net/http/proxy_client_socket.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/http/proxy_client_socket.h"
   6
   7 #include "base/metrics/histogram.h"
   8 #include "base/strings/stringprintf.h"
   9 #include "net/base/host_port_pair.h"
  10 #include "net/base/net_errors.h"
  11 #include "net/base/net_util.h"
  12 #include "net/http/http_auth_controller.h"
  13 #include "net/http/http_request_info.h"
  14 #include "net/http/http_response_headers.h"
  15 #include "net/http/http_response_info.h"
  16 #include "url/gurl.h"
  17
  18 namespace net {
  19
  20 namespace {
  21
  22 void CopyHeaderValues(scoped_refptr<HttpResponseHeaders> source,
  23                       scoped_refptr<HttpResponseHeaders> dest,
  24                       const std::string& header_name) {
  25   void* iter = NULL;
  26   std::string header_value;
  27
  28   while (source->EnumerateHeader(&iter, header_name, &header_value))
  29     dest->AddHeader(header_name + ": " + header_value);
  30 }
  31
  32 }  // namespace
  33
  34 // static
  35 void ProxyClientSocket::BuildTunnelRequest(
  36     const HostPortPair& endpoint,
  37     const HttpRequestHeaders& auth_headers,
  38     const std::string& user_agent,
  39     std::string* request_line,
  40     HttpRequestHeaders* request_headers) {
  41   // RFC 2616 Section 9 says the Host request-header field MUST accompany all
  42   // HTTP/1.1 requests.  Add "Proxy-Connection: keep-alive" for compat with
  43   // HTTP/1.0 proxies such as Squid (required for NTLM authentication).
  44   std::string host_and_port = endpoint.ToString();
  45   *request_line =
  46       base::StringPrintf("CONNECT %s HTTP/1.1\r\n", host_and_port.c_str());
  47   request_headers->SetHeader(HttpRequestHeaders::kHost, endpoint.port() == 443
  48                                                             ? endpoint.host()
  49                                                             : host_and_port);
  50   request_headers->SetHeader(HttpRequestHeaders::kProxyConnection,
  51                              "keep-alive");
  52   if (!user_agent.empty())
  53     request_headers->SetHeader(HttpRequestHeaders::kUserAgent, user_agent);
  54
  55   request_headers->MergeFrom(auth_headers);
  56 }
  57
  58 // static
  59 int ProxyClientSocket::HandleProxyAuthChallenge(HttpAuthController* auth,
  60                                                 HttpResponseInfo* response,
  61                                                 const BoundNetLog& net_log) {
  62   DCHECK(response->headers.get());
  63   int rv = auth->HandleAuthChallenge(response->headers, false, true, net_log);
  64   response->auth_challenge = auth->auth_info();
  65   if (rv == OK)
  66     return ERR_PROXY_AUTH_REQUESTED;
  67   return rv;
  68 }
  69
  70 // static
  71 void ProxyClientSocket::LogBlockedTunnelResponse(int http_status_code,
  72                                                  bool is_https_proxy) {
  73   if (is_https_proxy) {
  74     UMA_HISTOGRAM_CUSTOM_ENUMERATION(
  75         "Net.BlockedTunnelResponse.HttpsProxy",
  76         HttpUtil::MapStatusCodeForHistogram(http_status_code),
  77         HttpUtil::GetStatusCodesForHistogram());
  78   } else {
  79     UMA_HISTOGRAM_CUSTOM_ENUMERATION(
  80         "Net.BlockedTunnelResponse.HttpProxy",
  81         HttpUtil::MapStatusCodeForHistogram(http_status_code),
  82         HttpUtil::GetStatusCodesForHistogram());
  83   }
  84 }
  85
  86 // static
  87 bool ProxyClientSocket::SanitizeProxyAuth(HttpResponseInfo* response) {
  88   DCHECK(response && response->headers.get());
  89
  90   scoped_refptr<HttpResponseHeaders> old_headers = response->headers;
  91
  92   const char kHeaders[] = "HTTP/1.1 407 Proxy Authentication Required\n\n";
  93   scoped_refptr<HttpResponseHeaders> new_headers = new HttpResponseHeaders(
  94       HttpUtil::AssembleRawHeaders(kHeaders, arraysize(kHeaders)));
  95
  96   // Copy status line and all hop-by-hop headers to preserve keep-alive
  97   // behavior.
  98   new_headers->ReplaceStatusLine(old_headers->GetStatusLine());
  99   CopyHeaderValues(old_headers, new_headers, "connection");
 100   CopyHeaderValues(old_headers, new_headers, "proxy-connection");
 101   CopyHeaderValues(old_headers, new_headers, "keep-alive");
 102   CopyHeaderValues(old_headers, new_headers, "trailer");
 103   CopyHeaderValues(old_headers, new_headers, "transfer-encoding");
 104   CopyHeaderValues(old_headers, new_headers, "upgrade");
 105
 106   CopyHeaderValues(old_headers, new_headers, "content-length");
 107
 108   CopyHeaderValues(old_headers, new_headers, "proxy-authenticate");
 109
 110   response->headers = new_headers;
 111   return true;
 112 }
 113
 114 // static
 115 bool ProxyClientSocket::SanitizeProxyRedirect(HttpResponseInfo* response) {
 116   DCHECK(response && response->headers.get());
 117
 118   std::string location;
 119   if (!response->headers->IsRedirect(&location))
 120     return false;
 121
 122   // Return minimal headers; set "Content-Length: 0" to ignore response body.
 123   std::string fake_response_headers = base::StringPrintf(
 124       "HTTP/1.0 302 Found\n"
 125       "Location: %s\n"
 126       "Content-Length: 0\n"
 127       "Connection: close\n"
 128       "\n",
 129       location.c_str());
 130   std::string raw_headers =
 131       HttpUtil::AssembleRawHeaders(fake_response_headers.data(),
 132                                    fake_response_headers.length());
 133   response->headers = new HttpResponseHeaders(raw_headers);
 134
 135   return true;
 136 }
 137
 138 }  // namespace net