StringPiece str)125 bool HasEmbeddedNulls(base::StringPiece str) {
126 return str.find('\0') != std::string::npos;
127 }
128
CheckDoesNotHaveEmbeddedNulls(base::StringPiece str)129 void CheckDoesNotHaveEmbeddedNulls(base::StringPiece str) {
130 // Care needs to be taken when adding values to the raw headers string to
131 // make sure it does not contain embeded NULLs. Any embeded '\0' may be
132 // understood as line terminators and change how header lines get tokenized.
133 CHECK(!HasEmbeddedNulls(str));
134 }
135
RemoveLeadingSpaces(base::StringPiece * s)136 void RemoveLeadingSpaces(base::StringPiece* s) {
137 s->remove_prefix(std::min(s->find_first_not_of(' '), s->size()));
138 }
139
140 // Parses `status` for response code and status text. Returns the response code,
141 // and appends the response code and trimmed status text preceded by a space to
142 // `append_to`. For example, given the input " 404 Not found " would return 404
143 // and append " 404 Not found" to `append_to`. The odd calling convention is
144 // necessary to avoid extra copies in the implementation of
145 // HttpResponseHeaders::ParseStatusLine().
ParseStatus(base::StringPiece status,std::string & append_to)146 int ParseStatus(base::StringPiece status, std::string& append_to) {
147 // Skip whitespace. Tabs are not skipped, for backwards compatibility.
148 RemoveLeadingSpaces(&status);
149
150 const char* first_non_digit =
151 std::find_if(status.begin(), status.end(),
152 [](char c) { return !base::IsAsciiDigit(c); });
153
154 if (first_non_digit == status.begin()) {
155 DVLOG(1) << "missing response status number; assuming 200";
156 append_to.append(" 200");
157 return net::HTTP_OK;
158 }
159
160 append_to.push_back(' ');
161 append_to.append(status.begin(), first_non_digit);
162 int response_code = -1;
163 // For backwards compatibility, overlarge response codes are permitted.
164 // base::StringToInt will clamp the value to INT_MAX.
165 base::StringToInt(base::MakeStringPiece(status.begin(), first_non_digit),
166 &response_code);
167 CHECK_GE(response_code, 0);
168
169 status.remove_prefix(first_non_digit - status.begin());
170
171 // Skip whitespace. Tabs are not skipped, as before.
172 RemoveLeadingSpaces(&status);
173
174 // Trim trailing whitespace. Tabs are not trimmed.
175 const size_t last_non_space_pos = status.find_last_not_of(' ');
176 if (last_non_space_pos != base::StringPiece::npos) {
177 status.remove_suffix(status.size() - last_non_space_pos - 1);
178 }
179
180 if (status.empty()) {
181 return response_code;
182 }
183
184 CheckDoesNotHaveEmbeddedNulls(status);
185
186 append_to.push_back(' ');
187 append_to.append(status);
188 return response_code;
189 }
190
191 } // namespace
192
193 const char HttpResponseHeaders::kContentRange[] = "Content-Range";
194 const char HttpResponseHeaders::kLastModified[] = "Last-Modified";
195 const char HttpResponseHeaders::kVary[] = "Vary";
196
197 struct HttpResponseHeaders::ParsedHeader {
198 // A header "continuation" contains only a subsequent value for the
199 // preceding header. (Header values are comma separated.)
is_continuationnet::HttpResponseHeaders::ParsedHeader200 bool is_continuation() const { return name_begin == name_end; }
201
202 std::string::const_iterator name_begin;
203 std::string::const_iterator name_end;
204 std::string::const_iterator value_begin;
205 std::string::const_iterator value_end;
206
207 // Write a representation of this object into a tracing proto.
WriteIntoTracenet::HttpResponseHeaders::ParsedHeader208 void WriteIntoTrace(perfetto::TracedValue context) const {
209 auto dict = std::move(context).WriteDictionary();
210 dict.Add("name", base::MakeStringPiece(name_begin, name_end));
211 dict.Add("value", base::MakeStringPiece(value_begin, value_end));
212 }
213 };
214
215 //-----------------------------------------------------------------------------
216
Builder(HttpVersion version,base::StringPiece status)217 HttpResponseHeaders::Builder::Builder(HttpVersion version,
218 base::StringPiece status)
219 : version_(version), status_(status) {
220 DCHECK(version == HttpVersion(1, 0) || version == HttpVersion(1, 1) ||
221 version == HttpVersion(2, 0));
222 }
223
224 HttpResponseHeaders::Builder::~Builder() = default;
225
Build()226 scoped_refptr<HttpResponseHeaders> HttpResponseHeaders::Builder::Build() {
227 return base::MakeRefCounted<HttpResponseHeaders>(BuilderPassKey(), version_,
228 status_, headers_);
229 }
230
HttpResponseHeaders(const std::string & raw_input)231 HttpResponseHeaders::HttpResponseHeaders(const std::string& raw_input)
232 : response_code_(-1) {
233 Parse(raw_input);
234
235 // The most important thing to do with this histogram is find out
236 // the existence of unusual HTTP status codes. As it happens
237 // right now, there aren't double-constructions of response headers
238 // using this constructor, so our counts should also be accurate,
239 // without instantiating the histogram in two places. It is also
240 // important that this histogram not collect data in the other
241 // constructor, which rebuilds an histogram from a pickle, since
242 // that would actually create a double call between the original
243 // HttpResponseHeader that was serialized, and initialization of the
244 // new object from that pickle.
245 UMA_HISTOGRAM_CUSTOM_ENUMERATION(
246 "Net.HttpResponseCode",
247 HttpUtil::MapStatusCodeForHistogram(response_code_),
248 // Note the third argument is only
249 // evaluated once, see macro
250 // definition for details.
251 HttpUtil::GetStatusCodesForHistogram());
252 }
253
HttpResponseHeaders(base::PickleIterator * iter)254 HttpResponseHeaders::HttpResponseHeaders(base::PickleIterator* iter)
255 : response_code_(-1) {
256 std::string raw_input;
257 if (iter->ReadString(&raw_input))
258 Parse(raw_input);
259 }
260
HttpResponseHeaders(BuilderPassKey,HttpVersion version,base::StringPiece status,base::span<const std::pair<base::StringPiece,base::StringPiece>> headers)261 HttpResponseHeaders::HttpResponseHeaders(
262 BuilderPassKey,
263 HttpVersion version,
264 base::StringPiece status,
265 base::span<const std::pair<base::StringPiece, base::StringPiece>> headers)
266 : http_version_(version) {
267 // This must match the behaviour of Parse(). We don't use Parse() because
268 // avoiding the overhead of parsing is the point of this constructor.
269
270 std::string formatted_status;
271 formatted_status.reserve(status.size() + 1); // ParseStatus() may add a space
272 response_code_ = ParseStatus(status, formatted_status);
273
274 // First calculate how big the output will be so that we can allocate the
275 // right amount of memory.
276 size_t expected_size = 8; // "HTTP/x.x"
277 expected_size += formatted_status.size();
278 expected_size += 1; // "\0"
279 size_t expected_parsed_size = 0;
280
281 // Track which headers (by index) have a comma in the value. Since bools are
282 // only 1 byte, we can afford to put 100 of them on the stack and avoid
283 // allocating more memory 99.9% of the time.
284 absl::InlinedVector<bool, 100> header_contains_comma;
285 for (const auto& [key, value] : headers) {
286 expected_size += key.size();
287 expected_size += 1; // ":"
288 expected_size += value.size();
289 expected_size += 1; // "\0"
290 // It's okay if we over-estimate the size of `parsed_`, so treat all ','
291 // characters as if they might split the value to avoid parsing the value
292 // carefully here.
293 const size_t comma_count = base::ranges::count(value, ',') + 1;
294 expected_parsed_size += comma_count;
295 header_contains_comma.push_back(comma_count);
296 }
297 expected_size += 1; // "\0"
298 raw_headers_.reserve(expected_size);
299 parsed_.reserve(expected_parsed_size);
300
301 // Now fill in the output.
