Browse Source

[core] config option to allow GET w/ request body

server.http-parseopts = ( "method-get-body" = "enable" )
personal/stbuehler/ci-build
Glenn Strauss 3 years ago
parent
commit
8441c9e8e8
  1. 1
      src/base.h
  2. 1
      src/burl.h
  3. 7
      src/configfile.c
  4. 3
      src/request.c

1
src/base.h

@ -336,6 +336,7 @@ typedef struct {
unsigned short http_host_strict;
unsigned short http_host_normalize;
unsigned short http_url_normalize;
unsigned short http_method_get_body;
unsigned short high_precision_timestamps;
time_t loadts;
double loadavg[3];

1
src/burl.h

@ -26,6 +26,7 @@ enum burl_opts_e {
,HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REMOVE =0x400/* "." ".." "//" */
,HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REJECT =0x800
,HTTP_PARSEOPT_URL_NORMALIZE_QUERY_20_PLUS =0x1000
,HTTP_PARSEOPT_METHOD_GET_BODY =0x8000
};
int burl_normalize (buffer *b, buffer *t, int flags);

7
src/configfile.c

@ -121,6 +121,10 @@ static int config_http_parseopts (server *srv, array *a) {
srv->srvconf.http_host_normalize = val;
continue;
}
else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("method-get-body"))) {
srv->srvconf.http_method_get_body = val;
continue;
}
else {
log_error_write(srv, __FILE__, __LINE__, "sb",
"unrecognized key for server.http-parseopts:",
@ -528,7 +532,8 @@ static int config_insert(server *srv) {
(srv->srvconf.http_header_strict ?(HTTP_PARSEOPT_HEADER_STRICT) :0)
|(srv->srvconf.http_host_strict ?(HTTP_PARSEOPT_HOST_STRICT
|HTTP_PARSEOPT_HOST_NORMALIZE):0)
|(srv->srvconf.http_host_normalize ?(HTTP_PARSEOPT_HOST_NORMALIZE):0);
|(srv->srvconf.http_host_normalize ?(HTTP_PARSEOPT_HOST_NORMALIZE):0)
|(srv->srvconf.http_method_get_body?(HTTP_PARSEOPT_METHOD_GET_BODY):0);
s->http_parseopts |= srv->srvconf.http_url_normalize;
if (s->log_request_handling || s->log_request_header)

3
src/request.c

@ -891,7 +891,8 @@ int http_request_parse(server *srv, connection *con, buffer *hdrs) {
case HTTP_METHOD_GET:
case HTTP_METHOD_HEAD:
/* content-length is forbidden for those */
if (state.con_length_set && con->request.content_length != 0) {
if (state.con_length_set && 0 != con->request.content_length
&& !(con->conf.http_parseopts & HTTP_PARSEOPT_METHOD_GET_BODY)) {
return http_request_header_line_invalid(srv, 400, "GET/HEAD with content-length -> 400");
}
break;

Loading…
Cancel
Save