src/pkg/net/http/transfer.go - The Go Programming Language

Golang

Source file src/pkg/net/http/transfer.go

     1	// Copyright 2009 The Go Authors. All rights reserved.
     2	// Use of this source code is governed by a BSD-style
     3	// license that can be found in the LICENSE file.
     4	
     5	package http
     6	
     7	import (
     8		"bufio"
     9		"bytes"
    10		"errors"
    11		"fmt"
    12		"io"
    13		"io/ioutil"
    14		"net/textproto"
    15		"strconv"
    16		"strings"
    17	)
    18	
    19	// transferWriter inspects the fields of a user-supplied Request or Response,
    20	// sanitizes them without changing the user object and provides methods for
    21	// writing the respective header, body and trailer in wire format.
    22	type transferWriter struct {
    23		Method           string
    24		Body             io.Reader
    25		BodyCloser       io.Closer
    26		ResponseToHEAD   bool
    27		ContentLength    int64 // -1 means unknown, 0 means exactly none
    28		Close            bool
    29		TransferEncoding []string
    30		Trailer          Header
    31	}
    32	
    33	func newTransferWriter(r interface{}) (t *transferWriter, err error) {
    34		t = &transferWriter{}
    35	
    36		// Extract relevant fields
    37		atLeastHTTP11 := false
    38		switch rr := r.(type) {
    39		case *Request:
    40			if rr.ContentLength != 0 && rr.Body == nil {
    41				return nil, fmt.Errorf("http: Request.ContentLength=%d with nil Body", rr.ContentLength)
    42			}
    43			t.Method = rr.Method
    44			t.Body = rr.Body
    45			t.BodyCloser = rr.Body
    46			t.ContentLength = rr.ContentLength
    47			t.Close = rr.Close
    48			t.TransferEncoding = rr.TransferEncoding
    49			t.Trailer = rr.Trailer
    50			atLeastHTTP11 = rr.ProtoAtLeast(1, 1)
    51			if t.Body != nil && len(t.TransferEncoding) == 0 && atLeastHTTP11 {
    52				if t.ContentLength == 0 {
    53					// Test to see if it's actually zero or just unset.
    54					var buf [1]byte
    55					n, _ := io.ReadFull(t.Body, buf[:])
    56					if n == 1 {
    57						// Oh, guess there is data in this Body Reader after all.
    58						// The ContentLength field just wasn't set.
    59						// Stich the Body back together again, re-attaching our
    60						// consumed byte.
    61						t.ContentLength = -1
    62						t.Body = io.MultiReader(bytes.NewBuffer(buf[:]), t.Body)
    63					} else {
    64						// Body is actually empty.
    65						t.Body = nil
    66						t.BodyCloser = nil
    67					}
    68				}
    69				if t.ContentLength < 0 {
    70					t.TransferEncoding = []string{"chunked"}
    71				}
    72			}
    73		case *Response:
    74			t.Method = rr.Request.Method
    75			t.Body = rr.Body
    76			t.BodyCloser = rr.Body
    77			t.ContentLength = rr.ContentLength
    78			t.Close = rr.Close
    79			t.TransferEncoding = rr.TransferEncoding
    80			t.Trailer = rr.Trailer
    81			atLeastHTTP11 = rr.ProtoAtLeast(1, 1)
    82			t.ResponseToHEAD = noBodyExpected(rr.Request.Method)
    83		}
    84	
    85		// Sanitize Body,ContentLength,TransferEncoding
    86		if t.ResponseToHEAD {
    87			t.Body = nil
    88			t.TransferEncoding = nil
    89			// ContentLength is expected to hold Content-Length
    90			if t.ContentLength < 0 {
    91				return nil, ErrMissingContentLength
    92			}
    93		} else {
    94			if !atLeastHTTP11 || t.Body == nil {
    95				t.TransferEncoding = nil
    96			}
    97			if chunked(t.TransferEncoding) {
    98				t.ContentLength = -1
    99			} else if t.Body == nil { // no chunking, no body
   100				t.ContentLength = 0
   101			}
   102		}
   103	
   104		// Sanitize Trailer
   105		if !chunked(t.TransferEncoding) {
   106			t.Trailer = nil
   107		}
   108	
   109		return t, nil
   110	}
   111	
   112	func noBodyExpected(requestMethod string) bool {
   113		return requestMethod == "HEAD"
   114	}
   115	
   116	func (t *transferWriter) shouldSendContentLength() bool {
   117		if chunked(t.TransferEncoding) {
   118			return false
   119		}
