if (!$initialized) {
$synch_callback->();
$initialized = 1;
- }
+ }
my $con = $self->accept();
print STDERR "Accepted a new connection\n" if $log;
while (my $req = $con->get_request) {
if (exists($urls->{$url_path})) {
print STDERR "Serving requested URL: ", $url_path, "\n" if $log;
next unless ($req->method eq "HEAD" || $req->method eq "GET");
-
+
my $url_rec = $urls->{$url_path};
$self->send_response($req, $url_rec, $con);
} else {
print STDERR "Requested wrong URL: ", $url_path, "\n" if $log;
$con->send_error($HTTP::Status::RC_FORBIDDEN);
last;
- }
+ }
}
print STDERR "Closing connection\n" if $log;
$con->close;
if (exists $url_rec->{'auth_method'}) {
($send_content, $code, $msg, $headers) =
$self->handle_auth($req, $url_rec);
+ } elsif (!$self->verify_request_headers ($req, $url_rec)) {
+ ($send_content, $code, $msg, $headers) =
+ ('', 400, 'Mismatch on expected headers', {});
} else {
($code, $msg) = @{$url_rec}{'code', 'msg'};
$headers = $url_rec->{headers};
next;
}
# fill in content
- $content = $self->_substitute_port($content);
+ $content = $self->_substitute_port($content) if defined $content;
$resp->content($content);
print STDERR "HTTP::Response with content: \n", $resp->as_string if $log;
}
}
}
+sub verify_request_headers {
+ my ($self, $req, $url_rec) = @_;
+
+ return 1 unless exists $url_rec->{'request_headers'};
+ for my $hdrname (keys %{$url_rec->{'request_headers'}}) {
+ my $must_not_match;
+ my $ehdr = $url_rec->{'request_headers'}{$hdrname};
+ if ($must_not_match = ($hdrname =~ /^!(\w+)/)) {
+ $hdrname = $1;
+ }
+ my $rhdr = $req->header ($hdrname);
+ if ($must_not_match) {
+ if (defined $rhdr && $rhdr =~ $ehdr) {
+ $rhdr = '' unless defined $rhdr;
+ print STDERR "\n*** Match forbidden $hdrname: $rhdr =~ $ehdr\n";
+ return undef;
+ }
+ } else {
+ unless (defined $rhdr && $rhdr =~ $ehdr) {
+ $rhdr = '' unless defined $rhdr;
+ print STDERR "\n*** Mismatch on $hdrname: $rhdr =~ $ehdr\n";
+ return undef;
+ }
+ }
+ }
+
+ return 1;
+}
+
sub _substitute_port {
my $self = shift;
my $ret = shift;