302 const uint16_t major = version.major_value();
303 const uint16_t minor = version.minor_value();
304 CHECK_LE(major, 9);
305 CHECK_LE(minor, 9);
306 raw_headers_.append("HTTP/");
307 raw_headers_.push_back('0' + major);
308 raw_headers_.push_back('.');
309 raw_headers_.push_back('0' + minor);
310 raw_headers_.append(formatted_status);
311 raw_headers_.push_back('\0');
312 // It is vital that `raw_headers_` iterators are not invalidated after this
313 // point.
314 const char* const data_at_start = raw_headers_.data();
315 size_t index = 0;
316 for (const auto& [key, value] : headers) {
317 CheckDoesNotHaveEmbeddedNulls(key);
318 CheckDoesNotHaveEmbeddedNulls(value);
319 // Because std::string iterators are random-access, end() has to point to
320 // the position where the next character will be appended.
321 const auto name_begin = raw_headers_.cend();
322 raw_headers_.append(key);
323 const auto name_end = raw_headers_.cend();
324 raw_headers_.push_back(':');
325 auto values_begin = raw_headers_.cend();
326 raw_headers_.append(value);
327 auto values_end = raw_headers_.cend();
328 raw_headers_.push_back('\0');
329 // The HTTP/2 standard disallows header values starting or ending with
330 // whitespace (RFC 9113 8.2.1). Hopefully the same is also true of HTTP/3.
331 // TODO(https://crbug.com/1485670): Validate that our implementations
332 // actually enforce this constraint and change this TrimLWS() to a DCHECK.
333 HttpUtil::TrimLWS(&values_begin, &values_end);
334 AddHeader(name_begin, name_end, values_begin, values_end,
335 header_contains_comma[index] ? ContainsCommas::kYes
336 : ContainsCommas::kNo);
337 ++index;
338 }
339 raw_headers_.push_back('\0');
340 CHECK_EQ(expected_size, raw_headers_.size());
341 CHECK_EQ(data_at_start, raw_headers_.data());
342 DCHECK_LE(parsed_.size(), expected_parsed_size);
343
344 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 2]);
345 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 1]);
346 }
347
TryToCreate(base::StringPiece headers)348 scoped_refptr<HttpResponseHeaders> HttpResponseHeaders::TryToCreate(
349 base::StringPiece headers) {
350 // Reject strings with nulls.
351 if (HasEmbeddedNulls(headers) ||
352 headers.size() > std::numeric_limits<int>::max()) {
353 return nullptr;
354 }
355
356 return base::MakeRefCounted<HttpResponseHeaders>(
357 HttpUtil::AssembleRawHeaders(headers));
358 }
359
Persist(base::Pickle * pickle,PersistOptions options)360 void HttpResponseHeaders::Persist(base::Pickle* pickle,
361 PersistOptions options) {
362 if (options == PERSIST_RAW) {
363 pickle->WriteString(raw_headers_);
364 return; // Done.
365 }
366
367 HeaderSet filter_headers;
368
369 // Construct set of headers to filter out based on options.
370 if ((options & PERSIST_SANS_NON_CACHEABLE) == PERSIST_SANS_NON_CACHEABLE)
371 AddNonCacheableHeaders(&filter_headers);
372
373 if ((options & PERSIST_SANS_COOKIES) == PERSIST_SANS_COOKIES)
374 AddCookieHeaders(&filter_headers);
375
376 if ((options & PERSIST_SANS_CHALLENGES) == PERSIST_SANS_CHALLENGES)
377 AddChallengeHeaders(&filter_headers);
378
379 if ((options & PERSIST_SANS_HOP_BY_HOP) == PERSIST_SANS_HOP_BY_HOP)
380 AddHopByHopHeaders(&filter_headers);
381
382 if ((options & PERSIST_SANS_RANGES) == PERSIST_SANS_RANGES)
383 AddHopContentRangeHeaders(&filter_headers);
384
385 if ((options & PERSIST_SANS_SECURITY_STATE) == PERSIST_SANS_SECURITY_STATE)
386 AddSecurityStateHeaders(&filter_headers);
387
388 std::string blob;
389 blob.reserve(raw_headers_.size());
390
391 // This copies the status line w/ terminator null.
392 // Note raw_headers_ has embedded nulls instead of \n,
393 // so this just copies the first header line.
394 blob.assign(raw_headers_.c_str(), strlen(raw_headers_.c_str()) + 1);
395
396 for (size_t i = 0; i < parsed_.size(); ++i) {
397 DCHECK(!parsed_[i].is_continuation());
398
399 // Locate the start of the next header.
400 size_t k = i;
401 while (++k < parsed_.size() && parsed_[k].is_continuation()) {}
402 --k;
403
404 std::string header_name = base::ToLowerASCII(
405 base::MakeStringPiece(parsed_[i].name_begin, parsed_[i].name_end));
406 if (filter_headers.find(header_name) == filter_headers.end()) {
407 // Make sure there is a null after the value.
408 blob.append(parsed_[i].name_begin, parsed_[k].value_end);
409 blob.push_back('\0');
410 }
411
412 i = k;
413 }
414 blob.push_back('\0');
415
416 pickle->WriteString(blob);
417 }
418
Update(const HttpResponseHeaders & new_headers)419 void HttpResponseHeaders::Update(const HttpResponseHeaders& new_headers) {
420 DCHECK(new_headers.response_code() == net::HTTP_NOT_MODIFIED ||
421 new_headers.response_code() == net::HTTP_PARTIAL_CONTENT);
422
423 // Copy up to the null byte. This just copies the status line.
424 std::string new_raw_headers(raw_headers_.c_str());
425 new_raw_headers.push_back('\0');
426
427 HeaderSet updated_headers;
428
429 // NOTE: we write the new headers then the old headers for convenience. The
430 // order should not matter.
431
432 // Figure out which headers we want to take from new_headers:
433 for (size_t i = 0; i < new_headers.parsed_.size(); ++i) {
434 const HeaderList& new_parsed = new_headers.parsed_;
435
436 DCHECK(!new_parsed[i].is_continuation());
437
438 // Locate the start of the next header.
439 size_t k = i;
440 while (++k < new_parsed.size() && new_parsed[k].is_continuation()) {}
441 --k;
442
443 auto name =
444 base::MakeStringPiece(new_parsed[i].name_begin, new_parsed[i].name_end);
445 if (ShouldUpdateHeader(name)) {
446 std::string name_lower = base::ToLowerASCII(name);
447 updated_headers.insert(name_lower);
448
449 // Preserve this header line in the merged result, making sure there is
450 // a null after the value.
451 new_raw_headers.append(new_parsed[i].name_begin, new_parsed[k].value_end);
452 new_raw_headers.push_back('\0');
453 }
454
455 i = k;
456 }
457
458 // Now, build the new raw headers.
459 MergeWithHeaders(std::move(new_raw_headers), updated_headers);
460 }
461
MergeWithHeaders(std::string raw_headers,const HeaderSet & headers_to_remove)462 void HttpResponseHeaders::MergeWithHeaders(std::string raw_headers,
463 const HeaderSet& headers_to_remove) {
464 for (size_t i = 0; i < parsed_.size(); ++i) {
465 DCHECK(!parsed_[i].is_continuation());
466
467 // Locate the start of the next header.
468 size_t k = i;
469 while (++k < parsed_.size() && parsed_[k].is_continuation()) {}
470 --k;
471
472 std::string name = base::ToLowerASCII(
473 base::MakeStringPiece(parsed_[i].name_begin, parsed_[i].name_end));
474 if (headers_to_remove.find(name) == headers_to_remove.end()) {
475 // It's ok to preserve this header in the final result.