   120		if t.ContentLength > 0 {
   121			return true
   122		}
   123		if t.ResponseToHEAD {
   124			return true
   125		}
   126		// Many servers expect a Content-Length for these methods
   127		if t.Method == "POST" || t.Method == "PUT" {
   128			return true
   129		}
   130		if t.ContentLength == 0 && isIdentity(t.TransferEncoding) {
   131			return true
   132		}
   133	
   134		return false
   135	}
   136	
   137	func (t *transferWriter) WriteHeader(w io.Writer) (err error) {
   138		if t.Close {
   139			_, err = io.WriteString(w, "Connection: close\r\n")
   140			if err != nil {
   141				return
   142			}
   143		}
   144	
   145		// Write Content-Length and/or Transfer-Encoding whose values are a
   146		// function of the sanitized field triple (Body, ContentLength,
   147		// TransferEncoding)
   148		if t.shouldSendContentLength() {
   149			io.WriteString(w, "Content-Length: ")
   150			_, err = io.WriteString(w, strconv.FormatInt(t.ContentLength, 10)+"\r\n")
   151			if err != nil {
   152				return
   153			}
   154		} else if chunked(t.TransferEncoding) {
   155			_, err = io.WriteString(w, "Transfer-Encoding: chunked\r\n")
   156			if err != nil {
   157				return
   158			}
   159		}
   160	
   161		// Write Trailer header
   162		if t.Trailer != nil {
   163			// TODO: At some point, there should be a generic mechanism for
   164			// writing long headers, using HTTP line splitting
   165			io.WriteString(w, "Trailer: ")
   166			needComma := false
   167			for k := range t.Trailer {
   168				k = CanonicalHeaderKey(k)
   169				switch k {
   170				case "Transfer-Encoding", "Trailer", "Content-Length":
   171					return &badStringError{"invalid Trailer key", k}
   172				}
   173				if needComma {
   174					io.WriteString(w, ",")
   175				}
   176				io.WriteString(w, k)
   177				needComma = true
   178			}
   179			_, err = io.WriteString(w, "\r\n")
   180		}
   181	
   182		return
   183	}
   184	
   185	func (t *transferWriter) WriteBody(w io.Writer) (err error) {
   186		var ncopy int64
   187	
   188		// Write body
   189		if t.Body != nil {
   190			if chunked(t.TransferEncoding) {
   191				cw := newChunkedWriter(w)
   192				_, err = io.Copy(cw, t.Body)
   193				if err == nil {
   194					err = cw.Close()
   195				}
   196			} else if t.ContentLength == -1 {
   197				ncopy, err = io.Copy(w, t.Body)
   198			} else {
   199				ncopy, err = io.Copy(w, io.LimitReader(t.Body, t.ContentLength))
   200				nextra, err := io.Copy(ioutil.Discard, t.Body)
   201				if err != nil {
   202					return err
   203				}
   204				ncopy += nextra
   205			}
   206			if err != nil {
   207				return err
   208			}
   209			if err = t.BodyCloser.Close(); err != nil {
   210				return err
   211			}
   212		}
   213	
   214		if t.ContentLength != -1 && t.ContentLength != ncopy {
   215			return fmt.Errorf("http: Request.ContentLength=%d with Body length %d",
   216				t.ContentLength, ncopy)
   217		}
   218	
   219		// TODO(petar): Place trailer writer code here.
   220		if chunked(t.TransferEncoding) {
   221			// Last chunk, empty trailer
   222			_, err = io.WriteString(w, "\r\n")
   223		}
   224	
   225		return
   226	}
   227	
   228	type transferReader struct {
   229		// Input
   230		Header        Header
   231		StatusCode    int
   232		RequestMethod string
   233		ProtoMajor    int
   234		ProtoMinor    int
   235		// Output
   236		Body             io.ReadCloser
   237		ContentLength    int64
   238		TransferEncoding []string
   239		Close            bool
   240		Trailer          Header
   241	}
   242	
   243	// bodyAllowedForStatus returns whether a given response status code
   244	// permits a body.  See RFC2616, section 4.4.
   245	func bodyAllowedForStatus(status int) bool {
   246		switch {
   247		case status >= 100 && status <= 199:
   248			return false
   249		case status == 204:
   250			return false
   251		case status == 304:
   252			return false
   253		}
   254		return true
   255	}
   256	
   257	// msg is *Request or *Response.
