Resubmit this patch, including changes based on comments by various people.
- Mention RFC text in relation to changing the default behaviour in relation
to unknown HTTP methods.
- Use safe_free instead of xfree.
- Rework urlAbsolute to use snprintf in a slightly better way. Snprintf is now
used to construct the initial portion of the url and the rest is added on
using POSIX string routines.
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: [EMAIL PROTECTED]
# target_branch: file:///home/benno/squid-work/squid3-repo/trunk/
# testament_sha1: 6257cd4613889a7d9f3f683d84fa1c9c2d700f45
# timestamp: 2008-09-01 12:40:00 +1000
# base_revision_id: [EMAIL PROTECTED]
# ejhnqdep2qm6qz0h
#
# Begin patch
=== modified file 'src/HttpRequestMethod.cc'
--- src/HttpRequestMethod.cc 2008-06-20 04:43:01 +0000
+++ src/HttpRequestMethod.cc 2008-08-29 00:56:35 +0000
@@ -243,11 +243,16 @@
case METHOD_PURGE:
return true;
- /* all others */
+ /*
+ * RFC 2616 sayeth, in section 13.10, final paragraph:
+ * A cache that passes through requests for methods it does not
+ * understand SHOULD invalidate any entities referred to by the
+ * Request-URI.
+ */
case METHOD_OTHER:
default:
- return false; // be conservative: we do not know some methods specs
+ return true;
}
- return false; // not reached
+ return true; // not reached, but just in case
}
=== modified file 'src/Server.cc'
--- src/Server.cc 2008-07-22 12:33:41 +0000
+++ src/Server.cc 2008-09-01 02:36:52 +0000
@@ -402,11 +402,24 @@
// purges entries that match the value of a given HTTP [response] header
static void
-purgeEntriesByHeader(const char *reqUrl, HttpMsg *rep, http_hdr_type hdr)
+purgeEntriesByHeader(const HttpRequest *req, const char *reqUrl, HttpMsg *rep, http_hdr_type hdr)
{
- if (const char *url = rep->header.getStr(hdr))
- if (sameUrlHosts(reqUrl, url)) // prevent purging DoS, per RFC 2616
- purgeEntriesByUrl(url);
+ const char *url, *absUrl;
+
+ if ((url = rep->header.getStr(hdr)) != NULL) {
+ absUrl = urlAbsolute(req, url);
+ if (absUrl != NULL) {
+ url = absUrl;
+ }
+ if (absUrl != NULL) { // if the URL was relative, it is by nature the same host
+ purgeEntriesByUrl(url);
+ } else if (sameUrlHosts(reqUrl, url)) { // prevent purging DoS, per RFC 2616 13.10, second last paragraph
+ purgeEntriesByUrl(url);
+ }
+ if (absUrl != NULL) {
+ safe_free(absUrl);
+ }