476 raw_headers.append(parsed_[i].name_begin, parsed_[k].value_end);
477 raw_headers.push_back('\0');
478 }
479
480 i = k;
481 }
482 raw_headers.push_back('\0');
483
484 // Make this object hold the new data.
485 raw_headers_.clear();
486 parsed_.clear();
487 Parse(raw_headers);
488 }
489
RemoveHeader(base::StringPiece name)490 void HttpResponseHeaders::RemoveHeader(base::StringPiece name) {
491 // Copy up to the null byte. This just copies the status line.
492 std::string new_raw_headers(raw_headers_.c_str());
493 new_raw_headers.push_back('\0');
494
495 HeaderSet to_remove;
496 to_remove.insert(base::ToLowerASCII(name));
497 MergeWithHeaders(std::move(new_raw_headers), to_remove);
498 }
499
RemoveHeaders(const std::unordered_set<std::string> & header_names)500 void HttpResponseHeaders::RemoveHeaders(
501 const std::unordered_set<std::string>& header_names) {
502 // Copy up to the null byte. This just copies the status line.
503 std::string new_raw_headers(raw_headers_.c_str());
504 new_raw_headers.push_back('\0');
505
506 HeaderSet to_remove;
507 for (const auto& header_name : header_names) {
508 to_remove.insert(base::ToLowerASCII(header_name));
509 }
510 MergeWithHeaders(std::move(new_raw_headers), to_remove);
511 }
512
RemoveHeaderLine(const std::string & name,const std::string & value)513 void HttpResponseHeaders::RemoveHeaderLine(const std::string& name,
514 const std::string& value) {
515 std::string name_lowercase = base::ToLowerASCII(name);
516
517 std::string new_raw_headers(GetStatusLine());
518 new_raw_headers.push_back('\0');
519
520 new_raw_headers.reserve(raw_headers_.size());
521
522 size_t iter = 0;
523 std::string old_header_name;
524 std::string old_header_value;
525 while (EnumerateHeaderLines(&iter, &old_header_name, &old_header_value)) {
526 std::string old_header_name_lowercase = base::ToLowerASCII(old_header_name);
527 if (name_lowercase == old_header_name_lowercase &&
528 value == old_header_value)
529 continue;
530
531 new_raw_headers.append(old_header_name);
532 new_raw_headers.push_back(':');
533 new_raw_headers.push_back(' ');
534 new_raw_headers.append(old_header_value);
535 new_raw_headers.push_back('\0');
536 }
537 new_raw_headers.push_back('\0');
538
539 // Make this object hold the new data.
540 raw_headers_.clear();
541 parsed_.clear();
542 Parse(new_raw_headers);
543 }
544
AddHeader(base::StringPiece name,base::StringPiece value)545 void HttpResponseHeaders::AddHeader(base::StringPiece name,
546 base::StringPiece value) {
547 DCHECK(HttpUtil::IsValidHeaderName(name));
548 DCHECK(HttpUtil::IsValidHeaderValue(value));
549
550 // Don't copy the last null.
551 std::string new_raw_headers(raw_headers_, 0, raw_headers_.size() - 1);
552 new_raw_headers.append(name.begin(), name.end());
553 new_raw_headers.append(": ");
554 new_raw_headers.append(value.begin(), value.end());
555 new_raw_headers.push_back('\0');
556 new_raw_headers.push_back('\0');
557
558 // Make this object hold the new data.
559 raw_headers_.clear();
560 parsed_.clear();
561 Parse(new_raw_headers);
562 }
563
SetHeader(base::StringPiece name,base::StringPiece value)564 void HttpResponseHeaders::SetHeader(base::StringPiece name,
565 base::StringPiece value) {
566 RemoveHeader(name);
567 AddHeader(name, value);
568 }
569
AddCookie(const std::string & cookie_string)570 void HttpResponseHeaders::AddCookie(const std::string& cookie_string) {
571 AddHeader("Set-Cookie", cookie_string);
572 }
573
ReplaceStatusLine(const std::string & new_status)574 void HttpResponseHeaders::ReplaceStatusLine(const std::string& new_status) {
575 CheckDoesNotHaveEmbeddedNulls(new_status);
576 // Copy up to the null byte. This just copies the status line.
577 std::string new_raw_headers(new_status);
578 new_raw_headers.push_back('\0');
579
580 HeaderSet empty_to_remove;
581 MergeWithHeaders(std::move(new_raw_headers), empty_to_remove);
582 }
583
UpdateWithNewRange(const HttpByteRange & byte_range,int64_t resource_size,bool replace_status_line)584 void HttpResponseHeaders::UpdateWithNewRange(const HttpByteRange& byte_range,
585 int64_t resource_size,
586 bool replace_status_line) {
587 DCHECK(byte_range.IsValid());
588 DCHECK(byte_range.HasFirstBytePosition());
589 DCHECK(byte_range.HasLastBytePosition());
590
591 const char kLengthHeader[] = "Content-Length";
592 const char kRangeHeader[] = "Content-Range";
593
594 RemoveHeader(kLengthHeader);
595 RemoveHeader(kRangeHeader);
596
597 int64_t start = byte_range.first_byte_position();
598 int64_t end = byte_range.last_byte_position();
599 int64_t range_len = end - start + 1;
600
601 if (replace_status_line)
602 ReplaceStatusLine("HTTP/1.1 206 Partial Content");
603
604 AddHeader(kRangeHeader,
605 base::StringPrintf("bytes %" PRId64 "-%" PRId64 "/%" PRId64, start,
606 end, resource_size));
607 AddHeader(kLengthHeader, base::StringPrintf("%" PRId64, range_len));
608 }
609
Parse(const std::string & raw_input)610 void HttpResponseHeaders::Parse(const std::string& raw_input) {
611 raw_headers_.reserve(raw_input.size());
612 // TODO(https://crbug.com/1470137): Call reserve() on `parsed_` with an
613 // appropriate value.
614
615 // ParseStatusLine adds a normalized status line to raw_headers_
616 std::string::const_iterator line_begin = raw_input.begin();
617 std::string::const_iterator line_end = base::ranges::find(raw_input, '\0');
618 // has_headers = true, if there is any data following the status line.
619 // Used by ParseStatusLine() to decide if a HTTP/0.9 is really a HTTP/1.0.
620 bool has_headers =
621 (line_end != raw_input.end() && (line_end + 1) != raw_input.end() &&
622 *(line_end + 1) != '\0');
623 ParseStatusLine(line_begin, line_end, has_headers);
624 raw_headers_.push_back('\0'); // Terminate status line with a null.
625
626 if (line_end == raw_input.end()) {
627 raw_headers_.push_back('\0'); // Ensure the headers end with a double null.
628
629 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 2]);
630 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 1]);
631 return;
632 }
633
634 // Including a terminating null byte.
635 size_t status_line_len = raw_headers_.size();
636
637 // Now, we add the rest of the raw headers to raw_headers_, and begin parsing
638 // it (to populate our parsed_ vector).
639 raw_headers_.append(line_end + 1, raw_input.end());
640
641 // Ensure the headers end with a double null.
642 while (raw_headers_.size() < 2 ||
643 raw_headers_[raw_headers_.size() - 2] != '\0' ||
644 raw_headers_[raw_headers_.size() - 1] != '\0') {
645 raw_headers_.push_back('\0');
646 }
647
648 // Adjust to point at the null byte following the status line
649 line_end = raw_headers_.begin() + status_line_len - 1;
650
651 HttpUtil::HeadersIterator headers(line_end + 1, raw_headers_.end(),
652 std::string(1, '\0'));
653 while (headers.GetNext()) {
654 AddHeader(headers.name_begin(), headers.name_end(), headers.values_begin(),
655 headers.values_end(), ContainsCommas::kMaybe);
656 }
657
658 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 2]);
659 DCHECK_EQ('\0', raw_headers_[raw_headers_.size() - 1]);
660 }
661
GetNormalizedHeader(base::StringPiece name,std::string * value) const662 bool HttpResponseHeaders::GetNormalizedHeader(base::StringPiece name,
663 std::string* value) const {
664 // If you hit this assertion, please use EnumerateHeader instead!