   258	func readTransfer(msg interface{}, r *bufio.Reader) (err error) {
   259		t := &transferReader{}
   260	
   261		// Unify input
   262		isResponse := false
   263		switch rr := msg.(type) {
   264		case *Response:
   265			t.Header = rr.Header
   266			t.StatusCode = rr.StatusCode
   267			t.RequestMethod = rr.Request.Method
   268			t.ProtoMajor = rr.ProtoMajor
   269			t.ProtoMinor = rr.ProtoMinor
   270			t.Close = shouldClose(t.ProtoMajor, t.ProtoMinor, t.Header)
   271			isResponse = true
   272		case *Request:
   273			t.Header = rr.Header
   274			t.ProtoMajor = rr.ProtoMajor
   275			t.ProtoMinor = rr.ProtoMinor
   276			// Transfer semantics for Requests are exactly like those for
   277			// Responses with status code 200, responding to a GET method
   278			t.StatusCode = 200
   279			t.RequestMethod = "GET"
   280		default:
   281			panic("unexpected type")
   282		}
   283	
   284		// Default to HTTP/1.1
   285		if t.ProtoMajor == 0 && t.ProtoMinor == 0 {
   286			t.ProtoMajor, t.ProtoMinor = 1, 1
   287		}
   288	
   289		// Transfer encoding, content length
   290		t.TransferEncoding, err = fixTransferEncoding(t.RequestMethod, t.Header)
   291		if err != nil {
   292			return err
   293		}
   294	
   295		t.ContentLength, err = fixLength(isResponse, t.StatusCode, t.RequestMethod, t.Header, t.TransferEncoding)
   296		if err != nil {
   297			return err
   298		}
   299	
   300		// Trailer
   301		t.Trailer, err = fixTrailer(t.Header, t.TransferEncoding)
   302		if err != nil {
   303			return err
   304		}
   305	
   306		// If there is no Content-Length or chunked Transfer-Encoding on a *Response
   307		// and the status is not 1xx, 204 or 304, then the body is unbounded.
   308		// See RFC2616, section 4.4.
   309		switch msg.(type) {
   310		case *Response:
   311			if t.ContentLength == -1 &&
   312				!chunked(t.TransferEncoding) &&
   313				bodyAllowedForStatus(t.StatusCode) {
   314				// Unbounded body.
   315				t.Close = true
   316			}
   317		}
   318	
   319		// Prepare body reader.  ContentLength < 0 means chunked encoding
   320		// or close connection when finished, since multipart is not supported yet
   321		switch {
   322		case chunked(t.TransferEncoding):
   323			t.Body = &body{Reader: newChunkedReader(r), hdr: msg, r: r, closing: t.Close}
   324		case t.ContentLength >= 0:
   325			// TODO: limit the Content-Length. This is an easy DoS vector.
   326			t.Body = &body{Reader: io.LimitReader(r, t.ContentLength), closing: t.Close}
   327		default:
   328			// t.ContentLength < 0, i.e. "Content-Length" not mentioned in header
   329			if t.Close {
   330				// Close semantics (i.e. HTTP/1.0)
   331				t.Body = &body{Reader: r, closing: t.Close}
   332			} else {
   333				// Persistent connection (i.e. HTTP/1.1)
   334				t.Body = &body{Reader: io.LimitReader(r, 0), closing: t.Close}
   335			}
   336		}
   337	
   338		// Unify output
   339		switch rr := msg.(type) {
   340		case *Request:
   341			rr.Body = t.Body
   342			rr.ContentLength = t.ContentLength
   343			rr.TransferEncoding = t.TransferEncoding
   344			rr.Close = t.Close
   345			rr.Trailer = t.Trailer
   346		case *Response:
   347			rr.Body = t.Body
   348			rr.ContentLength = t.ContentLength
   349			rr.TransferEncoding = t.TransferEncoding
   350			rr.Close = t.Close
   351			rr.Trailer = t.Trailer
   352		}
   353	
   354		return nil
   355	}
   356	
   357	// Checks whether chunked is part of the encodings stack
   358	func chunked(te []string) bool { return len(te) > 0 && te[0] == "chunked" }
   359	
   360	// Checks whether the encoding is explicitly "identity".
   361	func isIdentity(te []string) bool { return len(te) == 1 && te[0] == "identity" }
   362	
   363	// Sanitize transfer encoding
   364	func fixTransferEncoding(requestMethod string, header Header) ([]string, error) {
   365		raw, present := header["Transfer-Encoding"]
   366		if !present {
   367			return nil, nil
   368		}
   369	
   370		delete(header, "Transfer-Encoding")
   371	
   372		// Head responses have no bodies, so the transfer encoding
   373		// should be ignored.
