codenotifier - Mongrel: revision 996

Project: Mongrel

Revision: 996

Author: normalperson

Date: 27 Mar 2008 17:46:28

Changes:

http11_parser: accept '"' (double-quote), '<', and '>' characters in URLs

Some broken web browsers don't properly escape ", <, and > characters
in URLs, however these URLs to occasionally legitimate and sometimes
show up.

This patch was submitted by Eden Li here:
http://rubyforge.org/pipermail/mongrel-users/2006-October/001845.html

This patch was accepted by Zed Shaw here:
http://rubyforge.org/pipermail/mongrel-users/2006-October/001847.html

Files:
modified: /trunk/ext/http11/http11_parser.c (try)
modified: /trunk/test/test_http11.rb (try)
modified: /trunk/ext/http11/http11_parser_common.rl (try)

Diff:

......	@@ -485,13 +485,9 @@
485	485	switch( (*p) ) {
486	486	case 32: goto tr30;
	487	case 35: goto st0;
487	488	case 37: goto tr31;
488		case 60: goto st0;
489		case 62: goto st0;
490	489	case 127: goto st0;
491	490	}
492		if ( (*p) > 31 ) {
493		if ( 34 <= (p) && (p) <= 35 )
494		goto st0;
495		} else if ( (*p) >= 0 )
	491	if ( 0 <= (p) && (p) <= 31 )
496	492	goto st0;
497	493	goto tr29;
......	@@ -504,16 +500,12 @@
504	500	goto _out21;
505	501	case 21:
506		#line 507 "http11_parser.c"
	502	#line 503 "http11_parser.c"
507	503	switch( (*p) ) {
508	504	case 32: goto tr30;
	505	case 35: goto st0;
509	506	case 37: goto st22;
510		case 60: goto st0;
511		case 62: goto st0;
512	507	case 127: goto st0;
513	508	}
514		if ( (*p) > 31 ) {
515		if ( 34 <= (p) && (p) <= 35 )
516		goto st0;
517		} else if ( (*p) >= 0 )
	509	if ( 0 <= (p) && (p) <= 31 )
518	510	goto st0;
519	511	goto st21;
......	@@ -526,5 +518,5 @@
526	518	goto _out22;
527	519	case 22:
528		#line 529 "http11_parser.c"
	520	#line 521 "http11_parser.c"
529	521	if ( (*p) < 65 ) {
530	522	if ( 48 <= (p) && (p) <= 57 )
......	@@ -557,5 +549,5 @@
557	549	goto _out24;
558	550	case 24:
559		#line 560 "http11_parser.c"
	551	#line 552 "http11_parser.c"
560	552	switch( (*p) ) {
561	553	case 43: goto st24;
......	@@ -582,12 +574,9 @@
582	574	goto _out25;
583	575	case 25:
584		#line 585 "http11_parser.c"
	576	#line 577 "http11_parser.c"
585	577	switch( (*p) ) {
586	578	case 32: goto tr8;
587		case 34: goto st0;
588	579	case 35: goto tr9;
589	580	case 37: goto st26;
590		case 60: goto st0;
591		case 62: goto st0;
592	581	case 127: goto st0;
593	582	}
......	@@ -629,13 +618,10 @@
629	618	goto _out28;
630	619	case 28:
631		#line 632 "http11_parser.c"
	620	#line 621 "http11_parser.c"
632	621	switch( (*p) ) {
633	622	case 32: goto tr40;
634		case 34: goto st0;
635	623	case 35: goto tr41;
636	624	case 37: goto st29;
637	625	case 59: goto tr43;
638		case 60: goto st0;
639		case 62: goto st0;
640	626	case 63: goto tr44;
641	627	case 127: goto st0;
......	@@ -681,12 +667,9 @@
681	667	goto _out31;
682	668	case 31:
683		#line 684 "http11_parser.c"
	669	#line 670 "http11_parser.c"
684	670	switch( (*p) ) {
685	671	case 32: goto tr8;
686		case 34: goto st0;
687	672	case 35: goto tr9;
688	673	case 37: goto st32;
689		case 60: goto st0;
690		case 62: goto st0;
691	674	case 63: goto st34;
692	675	case 127: goto st0;
......	@@ -732,12 +715,9 @@
732	715	goto _out34;
733	716	case 34:
734		#line 735 "http11_parser.c"
	717	#line 718 "http11_parser.c"
735	718	switch( (*p) ) {
736	719	case 32: goto tr51;
737		case 34: goto st0;
738	720	case 35: goto tr52;
739	721	case 37: goto tr53;
740		case 60: goto st0;
741		case 62: goto st0;
742	722	case 127: goto st0;
743	723	}
......	@@ -753,12 +733,9 @@
753	733	goto _out35;
754	734	case 35:
755		#line 756 "http11_parser.c"
	735	#line 736 "http11_parser.c"
756	736	switch( (*p) ) {
757	737	case 32: goto tr55;
758		case 34: goto st0;
759	738	case 35: goto tr56;
760	739	case 37: goto st36;
761		case 60: goto st0;
762		case 62: goto st0;
763	740	case 127: goto st0;
764	741	}
......	@@ -774,5 +751,5 @@
774	751	goto _out36;
775	752	case 36:
776		#line 777 "http11_parser.c"
	753	#line 754 "http11_parser.c"
777	754	if ( (*p) < 65 ) {
778	755	if ( 48 <= (p) && (p) <= 57 )
......	@@ -1204,5 +1181,5 @@
1204	1181	/* final \r\n combo encountered so stop right here */
1205	1182
1206		#line 1207 "http11_parser.c"
	1183	#line 1184 "http11_parser.c"
1207	1184	#line 136 "http11_parser.rl"
1208	1185	parser->nread++;
......	@@ -1217,5 +1194,5 @@
1217	1194
1218	1195
1219		#line 1220 "http11_parser.c"
	1196	#line 1197 "http11_parser.c"
1220	1197	#line 147 "http11_parser.rl"
1221	1198