665 DCHECK(!HttpUtil::IsNonCoalescingHeader(name));
666
667 value->clear();
668
669 bool found = false;
670 size_t i = 0;
671 while (i < parsed_.size()) {
672 i = FindHeader(i, name);
673 if (i == std::string::npos)
674 break;
675
676 if (found)
677 value->append(", ");
678
679 found = true;
680
681 std::string::const_iterator value_begin = parsed_[i].value_begin;
682 std::string::const_iterator value_end = parsed_[i].value_end;
683 while (++i < parsed_.size() && parsed_[i].is_continuation())
684 value_end = parsed_[i].value_end;
685 value->append(value_begin, value_end);
686 }
687
688 return found;
689 }
690
GetStatusLine() const691 std::string HttpResponseHeaders::GetStatusLine() const {
692 // copy up to the null byte.
693 return std::string(raw_headers_.c_str());
694 }
695
GetStatusText() const696 std::string HttpResponseHeaders::GetStatusText() const {
697 // GetStatusLine() is already normalized, so it has the format:
698 // '<http_version> SP <response_code>' or
699 // '<http_version> SP <response_code> SP <status_text>'.
700 std::string status_text = GetStatusLine();
701 // Seek to beginning of <response_code>.
702 std::string::const_iterator begin = base::ranges::find(status_text, ' ');
703 std::string::const_iterator end = status_text.end();
704 CHECK(begin != end);
705 ++begin;
706 CHECK(begin != end);
707 // See if there is another space.
708 begin = std::find(begin, end, ' ');
709 if (begin == end)
710 return std::string();
711 ++begin;
712 CHECK(begin != end);
713 return std::string(begin, end);
714 }
715
EnumerateHeaderLines(size_t * iter,std::string * name,std::string * value) const716 bool HttpResponseHeaders::EnumerateHeaderLines(size_t* iter,
717 std::string* name,
718 std::string* value) const {
719 size_t i = *iter;
720 if (i == parsed_.size())
721 return false;
722
723 DCHECK(!parsed_[i].is_continuation());
724
725 name->assign(parsed_[i].name_begin, parsed_[i].name_end);
726
727 std::string::const_iterator value_begin = parsed_[i].value_begin;
728 std::string::const_iterator value_end = parsed_[i].value_end;
729 while (++i < parsed_.size() && parsed_[i].is_continuation())
730 value_end = parsed_[i].value_end;
731
732 value->assign(value_begin, value_end);
733
734 *iter = i;
735 return true;
736 }
737
EnumerateHeader(size_t * iter,base::StringPiece name,std::string * value) const738 bool HttpResponseHeaders::EnumerateHeader(size_t* iter,
739 base::StringPiece name,
740 std::string* value) const {
741 size_t i;
742 if (!iter || !*iter) {
743 i = FindHeader(0, name);
744 } else {
745 i = *iter;
746 if (i >= parsed_.size()) {
747 i = std::string::npos;
748 } else if (!parsed_[i].is_continuation()) {
749 i = FindHeader(i, name);
750 }
751 }
752
753 if (i == std::string::npos) {
754 value->clear();
755 return false;
756 }
757
758 if (iter)
759 *iter = i + 1;
760 value->assign(parsed_[i].value_begin, parsed_[i].value_end);
761 return true;
762 }
763
HasHeaderValue(base::StringPiece name,base::StringPiece value) const764 bool HttpResponseHeaders::HasHeaderValue(base::StringPiece name,
765 base::StringPiece value) const {
766 // The value has to be an exact match. This is important since
767 // 'cache-control: no-cache' != 'cache-control: no-cache="foo"'
768 size_t iter = 0;
769 std::string temp;
770 while (EnumerateHeader(&iter, name, &temp)) {
771 if (base::EqualsCaseInsensitiveASCII(value, temp))
772 return true;
773 }
774 return false;
775 }
776
HasHeader(base::StringPiece name) const777 bool HttpResponseHeaders::HasHeader(base::StringPiece name) const {
778 return FindHeader(0, name) != std::string::npos;
779 }
780
781 HttpResponseHeaders::~HttpResponseHeaders() = default;
782
783 // Note: this implementation implicitly assumes that line_end points at a valid
784 // sentinel character (such as '\0').
785 // static
ParseVersion(std::string::const_iterator line_begin,std::string::const_iterator line_end)786 HttpVersion HttpResponseHeaders::ParseVersion(
787 std::string::const_iterator line_begin,
788 std::string::const_iterator line_end) {
789 std::string::const_iterator p = line_begin;
790
791 // RFC9112 Section 2.3:
792 // HTTP-version = HTTP-name "/" DIGIT "." DIGIT
793 // HTTP-name = %s"HTTP"
794
795 if (!base::StartsWith(base::MakeStringPiece(line_begin, line_end), "http",
796 base::CompareCase::INSENSITIVE_ASCII)) {
797 DVLOG(1) << "missing status line";
798 return HttpVersion();
799 }
800
801 p += 4;
802
803 if (p >= line_end || *p != '/') {
804 DVLOG(1) << "missing version";
805 return HttpVersion();
806 }
807
808 std::string::const_iterator dot = std::find(p, line_end, '.');
809 if (dot == line_end) {
810 DVLOG(1) << "malformed version";
811 return HttpVersion();
812 }
813
814 ++p; // from / to first digit.
815 ++dot; // from . to second digit.
816
817 if (!(base::IsAsciiDigit(*p) && base::IsAsciiDigit(*dot))) {
818 DVLOG(1) << "malformed version number";
819 return HttpVersion();
820 }
821
822 uint16_t major = *p - '0';
823 uint16_t minor = *dot - '0';
824
825 return HttpVersion(major, minor);
826 }
827
828 // Note: this implementation implicitly assumes that line_end points at a valid
829 // sentinel character (such as '\0').
ParseStatusLine(std::string::const_iterator line_begin,std::string::const_iterator line_end,bool has_headers)830 void HttpResponseHeaders::ParseStatusLine(
831 std::string::const_iterator line_begin,
832 std::string::const_iterator line_end,
833 bool has_headers) {
834 // Extract the version number
835 HttpVersion parsed_http_version = ParseVersion(line_begin, line_end);
836
837 // Clamp the version number to one of: {0.9, 1.0, 1.1, 2.0}
838 if (parsed_http_version == HttpVersion(0, 9) && !has_headers) {
839 http_version_ = HttpVersion(0, 9);
840 raw_headers_ = "HTTP/0.9";
841 } else if (parsed_http_version == HttpVersion(2, 0)) {
842 http_version_ = HttpVersion(2, 0);
843 raw_headers_ = "HTTP/2.0";
844 } else if (parsed_http_version >= HttpVersion(1, 1)) {
845 http_version_ = HttpVersion(1, 1);
846 raw_headers_ = "HTTP/1.1";
847 } else {
848 // Treat everything else like HTTP 1.0
849 http_version_ = HttpVersion(1, 0);
850 raw_headers_ = "HTTP/1.0";
851 }
852 if (parsed_http_version != http_version_) {
853 DVLOG(1) << "assuming HTTP/" << http_version_.major_value() << "."
854 << http_version_.minor_value();
855 }
856
857 // TODO(eroman): this doesn't make sense if ParseVersion failed.
