]> git.saurik.com Git - wxWidgets.git/blob - src/common/http.cpp
fixing overrelease and out-of-bounds write, fixes #13725
[wxWidgets.git] / src / common / http.cpp
1 /////////////////////////////////////////////////////////////////////////////
2 // Name: src/common/http.cpp
3 // Purpose: HTTP protocol
4 // Author: Guilhem Lavaux
5 // Modified by: Simo Virokannas (authentication, Dec 2005)
6 // Created: August 1997
7 // RCS-ID: $Id$
8 // Copyright: (c) 1997, 1998 Guilhem Lavaux
9 // Licence: wxWindows licence
10 /////////////////////////////////////////////////////////////////////////////
11
12 // For compilers that support precompilation, includes "wx.h".
13 #include "wx/wxprec.h"
14
15 #ifdef __BORLANDC__
16 #pragma hdrstop
17 #endif
18
19 #if wxUSE_PROTOCOL_HTTP
20
21 #include <stdio.h>
22 #include <stdlib.h>
23
24 #ifndef WX_PRECOMP
25 #include "wx/string.h"
26 #include "wx/app.h"
27 #endif
28
29 #include "wx/tokenzr.h"
30 #include "wx/socket.h"
31 #include "wx/protocol/protocol.h"
32 #include "wx/url.h"
33 #include "wx/protocol/http.h"
34 #include "wx/sckstrm.h"
35 #include "wx/thread.h"
36
37
38 // ----------------------------------------------------------------------------
39 // wxHTTP
40 // ----------------------------------------------------------------------------
41
42 IMPLEMENT_DYNAMIC_CLASS(wxHTTP, wxProtocol)
43 IMPLEMENT_PROTOCOL(wxHTTP, wxT("http"), wxT("80"), true)
44
45 wxHTTP::wxHTTP()
46 : wxProtocol()
47 {
48 m_addr = NULL;
49 m_read = false;
50 m_proxy_mode = false;
51 m_http_response = 0;
52
53 SetNotify(wxSOCKET_LOST_FLAG);
54 }
55
56 wxHTTP::~wxHTTP()
57 {
58 ClearHeaders();
59
60 delete m_addr;
61 }
62
63 void wxHTTP::ClearHeaders()
64 {
65 m_headers.clear();
66 }
67
68 void wxHTTP::ClearCookies()
69 {
70 m_cookies.clear();
71 }
72
73 wxString wxHTTP::GetContentType() const
74 {
75 return GetHeader(wxT("Content-Type"));
76 }
77
78 void wxHTTP::SetProxyMode(bool on)
79 {
80 m_proxy_mode = on;
81 }
82
83 wxHTTP::wxHeaderIterator wxHTTP::FindHeader(const wxString& header)
84 {
85 wxHeaderIterator it = m_headers.begin();
86 for ( wxHeaderIterator en = m_headers.end(); it != en; ++it )
87 {
88 if ( header.CmpNoCase(it->first) == 0 )
89 break;
90 }
91
92 return it;
93 }
94
95 wxHTTP::wxHeaderConstIterator wxHTTP::FindHeader(const wxString& header) const
96 {
97 wxHeaderConstIterator it = m_headers.begin();
98 for ( wxHeaderConstIterator en = m_headers.end(); it != en; ++it )
99 {
100 if ( header.CmpNoCase(it->first) == 0 )
101 break;
102 }
103
104 return it;
105 }
106
107 wxHTTP::wxCookieIterator wxHTTP::FindCookie(const wxString& cookie)
108 {
109 wxCookieIterator it = m_cookies.begin();
110 for ( wxCookieIterator en = m_cookies.end(); it != en; ++it )
111 {
112 if ( cookie.CmpNoCase(it->first) == 0 )
113 break;
114 }
115
116 return it;
117 }
118
119 wxHTTP::wxCookieConstIterator wxHTTP::FindCookie(const wxString& cookie) const
120 {
121 wxCookieConstIterator it = m_cookies.begin();
122 for ( wxCookieConstIterator en = m_cookies.end(); it != en; ++it )
123 {
124 if ( cookie.CmpNoCase(it->first) == 0 )
125 break;
126 }
127
128 return it;
129 }
130
131 void wxHTTP::SetHeader(const wxString& header, const wxString& h_data)
132 {
133 if (m_read) {
134 ClearHeaders();
135 m_read = false;
136 }
137
138 wxHeaderIterator it = FindHeader(header);
139 if (it != m_headers.end())
140 it->second = h_data;
141 else
142 m_headers[header] = h_data;
143 }
144
145 wxString wxHTTP::GetHeader(const wxString& header) const
146 {
147 wxHeaderConstIterator it = FindHeader(header);
148
149 return it == m_headers.end() ? wxGetEmptyString() : it->second;
150 }
151
152 wxString wxHTTP::GetCookie(const wxString& cookie) const
153 {
154 wxCookieConstIterator it = FindCookie(cookie);
155
156 return it == m_cookies.end() ? wxGetEmptyString() : it->second;
157 }
158
159 wxString wxHTTP::GenerateAuthString(const wxString& user, const wxString& pass) const
160 {
161 // TODO: Use wxBase64Encode() now that we have it instead of reproducing it
162
163 static const char *base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
164
165 wxString buf;
166 wxString toencode;
167
168 buf.Printf(wxT("Basic "));
169
170 toencode.Printf(wxT("%s:%s"),user.c_str(),pass.c_str());
171
172 size_t len = toencode.length();
173 const wxChar *from = toencode.c_str();
174 while (len >= 3) { // encode full blocks first
175 buf << wxString::Format(wxT("%c%c"), base64[(from[0] >> 2) & 0x3f], base64[((from[0] << 4) & 0x30) | ((from[1] >> 4) & 0xf)]);
176 buf << wxString::Format(wxT("%c%c"), base64[((from[1] << 2) & 0x3c) | ((from[2] >> 6) & 0x3)], base64[from[2] & 0x3f]);
177 from += 3;
178 len -= 3;
179 }
180 if (len > 0) { // pad the remaining characters
181 buf << wxString::Format(wxT("%c"), base64[(from[0] >> 2) & 0x3f]);
182 if (len == 1) {
183 buf << wxString::Format(wxT("%c="), base64[(from[0] << 4) & 0x30]);
184 } else {
185 buf << wxString::Format(wxT("%c%c"), base64[((from[0] << 4) & 0x30) | ((from[1] >> 4) & 0xf)], base64[(from[1] << 2) & 0x3c]);
186 }
187 buf << wxT("=");
188 }
189
190 return buf;
191 }
192
193 void wxHTTP::SetPostBuffer(const wxString& post_buf)
194 {
195 // Use To8BitData() for backwards compatibility in this deprecated method.
196 // The new code should use the other overload or SetPostText() and specify
197 // the encoding to use for the text explicitly.
198 wxScopedCharBuffer scb = post_buf.To8BitData();
199 if ( scb.length() )
200 {
201 m_postBuffer.Clear();
202 m_postBuffer.AppendData(scb.data(), scb.length());
203 }
204 }
205
206 bool
207 wxHTTP::SetPostBuffer(const wxString& contentType,
208 const wxMemoryBuffer& data)
209 {
210 m_postBuffer = data;
211 m_contentType = contentType;
212
213 return !m_postBuffer.IsEmpty();
214 }
215
216 bool
217 wxHTTP::SetPostText(const wxString& contentType,
218 const wxString& data,
219 const wxMBConv& conv)
220 {
221 #if wxUSE_UNICODE
222 wxScopedCharBuffer scb = data.mb_str(conv);
223 const size_t len = scb.length();
224 const char* const buf = scb.data();
225 #else // !wxUSE_UNICODE
226 const size_t len = data.length();
227 const char* const buf = data.mb_str(conv);
228 #endif // wxUSE_UNICODE/!wxUSE_UNICODE
229
230 if ( !len )
231 return false;
232
233 m_postBuffer.Clear();
234 m_postBuffer.AppendData(buf, len);
235 m_contentType = contentType;
236
237 return true;
238 }
239
240 void wxHTTP::SendHeaders()
241 {
242 typedef wxStringToStringHashMap::iterator iterator;
243 wxString buf;
244
245 for (iterator it = m_headers.begin(), en = m_headers.end(); it != en; ++it )
246 {
247 buf.Printf(wxT("%s: %s\r\n"), it->first.c_str(), it->second.c_str());
248
249 const wxWX2MBbuf cbuf = buf.mb_str();
250 Write(cbuf, strlen(cbuf));
251 }
252 }
253
254 bool wxHTTP::ParseHeaders()
255 {
256 wxString line;
257 wxStringTokenizer tokenzr;
258
259 ClearHeaders();
260 ClearCookies();
261 m_read = true;
262
263 for ( ;; )
264 {
265 m_lastError = ReadLine(this, line);
266 if (m_lastError != wxPROTO_NOERR)
267 return false;
268
269 if ( line.empty() )
270 break;
271
272 wxString left_str = line.BeforeFirst(':');
273 if(!left_str.CmpNoCase("Set-Cookie"))
274 {
275 wxString cookieName = line.AfterFirst(':').Strip(wxString::both).BeforeFirst('=');
276 wxString cookieValue = line.AfterFirst(':').Strip(wxString::both).AfterFirst('=').BeforeFirst(';');
277 m_cookies[cookieName] = cookieValue;
278
279 // For compatibility
280 m_headers[left_str] = line.AfterFirst(':').Strip(wxString::both);
281 }
282 else
283 {
284 m_headers[left_str] = line.AfterFirst(':').Strip(wxString::both);
285 }
286 }
287 return true;
288 }
289
290 bool wxHTTP::Connect(const wxString& host, unsigned short port)
291 {
292 wxIPV4address *addr;
293
294 if (m_addr) {
295 wxDELETE(m_addr);
296 Close();
297 }
298
299 m_addr = addr = new wxIPV4address();
300
301 if (!addr->Hostname(host)) {
302 wxDELETE(m_addr);
303 m_lastError = wxPROTO_NETERR;
304 return false;
305 }
306
307 if ( port )
308 addr->Service(port);
309 else if (!addr->Service(wxT("http")))
310 addr->Service(80);
311
312 wxString hostHdr = host;
313 if ( port && port != 80 )
314 hostHdr << wxT(":") << port;
315 SetHeader(wxT("Host"), hostHdr);
316
317 m_lastError = wxPROTO_NOERR;
318 return true;
319 }
320
321 bool wxHTTP::Connect(const wxSockAddress& addr, bool WXUNUSED(wait))
322 {
323 if (m_addr) {
324 delete m_addr;
325 Close();
326 }
327
328 m_addr = addr.Clone();
329
330 wxIPV4address *ipv4addr = wxDynamicCast(&addr, wxIPV4address);
331 if ( ipv4addr )
332 {
333 wxString hostHdr = ipv4addr->OrigHostname();
334 unsigned short port = ipv4addr->Service();
335 if ( port && port != 80 )
336 hostHdr << wxT(":") << port;
337 SetHeader(wxT("Host"), hostHdr);
338 }
339
340 m_lastError = wxPROTO_NOERR;
341 return true;
342 }
343
344 bool wxHTTP::BuildRequest(const wxString& path, wxHTTP_Req req)
345 {
346 const wxChar *request;
347
348 switch (req)
349 {
350 case wxHTTP_GET:
351 request = wxT("GET");
352 break;
353
354 case wxHTTP_POST:
355 request = wxT("POST");
356 // Content length must be correct, so always set, possibly
357 // overriding the value set explicitly by a previous call to
358 // SetHeader("Content-Length").
359 if ( !m_postBuffer.IsEmpty() )
360 {
361 wxString len;
362 len << m_postBuffer.GetDataLen();
363
364 SetHeader(wxS("Content-Length"), len);
365 }
366
367 // However if the user had explicitly set the content type, don't
368 // override it with the content type passed to SetPostText().
369 if ( !m_contentType.empty() && GetContentType().empty() )
370 SetHeader(wxS("Content-Type"), m_contentType);
371 break;
372
373 default:
374 return false;
375 }
376
377 m_http_response = 0;
378
379 // If there is no User-Agent defined, define it.
380 if ( GetHeader(wxT("User-Agent")).empty() )
381 SetHeader(wxT("User-Agent"), wxT("wxWidgets 2.x"));
382
383 // Send authentication information
384 if (!m_username.empty() || !m_password.empty()) {
385 SetHeader(wxT("Authorization"), GenerateAuthString(m_username, m_password));
386 }
387
388 SaveState();
389
390 // we may use non blocking sockets only if we can dispatch events from them
391 int flags = wxIsMainThread() && wxApp::IsMainLoopRunning() ? wxSOCKET_NONE
392 : wxSOCKET_BLOCK;
393 // and we must use wxSOCKET_WAITALL to ensure that all data is sent
394 flags |= wxSOCKET_WAITALL;
395 SetFlags(flags);
396 Notify(false);
397
398 wxString buf;
399 buf.Printf(wxT("%s %s HTTP/1.0\r\n"), request, path.c_str());
400 const wxWX2MBbuf pathbuf = buf.mb_str();
401 Write(pathbuf, strlen(pathbuf));
402 SendHeaders();
403 Write("\r\n", 2);
404
405 if ( req == wxHTTP_POST ) {
406 if ( !m_postBuffer.IsEmpty() )
407 Write(m_postBuffer.GetData(), m_postBuffer.GetDataLen());
408
409 m_postBuffer.Clear();
410 }
411
412 wxString tmp_str;
413 m_lastError = ReadLine(this, tmp_str);
414 if (m_lastError != wxPROTO_NOERR) {
415 RestoreState();
416 return false;
417 }
418
419 if (!tmp_str.Contains(wxT("HTTP/"))) {
420 // TODO: support HTTP v0.9 which can have no header.
421 // FIXME: tmp_str is not put back in the in-queue of the socket.
422 m_lastError = wxPROTO_NOERR;
423 SetHeader(wxT("Content-Length"), wxT("-1"));
424 SetHeader(wxT("Content-Type"), wxT("none/none"));
425 RestoreState();
426 return true;
427 }
428
429 wxStringTokenizer token(tmp_str,wxT(' '));
430 wxString tmp_str2;
431 bool ret_value;
432
433 token.NextToken();
434 tmp_str2 = token.NextToken();
435
436 m_http_response = wxAtoi(tmp_str2);
437
438 switch ( tmp_str2[0u].GetValue() )
439 {
440 case wxT('1'):
441 /* INFORMATION / SUCCESS */
442 break;
443
444 case wxT('2'):
445 /* SUCCESS */
446 break;
447
448 case wxT('3'):
449 /* REDIRECTION */
450 break;
451
452 default:
453 m_lastError = wxPROTO_NOFILE;
454 RestoreState();
455 return false;
456 }
457
458 m_lastError = wxPROTO_NOERR;
459 ret_value = ParseHeaders();
460 RestoreState();
461 return ret_value;
462 }
463
464 bool wxHTTP::Abort(void)
465 {
466 return wxSocketClient::Close();
467 }
468
469 // ----------------------------------------------------------------------------
470 // wxHTTPStream and wxHTTP::GetInputStream
471 // ----------------------------------------------------------------------------
472
473 class wxHTTPStream : public wxSocketInputStream
474 {
475 public:
476 wxHTTP *m_http;
477 size_t m_httpsize;
478 unsigned long m_read_bytes;
479
480 wxHTTPStream(wxHTTP *http) : wxSocketInputStream(*http), m_http(http) {}
481 size_t GetSize() const { return m_httpsize; }
482 virtual ~wxHTTPStream(void) { m_http->Abort(); }
483
484 protected:
485 size_t OnSysRead(void *buffer, size_t bufsize);
486
487 wxDECLARE_NO_COPY_CLASS(wxHTTPStream);
488 };
489
490 size_t wxHTTPStream::OnSysRead(void *buffer, size_t bufsize)
491 {
492 if (m_read_bytes >= m_httpsize)
493 {
494 m_lasterror = wxSTREAM_EOF;
495 return 0;
496 }
497
498 size_t ret = wxSocketInputStream::OnSysRead(buffer, bufsize);
499 m_read_bytes += ret;
500
501 if (m_httpsize==(size_t)-1 && m_lasterror == wxSTREAM_READ_ERROR )
502 {
503 // if m_httpsize is (size_t) -1 this means read until connection closed
504 // which is equivalent to getting a READ_ERROR, for clients however this
505 // must be translated into EOF, as it is the expected way of signalling
506 // end end of the content
507 m_lasterror = wxSTREAM_EOF;
508 }
509
510 return ret;
511 }
512
513 wxInputStream *wxHTTP::GetInputStream(const wxString& path)
514 {
515 wxHTTPStream *inp_stream;
516
517 wxString new_path;
518
519 m_lastError = wxPROTO_CONNERR; // all following returns share this type of error
520 if (!m_addr)
521 return NULL;
522
523 // We set m_connected back to false so wxSocketBase will know what to do.
524 #ifdef __WXMAC__
525 wxSocketClient::Connect(*m_addr , false );
526 wxSocketClient::WaitOnConnect(10);
527
528 if (!wxSocketClient::IsConnected())
529 return NULL;
530 #else
531 if (!wxProtocol::Connect(*m_addr))
532 return NULL;
533 #endif
534
535 if (!BuildRequest(path, m_postBuffer.IsEmpty() ? wxHTTP_GET : wxHTTP_POST))
536 return NULL;
537
538 inp_stream = new wxHTTPStream(this);
539
540 if (!GetHeader(wxT("Content-Length")).empty())
541 inp_stream->m_httpsize = wxAtoi(GetHeader(wxT("Content-Length")));
542 else
543 inp_stream->m_httpsize = (size_t)-1;
544
545 inp_stream->m_read_bytes = 0;
546
547 Notify(false);
548 SetFlags(wxSOCKET_BLOCK | wxSOCKET_WAITALL);
549
550 // no error; reset m_lastError
551 m_lastError = wxPROTO_NOERR;
552 return inp_stream;
553 }
554
555 #endif // wxUSE_PROTOCOL_HTTP