......	@@ -53,4 +53,22 @@
53	53	#assert !parser.error?
54	54	end
	55
	56	def test_parse_ie6_urls
	57	%w(/some/random/path"
	58	/some/random/path>
	59	/some/random/path<
	60	/we/love/you/ie6?q=<"">
	61	/url?<="&>="
	62	/mal"formed"?
	63	).each do \|path\|
	64	parser = HttpParser.new
	65	req = {}
	66	sorta_safe = %(GET #{path} HTTP/1.1\r\n\r\n)
	67	nread = parser.execute(req, sorta_safe, 0)
	68	assert_equal sorta_safe.length, nread
	69	assert parser.finished?
	70	assert !parser.error?
	71	end
	72	end
55	73
56	74	def test_parse_error

......	@@ -12,9 +12,10 @@
12	12	extra = ("!" \| "*" \| "'" \| "(" \| ")" \| ",");
13	13	reserved = (";" \| "/" \| "?" \| ":" \| "@" \| "&" \| "=" \| "+");
14		unsafe = (CTL \| " " \| "\"" \| "#" \| "%" \| "<" \| ">");
	14	sorta_safe = ("\"" \| "<" \| ">");
	15	unsafe = (CTL \| " " \| "#" \| "%" \| sorta_safe);
15	16	national = any -- (alpha \| digit \| reserved \| extra \| safe \| unsafe);
16	17	unreserved = (alpha \| digit \| safe \| extra \| national);
17	18	escape = ("%" xdigit xdigit);
18		uchar = (unreserved \| escape);
	19	uchar = (unreserved \| escape \| sorta_safe);
19	20	pchar = (uchar \| ":" \| "@" \| "&" \| "=" \| "+");
20	21	tspecials = ("(" \| ")" \| "<" \| ">" \| "@" \| "," \| ";" \| ":" \| "\\" \| "\"" \| "/" \| "[" \| "]" \| "?" \| "=" \| "{" \| "}" \| " " \| "\t");

Projects	new\|cloud\|list\|latest added\|bugtracking
Jobs	latest news fetches\|latest commit diff fetches\|more
This project	show\|info\|fetch status
Codenotifier	what is it\|blog\|feedback
©2008 codenotifier.com