858 std::string::const_iterator p = std::find(line_begin, line_end, ' ');
859
860 if (p == line_end) {
861 DVLOG(1) << "missing response status; assuming 200 OK";
862 raw_headers_.append(" 200 OK");
863 response_code_ = net::HTTP_OK;
864 return;
865 }
866
867 response_code_ =
868 ParseStatus(base::MakeStringPiece(p + 1, line_end), raw_headers_);
869 }
870
FindHeader(size_t from,base::StringPiece search) const871 size_t HttpResponseHeaders::FindHeader(size_t from,
872 base::StringPiece search) const {
873 for (size_t i = from; i < parsed_.size(); ++i) {
874 if (parsed_[i].is_continuation())
875 continue;
876 auto name =
877 base::MakeStringPiece(parsed_[i].name_begin, parsed_[i].name_end);
878 if (base::EqualsCaseInsensitiveASCII(search, name))
879 return i;
880 }
881
882 return std::string::npos;
883 }
884
GetCacheControlDirective(base::StringPiece directive,base::TimeDelta * result) const885 bool HttpResponseHeaders::GetCacheControlDirective(
886 base::StringPiece directive,
887 base::TimeDelta* result) const {
888 static constexpr base::StringPiece name("cache-control");
889 std::string value;
890
891 size_t directive_size = directive.size();
892
893 size_t iter = 0;
894 while (EnumerateHeader(&iter, name, &value)) {
895 if (!base::StartsWith(value, directive,
896 base::CompareCase::INSENSITIVE_ASCII)) {
897 continue;
898 }
899 if (value.size() == directive_size || value[directive_size] != '=')
900 continue;
901 // 1*DIGIT with leading and trailing spaces, as described at
902 // https://datatracker.ietf.org/doc/html/rfc7234#section-1.2.1.
903 auto start = value.cbegin() + directive_size + 1;
904 auto end = value.cend();
905 while (start < end && *start == ' ') {
906 // leading spaces
907 ++start;
908 }
909 while (start < end - 1 && *(end - 1) == ' ') {
910 // trailing spaces
911 --end;
912 }
913 if (start == end ||
914 !std::all_of(start, end, [](char c) { return '0' <= c && c <= '9'; })) {
915 continue;
916 }
917 int64_t seconds = 0;
918 base::StringToInt64(base::MakeStringPiece(start, end), &seconds);
919 // We ignore the return value because we've already checked the input
920 // string. For the overflow case we use
921 // base::TimeDelta::FiniteMax().InSeconds().
922 seconds = std::min(seconds, base::TimeDelta::FiniteMax().InSeconds());
923 *result = base::Seconds(seconds);
924 return true;
925 }
926
927 return false;
928 }
929
AddHeader(std::string::const_iterator name_begin,std::string::const_iterator name_end,std::string::const_iterator values_begin,std::string::const_iterator values_end,ContainsCommas contains_commas)930 void HttpResponseHeaders::AddHeader(std::string::const_iterator name_begin,
931 std::string::const_iterator name_end,
932 std::string::const_iterator values_begin,
933 std::string::const_iterator values_end,
934 ContainsCommas contains_commas) {
935 // If the header can be coalesced, then we should split it up.
936 if (values_begin == values_end ||
937 HttpUtil::IsNonCoalescingHeader(
938 base::MakeStringPiece(name_begin, name_end)) ||
939 contains_commas == ContainsCommas::kNo) {
940 AddToParsed(name_begin, name_end, values_begin, values_end);
941 } else {
942 HttpUtil::ValuesIterator it(values_begin, values_end, ',',
943 false /* ignore_empty_values */);
944 while (it.GetNext()) {
945 AddToParsed(name_begin, name_end, it.value_begin(), it.value_end());
946 // clobber these so that subsequent values are treated as continuations
947 name_begin = name_end = values_end;
948 }
949 }
950 }
951
AddToParsed(std::string::const_iterator name_begin,std::string::const_iterator name_end,std::string::const_iterator value_begin,std::string::const_iterator value_end)952 void HttpResponseHeaders::AddToParsed(std::string::const_iterator name_begin,
953 std::string::const_iterator name_end,
954 std::string::const_iterator value_begin,
955 std::string::const_iterator value_end) {
956 ParsedHeader header;
957 header.name_begin = name_begin;
958 header.name_end = name_end;
959 header.value_begin = value_begin;
960 header.value_end = value_end;
961 parsed_.push_back(header);
962 }
963
AddNonCacheableHeaders(HeaderSet * result) const964 void HttpResponseHeaders::AddNonCacheableHeaders(HeaderSet* result) const {
965 // Add server specified transients. Any 'cache-control: no-cache="foo,bar"'
966 // headers present in the response specify additional headers that we should
967 // not store in the cache.
968 const char kCacheControl[] = "cache-control";
969 const char kPrefix[] = "no-cache=\"";
970 const size_t kPrefixLen = sizeof(kPrefix) - 1;
971
972 std::string value;
973 size_t iter = 0;
974 while (EnumerateHeader(&iter, kCacheControl, &value)) {
975 // If the value is smaller than the prefix and a terminal quote, skip
976 // it.
977 if (value.size() <= kPrefixLen ||
978 value.compare(0, kPrefixLen, kPrefix) != 0) {
979 continue;
980 }
981 // if it doesn't end with a quote, then treat as malformed
982 if (value[value.size() - 1] != '\"')
983 continue;
984
985 // process the value as a comma-separated list of items. Each
986 // item can be wrapped by linear white space.
987 std::string::const_iterator item = value.begin() + kPrefixLen;
988 std::string::const_iterator end = value.end() - 1;
989 while (item != end) {
990 // Find the comma to compute the length of the current item,
991 // and the position of the next one.
992 std::string::const_iterator item_next = std::find(item, end, ',');
993 std::string::const_iterator item_end = end;
994 if (item_next != end) {
995 // Skip over comma for next position.
996 item_end = item_next;
997 item_next++;
998 }
999 // trim off leading and trailing whitespace in this item.
1000 HttpUtil::TrimLWS(&item, &item_end);
1001
1002 // assuming the header is not empty, lowercase and insert into set
1003 if (item_end > item) {
1004 result->insert(
1005 base::ToLowerASCII(base::StringPiece(&*item, item_end - item)));
1006 }
1007
1008 // Continue to next item.
1009 item = item_next;
1010 }
1011 }
1012 }
1013
AddHopByHopHeaders(HeaderSet * result)1014 void HttpResponseHeaders::AddHopByHopHeaders(HeaderSet* result) {
1015 for (const auto* header : kHopByHopResponseHeaders)
1016 result->insert(std::string(header));
1017 }
1018
AddCookieHeaders(HeaderSet * result)1019 void HttpResponseHeaders::AddCookieHeaders(HeaderSet* result) {
1020 for (const auto* header : kCookieResponseHeaders)
1021 result->insert(std::string(header));
1022 }
1023
AddChallengeHeaders(HeaderSet * result)1024 void HttpResponseHeaders::AddChallengeHeaders(HeaderSet* result) {
1025 for (const auto* header : kChallengeResponseHeaders)
1026 result->insert(std::string(header));
1027 }
1028
AddHopContentRangeHeaders(HeaderSet * result)1029 void HttpResponseHeaders::AddHopContentRangeHeaders(HeaderSet* result) {
1030 result->insert(kContentRange);
1031 }
1032
AddSecurityStateHeaders(HeaderSet * result)1033 void HttpResponseHeaders::AddSecurityStateHeaders(HeaderSet* result) {
1034 for (const auto* header : kSecurityStateHeaders)
1035 result->insert(std::string(header));
1036 }
1037
GetMimeTypeAndCharset(std::string * mime_type,std::string * charset) const1038 void HttpResponseHeaders::GetMimeTypeAndCharset(std::string* mime_type,
1039 std::string* charset) const {
1040 mime_type->clear();
1041 charset->clear();
1042
1043 std::string name = "content-type";
1044 std::string value;
1045
1046 bool had_charset = false;
1047
1048 size_t iter = 0;
1049 while (EnumerateHeader(&iter, name, &value))
1050 HttpUtil::ParseContentType(value, mime_type, charset, &had_charset,
1051 nullptr);
1052 }
1053
GetMimeType(std::string * mime_type) const1054 bool HttpResponseHeaders::GetMimeType(std::string* mime_type) const {
1055 std::string unused;
1056 GetMimeTypeAndCharset(mime_type, &unused);
1057 return !mime_type->empty();
1058 }
1059
GetCharset(std::string * charset) const1060 bool HttpResponseHeaders::GetCharset(std::string* charset) const {
1061 std::string unused;
1062 GetMimeTypeAndCharset(&unused, charset);
1063 return !charset->empty();
1064 }
1065
IsRedirect(std::string * location) const1066 bool HttpResponseHeaders::IsRedirect(std::string* location) const {
1067 if (!IsRedirectResponseCode(response_code_))
1068 return false;
1069
1070 // If we lack a Location header, then we can't treat this as a redirect.
