apache · ezelkow1 · Mar 15, 2022 · Jul 12, 2021
diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc
@@ -354,7 +354,7 @@ static const RecordElement RecordsConfig[] =
   ,
   {RECT_CONFIG, "proxy.config.http.post.check.content_length.enabled", RECD_INT, "1", RECU_DYNAMIC, RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
   ,
-  {RECT_CONFIG, "proxy.config.http.strict_uri_parsing", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
+  {RECT_CONFIG, "proxy.config.http.strict_uri_parsing", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_INT, "[0-2]", RECA_NULL}
   ,
   //       # Send http11 requests
   //       #

diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
@@ -885,7 +885,7 @@ http_parser_clear(HTTPParser *parser)
 
 ParseResult
 http_parser_parse_req(HTTPParser *parser, HdrHeap *heap, HTTPHdrImpl *hh, const char **start, const char *end,
-                      bool must_copy_strings, bool eof, bool strict_uri_parsing)
+                      bool must_copy_strings, bool eof, int strict_uri_parsing)
 {
   if (parser->m_parsing_http) {
     MIMEScanner *scanner = &parser->m_mime_parser.m_scanner;

diff --git a/proxy/hdrs/HTTP.h b/proxy/hdrs/HTTP.h
@@ -447,7 +447,7 @@ const char *http_hdr_reason_lookup(unsigned status);
 void http_parser_init(HTTPParser *parser);
 void http_parser_clear(HTTPParser *parser);
 ParseResult http_parser_parse_req(HTTPParser *parser, HdrHeap *heap, HTTPHdrImpl *hh, const char **start, const char *end,
-                                  bool must_copy_strings, bool eof, bool strict_uri_parsing);
+                                  bool must_copy_strings, bool eof, int strict_uri_parsing);
 ParseResult validate_hdr_host(HTTPHdrImpl *hh);
 ParseResult validate_hdr_content_length(HdrHeap *heap, HTTPHdrImpl *hh);
 ParseResult http_parser_parse_resp(HTTPParser *parser, HdrHeap *heap, HTTPHdrImpl *hh, const char **start, const char *end,
@@ -626,10 +626,10 @@ class HTTPHdr : public MIMEHdr
   const char *reason_get(int *length);
   void reason_set(const char *value, int length);
 
-  ParseResult parse_req(HTTPParser *parser, const char **start, const char *end, bool eof, bool strict_uri_parsing = false);
+  ParseResult parse_req(HTTPParser *parser, const char **start, const char *end, bool eof, int strict_uri_parsing = 0);
   ParseResult parse_resp(HTTPParser *parser, const char **start, const char *end, bool eof);
 
-  ParseResult parse_req(HTTPParser *parser, IOBufferReader *r, int *bytes_used, bool eof, bool strict_uri_parsing = false);
+  ParseResult parse_req(HTTPParser *parser, IOBufferReader *r, int *bytes_used, bool eof, int strict_uri_parsing = 0);
   ParseResult parse_resp(HTTPParser *parser, IOBufferReader *r, int *bytes_used, bool eof);
 
 public:
@@ -1227,7 +1227,7 @@ HTTPHdr::reason_set(const char *value, int length)
   -------------------------------------------------------------------------*/
 
 inline ParseResult
-HTTPHdr::parse_req(HTTPParser *parser, const char **start, const char *end, bool eof, bool strict_uri_parsing)
+HTTPHdr::parse_req(HTTPParser *parser, const char **start, const char *end, bool eof, int strict_uri_parsing)
 {
   ink_assert(valid());
   ink_assert(m_http->m_polarity == HTTP_TYPE_REQUEST);

diff --git a/proxy/hdrs/HdrTSOnly.cc b/proxy/hdrs/HdrTSOnly.cc
@@ -45,7 +45,7 @@
   -------------------------------------------------------------------------*/
 
 ParseResult
-HTTPHdr::parse_req(HTTPParser *parser, IOBufferReader *r, int *bytes_used, bool eof, bool strict_uri_parsing)
+HTTPHdr::parse_req(HTTPParser *parser, IOBufferReader *r, int *bytes_used, bool eof, int strict_uri_parsing)
 {
   const char *start;
   const char *tmp;

diff --git a/proxy/hdrs/URL.cc b/proxy/hdrs/URL.cc
@@ -1179,10 +1179,34 @@ url_is_strictly_compliant(const char *start, const char *end)
   return true;
 }
 
+/**
+ *  This method will return TRUE if the uri is mostly compliant with
+ *  RFC 3986 and it will return FALSE if not. Specifically denying white
+ *  space an unprintable characters
+ */
+static bool
+url_is_mostly_compliant(const char *start, const char *end)
+{
+  for (const char *i = start; i < end; ++i) {
+    if (isspace(*i)) {
+      Debug("http", "Whitespace character [0x%.2X] found in URL", (unsigned char)*i);
+      return false;
+    }
+    if (!isprint(*i)) {
+      Debug("http", "Non-printable character [0x%.2X] found in URL", (unsigned char)*i);
+      return false;
+    }
+  }
+  return true;
+}
+
 ParseResult
-url_parse(HdrHeap *heap, URLImpl *url, const char **start, const char *end, bool copy_strings_p, bool strict_uri_parsing)
+url_parse(HdrHeap *heap, URLImpl *url, const char **start, const char *end, bool copy_strings_p, int strict_uri_parsing)
 {
-  if (strict_uri_parsing && !url_is_strictly_compliant(*start, end)) {
+  if (strict_uri_parsing == 1 && !url_is_strictly_compliant(*start, end)) {
+    return PARSE_RESULT_ERROR;
+  }
+  if (strict_uri_parsing == 2 && !url_is_mostly_compliant(*start, end)) {
     return PARSE_RESULT_ERROR;
   }
 

diff --git a/proxy/hdrs/URL.h b/proxy/hdrs/URL.h
@@ -198,14 +198,13 @@ void url_query_set(HdrHeap *heap, URLImpl *url, const char *value, int length, b
 void url_fragment_set(HdrHeap *heap, URLImpl *url, const char *value, int length, bool copy_string);
 
