diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2018-11-07 12:19:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2018-11-07 12:20:17 +0000 |
commit | a64a253794ac64cb40befee54db53bde17dd0d49 (patch) | |
tree | c1024acc5f6e508814b944d99f112259bb28b1be /web/server/web_client.c | |
parent | New upstream version 1.10.0+dfsg (diff) | |
download | netdata-a64a253794ac64cb40befee54db53bde17dd0d49.tar.xz netdata-a64a253794ac64cb40befee54db53bde17dd0d49.zip |
New upstream version 1.11.0+dfsgupstream/1.11.0+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | web/server/web_client.c (renamed from src/web_client.c) | 85 |
1 files changed, 22 insertions, 63 deletions
diff --git a/src/web_client.c b/web/server/web_client.c index 477fb3d57..282cfcd1a 100644 --- a/src/web_client.c +++ b/web/server/web_client.c @@ -1,4 +1,6 @@ -#include "common.h" +// SPDX-License-Identifier: GPL-3.0-or-later + +#include "web_client.h" // this is an async I/O implementation of the web server request parser // it is used by all netdata web servers @@ -53,6 +55,18 @@ static inline int web_client_uncrock_socket(struct web_client *w) { return 0; } +static inline char *strip_control_characters(char *url) { + char *s = url; + if(!s) return ""; + + if(iscntrl(*s)) *s = ' '; + while(*++s) { + if(iscntrl(*s)) *s = ' '; + } + + return url; +} + void web_client_request_done(struct web_client *w) { web_client_uncrock_socket(w); @@ -120,7 +134,7 @@ void web_client_request_done(struct web_client *w) { , dt_usec(&tv, &w->tv_ready) / 1000.0 , dt_usec(&tv, &w->tv_in) / 1000.0 , w->response.code - , w->last_url + , strip_control_characters(w->last_url) ); } @@ -329,10 +343,6 @@ int mysendfile(struct web_client *w, char *filename) { // skip leading slashes while (*filename == '/') filename++; - // if the filename contain known paths, skip them - if(strncmp(filename, WEB_PATH_FILE "/", strlen(WEB_PATH_FILE) + 1) == 0) - filename = &filename[strlen(WEB_PATH_FILE) + 1]; - // if the filename contains "strange" characters, refuse to serve it char *s; for(s = filename; *s ;s++) { @@ -403,7 +413,7 @@ int mysendfile(struct web_client *w, char *filename) { if(errno == EBUSY || errno == EAGAIN) { error("%llu: File '%s' is busy, sending 307 Moved Temporarily to force retry.", w->id, webfilename); w->response.data->contenttype = CT_TEXT_HTML; - buffer_sprintf(w->response.header, "Location: /" WEB_PATH_FILE "/%s\r\n", filename); + buffer_sprintf(w->response.header, "Location: /%s\r\n", filename); buffer_strcat(w->response.data, "File is currently busy, please try again later: "); buffer_strcat_htmlescape(w->response.data, webfilename); return 307; @@ -550,31 +560,6 @@ void buffer_data_options2string(BUFFER *wb, uint32_t options) { } } -const char *group_method2string(int group) { - switch(group) { - case GROUP_UNDEFINED: - return ""; - - case GROUP_AVERAGE: - return "average"; - - case GROUP_MIN: - return "min"; - - case GROUP_MAX: - return "max"; - - case GROUP_SUM: - return "sum"; - - case GROUP_INCREMENTAL_SUM: - return "incremental-sum"; - - default: - return "unknown-group-method"; - } -} - static inline int check_host_and_call(RRDHOST *host, struct web_client *w, char *url, int (*func)(RRDHOST *, struct web_client *, char *)) { if(unlikely(host->rrd_memory_mode == RRD_MEMORY_MODE_NONE)) { buffer_flush(w->response.data); @@ -898,7 +883,7 @@ static inline HTTP_VALIDATION http_request_validate(struct web_client *w) { *ue = ' '; // copy the URL - we are going to overwrite parts of it - // FIXME -- we should avoid it + // TODO -- ideally we we should avoid copying buffers around strncpyz(w->last_url, w->decoded_url, NETDATA_WEB_REQUEST_URL_SIZE); w->header_parse_tries = 0; @@ -1114,11 +1099,6 @@ static inline int web_client_process_url(RRDHOST *host, struct web_client *w, ch static uint32_t hash_api = 0, hash_netdata_conf = 0, - hash_data = 0, - hash_datasource = 0, - hash_graph = 0, - hash_list = 0, - hash_all_json = 0, hash_host = 0; #ifdef NETDATA_INTERNAL_CHECKS @@ -1128,11 +1108,6 @@ static inline int web_client_process_url(RRDHOST *host, struct web_client *w, ch if(unlikely(!hash_api)) { hash_api = simple_hash("api"); hash_netdata_conf = simple_hash("netdata.conf"); - hash_data = simple_hash(WEB_PATH_DATA); - hash_datasource = simple_hash(WEB_PATH_DATASOURCE); - hash_graph = simple_hash(WEB_PATH_GRAPH); - hash_list = simple_hash("list"); - hash_all_json = simple_hash("all.json"); hash_host = simple_hash("host"); #ifdef NETDATA_INTERNAL_CHECKS hash_exit = simple_hash("exit"); @@ -1154,26 +1129,6 @@ static inline int web_client_process_url(RRDHOST *host, struct web_client *w, ch debug(D_WEB_CLIENT_ACCESS, "%llu: host switch request ...", w->id); return web_client_switch_host(host, w, url); } - else if(unlikely(hash == hash_data && strcmp(tok, WEB_PATH_DATA) == 0)) { // old API "data" - debug(D_WEB_CLIENT_ACCESS, "%llu: old API data request...", w->id); - return check_host_and_dashboard_acl_and_call(host, w, url, web_client_api_old_data_request_json); - } - else if(unlikely(hash == hash_datasource && strcmp(tok, WEB_PATH_DATASOURCE) == 0)) { // old API "datasource" - debug(D_WEB_CLIENT_ACCESS, "%llu: old API datasource request...", w->id); - return check_host_and_dashboard_acl_and_call(host, w, url, web_client_api_old_data_request_jsonp); - } - else if(unlikely(hash == hash_graph && strcmp(tok, WEB_PATH_GRAPH) == 0)) { // old API "graph" - debug(D_WEB_CLIENT_ACCESS, "%llu: old API graph request...", w->id); - return check_host_and_dashboard_acl_and_call(host, w, url, web_client_api_old_graph_request); - } - else if(unlikely(hash == hash_list && strcmp(tok, "list") == 0)) { // old API "list" - debug(D_WEB_CLIENT_ACCESS, "%llu: old API list request...", w->id); - return check_host_and_dashboard_acl_and_call(host, w, url, web_client_api_old_list_request); - } - else if(unlikely(hash == hash_all_json && strcmp(tok, "all.json") == 0)) { // old API "all.json" - debug(D_WEB_CLIENT_ACCESS, "%llu: old API all.json request...", w->id); - return check_host_and_dashboard_acl_and_call(host, w, url, web_client_api_old_all_json); - } else if(unlikely(hash == hash_netdata_conf && strcmp(tok, "netdata.conf") == 0)) { // netdata.conf if(unlikely(!web_client_can_access_netdataconf(w))) return web_client_permission_denied(w); @@ -1638,6 +1593,8 @@ ssize_t web_client_read_file(struct web_client *w) ssize_t bytes = read(w->ifd, &w->response.data->buffer[w->response.data->len], (size_t)left); if(likely(bytes > 0)) { size_t old = w->response.data->len; + (void)old; + w->response.data->len += bytes; w->response.data->buffer[w->response.data->len] = '\0'; @@ -1691,6 +1648,8 @@ ssize_t web_client_receive(struct web_client *w) w->stats_received_bytes += bytes; size_t old = w->response.data->len; + (void)old; + w->response.data->len += bytes; w->response.data->buffer[w->response.data->len] = '\0'; |