1071 // We assume that the first non-empty location value is the target URL that
1072 // we want to follow. TODO(darin): Is this consistent with other browsers?
1073 size_t i = std::string::npos;
1074 do {
1075 i = FindHeader(++i, "location");
1076 if (i == std::string::npos)
1077 return false;
1078 // If the location value is empty, then it doesn't count.
1079 } while (parsed_[i].value_begin == parsed_[i].value_end);
1080
1081 if (location) {
1082 auto location_strpiece =
1083 base::MakeStringPiece(parsed_[i].value_begin, parsed_[i].value_end);
1084 // Escape any non-ASCII characters to preserve them. The server should
1085 // only be returning ASCII here, but for compat we need to do this.
1086 //
1087 // The URL parser escapes things internally, but it expect the bytes to be
1088 // valid UTF-8, so encoding errors turn into replacement characters before
1089 // escaping. Escaping here preserves the bytes as-is. See
1090 // https://crbug.com/942073#c14.
1091 *location = base::EscapeNonASCII(location_strpiece);
1092 }
1093
1094 return true;
1095 }
1096
1097 // static
IsRedirectResponseCode(int response_code)1098 bool HttpResponseHeaders::IsRedirectResponseCode(int response_code) {
1099 // Users probably want to see 300 (multiple choice) pages, so we don't count
1100 // them as redirects that need to be followed.
1101 return (response_code == net::HTTP_MOVED_PERMANENTLY ||
1102 response_code == net::HTTP_FOUND ||
1103 response_code == net::HTTP_SEE_OTHER ||
1104 response_code == net::HTTP_TEMPORARY_REDIRECT ||
1105 response_code == net::HTTP_PERMANENT_REDIRECT);
1106 }
1107
1108 // From RFC 2616 section 13.2.4:
1109 //
1110 // The calculation to determine if a response has expired is quite simple:
1111 //
1112 // response_is_fresh = (freshness_lifetime > current_age)
1113 //
1114 // Of course, there are other factors that can force a response to always be
1115 // validated or re-fetched.
1116 //
1117 // From RFC 5861 section 3, a stale response may be used while revalidation is
1118 // performed in the background if
1119 //
1120 // freshness_lifetime + stale_while_revalidate > current_age
1121 //
RequiresValidation(const Time & request_time,const Time & response_time,const Time & current_time) const1122 ValidationType HttpResponseHeaders::RequiresValidation(
1123 const Time& request_time,
1124 const Time& response_time,
1125 const Time& current_time) const {
1126 FreshnessLifetimes lifetimes = GetFreshnessLifetimes(response_time);
1127 if (lifetimes.freshness.is_zero() && lifetimes.staleness.is_zero())
1128 return VALIDATION_SYNCHRONOUS;
1129
1130 base::TimeDelta age =
1131 GetCurrentAge(request_time, response_time, current_time);
1132
1133 if (lifetimes.freshness > age)
1134 return VALIDATION_NONE;
1135
1136 if (lifetimes.freshness + lifetimes.staleness > age)
1137 return VALIDATION_ASYNCHRONOUS;
1138
1139 return VALIDATION_SYNCHRONOUS;
1140 }
1141
1142 // From RFC 2616 section 13.2.4:
1143 //
1144 // The max-age directive takes priority over Expires, so if max-age is present
1145 // in a response, the calculation is simply:
1146 //
1147 // freshness_lifetime = max_age_value
1148 //
1149 // Otherwise, if Expires is present in the response, the calculation is:
1150 //
1151 // freshness_lifetime = expires_value - date_value
1152 //
1153 // Note that neither of these calculations is vulnerable to clock skew, since
1154 // all of the information comes from the origin server.
1155 //
1156 // Also, if the response does have a Last-Modified time, the heuristic
1157 // expiration value SHOULD be no more than some fraction of the interval since
1158 // that time. A typical setting of this fraction might be 10%:
1159 //
1160 // freshness_lifetime = (date_value - last_modified_value) * 0.10
1161 //
1162 // If the stale-while-revalidate directive is present, then it is used to set
1163 // the |staleness| time, unless it overridden by another directive.
1164 //
1165 HttpResponseHeaders::FreshnessLifetimes
GetFreshnessLifetimes(const Time & response_time) const1166 HttpResponseHeaders::GetFreshnessLifetimes(const Time& response_time) const {
1167 FreshnessLifetimes lifetimes;
1168 // Check for headers that force a response to never be fresh. For backwards
1169 // compat, we treat "Pragma: no-cache" as a synonym for "Cache-Control:
1170 // no-cache" even though RFC 2616 does not specify it.
1171 if (HasHeaderValue("cache-control", "no-cache") ||
1172 HasHeaderValue("cache-control", "no-store") ||
1173 HasHeaderValue("pragma", "no-cache")) {
1174 return lifetimes;
1175 }
1176
1177 // Cache-Control directive must_revalidate overrides stale-while-revalidate.
1178 bool must_revalidate = HasHeaderValue("cache-control", "must-revalidate");
1179
1180 if (must_revalidate || !GetStaleWhileRevalidateValue(&lifetimes.staleness)) {
1181 DCHECK_EQ(base::TimeDelta(), lifetimes.staleness);
1182 }
1183
1184 // NOTE: "Cache-Control: max-age" overrides Expires, so we only check the
1185 // Expires header after checking for max-age in GetFreshnessLifetimes. This
1186 // is important since "Expires: <date in the past>" means not fresh, but
1187 // it should not trump a max-age value.
1188 if (GetMaxAgeValue(&lifetimes.freshness))
1189 return lifetimes;
1190
1191 // If there is no Date header, then assume that the server response was
1192 // generated at the time when we received the response.
1193 Time date_value;
1194 if (!GetDateValue(&date_value))
1195 date_value = response_time;
1196
1197 Time expires_value;
1198 if (GetExpiresValue(&expires_value)) {
1199 // The expires value can be a date in the past!
1200 if (expires_value > date_value) {
1201 lifetimes.freshness = expires_value - date_value;
1202 return lifetimes;
1203 }
1204
1205 DCHECK_EQ(base::TimeDelta(), lifetimes.freshness);
1206 return lifetimes;
1207 }
1208
1209 // From RFC 2616 section 13.4:
1210 //
1211 // A response received with a status code of 200, 203, 206, 300, 301 or 410
1212 // MAY be stored by a cache and used in reply to a subsequent request,
1213 // subject to the expiration mechanism, unless a cache-control directive
1214 // prohibits caching.
1215 // ...
1216 // A response received with any other status code (e.g. status codes 302
1217 // and 307) MUST NOT be returned in a reply to a subsequent request unless
1218 // there are cache-control directives or another header(s) that explicitly
1219 // allow it.
1220 //
1221 // From RFC 2616 section 14.9.4:
1222 //
1223 // When the must-revalidate directive is present in a response received by
1224 // a cache, that cache MUST NOT use the entry after it becomes stale to
1225 // respond to a subsequent request without first revalidating it with the
1226 // origin server. (I.e., the cache MUST do an end-to-end revalidation every
1227 // time, if, based solely on the origin server's Expires or max-age value,
1228 // the cached response is stale.)
