-//
// This module sits directly above the HTTP layer. By the time we get here,
// an HTTP request has been fully received and parsed. Control is passed up
// to this layer to actually perform the request. We then fill in the response
// and pass control back down to the HTTP layer to output the response back to
// the client.
//
-// Copyright (c) 1996-2018 by the citadel.org team
+// Copyright (c) 1996-2021 by the citadel.org team
//
// This program is open source software. It runs great on the
// Linux operating system (and probably elsewhere). You can use,
#include "webcit.h"
-/*
- * Not found! Wowzers.
- */
-void do_404(struct http_transaction *h)
-{
+// Not found! Wowzers.
+void do_404(struct http_transaction *h) {
h->response_code = 404;
h->response_string = strdup("NOT FOUND");
add_response_header(h, strdup("Content-type"), strdup("text/plain"));
}
-/*
- * Precondition failed (such as if-match)
- */
-void do_412(struct http_transaction *h)
-{
+// Precondition failed (such as if-match)
+void do_412(struct http_transaction *h) {
h->response_code = 412;
h->response_string = strdup("PRECONDITION FAILED");
}
-/*
- * We throw an HTTP error "502 bad gateway" when we need to connect to Citadel, but can't.
- */
-void do_502(struct http_transaction *h)
-{
+// We throw an HTTP error "502 bad gateway" when we need to connect to Citadel, but can't.
+void do_502(struct http_transaction *h) {
h->response_code = 502;
h->response_string = strdup("bad gateway");
add_response_header(h, strdup("Content-type"), strdup("text/plain"));
}
-/*
- * Tell the client to authenticate using HTTP-AUTH (RFC 2617)
- */
-void request_http_authenticate(struct http_transaction *h)
-{
+// Tell the client to authenticate using HTTP-AUTH (RFC 2617)
+void request_http_authenticate(struct http_transaction *h) {
h->response_code = 401;
h->response_string = strdup("Unauthorized");
add_response_header(h, strdup("WWW-Authenticate"), strdup("Basic realm=\"Citadel Server\""));
}
-/*
- * Easy and fun utility function to throw a redirect.
- */
-void http_redirect(struct http_transaction *h, char *to_where)
-{
+// Easy and fun utility function to throw a redirect.
+void http_redirect(struct http_transaction *h, char *to_where) {
syslog(LOG_DEBUG, "Redirecting to: %s", to_where);
h->response_code = 302;
h->response_string = strdup("Moved Temporarily");
}
-/*
- * perform_request() is the entry point for *every* HTTP transaction.
- */
-void perform_request(struct http_transaction *h)
-{
+// perform_request() is the entry point for *every* HTTP transaction.
+void perform_request(struct http_transaction *h) {
struct ctdlsession *c;
// Determine which code path to take based on the beginning of the URI.
do_404(h);
return;
}
+
// Right about here is where we should try to handle anything that doesn't start
// with the /ctdl/ prefix.
// Root (/) ...
http_redirect(h, "/ctdl/s/index.html");
return;
}
+
// Legacy URI patterns (/readnew?gotoroom=xxx&start_reading_at=yyy) ...
// Direct room name (/my%20blog) ...
do_404(h);
return;
}
+
// Anything below this line:
// 1. Is in the format of /ctdl/?/*
// 2. Requires a connection to a Citadel server.
do_502(h);
return;
}
+
// WebDAV methods like OPTIONS and PROPFIND *require* a logged-in session,
// even if the Citadel server allows anonymous access.
if (IsEmptyStr(c->auth)) {
return;
}
}
+
// Break down the URI by path and send the request to the appropriate part of the program.
- //
switch (h->uri[6]) {
case 'a': // /ctdl/a/ == RESTful path to admin functions
ctdl_a(h, c);
if (!IsEmptyStr(c->auth)) {
char koekje[AUTH_MAX];
char *exp = http_datestring(time(NULL) + (86400 * 30));
- snprintf(koekje, AUTH_MAX, "wcauth=%s; path=/ctdl/; Expires=%s", c->auth, exp);
+ snprintf(koekje, AUTH_MAX, "wcauth=%s; path=/ctdl/; Expires=%s", c->auth, exp); // warn
free(exp);
add_response_header(h, strdup("Set-Cookie"), strdup(koekje));
}
+
// During development we are foiling the browser cache completely. In production we'll be more selective.
add_response_header(h, strdup("Cache-Control"), strdup("no-store, must-revalidate"));
add_response_header(h, strdup("Pragma"), strdup("no-cache"));