added: new flag: Request::using_ssl

true if the connections is encrypted by using SSL
changed: in BaseUrlRedirect
         we also check if the connection should use SSL 
         and if so then we make a redirect to "https://.."
changed: in 'static' mount points:
         if the request was e.g. "/styles/default.js?t=B49E5BQ"
         we should return a file "/styles/default.js" (without the "?..." part)
         additionally '#' character is checked



git-svn-id: svn://ttmath.org/publicrep/winix/trunk@762 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa 2011-09-06 22:46:15 +00:00
parent 392e8060ba
commit 72be443414
4 changed files with 106 additions and 52 deletions

View File

@ -172,6 +172,17 @@ void App::Close()
}
void App::BaseUrlRedirect(int code)
{
system.PutUrlProto(config.use_ssl, cur.request->redirect_to);
cur.request->redirect_to += config.base_url;
AssignString(cur.request->env_request_uri, cur.request->redirect_to, false);
// cur.request->env_request_uri should not be UrlEncoded
cur.request->redirect_url_encoded = true;
cur.request->redirect_type = code;
}
bool App::BaseUrlRedirect()
{
@ -181,14 +192,8 @@ bool App::BaseUrlRedirect()
if( Equal(config.base_url.c_str(), cur.request->env_http_host) )
return false;
system.PutUrlProto(config.use_ssl, cur.request->redirect_to);
cur.request->redirect_to += config.base_url;
AssignString(cur.request->env_request_uri, cur.request->redirect_to, false);
// cur.request->env_request_uri should not be UrlEncoded
cur.request->redirect_url_encoded = true;
cur.request->redirect_type = 301;
log << log3 << "RC: BaseUrlRedirect from: " << cur.request->env_http_host << logend;
BaseUrlRedirect(301);
log << log3 << "App: BaseUrlRedirect from: " << cur.request->env_http_host << logend;
return true;
}
@ -214,11 +219,19 @@ void App::ProcessRequestThrow()
plugin.Call(WINIX_SESSION_CHANGED);
functions.Parse(); // parsing directories,files,functions and parameters
cur.mount = system.mounts.CalcCurMount();
if( (config.use_ssl && (!config.use_ssl_only_for_logged_users || cur.session->puser)) && !cur.request->using_ssl )
{
BaseUrlRedirect(303);
log << log3 << "App: BaseUrlRedirect from: " << cur.request->env_http_host << " to SSL connection" << logend;
}
else
{
functions.Parse(); // parsing directories,files,functions and parameters
cur.mount = system.mounts.CalcCurMount();
if( system.mounts.pmount->type != system.mounts.MountTypeStatic() )
Make();
if( system.mounts.pmount->type != system.mounts.MountTypeStatic() )
Make();
}
}
SendAnswer();
@ -336,7 +349,7 @@ void App::Make()
{
if( cur.request->dir_tab.empty() )
{
log << log1 << "Content: there is no a root dir (dir_tab is empty)" << logend;
log << log1 << "App: there is no a root dir (dir_tab is empty)" << logend;
return;
}
@ -375,11 +388,22 @@ void App::Make()
{
// !! dodac inne informacje (get, post, itp)
// jesli jest debug_info wlaczone to nie robic przekierowan
//cur.request->PrintEnv(); // !! PrintEnv() mozna przeniesc tutaj (do klasy App)
PrintEnv();
}
}
void App::PrintEnv()
{
char ** e;
cur.request->debug << "environment variables:\n";
for( e = fcgi_request.envp ; *e ; ++e )
cur.request->debug << ' ' << *e << "\n";
cur.request->debug << '\n';
}
@ -389,6 +413,7 @@ void App::ReadRequest()
ReadEnvVariables();
CheckRequestMethod();
CheckFCGIRole();
CheckSSL();
LogAccess();
@ -399,8 +424,11 @@ void App::ReadRequest()
CheckIE();
CheckKonqueror();
if( cur.request->using_ssl )
log << log3 << "App: SSL enabled" << logend;
if( cur.request->role == Request::authorizer )
log << log3 << "Request: fast cgi role: authorizer" << logend;
log << log3 << "App: fast cgi role: authorizer" << logend;
}
@ -431,6 +459,7 @@ void App::ReadEnvVariables()
SetEnv(cur.request->env_fcgi_role, "FCGI_ROLE");
SetEnv(cur.request->env_content_type, "CONTENT_TYPE");
SetEnv(cur.request->env_http_accept_encoding, "HTTP_ACCEPT_ENCODING");
SetEnv(cur.request->env_https, "HTTPS");
