Changeset 155642 in webkit
- Timestamp:
- Sep 12, 2013 1:00:17 PM (11 years ago)
- Location:
- trunk/Source/WebKit2
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit2/ChangeLog
r155641 r155642 1 2013-09-12 Andre Moreira Magalhaes <andre.magalhaes@collabora.co.uk> 2 3 Web Inspector: Do not try to parse incomplete HTTP requests 4 https://bugs.webkit.org/show_bug.cgi?id=121123 5 6 Reviewed by Darin Adler. 7 8 When working on a patch for bug #121121 I found an issue with the InspectorServer where it would try 9 to parse an HTTP message before receiving the full message and thus fail connecting with the 10 chromedevtools plugin. 11 12 What happens is that the WebSocketServerConnection receives buffers on 13 WebSocketServerConnection::didReceiveSocketStreamData and calls 14 WebSocketServerConnection::readHTTPMessage which then checks if we have a valid request by calling 15 HTTPRequest::parseHTTPRequestFromBuffer. If the request is valid it tries to parse the message and 16 clears the buffer, otherwise it continues adding data to the internal buffer until we have a valid 17 request. 18 19 The problem is that currently HTTPRequest::parseHTTPRequestFromBuffer considers the request as valid 20 before receiving the full message. To solve this we should make the method check if the request 21 headers end with a blank line otherwise we consider the request as invalid (see also 22 http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html). 23 24 * UIProcess/API/gtk/tests/TestInspectorServer.cpp: 25 (sendIncompleteRequest): 26 (beforeAll): 27 Add GTK specific test to check if the inspector server replies to incomplete requests. 28 * UIProcess/InspectorServer/HTTPRequest.cpp: 29 (WebKit::HTTPRequest::parseHeaders): 30 Do not consider request valid if headers didn't end with a blank line. 31 1 32 2013-09-12 Anders Carlsson <andersca@apple.com> 2 33 -
trunk/Source/WebKit2/UIProcess/API/gtk/tests/TestInspectorServer.cpp
r153085 r155642 241 241 } 242 242 243 static void sendIncompleteRequest(InspectorServerTest* test, gconstpointer) 244 { 245 GOwnPtr<GError> error; 246 247 // Connect to the inspector server. 248 GSocketClient* client = g_socket_client_new(); 249 GSocketConnection* connection = g_socket_client_connect_to_host(client, "127.0.0.1", 2999, NULL, &error.outPtr()); 250 g_assert(!error.get()); 251 252 // Send incomplete request (missing blank line after headers) and check if inspector server 253 // replies. The server should not reply to an incomplete request and the test should timeout 254 // on read. 255 GOutputStream* ostream = g_io_stream_get_output_stream(G_IO_STREAM(connection)); 256 // Request missing blank line after headers. 257 const gchar* incompleteRequest = "GET /devtools/page/1 HTTP/1.1\r\nHost: Localhost\r\n"; 258 g_output_stream_write(ostream, incompleteRequest, strlen(incompleteRequest), NULL, &error.outPtr()); 259 g_assert(!error.get()); 260 261 GInputStream* istream = g_io_stream_get_input_stream(G_IO_STREAM(connection)); 262 char response[16]; 263 memset(response, 0, sizeof(response)); 264 g_input_stream_read_async(istream, response, sizeof(response) - 1, G_PRIORITY_DEFAULT, NULL, NULL, NULL); 265 // Give a chance for the server to reply. 266 test->wait(2); 267 // If we got any answer it means the server replied to an incomplete request, lets fail. 268 g_assert(String(response).isEmpty()); 269 } 243 270 244 271 void beforeAll() … … 251 278 InspectorServerTest::add("WebKitWebInspectorServer", "test-remote-debugging-message", testRemoteDebuggingMessage); 252 279 InspectorServerTest::add("WebKitWebInspectorServer", "test-open-debugging-session", openRemoteDebuggingSession); 280 InspectorServerTest::add("WebKitWebInspectorServer", "test-incomplete-request", sendIncompleteRequest); 253 281 254 282 } -
trunk/Source/WebKit2/UIProcess/InspectorServer/HTTPRequest.cpp
r150179 r155642 94 94 m_headerFields.add(name, value); 95 95 } 96 97 // If we got here and "name" is empty, it means the headers are valid and ended with a 98 // blank line (parseHTTPHeader returns "name" as empty if parsing a blank line), otherwise 99 // the headers didn't end with a blank line and we have an invalid request. 100 // See also http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html 101 if (!name.isEmpty()) 102 return 0; 96 103 return p - data; 97 104 }
Note: See TracChangeset
for help on using the changeset viewer.