+ }
}
// some HTTP methods should purge matching cache entries
@@ -425,8 +438,8 @@
const char *reqUrl = urlCanonical(request);
debugs(88, 5, "maybe purging due to " << RequestMethodStr(request->method) << ' ' << reqUrl);
purgeEntriesByUrl(reqUrl);
- purgeEntriesByHeader(reqUrl, theFinalReply, HDR_LOCATION);
- purgeEntriesByHeader(reqUrl, theFinalReply, HDR_CONTENT_LOCATION);
+ purgeEntriesByHeader(request, reqUrl, theFinalReply, HDR_LOCATION);
+ purgeEntriesByHeader(request, reqUrl, theFinalReply, HDR_CONTENT_LOCATION);
}
// called (usually by kids) when we have final (possibly adapted) reply headers
=== modified file 'src/protos.h'
--- src/protos.h 2008-07-17 12:38:06 +0000
+++ src/protos.h 2008-08-28 05:12:17 +0000
@@ -638,6 +638,7 @@
SQUIDCEXTERN void urlInitialize(void);
SQUIDCEXTERN HttpRequest *urlParse(const HttpRequestMethod&, char *, HttpRequest *request = NULL);
SQUIDCEXTERN const char *urlCanonical(HttpRequest *);
+SQUIDCEXTERN const char *urlAbsolute(const HttpRequest *, const char *);
SQUIDCEXTERN char *urlRInternal(const char *host, u_short port, const char *dir, const char *name);
SQUIDCEXTERN char *urlInternal(const char *dir, const char *name);
SQUIDCEXTERN int matchDomainName(const char *host, const char *domain);
=== modified file 'src/url.cc'
--- src/url.cc 2008-04-10 11:29:39 +0000
+++ src/url.cc 2008-09-01 02:36:52 +0000
@@ -532,6 +532,68 @@
return buf;
}
+const char *
+urlAbsolute(const HttpRequest * req, const char *relUrl)
+{
+ char urlbuf[MAX_URL];
+ const char *path, *last_slash;
+ size_t urllen, pathlen;
+
+ if (relUrl == NULL) {
+ return (NULL);
+ }
+ if (req->method.id() == METHOD_CONNECT) {
+ return (NULL);
+ }
+ if (strchr(relUrl, ':') != NULL) {
+ return (NULL);
+ }
+ if (req->protocol == PROTO_URN) {
+ snprintf(urlbuf, MAX_URL, "urn:%s", req->urlpath.buf());
+ } else {
+ if (req->port != urlDefaultPort(req->protocol)) {
+ urllen = snprintf(urlbuf, MAX_URL, "%s://%s%s%s:%d",
+ ProtocolStr[req->protocol],
+ req->login,
+ *req->login ? "@" : null_string,
+ req->GetHost(),
+ req->port
+ );
+ } else {
+ urllen = snprintf(urlbuf, MAX_URL, "%s://%s%s%s",
+ ProtocolStr[req->protocol],
+ req->login,
+ *req->login ? "@" : null_string,
+ req->GetHost()
+ );
+ }
+
+ if (relUrl[0] == '/') {
+ strncpy(&urlbuf[urllen], relUrl, MAX_URL - urllen - 1);
+ } else {
+ path = req->urlpath.buf();