   374		if requestMethod == "HEAD" {
   375			return nil, nil
   376		}
   377	
   378		encodings := strings.Split(raw[0], ",")
   379		te := make([]string, 0, len(encodings))
   380		// TODO: Even though we only support "identity" and "chunked"
   381		// encodings, the loop below is designed with foresight. One
   382		// invariant that must be maintained is that, if present,
   383		// chunked encoding must always come first.
   384		for _, encoding := range encodings {
   385			encoding = strings.ToLower(strings.TrimSpace(encoding))
   386			// "identity" encoding is not recorded
   387			if encoding == "identity" {
   388				break
   389			}
   390			if encoding != "chunked" {
   391				return nil, &badStringError{"unsupported transfer encoding", encoding}
   392			}
   393			te = te[0 : len(te)+1]
   394			te[len(te)-1] = encoding
   395		}
   396		if len(te) > 1 {
   397			return nil, &badStringError{"too many transfer encodings", strings.Join(te, ",")}
   398		}
   399		if len(te) > 0 {
   400			// Chunked encoding trumps Content-Length. See RFC 2616
   401			// Section 4.4. Currently len(te) > 0 implies chunked
   402			// encoding.
   403			delete(header, "Content-Length")
   404			return te, nil
   405		}
   406	
   407		return nil, nil
   408	}
   409	
   410	// Determine the expected body length, using RFC 2616 Section 4.4. This
   411	// function is not a method, because ultimately it should be shared by
   412	// ReadResponse and ReadRequest.
   413	func fixLength(isResponse bool, status int, requestMethod string, header Header, te []string) (int64, error) {
   414	
   415		// Logic based on response type or status
   416		if noBodyExpected(requestMethod) {
   417			return 0, nil
   418		}
   419		if status/100 == 1 {
   420			return 0, nil
   421		}
   422		switch status {
   423		case 204, 304:
   424			return 0, nil
   425		}
   426	
   427		// Logic based on Transfer-Encoding
   428		if chunked(te) {
   429			return -1, nil
   430		}
   431	
   432		// Logic based on Content-Length
   433		cl := strings.TrimSpace(header.Get("Content-Length"))
   434		if cl != "" {
   435			n, err := strconv.ParseInt(cl, 10, 64)
   436			if err != nil || n < 0 {
   437				return -1, &badStringError{"bad Content-Length", cl}
   438			}
   439			return n, nil
   440		} else {
   441			header.Del("Content-Length")
   442		}
   443	
   444		if !isResponse && requestMethod == "GET" {
   445			// RFC 2616 doesn't explicitly permit nor forbid an
   446			// entity-body on a GET request so we permit one if
   447			// declared, but we default to 0 here (not -1 below)
   448			// if there's no mention of a body.
   449			return 0, nil
   450		}
   451	
   452		// Logic based on media type. The purpose of the following code is just
   453		// to detect whether the unsupported "multipart/byteranges" is being
   454		// used. A proper Content-Type parser is needed in the future.
   455		if strings.Contains(strings.ToLower(header.Get("Content-Type")), "multipart/byteranges") {
   456			return -1, ErrNotSupported
   457		}
   458	
   459		// Body-EOF logic based on other methods (like closing, or chunked coding)
   460		return -1, nil
   461	}
   462	
   463	// Determine whether to hang up after sending a request and body, or
   464	// receiving a response and body
   465	// 'header' is the request headers
   466	func shouldClose(major, minor int, header Header) bool {
   467		if major < 1 {
   468			return true
   469		} else if major == 1 && minor == 0 {
   470			if !strings.Contains(strings.ToLower(header.Get("Connection")), "keep-alive") {
   471				return true
   472			}
   473			return false
   474		} else {
   475			// TODO: Should split on commas, toss surrounding white space,
   476			// and check each field.
   477			if strings.ToLower(header.Get("Connection")) == "close" {
   478				header.Del("Connection")
   479				return true
   480			}
   481		}
   482		return false
   483	}
   484	
   485	// Parse the trailer header
   486	func fixTrailer(header Header, te []string) (Header, error) {
   487		raw := header.Get("Trailer")
   488		if raw == "" {
   489			return nil, nil
   490		}
   491	
   492		header.Del("Trailer")
   493		trailer := make(Header)
   494		keys := strings.Split(raw, ",")
   495		for _, key := range keys {
   496			key = CanonicalHeaderKey(strings.TrimSpace(key))
   497			switch key {
   498			case "Transfer-Encoding", "Trailer", "Content-Length":
   499				return nil, &badStringError{"bad trailer key", key}
   500			}
   501			trailer.Del(key)
   502		}
   503		if len(trailer) == 0 {
   504			return nil, nil
   505		}
   506		if !chunked(te) {
   507			// Trailer and no chunking
   508			return nil, ErrUnexpectedTrailer
   509		}
   510		return trailer, nil
   511	}
   512	
   513	// body turns a Reader into a ReadCloser.