1229 //
1230 // https://datatracker.ietf.org/doc/draft-reschke-http-status-308/ is an
1231 // experimental RFC that adds 308 permanent redirect as well, for which "any
1232 // future references ... SHOULD use one of the returned URIs."
1233 if ((response_code_ == net::HTTP_OK ||
1234 response_code_ == net::HTTP_NON_AUTHORITATIVE_INFORMATION ||
1235 response_code_ == net::HTTP_PARTIAL_CONTENT) &&
1236 !must_revalidate) {
1237 // TODO(darin): Implement a smarter heuristic.
1238 Time last_modified_value;
1239 if (GetLastModifiedValue(&last_modified_value)) {
1240 // The last-modified value can be a date in the future!
1241 if (last_modified_value <= date_value) {
1242 lifetimes.freshness = (date_value - last_modified_value) / 10;
1243 return lifetimes;
1244 }
1245 }
1246 }
1247
1248 // These responses are implicitly fresh (unless otherwise overruled):
1249 if (response_code_ == net::HTTP_MULTIPLE_CHOICES ||
1250 response_code_ == net::HTTP_MOVED_PERMANENTLY ||
1251 response_code_ == net::HTTP_PERMANENT_REDIRECT ||
1252 response_code_ == net::HTTP_GONE) {
1253 lifetimes.freshness = base::TimeDelta::Max();
1254 lifetimes.staleness = base::TimeDelta(); // It should never be stale.
1255 return lifetimes;
1256 }
1257
1258 // Our heuristic freshness estimate for this resource is 0 seconds, in
1259 // accordance with common browser behaviour. However, stale-while-revalidate
1260 // may still apply.
1261 DCHECK_EQ(base::TimeDelta(), lifetimes.freshness);
1262 return lifetimes;
1263 }
1264
1265 // From RFC 7234 section 4.2.3:
1266 //
1267 // The following data is used for the age calculation:
1268 //
1269 // age_value
1270 //
1271 // The term "age_value" denotes the value of the Age header field
1272 // (Section 5.1), in a form appropriate for arithmetic operation; or
1273 // 0, if not available.
1274 //
1275 // date_value
1276 //
1277 // The term "date_value" denotes the value of the Date header field,
1278 // in a form appropriate for arithmetic operations. See Section
1279 // 7.1.1.2 of [RFC7231] for the definition of the Date header field,
1280 // and for requirements regarding responses without it.
1281 //
1282 // now
1283 //
1284 // The term "now" means "the current value of the clock at the host
1285 // performing the calculation". A host ought to use NTP ([RFC5905])
1286 // or some similar protocol to synchronize its clocks to Coordinated
1287 // Universal Time.
1288 //
1289 // request_time
1290 //
1291 // The current value of the clock at the host at the time the request
1292 // resulting in the stored response was made.
1293 //
1294 // response_time
1295 //
1296 // The current value of the clock at the host at the time the
1297 // response was received.
1298 //
1299 // The age is then calculated as
1300 //
1301 // apparent_age = max(0, response_time - date_value);
1302 // response_delay = response_time - request_time;
1303 // corrected_age_value = age_value + response_delay;
1304 // corrected_initial_age = max(apparent_age, corrected_age_value);
1305 // resident_time = now - response_time;
1306 // current_age = corrected_initial_age + resident_time;
1307 //
GetCurrentAge(const Time & request_time,const Time & response_time,const Time & current_time) const1308 base::TimeDelta HttpResponseHeaders::GetCurrentAge(
1309 const Time& request_time,
1310 const Time& response_time,
1311 const Time& current_time) const {
1312 // If there is no Date header, then assume that the server response was
1313 // generated at the time when we received the response.
1314 Time date_value;
1315 if (!GetDateValue(&date_value))
1316 date_value = response_time;
1317
1318 // If there is no Age header, then assume age is zero. GetAgeValue does not
1319 // modify its out param if the value does not exist.
1320 base::TimeDelta age_value;
1321 GetAgeValue(&age_value);
1322
1323 base::TimeDelta apparent_age =
1324 std::max(base::TimeDelta(), response_time - date_value);
1325 base::TimeDelta response_delay = response_time - request_time;
1326 base::TimeDelta corrected_age_value = age_value + response_delay;
1327 base::TimeDelta corrected_initial_age =
1328 std::max(apparent_age, corrected_age_value);
1329 base::TimeDelta resident_time = current_time - response_time;
1330 base::TimeDelta current_age = corrected_initial_age + resident_time;
1331
1332 return current_age;
1333 }
1334
GetMaxAgeValue(base::TimeDelta * result) const1335 bool HttpResponseHeaders::GetMaxAgeValue(base::TimeDelta* result) const {
1336 return GetCacheControlDirective("max-age", result);
1337 }
1338
GetAgeValue(base::TimeDelta * result) const1339 bool HttpResponseHeaders::GetAgeValue(base::TimeDelta* result) const {
1340 std::string value;
1341 if (!EnumerateHeader(nullptr, "Age", &value))
1342 return false;
1343
1344 // Parse the delta-seconds as 1*DIGIT.
1345 uint32_t seconds;
1346 ParseIntError error;
1347 if (!ParseUint32(value, ParseIntFormat::NON_NEGATIVE, &seconds, &error)) {
1348 if (error == ParseIntError::FAILED_OVERFLOW) {
1349 // If the Age value cannot fit in a uint32_t, saturate it to a maximum
1350 // value. This is similar to what RFC 2616 says in section 14.6 for how
1351 // caches should transmit values that overflow.
1352 seconds = std::numeric_limits<decltype(seconds)>::max();
1353 } else {
1354 return false;
1355 }
1356 }
1357
1358 *result = base::Seconds(seconds);
1359 return true;
1360 }
1361
GetDateValue(Time * result) const1362 bool HttpResponseHeaders::GetDateValue(Time* result) const {
1363 return GetTimeValuedHeader("Date", result);
1364 }
1365
GetLastModifiedValue(Time * result) const1366 bool HttpResponseHeaders::GetLastModifiedValue(Time* result) const {
1367 return GetTimeValuedHeader("Last-Modified", result);
1368 }
1369
GetExpiresValue(Time * result) const1370 bool HttpResponseHeaders::GetExpiresValue(Time* result) const {
1371 return GetTimeValuedHeader("Expires", result);
1372 }
1373
GetStaleWhileRevalidateValue(base::TimeDelta * result) const1374 bool HttpResponseHeaders::GetStaleWhileRevalidateValue(
1375 base::TimeDelta* result) const {
1376 return GetCacheControlDirective("stale-while-revalidate", result);
1377 }
1378
GetTimeValuedHeader(const std::string & name,Time * result) const1379 bool HttpResponseHeaders::GetTimeValuedHeader(const std::string& name,
1380 Time* result) const {
1381 std::string value;
1382 if (!EnumerateHeader(nullptr, name, &value))
1383 return false;
1384
1385 // In case of parsing the Expires header value, an invalid string 0 should be
1386 // treated as expired according to the RFC 9111 section 5.3 as below:
1387 //
1388 // > A cache recipient MUST interpret invalid date formats, especially the
1389 // > value "0", as representing a time in the past (i.e., "already expired").
1390 if (base::FeatureList::IsEnabled(
1391 features::kTreatHTTPExpiresHeaderValueZeroAsExpired) &&
1392 name == "Expires" && value == "0") {
1393 *result = Time::Min();
1394 return true;
1395 }
1396
1397 // When parsing HTTP dates it's beneficial to default to GMT because:
1398 // 1. RFC2616 3.3.1 says times should always be specified in GMT
1399 // 2. Only counter-example incorrectly appended "UTC" (crbug.com/153759)
1400 // 3. When adjusting cookie expiration times for clock skew
1401 // (crbug.com/135131) this better matches our cookie expiration
1402 // time parser which ignores timezone specifiers and assumes GMT.
1403 // 4. This is exactly what Firefox does.