+ last_slash = strrchr(path, '/');
+ if (last_slash == NULL) {
+ urlbuf[urllen++] = '/';
+ strncpy(&urlbuf[urllen], relUrl, MAX_URL - urllen - 1);
+ } else {
+ last_slash++;
+ pathlen = last_slash - path;
+ if (pathlen > MAX_URL - urllen - 1) {
+ pathlen = MAX_URL - urllen - 1;
+ }
+ strncpy(&urlbuf[urllen], path, pathlen);
+ urllen += pathlen;
+ if (urllen + 1 < MAX_URL) {
+ strncpy(&urlbuf[urllen], relUrl, MAX_URL - urllen - 1);
+ }
+ }
+ }
+ }
+
+ return (xstrdup(urlbuf));
+}
+
/*
* matchDomainName() compares a hostname with a domainname according
* to the following rules:
# Begin bundle
IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWUbRNl0AENL/gEZ0QABz////
/+f+7r////pgFrxc+n3tb7u+3Pp094176nrhyemusdmi609GVPYy7XrudpJN3Yku1YQrY2zEa1QC
13dNe9lOhDElT9Kep6TNRkaNPSB5QbUeoZNAAAAAAADImpphMRFNtTQQAAaDQABoAAAACSJkJomh
NNI0ap+mVPaBTQ8p+qHpqep6epA0YjQ9I2mo0CTSlBCNI9NqeiaZTaaPSaTQBsoMBBoyYEAMCKJA
Q0BMRpPU2kwRojMmiT001PRMRptRkaaAAVKEBNNAmEEaVP9E/VTap4RMhoZAAPUbUNNAbUa0IAZp
MICxFBRFViJHrZM4oYhVFpC1SpVWLYDVsLaBYigtLWnnNEI5ae1C3eS76We6hbbBjJY2U/JyJmc+
aWaF8DQrPJM3TT6pWgj7XGuga+IxeFS84zM5kO3+DnJN5Es2vJw9E8acPhtJ8CZr74GbRkQxOj14
bOXJNatBgueEHMM6IfayvQsFNvyejju6OL3G6zPVahWtYldfDP79nGg8YjQKRFpKQ6acDim5env1
LMRpQV8vgwBZkhc7ChlGbgLMM1KLbbsEPpSLt3h2jJLKMi2T32OsqtScSG4bHFdoZtmfTzqCrnRN
8QMEMMQwRBAQqxkEWMVCRYEMzgTLuKbpuEPoATaj1DjMwc/+hMG9hKafC7eMd7pl76OEpdncjhwq
fKQPZA4YCAKsVYoKjJFz/vBeEb+bntnhrq57dGOu4YXw9gWZK8OirC4wsy0JOiSS8S04h7rSgzQg
yBQjnKRGaq3dMFaQdHZMg5oI+aIhma7uTh6NQexNpCWG2PZqNLQyLy1qNV9HM87XlleiBl9W4jtd
VS0SiYOG4XJA1cHAaDYPtacZdtiQ0iAH6pRSt1G1CKkM8ecHBCKirBTe6tadjc06Q7xk/ujigu6V
ua6+iLzZm9SWwogtL59vQlUmsXiCS+rOrcvCQZqsHi5Vd41mTlvOk+0AiRk8O1LauxfCJ2kuysRA
lAEfu6N8AQwgLpVdZz0fuYEBa7aONJhqy7ejJttVwylM3usVo556w6UUooopRRAiAIPjVhzujCtd
NaCKiLIwxjQEBhmlYbGP8aNRpgrYiCxmCXqyVS+CHDSwzEJgbuQCjRmROGyFRcZEYRFZKRSASCRS
ArEz0UKd1lqKqkijx9D+0uQAb+pEQ4k7xFyGfWAHVIFX1TSjIqUSCRItZbo6Z3xdLNdEaYYYNpor
q4NsADWBx0KBBrJJDhOM0lSik2TMBnkkBOSa/Ig0slZEUEUmoDUiUfwCtQoLJOzh5fKD6HRv7wOk
0II+0Y7KMMnHHgZ2KDBJ8TcSQteM3EQQNL/f0W7Pon8+fmJJdfb2xHVIUNDAYDVku6l60o2/y90L
TNW0w3pm3AJT4KcuYF+5OtWoOHs8BREARBoxUmgcXeUMRkadyoznYc2wq/YfMVrWZmSShQmIeZmS
SJKvUq8BzUXvBRhPksVkdvl0/9d9/y2fR7b7X/se105mrFmDIWWbE+0+uJHhZbEEEPerlIE9gcjD
gg0lSR+aH51EpPRGY6qJDFd/BC8eRB99G7wX1hAhCuVaj5xL0NAGzF+W/xR7yJjhz0wMejflwzlW
dMvJnmJIgYGQ4hJODQF9omgITi7cMogfNDycMOUBIHS0rrhattttsyZdn7gWIXCTZBr26T3U38kU
