archive/libwebsockets
1
0
Fork 0
mirror of https://libwebsockets.org/repo/libwebsockets synced 2024-12-04 05:47:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
main
libwebsockets/READMEs/README.http_parser.md
Andy Green 24abd699f6 http: parser: straighten out %00 legality 
https://github.com/warmcat/libwebsockets/issues/2262

This adds a README explaining what can be expected if your URLs contain
%00, and adds a safe helper for urlargs-by-name that is length-based.

Contains fix for extra NUL on some headers

https://github.com/warmcat/libwebsockets/issues/2267
2021-04-10 09:21:33 +01:00

935 B
Raw Permalink Blame History

Notes on http parser corner cases

Dealing with %00

%00 is considered illegal in

  • the path part of the URL. A lot of user code handles it as a NUL terminated string, even though the header get apis are based around length. So it is disallowed to avoid ambiguity.

  • the name part of a urlarg, like ?name=value

%00 is valid in

  • the value part of a urlarg, like ?name=value

When the parser sees %00 where it is not allowed, it simply drops the connection.

Note on proper urlarg handling

urlargs are allowed to contain non-NUL terminated binary. So it is important to use the length-based urlarg apis

  • lws_hdr_copy_fragment()
  • lws_get_urlarg_by_name_safe()

The non-length based urlarg api

  • lws_get_urlarg_by_name()

...is soft-deprecated, it's still allowed but it will be fooled by the first %00 seen in the argument into truncating the argument. Use lws_get_urlarg_by_name_safe() instead.