}
/* there must be HTTP/1.x in the line */
- if (!(http = php_http_locate_str(pre_header, end - pre_header, "HTTP/1.", lenof("HTTP/1.")))) {
+ if (!(http = php_http_locate_str(pre_header, end - pre_header, "HTTP/", lenof("HTTP/")))) {
return NULL;
}
info = php_http_info_init(info TSRMLS_CC);
- /* and nothing than SPACE or NUL after HTTP/1.x */
+ /* and nothing than SPACE or NUL after HTTP/X.x */
if (!php_http_version_parse(&info->http.version, http TSRMLS_CC)
- || (http[lenof("HTTP/1.1")] && (!PHP_HTTP_IS_CTYPE(space, http[lenof("HTTP/1.1")])))) {
+ || (http[lenof("HTTP/X.x")] && (!PHP_HTTP_IS_CTYPE(space, http[lenof("HTTP/X.x")])))) {
if (free_info) {
php_http_info_free(&info);
}
/* is response */
if (pre_header == http) {
- char *status = NULL;
- const char *code = http + sizeof("HTTP/1.1");
+ const char *status = NULL, *code = http + sizeof("HTTP/X.x");
info->type = PHP_HTTP_RESPONSE;
while (' ' == *code) ++code;
if (code && end > code) {
- PHP_HTTP_INFO(info).response.code = strtol(code, &status, 10);
+ /* rfc7230#3.1.2 The status-code element is a 3-digit integer code */
+ PHP_HTTP_INFO(info).response.code = 100*(*code++ - '0');
+ PHP_HTTP_INFO(info).response.code += 10*(*code++ - '0');
+ PHP_HTTP_INFO(info).response.code += *code++ - '0';
+ if (PHP_HTTP_INFO(info).response.code < 100 || PHP_HTTP_INFO(info).response.code > 599) {
+ if (free_info) {
+ php_http_info_free(&info);
+ }
+ return NULL;
+ }
+ status = code;
} else {
PHP_HTTP_INFO(info).response.code = 0;
}
}
/* is request */
- else if (*(http - 1) == ' ' && (!http[lenof("HTTP/1.x")] || http[lenof("HTTP/1.x")] == '\r' || http[lenof("HTTP/1.x")] == '\n')) {
+ else if (*(http - 1) == ' ' && (!http[lenof("HTTP/X.x")] || http[lenof("HTTP/X.x")] == '\r' || http[lenof("HTTP/X.x")] == '\n')) {
const char *url = strchr(pre_header, ' ');
info->type = PHP_HTTP_REQUEST;
if (url && http > url) {
- PHP_HTTP_INFO(info).request.method = estrndup(pre_header, url - pre_header);
+ size_t url_len = url - pre_header;
+
+ PHP_HTTP_INFO(info).request.method = estrndup(pre_header, url_len);
+
while (' ' == *url) ++url;
while (' ' == *(http-1)) --http;
+
if (http > url) {
- PHP_HTTP_INFO(info).request.url = php_http_url_parse(url, http - url, ~0 TSRMLS_CC);
+ /* CONNECT presents an authority only */
+ if (strcasecmp(PHP_HTTP_INFO(info).request.method, "CONNECT")) {
+ PHP_HTTP_INFO(info).request.url = php_http_url_parse(url, http - url, ~0 TSRMLS_CC);
+ } else {
+ PHP_HTTP_INFO(info).request.url = php_http_url_parse_authority(url, http - url, ~0 TSRMLS_CC);
+ }
} else {
PTR_SET(PHP_HTTP_INFO(info).request.method, NULL);
return NULL;
return info;
}
- /* some darn header containing HTTP/1.x */
+ /* some darn header containing HTTP/X.x */
else {
if (free_info) {
php_http_info_free(&info);