From: Wilfried Göesgens Date: Mon, 1 Jun 2009 13:29:00 +0000 (+0000) Subject: * fix non cookie request blocking X-Git-Tag: v7.86~1111 X-Git-Url: https://code.citadel.org/?p=citadel.git;a=commitdiff_plain;h=955e49a3495637be5126cb44c119c38b66728d1e * fix non cookie request blocking --- diff --git a/webcit/context_loop.c b/webcit/context_loop.c index 667c15925..a3b47acad 100644 --- a/webcit/context_loop.c +++ b/webcit/context_loop.c @@ -318,7 +318,13 @@ int ReadHttpSubject(ParsedHttpHdrs *Hdr, StrBuf *Line, StrBuf *Buf) if (Hdr->HR.Handler != NULL) { if ((Hdr->HR.Handler->Flags & BOGUS) != 0) return 1; - Hdr->HR.DontNeedAuth = (Hdr->HR.Handler->Flags & ISSTATIC) != 0; + Hdr->HR.DontNeedAuth = ( + ((Hdr->HR.Handler->Flags & ISSTATIC) != 0) || + ((Hdr->HR.Handler->Flags & ANONYMOUS) != 0) + ); + } + else { + Hdr->HR.DontNeedAuth = 1; /* Flat request? show him the login screen... */ } return 0; @@ -348,7 +354,7 @@ int AnalyseHeaders(ParsedHttpHdrs *Hdr) /* * Read in the request */ -int ReadHTTPRequset (ParsedHttpHdrs *Hdr) +int ReadHTTPRequest (ParsedHttpHdrs *Hdr) { const char *pch, *pchs, *pche; OneHttpHeader *pHdr; @@ -427,7 +433,16 @@ int ReadHTTPRequset (ParsedHttpHdrs *Hdr) return isbogus; } +void OverrideRequest(ParsedHttpHdrs *Hdr, const char *Line, long len) +{ + StrBuf *Buf = NewStrBuf(); + + FlushStrBuf(Hdr->HR.ReqLine); + StrBufPlain(Hdr->HR.ReqLine, Line, len); + ReadHttpSubject(Hdr, Hdr->HR.ReqLine, Buf); + FreeStrBuf(&Buf); +} /* * handle one request @@ -454,7 +469,7 @@ void context_loop(ParsedHttpHdrs *Hdr) /* * Find out what it is that the web browser is asking for */ - isbogus = ReadHTTPRequset(Hdr); + isbogus = ReadHTTPRequest(Hdr); if (!isbogus) isbogus = AnalyseHeaders(Hdr); @@ -492,7 +507,7 @@ void context_loop(ParsedHttpHdrs *Hdr) gettimeofday(&tx_finish, NULL); #ifdef TECH_PREVIEW - if ((Hdr->HR.Handler == NULL) || + if ((Hdr->HR.Handler != NULL) || ((Hdr->HR.Handler->Flags & LOGCHATTY) == 0)) #endif lprintf(9, "HTTP: 200 [%ld.%06ld] %s %s \n", @@ -509,9 +524,6 @@ void context_loop(ParsedHttpHdrs *Hdr) if (Hdr->HR.got_auth == AUTH_BASIC) CheckAuthBasic(Hdr); -/* -TODO HKEY("/static/nocookies.html?force_close_session=yes")); -*/ /* dbg_PrintHash(HTTPHeaders, nix, NULL); */ @@ -530,6 +542,10 @@ TODO HKEY("/static/nocookies.html?force_close_session=yes")); if (TheSession == NULL) { TheSession = CreateSession(1, &SessionList, Hdr, &SessionListMutex); + if ((StrLength(Hdr->c_username) == 0) && + (!Hdr->HR.DontNeedAuth)) + OverrideRequest(Hdr, HKEY("GET /static/nocookies.html?force_close_session=yes HTTP/1.0")); + if (StrLength(Hdr->c_language) > 0) { lprintf(9, "Session cookie requests language '%s'\n", ChrPtr(Hdr->c_language)); set_selected_language(ChrPtr(Hdr->c_language)); @@ -559,8 +575,10 @@ TODO HKEY("/static/nocookies.html?force_close_session=yes")); gettimeofday(&tx_finish, NULL); - if ((Hdr->HR.Handler == NULL) || +#ifdef TECH_PREVIEW + if ((Hdr->HR.Handler != NULL) && ((Hdr->HR.Handler->Flags & LOGCHATTY) == 0)) +#endif lprintf(9, "HTTP: 200 [%ld.%06ld] %s %s \n", ((tx_finish.tv_sec*1000000 + tx_finish.tv_usec) - (tx_start.tv_sec*1000000 + tx_start.tv_usec)) / 1000000, ((tx_finish.tv_sec*1000000 + tx_finish.tv_usec) - (tx_start.tv_sec*1000000 + tx_start.tv_usec)) % 1000000, diff --git a/webcit/webcit.h b/webcit/webcit.h index 8604155ec..36f763077 100644 --- a/webcit/webcit.h +++ b/webcit/webcit.h @@ -433,14 +433,12 @@ typedef struct _ParsedHttpHdrs { const char *Pos; StrBuf *ReadBuf; - - StrBuf *c_username; StrBuf *c_password; StrBuf *c_roomname; StrBuf *c_language; StrBuf *this_page; /**< URL of current page */ - StrBuf *PlainArgs; /*TODO: freeme*/ + StrBuf *PlainArgs; HashList *urlstrings; /**< variables passed to webcit in a URL */ HashList *HTTPHeaders; /**< the headers the client sent us */