 ParseResult url_parse(HdrHeap *heap, URLImpl *url, const char **start, const char *end, bool copy_strings,
-                      bool strict_uri_parsing = false);
+                      int strict_uri_parsing = false);
 ParseResult url_parse_no_path_component_breakdown(HdrHeap *heap, URLImpl *url, const char **start, const char *end,
                                                   bool copy_strings);
 ParseResult url_parse_internet(HdrHeap *heap, URLImpl *url, const char **start, const char *end, bool copy_strings);
 ParseResult url_parse_http(HdrHeap *heap, URLImpl *url, const char **start, const char *end, bool copy_strings);
 ParseResult url_parse_http_no_path_component_breakdown(HdrHeap *heap, URLImpl *url, const char **start, const char *end,
                                                        bool copy_strings);
-
 char *url_unescapify(Arena *arena, const char *str, int length);
 
 void unescape_str(char *&buf, char *buf_e, const char *&str, const char *str_e, int &state);

diff --git a/proxy/http/HttpConfig.cc b/proxy/http/HttpConfig.cc
@@ -1475,7 +1475,7 @@ HttpConfig::reconfigure()
   params->referer_filter_enabled  = INT_TO_BOOL(m_master.referer_filter_enabled);
   params->referer_format_redirect = INT_TO_BOOL(m_master.referer_format_redirect);
 
-  params->strict_uri_parsing = INT_TO_BOOL(m_master.strict_uri_parsing);
+  params->strict_uri_parsing = m_master.strict_uri_parsing;
 
   params->oride.down_server_timeout    = m_master.oride.down_server_timeout;
   params->oride.client_abort_threshold = m_master.oride.client_abort_threshold;

diff --git a/tests/gold_tests/headers/gold/bad_good_request.gold b/tests/gold_tests/headers/gold/bad_good_request.gold
@@ -0,0 +1,9 @@
+``HTTP/1.1 400 Invalid HTTP Request
+``Connection: close
+``Server: ATS/``
+``Content-Length: 219
+``
+<TITLE>Bad Request</TITLE>
+``<H1>Bad Request</H1>
+``Description: Could not process this request.
+``
diff --git a/tests/gold_tests/headers/gold/bad_good_request_header.gold b/tests/gold_tests/headers/gold/bad_good_request_header.gold
@@ -0,0 +1,5 @@
+``HTTP/1.1 400 Invalid HTTP Request
+``Connection: close
+``Server: ATS/``
+``Content-Length: 219
+``
diff --git a/tests/gold_tests/headers/gold/bad_good_request_http1.gold b/tests/gold_tests/headers/gold/bad_good_request_http1.gold
@@ -0,0 +1,8 @@
+``HTTP/1.0 400 Invalid HTTP Request
+``Server: ATS/``
+``Content-Length: 219
+``
+<TITLE>Bad Request</TITLE>
+``<H1>Bad Request</H1>
+``Description: Could not process this request.
+``
diff --git a/tests/gold_tests/headers/gold/bad_method.gold b/tests/gold_tests/headers/gold/bad_method.gold
@@ -0,0 +1,24 @@
+HTTP/1.1 501 Unsupported method ('gET')
+Content-Type: text/html;charset=utf-8
+Content-Length: 496
+Date: ``
+Age: 0
+Connection: keep-alive
+Server: ATS/``
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
+        "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+    <head>
+        <meta http-equiv="Content-Type" content="text/html;charset=utf-8">
+        <title>Error response</title>
+    </head>
+    <body>
+        <h1>Error response</h1>
+        <p>Error code: 501</p>
+        <p>Message: Unsupported method ('gET').</p>
+        <p>Error code explanation: HTTPStatus.NOT_IMPLEMENTED - Server does not support this operation.</p>
+    </body>
+</html>
+HTTP/1.1 200 OK
+``
diff --git a/tests/gold_tests/headers/gold/bad_protocol_number.gold b/tests/gold_tests/headers/gold/bad_protocol_number.gold
@@ -0,0 +1,22 @@
+HTTP/1.1 505 Unsupported HTTP Version
+Date: ``
+Server: ATS/``
+Cache-Control: no-store
+Content-Type: text/html
+Content-Language: en
+Content-Length: 219
+
+<HTML>
+<HEAD>
+<TITLE>Bad Request</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>Bad Request</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial"><B>
+Description: Could not process this request.
+</B></FONT>
+<HR>
+</BODY>
diff --git a/tests/gold_tests/headers/gold/bad_te_value.gold b/tests/gold_tests/headers/gold/bad_te_value.gold
@@ -0,0 +1,25 @@
+HTTP/1.1 501 Field not implemented
+Date: ``
+Connection: keep-alive
+Server: ATS/``
+Cache-Control: no-store
+Content-Type: text/html
+Content-Language: en
+Content-Length: 289
+
+<HTML>
+<HEAD>
+<TITLE>Transcoding Not Available</TITLE>
+</HEAD>
+
+<BODY BGCOLOR="white" FGCOLOR="black">
+<H1>Transcoding Not Available</H1>
+<HR>
+
+<FONT FACE="Helvetica,Arial">
+
+<B> Description: Unable to provide the document in the
+format requested by your browser.
+</B></FONT>
+<HR>
+</BODY>