TKIckDMAFIA52AVK2sxRsJfeElYhLpSyA0MUFRA4LnGECM0phIMqiiFCGJkR8pVJOBSVcCSppBBq
4ilLjC9qSqZSYSulYGEHsNywFyxhBJpgit6iGsOeYqZvgGrRJthUch+1Ni5CLkg1aXWGRWJSSkbP
/CrVuXrKGB1HFvUcpwf34tWx9UtP6e5+EmyT3I55KjJsqJJbhkcGTg1GhhFGTsUaUUUzANxQRSn1
jQIP7rkM4wTlJfaYLHeGTSUEHajng2ZmC4Tv0XPyhV20rpIr4RgTaiCRgScniR1CoTWz13SG8AYX
IMtCt05JU0YZmzLabjUwgWDcUWuFaoixmSih3tozmsIbRxaFTBsJ0wZOckpRSc/jtv1DRzYt9nFV
xKqLnSHFLmXG+aXI00bg0ZYmlOh9X5odXEOA1WjgIoMIJTLrzk3230VjC2VvEMYlRBI2mQnC5WUl
VFkxvKj8sJKUEUJPwEM6qbxgqbBxjNyzRLJdNIxUatVC/ttSjjC1iTJv4ZXSS6hDRhyZlBUTLh12
NzNV0WcHhteLF9KH5JcOFHPu5/Uv5UdOfjyrbLKkyUUyrXoYQlgxZEeL2MhkMQoxFdVimrEnYGuZ
JfxYgZGeg5ZEQxedxtQSScg6Sg3iLHgHOQvCyW5KS6CCuDILNtkItyXKBUsb6Gp4DM2EGd5Mr4Nu
FtfPMnmijFydGriubmDcwblWTOTwlyNwdHOLm47W4csbXmDSsg+3dMxv2UykMrtWKscwwSVALmQ4
r3ytVsHF1gYWhmCfQbBmRngRvMi0EfiG0IsNh895nEO5YyYXA1oXISTzaYZzK+X0YuYUdlFy5e9p
g8fH7JJ/82HnBrtw2m3RFcxnpmwF22oUazXSy1YhZ4lkOhcpWXsnpPWV61nbBmh0yxb7bL2rq0x9
Ng9G8+LJgZJZLXicgyoHAcuCqQaRcaBHF9Rg5iVYtsUnopk217NTizZwvxUa0wVlcVJ0XKuspGC9
m2tq5o3uvWzBxdG5c3vl8ZVyXNYfiQ5OMgMk4jLm2nbdBS6dGFc1ydgzy7JKQSUmMk4KnVzeHyxm
OFOjF27at0KYNG/gVaeWO1wcFBVS5R5r3FVnkXXbdFd2jJhTBi4MVzVl72+jZBvZrM2HD1XsG5w1
ZNjc1ZNNKuQxzmp5DxrSW1bVhuHBxqDjLG+1H4PuQKpeqkqUKjly1KVVaqj7x0qUHwBc8oD55YuM
bR7u1Fmiqjlyw7UwZtGrhZ4LmySOhkx2sG5yLEniERUXHCS8Aji+qar68tImS5BXRBreEmF2FISt
ZZRJDs3r5hjubzPJB1klCHFo2rzdpg3arzkpvUZr1I3rNy1yyyjOwm8I83gWJa4yG3USEBrHILBQ
ggLA3HG1KnbxeMnVYpoRMUemISUO+1ksMgZhFwLmCthlIiQp3sDvk5TFnNDkK4KmdozHN4wbFTYa
bAkzKaDlErJLBcejAxXFLEnAruMk9crlEjfgubGrFe3rNq5izYPBevLmrRcOcPt8B283V9dh1M6J
ORKRvk8IPCSLdg2gBPy+zNw8jDst3O4evc4KWCrEVcGm1YNrYxTWOIht8sIdWRCQ5pEA/EyET0ii
tNlIWUYSaZpSgozSUlVJ9kVitXqbikixYoiZJMkKVkjGZ5N4n1wFk7Em/Gi2LItRctlVS9QEjBYs
ChUBIHasgfEQxzHuE/uQP/N+GwTckWRVGQUGH+80bA+4XxD/OhXZ+/u+JbYSafT/U38m8OQTHWBc
r/LznqNq86s/wyZWHKKUSlJRF0k+50Wf8M/dSD+pTfNyvyxdXSjyvH3pvPLzeL9uy7pk1eD9U/V/
I47y1NXGqaIw2nMcptboLpToI28N7qLgK9m79c+piK4/CIEumfEhhklmLsQ3WzpvsZMDnjKFThwz
ZkT4FhD6EITuD0/QFYHoD2+UmDx8/ZHKocmp4XIkjB40JUZQ2eHI1kQwREAOUCzU3f6W9xwPYDmA
DtPaOASXPcOfrGJO46DI3JZncQXPnKnQQQSdwbSp3IzP6D+tfZ6/no3NDe46frENqI8dKyayF1Gl
4iotMxUQbTxv4wLvEcf5fhm8gfefLCq3QYrQCCQXpXGtcwdKjfNR0CcGDigFIjX7i2vDAK2joVq5
DpLpqAru1Ndt261eNG/V9On7Pq3Gpg7DyHnPMaOecPESGqCDmGMy58G1+4ss1fNZx+LJm8lVRm+l
77lXJle0VOkeQZpKWRCw/iGKYLKUoNEoNiSESwSEG/HtX4YAWLUp7E+ScOlCFIYXU/HJE5jt3hUP
