/* is response */
if (pre_header == http) {
- char *status = NULL;
- const char *code = http + sizeof("HTTP/X.x");
+ const char *status = NULL, *code = http + sizeof("HTTP/X.x");
info->type = PHP_HTTP_RESPONSE;
while (' ' == *code) ++code;
if (code && end > code) {
- PHP_HTTP_INFO(info).response.code = strtol(code, &status, 10);
+ /* rfc7230#3.1.2 The status-code element is a 3-digit integer code */
+ PHP_HTTP_INFO(info).response.code = 100*(*code++ - '0');
+ PHP_HTTP_INFO(info).response.code += 10*(*code++ - '0');
+ PHP_HTTP_INFO(info).response.code += *code++ - '0';
+ if (PHP_HTTP_INFO(info).response.code < 100 || PHP_HTTP_INFO(info).response.code > 599) {
+ if (free_info) {
+ php_http_info_free(&info);
+ }
+ return NULL;
+ }
+ status = code;
} else {
PHP_HTTP_INFO(info).response.code = 0;
}
info->type = PHP_HTTP_REQUEST;
if (url && http > url) {
- PHP_HTTP_INFO(info).request.method = estrndup(pre_header, url - pre_header);
+ size_t url_len = url - pre_header;
+
+ PHP_HTTP_INFO(info).request.method = estrndup(pre_header, url_len);
+
while (' ' == *url) ++url;
while (' ' == *(http-1)) --http;
+
if (http > url) {
- PHP_HTTP_INFO(info).request.url = php_http_url_parse(url, http - url, ~0 TSRMLS_CC);
+ /* CONNECT presents an authority only */
+ if (strcasecmp(PHP_HTTP_INFO(info).request.method, "CONNECT")) {
+ PHP_HTTP_INFO(info).request.url = php_http_url_parse(url, http - url, ~0 TSRMLS_CC);
+ } else {
+ PHP_HTTP_INFO(info).request.url = php_http_url_parse_authority(url, http - url, ~0 TSRMLS_CC);
+ }
} else {
PTR_SET(PHP_HTTP_INFO(info).request.method, NULL);
return NULL;