1404 // TODO(pauljensen): The ideal solution would be to return false if the
1405 // timezone could not be understood so as to avoid makeing other calculations
1406 // based on an incorrect time. This would require modifying the time
1407 // library or duplicating the code. (http://crbug.com/158327)
1408 return Time::FromUTCString(value.c_str(), result);
1409 }
1410
1411 // We accept the first value of "close" or "keep-alive" in a Connection or
1412 // Proxy-Connection header, in that order. Obeying "keep-alive" in HTTP/1.1 or
1413 // "close" in 1.0 is not strictly standards-compliant, but we'd like to
1414 // avoid looking at the Proxy-Connection header whenever it is reasonable to do
1415 // so.
1416 // TODO(ricea): Measure real-world usage of the "Proxy-Connection" header,
1417 // with a view to reducing support for it in order to make our Connection header
1418 // handling more RFC 7230 compliant.
IsKeepAlive() const1419 bool HttpResponseHeaders::IsKeepAlive() const {
1420 // NOTE: It is perhaps risky to assume that a Proxy-Connection header is
1421 // meaningful when we don't know that this response was from a proxy, but
1422 // Mozilla also does this, so we'll do the same.
1423 static const char* const kConnectionHeaders[] = {"connection",
1424 "proxy-connection"};
1425 struct KeepAliveToken {
1426 const char* const token;
1427 bool keep_alive;
1428 };
1429 static const KeepAliveToken kKeepAliveTokens[] = {{"keep-alive", true},
1430 {"close", false}};
1431
1432 if (http_version_ < HttpVersion(1, 0))
1433 return false;
1434
1435 for (const char* header : kConnectionHeaders) {
1436 size_t iterator = 0;
1437 std::string token;
1438 while (EnumerateHeader(&iterator, header, &token)) {
1439 for (const KeepAliveToken& keep_alive_token : kKeepAliveTokens) {
1440 if (base::EqualsCaseInsensitiveASCII(token, keep_alive_token.token))
1441 return keep_alive_token.keep_alive;
1442 }
1443 }
1444 }
1445 return http_version_ != HttpVersion(1, 0);
1446 }
1447
HasStrongValidators() const1448 bool HttpResponseHeaders::HasStrongValidators() const {
1449 std::string etag_header;
1450 EnumerateHeader(nullptr, "etag", &etag_header);
1451 std::string last_modified_header;
1452 EnumerateHeader(nullptr, "Last-Modified", &last_modified_header);
1453 std::string date_header;
1454 EnumerateHeader(nullptr, "Date", &date_header);
1455 return HttpUtil::HasStrongValidators(GetHttpVersion(), etag_header,
1456 last_modified_header, date_header);
1457 }
1458
HasValidators() const1459 bool HttpResponseHeaders::HasValidators() const {
1460 std::string etag_header;
1461 EnumerateHeader(nullptr, "etag", &etag_header);
1462 std::string last_modified_header;
1463 EnumerateHeader(nullptr, "Last-Modified", &last_modified_header);
1464 return HttpUtil::HasValidators(GetHttpVersion(), etag_header,
1465 last_modified_header);
1466 }
1467
1468 // From RFC 2616:
1469 // Content-Length = "Content-Length" ":" 1*DIGIT
GetContentLength() const1470 int64_t HttpResponseHeaders::GetContentLength() const {
1471 return GetInt64HeaderValue("content-length");
1472 }
1473
GetInt64HeaderValue(const std::string & header) const1474 int64_t HttpResponseHeaders::GetInt64HeaderValue(
1475 const std::string& header) const {
1476 size_t iter = 0;
1477 std::string content_length_val;
1478 if (!EnumerateHeader(&iter, header, &content_length_val))
1479 return -1;
1480
1481 if (content_length_val.empty())
1482 return -1;
1483
1484 if (content_length_val[0] == '+')
1485 return -1;
1486
1487 int64_t result;
1488 bool ok = base::StringToInt64(content_length_val, &result);
1489 if (!ok || result < 0)
1490 return -1;
1491
1492 return result;
1493 }
1494
GetContentRangeFor206(int64_t * first_byte_position,int64_t * last_byte_position,int64_t * instance_length) const1495 bool HttpResponseHeaders::GetContentRangeFor206(
1496 int64_t* first_byte_position,
1497 int64_t* last_byte_position,
1498 int64_t* instance_length) const {
1499 size_t iter = 0;
1500 std::string content_range_spec;
1501 if (!EnumerateHeader(&iter, kContentRange, &content_range_spec)) {
1502 *first_byte_position = *last_byte_position = *instance_length = -1;
1503 return false;
1504 }
1505
1506 return HttpUtil::ParseContentRangeHeaderFor206(
1507 content_range_spec, first_byte_position, last_byte_position,
1508 instance_length);
1509 }
1510
NetLogParams(NetLogCaptureMode capture_mode) const1511 base::Value::Dict HttpResponseHeaders::NetLogParams(
1512 NetLogCaptureMode capture_mode) const {
1513 base::Value::Dict dict;
1514 base::Value::List headers;
1515 headers.Append(NetLogStringValue(GetStatusLine()));
1516 size_t iterator = 0;
1517 std::string name;
1518 std::string value;
1519 while (EnumerateHeaderLines(&iterator, &name, &value)) {
1520 std::string log_value =
1521 ElideHeaderValueForNetLog(capture_mode, name, value);
1522 headers.Append(NetLogStringValue(base::StrCat({name, ": ", log_value})));
1523 }
1524 dict.Set("headers", std::move(headers));
1525 return dict;
1526 }
1527
IsChunkEncoded() const1528 bool HttpResponseHeaders::IsChunkEncoded() const {
1529 // Ignore spurious chunked responses from HTTP/1.0 servers and proxies.
1530 return GetHttpVersion() >= HttpVersion(1, 1) &&
1531 HasHeaderValue("Transfer-Encoding", "chunked");
1532 }
1533
IsCookieResponseHeader(base::StringPiece name)1534 bool HttpResponseHeaders::IsCookieResponseHeader(base::StringPiece name) {
1535 for (const char* cookie_header : kCookieResponseHeaders) {
1536 if (base::EqualsCaseInsensitiveASCII(cookie_header, name))
1537 return true;
1538 }
1539 return false;
1540 }
1541
WriteIntoTrace(perfetto::TracedValue context) const1542 void HttpResponseHeaders::WriteIntoTrace(perfetto::TracedValue context) const {
1543 perfetto::TracedDictionary dict = std::move(context).WriteDictionary();
1544 dict.Add("response_code", response_code_);
1545 dict.Add("headers", parsed_);
1546 }
1547
StrictlyEquals(const HttpResponseHeaders & other) const1548 bool HttpResponseHeaders::StrictlyEquals(
1549 const HttpResponseHeaders& other) const {
1550 if (http_version_ != other.http_version_ ||
1551 response_code_ != other.response_code_ ||
1552 raw_headers_ != other.raw_headers_ ||
1553 parsed_.size() != other.parsed_.size()) {
1554 return false;
1555 }
1556
1557 auto offsets_match = [&](std::string::const_iterator this_offset,
1558 std::string::const_iterator other_offset) {
1559 return this_offset - raw_headers_.begin() ==
1560 other_offset - other.raw_headers_.begin();
1561 };
1562 return std::mismatch(parsed_.begin(), parsed_.end(), other.parsed_.begin(),
1563 [&](const ParsedHeader& lhs, const ParsedHeader& rhs) {
1564 return offsets_match(lhs.name_begin, rhs.name_begin) &&
1565 offsets_match(lhs.name_end, rhs.name_end) &&
1566 offsets_match(lhs.value_begin,
1567 rhs.value_begin) &&
1568 offsets_match(lhs.value_end, rhs.value_end);
1569 }) == std::make_pair(parsed_.end(), other.parsed_.end());
1570 }
1571
1572 } // namespace net
1573