Skip to content

Commit

Permalink
Esplicito errore 400 per le richieste errate
Browse files Browse the repository at this point in the history
  • Loading branch information
@trikko
trikko committed May 7, 2023
1 parent 25c127a commit 0adacc4
Showing 1 changed file with 18 additions and 12 deletions.
30 changes: 18 additions & 12 deletions source/serverino/worker.d
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,8 @@ struct Worker
auto headersEnd = headers.indexOf("\r\n\r\n");


bool valid = true;

// Headers completed?
if (headersEnd > 0)
{
Expand All @@ -292,17 +294,15 @@ struct Worker
if (headersLines.empty)
{
warning("HTTP Request: empty request");
//http.sendError("400 Bad Request");
return false;
valid = false;
}

requestLine = headersLines.front;

if (requestLine.length < 14)
{
warning("HTTP request line too short: ", requestLine);
//http.sendError("400 Bad Request");
return false;
valid = false;
}

auto fields = requestLine.splitter(" ");
Expand Down Expand Up @@ -332,29 +332,25 @@ struct Worker
if (popped != 3 || !fields.empty)
{
warning("HTTP request invalid: ", requestLine);
//http.sendError("400 Bad Request");
return false;
valid = false;
}

if (path.startsWith("http://") || path.startsWith("https://"))
{
warning("Can't use absolute uri");
//http.sendError("400 Bad Request");
return false;
valid = false;
}

if (httpVersion != "HTTP/1.1" && httpVersion != "HTTP/1.0")
{
warning("HTTP request bad http version: ", httpVersion);
//http.sendError("400 Bad Request");
return false;
valid = false;
}

if (["CONNECT", "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT", "TRACE"].assumeSorted.contains(method) == false)
{
warning("HTTP method unknown: ", method);
//http.sendError("400 Bad Request");
return false;
valid = false;
}

headersLines.popFront;
Expand Down Expand Up @@ -390,6 +386,16 @@ struct Worker
}
else return false;

if (!valid)
{
output._internal._httpVersion = (httpVersion == "HTTP/1.1")?(HttpVersion.HTTP11):(HttpVersion.HTTP10);
output._internal._keepAlive = false;
output.status = 400;
output ~= "400 Bad Request";
return false;
}


version(debugRequest) log("-- PARSING DATA");

{
Expand Down

0 comments on commit 0adacc4

Please sign in to comment.