-#!/usr/bin/perl -w
-
package HTTPServer;
use strict;
+use warnings;
use HTTP::Daemon;
use HTTP::Status;
if (!$initialized) {
$synch_callback->();
$initialized = 1;
- }
+ }
my $con = $self->accept();
print STDERR "Accepted a new connection\n" if $log;
while (my $req = $con->get_request) {
- my $url_path = $req->url->path;
+ #my $url_path = $req->url->path;
+ my $url_path = $req->url->as_string;
if ($url_path =~ m{/$}) { # append 'index.html'
$url_path .= 'index.html';
}
if (exists($urls->{$url_path})) {
print STDERR "Serving requested URL: ", $url_path, "\n" if $log;
next unless ($req->method eq "HEAD" || $req->method eq "GET");
-
+
my $url_rec = $urls->{$url_path};
$self->send_response($req, $url_rec, $con);
} else {
print STDERR "Requested wrong URL: ", $url_path, "\n" if $log;
$con->send_error($HTTP::Status::RC_FORBIDDEN);
last;
- }
+ }
}
print STDERR "Closing connection\n" if $log;
$con->close;
if (exists $url_rec->{'auth_method'}) {
($send_content, $code, $msg, $headers) =
$self->handle_auth($req, $url_rec);
+ } elsif (!$self->verify_request_headers ($req, $url_rec)) {
+ ($send_content, $code, $msg, $headers) =
+ ('', 400, 'Mismatch on expected headers', {});
} else {
($code, $msg) = @{$url_rec}{'code', 'msg'};
$headers = $url_rec->{headers};
print $con $content;
next;
}
- if ($req->header("Range")) {
+ if ($req->header("Range") && !$url_rec->{'force_code'}) {
$req->header("Range") =~ m/bytes=(\d*)-(\d*)/;
my $content_len = length($content);
my $start = $1 ? $1 : 0;
my $end = $2 ? $2 : ($content_len - 1);
my $len = $2 ? ($2 - $start) : ($content_len - $start);
- if ($len) {
+ if ($len > 0) {
$resp->header("Accept-Ranges" => "bytes");
$resp->header("Content-Length" => $len);
$resp->header("Content-Range"
my $authhdr = $req->header('Authorization');
# Have we sent the challenge yet?
- unless (defined $url_rec->{auth_challenged}
- && $url_rec->{auth_challenged}) {
+ unless ($url_rec->{auth_challenged} || $url_rec->{auth_no_challenge}) {
# Since we haven't challenged yet, we'd better not
# have received authentication (for our testing purposes).
if ($authhdr) {
# failed it.
$code = 400;
$msg = "You didn't send auth after I sent challenge";
+ if ($url_rec->{auth_no_challenge}) {
+ $msg = "--auth-no-challenge but no auth sent."
+ }
} else {
my ($sent_method) = ($authhdr =~ /^(\S+)/g);
unless ($sent_method eq $url_rec->{'auth_method'}) {
}
}
+sub verify_request_headers {
+ my ($self, $req, $url_rec) = @_;
+
+ return 1 unless exists $url_rec->{'request_headers'};
+ for my $hdrname (keys %{$url_rec->{'request_headers'}}) {
+ my $rhdr = $req->header ($hdrname);
+ my $ehdr = $url_rec->{'request_headers'}{$hdrname};
+ unless (defined $rhdr && $rhdr =~ $ehdr) {
+ print STDERR "\n*** Mismatch on $hdrname: $rhdr =~ $ehdr\n";
+ return undef;
+ }
+ }
+
+ return 1;
+}
+
sub _substitute_port {
my $self = shift;
my $ret = shift;
projects / wget / blobdiff