Commit 7d8781ee authored by deuce's avatar deuce
Browse files

As with CGI, if a script specifies a Content-Length or Transfer-Encoding

header, don't calculate either one and let the script shoot itself in the
foot.

Also, if a Location header is set, try an internal redirect rather than
forcing the client to handle it.

Now scripts can avoid chunked mode by specifying a correct content-length
if the content-length is wrong though, Bad Things will happen.
parent 15df631b
......@@ -239,6 +239,7 @@ typedef struct {
char *cleanup_file[MAX_CLEANUPS];
BOOL sent_headers;
BOOL prev_write;
BOOL manual_length;
/* webctrl.ini overrides */
char *error_dir;
......@@ -1352,7 +1353,7 @@ static BOOL send_headers(http_session_t *session, const char *status, int chunke
/* DO NOT send a content-length for chunked */
if(send_entity) {
if(session->req.dynamic!=IS_CGI && session->req.dynamic!=IS_FASTCGI && (!chunked)) {
if(session->req.dynamic!=IS_CGI && session->req.dynamic!=IS_FASTCGI && (!chunked) && (!session->req.manual_length)) {
if(ret) {
safe_snprintf(header,sizeof(header),"%s: %s",get_header(HEAD_LENGTH),"0");
safecat(headers,header,MAX_HEADERS_SIZE);
......@@ -5695,7 +5696,7 @@ static BOOL ssjs_send_headers(http_session_t* session,int chunked)
JSObject* reply;
JSIdArray* heads;
JSObject* headers;
int i;
int i, h;
char str[MAX_REQUEST_LINE+1];
char *p=NULL,*p2=NULL;
size_t p_sz=0, p2_sz=0;
......@@ -5728,8 +5729,31 @@ static BOOL ssjs_send_headers(http_session_t* session,int chunked)
free(p2);
return FALSE;
}
safe_snprintf(str,sizeof(str),"%s: %s",p,p2);
strListPush(&session->req.dynamic_heads,str);
h = get_header_type(p);
switch(h) {
case HEAD_LOCATION:
if (*p2 == '/') {
unescape(p2);
SAFECOPY(session->req.virtual_path,p2);
session->req.send_location=MOVED_STAT;
}
else {
SAFECOPY(session->req.virtual_path,p2);
session->req.send_location=MOVED_TEMP;
}
if (atoi(session->req.status) == 200)
SAFECOPY(session->req.status, error_302);
break;
case HEAD_LENGTH:
case HEAD_TRANSFER_ENCODING:
/* If either of these are manually set, point
* the gun at the script writers foot for them */
chunked = false;
session->req.manual_length = TRUE;
default:
safe_snprintf(str,sizeof(str),"%s: %s",p,p2);
strListPush(&session->req.dynamic_heads,str);
}
}
if(p)
free(p);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment