src: Omit \r\n sanitization on header value

This is because nghttp2 and spdylay now don't allow \r\n in header value. Require spdylay >= 1.2.3.
2013-12-26 00:08:42 +09:00 · 2013-12-26 00:08:42 +09:00 · 5bb1c653ef
parent dfcdea894b
commit 5bb1c653ef
4 changed files with 28 additions and 34 deletions
--- a/configure.ac
+++ b/configure.ac
@ -214,7 +214,7 @@ fi
 AM_CONDITIONAL([HAVE_LIBXML2], [ test "x${have_libxml2}" = "xyes" ])
 # spdylay (for src/nghttpx)
-PKG_CHECK_MODULES([LIBSPDYLAY], [libspdylay >= 1.2.0],
+PKG_CHECK_MODULES([LIBSPDYLAY], [libspdylay >= 1.2.3],
                  [have_spdylay=yes], [have_spdylay=no])
 if test "x${have_spdylay}" = "xyes"; then
  AC_DEFINE([HAVE_SPDYLAY], [1], [Define to 1 if you have `spdylay` library.])
--- a/src/http2.cc
+++ b/src/http2.cc
@ -92,27 +92,28 @@ void capitalize(std::string& s, size_t offset)
 bool check_header_value(const char *value)
 {
-  return strpbrk(value, "\r\n") == nullptr;
+  for(; *value; ++value) {
-}
+    switch(*value) {
-
+    case '\t':
-bool check_header_value(const nghttp2_nv* nv)
+    case ' ':
-{
+      continue;
-  size_t i;
+    default:
  for(i = 0; i < nv->valuelen; ++i) {
    if(nv->value[i] == '\r' || nv->value[i] == '\n') {
      return false;
    }
  }
      return true;
    }
  }
  return false;
 }
 void sanitize_header_value(std::string& s, size_t offset)
 {
-  for(size_t i = offset, eoi = s.size(); i < eoi; ++i) {
+  // Since both nghttp2 and spdylay do not allow \n and \r in header
-    if(s[i] == '\r' || s[i] == '\n') {
+  // values, we don't have to do this anymore.
-      s[i] = ' ';
+
-    }
+  // for(size_t i = offset, eoi = s.size(); i < eoi; ++i) {
-  }
+  //   if(s[i] == '\r' || s[i] == '\n') {
  //     s[i] = ' ';
  //   }
  // }
 }
 void copy_url_component(std::string& dest, const http_parser_url *u, int field,
@ -307,7 +308,7 @@ bool value_lws(const nghttp2_nv *nv)
 bool non_empty_value(const nghttp2_nv* nv)
 {
-  return nv && !http2::value_lws(nv) && http2::check_header_value(nv);
+  return nv && !http2::value_lws(nv);
 }
 nghttp2_nv make_nv(const std::string& name, const std::string& value)
--- a/src/http2.h
+++ b/src/http2.h
@ -44,12 +44,9 @@ std::string get_status_string(unsigned int status_code);
 void capitalize(std::string& s, size_t offset);
-// Returns false if |value| contains \r or \n.
+// Returns false if |value| is LWS
 bool check_header_value(const char *value);
 // Returns false if |nv->value| contains \r or \n.
 bool check_header_value(const nghttp2_nv *nv);
 void sanitize_header_value(std::string& s, size_t offset);
 // Copies the |field| component value from |u| and |url| to the
--- a/src/http2_test.cc
+++ b/src/http2_test.cc
@ -204,24 +204,20 @@ void test_http2_build_http1_headers_from_norm_headers(void)
            "Zulu: 12\r\n");
  hdrs.clear();
-  auto hd2 = std::vector<std::pair<std::string, std::string>>
+  // Both nghttp2 and spdylay do not allow \r and \n in header value
-    {{"alpha", "bravo\r\ncharlie\r\n"}};
+  // now.
-  http2::build_http1_headers_from_norm_headers(hdrs, hd2);
+
-  CU_ASSERT(hdrs == "Alpha: bravo  charlie  \r\n");
+  // auto hd2 = std::vector<std::pair<std::string, std::string>>
  //   {{"alpha", "bravo\r\ncharlie\r\n"}};
  // http2::build_http1_headers_from_norm_headers(hdrs, hd2);
  // CU_ASSERT(hdrs == "Alpha: bravo  charlie  \r\n");
 }
 void test_http2_check_header_value(void)
 {
  CU_ASSERT(http2::check_header_value("alpha"));
-  CU_ASSERT(!http2::check_header_value("alpha\r"));
+  CU_ASSERT(!http2::check_header_value(" "));
-  CU_ASSERT(!http2::check_header_value("alpha\n"));
+  CU_ASSERT(!http2::check_header_value(""));
  nghttp2_nv nv1 = MAKE_NV("alpha", "bravo");
  CU_ASSERT(http2::check_header_value(&nv1));
  nghttp2_nv nv2 = MAKE_NV("alpha", "bravo\r");
  CU_ASSERT(!http2::check_header_value(&nv2));
  nghttp2_nv nv3 = MAKE_NV("alpha", "bravo\n");
  CU_ASSERT(!http2::check_header_value(&nv3));
 }
 namespace {