JtbeOErX4WL1V6ryUYvRgoe5R4vFLmbwWej3jFxqRM3G3V6OonvYTJ3jb1/FxXsF6HlfTvJlrPto
lH2sUidsjNi5m9DtXOJi0KEIas2R1VZSCkyXrmD5ct2mM5ubrTDQSWRDQks8c1f7bJgEYsWpR2m5
R/LJyq6Yt7yYtiPvk9vb2yU+DRyeza4QbXssq4SR7Nj5sZNHCEcXxVfN8Vzg2sHFZeyFhylhx2mn
Hy8jrXPBgsfMAVvzBiOp7/LU7+FNCemTou/YMem6C34zX5K580tiFdglijd9zOkCbwsWlyijdXBn
eRM4dUZcsbvbDl6+h2ekq4tHVoZY071tPVsm+vghqtoYOscOo1OsNxUk8q3JeJJjwh2SXpwoPOKK
LHReunKFwmPTs8s/8ZsCh+SjF+03HZ2bU5roOcuvxcW03HESXWLZoIzUUOosNXuLSvxHzMq9a5gc
ZCHKJ60tVQ6jdch8r6kSgCYPuJVGGCGE8pdzWWMIQ82JcpjNdNllsYgX+DYNR2eenLIhf0C9LohJ
XVMYRD8ByfxYTiomSOdAL+miJ5YSakW31r4wqstStPXfFxKRFLi3WGDu9z4O/f4Hd8sFWL6H0Pm4
I0bV6kbmxwTJVZe0ezJeswbFzgF01aWhxDdDRD9cP3ofAnSBwEORY7RKscK/cfPEMhyL02icEgCF
kXe0nutOckoUEv/O974B0wjqhi/CPOECOVejauphhjnOxuvbJKYByEnRWB6OADCybeL6Dj8hWPxh
IhtijII4yh95uvrsK//VHQBc1Vb22g+xDvZUuOkStpz4LX9R5jzCHWolufl6eQTzpTqXpN/UKvKg
lxmxq3BPvP1gPziFKKVtW1T6jeGHu0+cibPnfUMu4pFBfT3j+0Bba81UX8y7XA7dNKAHnc9KWSTg
YDJJggBfCh6IT10FWQ99Vla5iTR13qVXid2h/0o+vubwMjxiZsDt4pZX4K2iGldlZfzgN/S+CGya
SihPozc7VuKrlEPrSkLfYO0kWkYMBySWVGQ8pEwJtf1u71d367mmkh7ulIUpDgpDZqOiiiiih9R6
05OOCuPKBONWVncvzgFlaX5Vt9qQXZF2LunKUMIKzcr6nCvBWZxWKHqXqWpa3WGiaAaltBcgE1UW
ngARsWo0CYLqW+yUkCQiFmH1fqiKMUlUggB3h0HnEHfQeMDqVyxUAgP0kALwyAFcZlkOklqrkFkB
wosnpYmaOyFpC7xkwV+lGBEciIw2z653A0tVwMRhcDNACVT5BMohchID41s/GcEfH+Zuj1FT0RS5
F0kh/Q0+5jIcEXRx3vfamUA6y1Q4hm0KCaHngS26RFqvW+uiP53ItM+fKAzjnQCNfPWr1v9CACwB
1rq+0CIMbuwVNOufXXcuuTxvKPxH6y4Tauxc65NYPnXzr2qllXc9xH6Seoq5kivvro2gHlk5AXrP
vFr1ncmIxevKYshUT4uG7YFTygGxdgsLgp8Ji01W4oP8wm5NIeoIUHrXB6RPsQ+L6hCxHgKvkd4l
DNESSRGsvZOlqNNFPQJzSc/Uyt6F2IBvPYvtMqGTsLgtvioidtTX6Fqj+SF3d8e/d3+dMJRTiki1
ZSzDFRjivFy5RBNGKjL1gM7MWYcPMDncqrLxjSedLyJWR9MlJItDmROboj+NFfDmX7OdhULfsga0
YowQUBgIyIMkCyRCZ8sNgXWqvcBCnPhjEtLgxKECwQL6RKBPYoQVqk7CUvT1FG6ngj0++tIchj8m
/6kILlevG1HxEPeeqiFi2iwp2CTo8Z1iz5DNJswXSebxQNZpjw4Pe5PrvBrAOYAucF2wqP21IdWq
SFCbOpyCnH21xyYu6R6fjCE+ANtFGBgXRtl5gdVRSoCEkGF1V30S4Bk3anqKagFtCI4RjgZNN2ah
DRADqtrswbhpd876PVRIX34vqKDaZVWhMq1R++NH5I3RikvGCyrGDKIVAl4NmP2ocFpjG1bbt647
9KhK1AFo3KZIWtEgZUnRbgLiKhdl2nFibYJg/ZJqzMxpIVhMIisukfcuoKSeiLyoMQ2BASLfCpgh
9I6UwMM4loDszjW2CGU7dFofYjzAhi1UFWnlEzgelczN2pxu3TYLs6SHF1vqzhW9edmMxx5KGVSC
avwDFxDjPCYD6kwExFRbB4eLj9x0juHX7h/BeR8oHer2obzsPISiX2oZzJwsFW4SMukvvuDzSJZ2
rgYHduLtT90mS8RyLn0T2SBuXaV9AQRUvVjV8LV/EK1yrjDjpxtilHdWJ5mSmfXSFMglF2iHAc/R
ANSBp6+KUVj2Vsqj7xdyRThQkEbRNl0=