   514	// Close ensures that the body has been fully read
   515	// and then reads the trailer if necessary.
   516	type body struct {
   517		io.Reader
   518		hdr     interface{}   // non-nil (Response or Request) value means read trailer
   519		r       *bufio.Reader // underlying wire-format reader for the trailer
   520		closing bool          // is the connection to be closed after reading body?
   521		closed  bool
   522	
   523		res *response // response writer for server requests, else nil
   524	}
   525	
   526	// ErrBodyReadAfterClose is returned when reading a Request Body after
   527	// the body has been closed. This typically happens when the body is
   528	// read after an HTTP Handler calls WriteHeader or Write on its
   529	// ResponseWriter.
   530	var ErrBodyReadAfterClose = errors.New("http: invalid Read on closed request Body")
   531	
   532	func (b *body) Read(p []byte) (n int, err error) {
   533		if b.closed {
   534			return 0, ErrBodyReadAfterClose
   535		}
   536		n, err = b.Reader.Read(p)
   537	
   538		// Read the final trailer once we hit EOF.
   539		if err == io.EOF && b.hdr != nil {
   540			if e := b.readTrailer(); e != nil {
   541				err = e
   542			}
   543			b.hdr = nil
   544		}
   545		return n, err
   546	}
   547	
   548	var (
   549		singleCRLF = []byte("\r\n")
   550		doubleCRLF = []byte("\r\n\r\n")
   551	)
   552	
   553	func seeUpcomingDoubleCRLF(r *bufio.Reader) bool {
   554		for peekSize := 4; ; peekSize++ {
   555			// This loop stops when Peek returns an error,
   556			// which it does when r's buffer has been filled.
   557			buf, err := r.Peek(peekSize)
   558			if bytes.HasSuffix(buf, doubleCRLF) {
   559				return true
   560			}
   561			if err != nil {
   562				break
   563			}
   564		}
   565		return false
   566	}
   567	
   568	func (b *body) readTrailer() error {
   569		// The common case, since nobody uses trailers.
   570		buf, _ := b.r.Peek(2)
   571		if bytes.Equal(buf, singleCRLF) {
   572			b.r.ReadByte()
   573			b.r.ReadByte()
   574			return nil
   575		}
   576	
   577		// Make sure there's a header terminator coming up, to prevent
   578		// a DoS with an unbounded size Trailer.  It's not easy to
   579		// slip in a LimitReader here, as textproto.NewReader requires
   580		// a concrete *bufio.Reader.  Also, we can't get all the way
   581		// back up to our conn's LimitedReader that *might* be backing
   582		// this bufio.Reader.  Instead, a hack: we iteratively Peek up
   583		// to the bufio.Reader's max size, looking for a double CRLF.
   584		// This limits the trailer to the underlying buffer size, typically 4kB.
   585		if !seeUpcomingDoubleCRLF(b.r) {
   586			return errors.New("http: suspiciously long trailer after chunked body")
   587		}
   588	
   589		hdr, err := textproto.NewReader(b.r).ReadMIMEHeader()
   590		if err != nil {
   591			return err
   592		}
   593		switch rr := b.hdr.(type) {
   594		case *Request:
   595			rr.Trailer = Header(hdr)
   596		case *Response:
   597			rr.Trailer = Header(hdr)
   598		}
   599		return nil
   600	}
   601	
   602	func (b *body) Close() error {
   603		if b.closed {
   604			return nil
   605		}
   606		defer func() {
   607			b.closed = true
   608		}()
   609		if b.hdr == nil && b.closing {
   610			// no trailer and closing the connection next.
   611			// no point in reading to EOF.
   612			return nil
   613		}
   614	
   615		// In a server request, don't continue reading from the client
   616		// if we've already hit the maximum body size set by the
   617		// handler. If this is set, that also means the TCP connection
   618		// is about to be closed, so getting to the next HTTP request
   619		// in the stream is not necessary.
   620		if b.res != nil && b.res.requestBodyLimitHit {
   621			return nil
   622		}
   623	
   624		// Fully consume the body, which will also lead to us reading
   625		// the trailer headers after the body, if present.
   626		if _, err := io.Copy(ioutil.Discard, b); err != nil {
   627			return err
   628		}
   629		return nil
   630	}