}
@ -460,6 +489,15 @@ void App::CheckFCGIRole()
}
void App::CheckSSL()
{
// value "on" exists in lighttpd server
// make sure that for other servers is "on" too
if( EqualNoCase(cur.request->env_https, "on") )
cur.request->using_ssl = true;
}
void App::LogAccess()
{
@ -484,7 +522,7 @@ void App::ReadGetPostVars()
{
if( IsSubStringNoCase("multipart/form-data", cur.request->env_content_type) )
{
log << log3 << "Request: post content type: multipart/form-data" << logend;
log << log3 << "App: post content type: multipart/form-data" << logend;
post_multi_parser.Parse(fcgi_request.in, cur.request->post_tab, cur.request->post_file_tab);
}
else
@ -543,6 +581,35 @@ void App::PrepareSessionCookie()
bool App::SendHeadersStaticCreateResource()
{
size_t i = 0;
Item * dir = system.dirs.GetDir(system.mounts.pmount->dir_id);
sendh_t3.clear();
if( !dir )
{
log << log1 << "App: cannot find the mount directory" << logend;
return false;
}
size_t how_many_dirs = system.dirs.DirLevel(dir->id);
const char * path = SkipDirs(cur.request->env_request_uri, how_many_dirs);
// the path begins with a slash only if how_many_dirs is zero
while( *path == '/' )
path += 1;
while( path[i]!=0 && path[i]!='?' && path[i]!='#' )
++i;
if( i > 0 )
sendh_t3.assign(path, i);
return true;
}
void App::SendHeadersStatic()
{
if( PathHasUpDir(cur.request->env_request_uri) )
@ -562,28 +629,18 @@ void App::SendHeadersStatic()
return;
}
Ezc::WideToUTF8(config.http_header_send_file, sendheadersstatic_t);
Ezc::WideToUTF8(config.static_dirs[index], sendheadersstatic_t2);
Ezc::WideToUTF8(config.http_header_send_file, sendh_t);
Ezc::WideToUTF8(config.static_dirs[index], sendh_t2);
Item * dir = system.dirs.GetDir(system.mounts.pmount->dir_id);
if( !dir )
if( !SendHeadersStaticCreateResource() )
{
log << log1 << "App: cannot find the mount directory" << logend;
SendHeadersForbidden();
return;
}
size_t how_many_dirs = system.dirs.DirLevel(dir->id);
const char * path = SkipDirs(cur.request->env_request_uri, how_many_dirs);
// the path begins with a slash only if how_many_dirs is zero
while( *path == '/' )
path += 1;
FCGX_FPrintF(fcgi_request.out, "%s: %s/%s\r\n", sendheadersstatic_t.c_str(), sendheadersstatic_t2.c_str(), path);
FCGX_FPrintF(fcgi_request.out, "%s: %s/%s\r\n", sendh_t.c_str(), sendh_t2.c_str(), sendh_t3.c_str());
FCGX_PutS("Status: 200 OK\r\n", fcgi_request.out);
log << log2 << "Sending file from a static mountpoint: " << sendheadersstatic_t2 << "/" << path << logend;
log << log2 << "App: sending a file from a static mountpoint: " << sendh_t2 << "/" << sendh_t3 << logend;
}
@ -593,7 +650,7 @@ void App::SendHeadersForbidden()
{
FCGX_PutS("Status: 403 Forbidden\r\n", fcgi_request.out);
FCGX_PutS("Content-Type: text/html\r\n", fcgi_request.out);
log << log2 << "Request: response: 403 Forbidden" << logend;
log << log2 << "App: response: 403 Forbidden" << logend;
}
@ -629,7 +686,7 @@ void App::SendHeadersRedirect()
Ezc::WideToUTF8(cur.request->redirect_to, cur.request->aredirect_to);
FCGX_FPrintF(fcgi_request.out, "Location: %s\r\n", cur.request->aredirect_to.c_str());
log << log2 << "Redirect to: " << cur.request->aredirect_to << logend;
log << log2 << "App: redirect to: " << cur.request->aredirect_to << logend;
}
@ -640,7 +697,7 @@ void App::SendHeadersSendFile()
FCGX_FPrintF(fcgi_request.out, "%s: %s\r\n", sendfilea.c_str(), sendfile2a.c_str());
FCGX_PutS("Status: 200 OK\r\n", fcgi_request.out);
log << log2 << "Sending file: " << cur.request->x_sendfile << logend;
log << log2 << "App: sending file: " << cur.request->x_sendfile << logend;
}
@ -660,7 +717,7 @@ void App::SendHeadersNormal(Header header)
case h_404:
FCGX_PutS("Status: 404 Not Found\r\n", fcgi_request.out);
FCGX_PutS("Content-Type: text/html\r\n", fcgi_request.out);
log << log2 << "Request: response: 404 Not Found" << logend;
log << log2 << "App: response: 404 Not Found" << logend;
break;
case h_403:

View File

@ -119,11 +119,12 @@ private:
pthread_t signal_thread;
std::string url_to_fetch_on_exit;
std::string source_a;
std::string sendheadersstatic_t, sendheadersstatic_t2;
std::string sendh_t, sendh_t2, sendh_t3;
std::string sendfilea, sendfile2a;
void ProcessRequestThrow();
void ProcessRequest();
void BaseUrlRedirect(int code);
bool BaseUrlRedirect();
void MakePage();
void Make();
@ -133,6 +134,8 @@ private:
void ReadRequest();
void SendAnswer();
void PrintEnv();
void SetEnv(const char * & env, const char * name);
void ReadEnvVariables();
void ReadGetPostVars();
@ -141,10 +144,12 @@ private:
void CheckKonqueror();
void CheckRequestMethod();
void CheckFCGIRole();
void CheckSSL();
void PrepareSessionCookie();
void AddDebugInfo(std::wstring & out);
void FilterCompressSend(bool compressing, int compress_encoding, const std::wstring & source_ref);
bool SendHeadersStaticCreateResource();
void SendHeadersStatic();
void SendHeadersForbidden();
void SendHeadersRedirect();

View File

@ -63,6 +63,7 @@ void Request::Clear()
env_fcgi_role = &char_empty;
env_content_type = &char_empty;
env_http_accept_encoding = &char_empty;
env_https = &char_empty;
item_tab.clear();
item.Clear();
@ -81,6 +82,8 @@ void Request::Clear()
redirect_type = 303;
x_sendfile.clear();
send_as_attachment = false;
using_ssl = false;
}
@ -171,20 +174,6 @@ return &p->second;
/*
void Request::PrintEnv()
{
char ** e;
debug << "environment variables:\n";
for( e = env ; *e ; ++e )
debug << ' ' << *e << "\n";
debug << '\n';
}
*/
bool Request::AllPostVarEmpty()
{

View File

@ -71,6 +71,7 @@ struct Request
const char * env_http_accept_encoding;
const char * env_fcgi_role;
const char * env_content_type;
const char * env_https;
// true if the browser is Microsoft Internet Explorer
bool browser_msie;
@ -78,6 +79,9 @@ struct Request
// true if the browser is Konqueror
bool browser_konqueror;
// true if we are using encrypted connection (SSL)
bool using_ssl;
// current directory
std::vector<Item*> dir_tab;
@ -131,8 +135,7 @@ struct Request
void SetConfig(Config * pconfig);
void Clear();
// for debugging
//void PrintEnv();
bool IsParam(const wchar_t * param_name);