From 71c00ae64ffbc70627dcc4be5350759816106d68 Mon Sep 17 00:00:00 2001 From: Relintai Date: Sun, 16 Apr 2023 23:30:13 +0200 Subject: [PATCH] Fix string parameter parsing in multipart forms, also make multipart form content fields case independent. --- modules/http_server_simple/http_parser.cpp | 37 +++++++--------------- modules/http_server_simple/http_parser.h | 2 -- 2 files changed, 12 insertions(+), 27 deletions(-) diff --git a/modules/http_server_simple/http_parser.cpp b/modules/http_server_simple/http_parser.cpp index 60a589d34..505535372 100644 --- a/modules/http_server_simple/http_parser.cpp +++ b/modules/http_server_simple/http_parser.cpp @@ -114,19 +114,6 @@ HTTPParser::~HTTPParser() { void HTTPParser::_bind_methods() { } -String HTTPParser::chr_len_to_str(const char *at, size_t length) { - String ret; - ret.resize(length + 1); - - CharType *p = ret.ptrw(); - - for (size_t i = 0; i <= length; ++i) { - p[i] = at[i]; - } - - return ret; -} - int HTTPParser::HTTPParser::process_multipart_data(const char *at, size_t p_length) { ERR_FAIL_COND_V(!_multipart_parser, p_length); @@ -134,7 +121,7 @@ int HTTPParser::HTTPParser::process_multipart_data(const char *at, size_t p_leng } void HTTPParser::_process_multipart_header_value(const String &val) { - if (_queued_multipart_header_field == "Content-Disposition") { + if (_queued_multipart_header_field == "content-disposition") { int c = val.get_slice_count(";"); for (int j = 0; j < c; ++j) { @@ -165,7 +152,7 @@ void HTTPParser::_process_multipart_header_value(const String &val) { } } - } else if (_queued_multipart_header_field == "Content-Type") { + } else if (_queued_multipart_header_field == "content-type") { _multipart_form_content_type = val; } else { //Shouldn't happen, should probably close connection @@ -267,7 +254,7 @@ int HTTPParser::on_message_begin() { int HTTPParser::on_url(const char *at, size_t length) { ERR_FAIL_COND_V(!_request.is_valid(), 0); - String s = chr_len_to_str(at, length).uri_decode().strip_edges(); + String s = String::utf8(at, length).uri_decode().strip_edges(); #if MESSAGE_DEBUG ERR_PRINT("url " + s); @@ -280,7 +267,7 @@ int HTTPParser::on_url(const char *at, size_t length) { int HTTPParser::on_status(const char *at, size_t length) { ERR_FAIL_COND_V(!_request.is_valid(), 0); - String s = chr_len_to_str(at, length); + String s = String::utf8(at, length); #if MESSAGE_DEBUG ERR_PRINT("status " + s); @@ -291,7 +278,7 @@ int HTTPParser::on_status(const char *at, size_t length) { int HTTPParser::on_header_field(const char *at, size_t length) { ERR_FAIL_COND_V(!_request.is_valid(), 0); - String s = chr_len_to_str(at, length); + String s = String::utf8(at, length); #if MESSAGE_DEBUG ERR_PRINT("header_field " + s); @@ -304,7 +291,7 @@ int HTTPParser::on_header_field(const char *at, size_t length) { int HTTPParser::on_header_value(const char *at, size_t length) { ERR_FAIL_COND_V(!_request.is_valid(), 0); - String s = chr_len_to_str(at, length); + String s = String::utf8(at, length); #if MESSAGE_DEBUG ERR_PRINT("header_val " + s); @@ -422,7 +409,7 @@ int HTTPParser::on_body(const char *at, size_t p_length) { return 0; } - String s = chr_len_to_str(at, length); + String s = String::utf8(at, length); #if MESSAGE_DEBUG ERR_PRINT("on_body " + s); @@ -532,18 +519,18 @@ int HTTPParser::_on_chunk_complete_cb(http_parser *parser) { #define MULTIPART_MESSAGE_DEBUG 0 int HTTPParser::on_multipart_header_field_cb(const char *at, size_t length) { - String s = chr_len_to_str(at, length); + String s = String::utf8(at, length); - _queued_multipart_header_field = s; + _queued_multipart_header_field = s.to_lower(); #if MULTIPART_MESSAGE_DEBUG - ERR_PRINT("on_multipart_header_field_cb " + s); + ERR_PRINT("on_multipart_header_field_cb " + _queued_multipart_header_field); #endif return 0; } int HTTPParser::on_multipart_header_value_cb(const char *at, size_t length) { - String s = chr_len_to_str(at, length); + String s = String::utf8(at, length); _process_multipart_header_value(s); @@ -603,7 +590,7 @@ int HTTPParser::on_multipart_part_data_end_cb() { _request->add_file(_multipart_form_name, _multipart_form_filename, file_data); } } else { - String s = _multipart_form_data.ptr(); + String s = String::utf8(_multipart_form_data.ptr(), _multipart_form_data.size()); _request->add_post_parameter(_multipart_form_name, s); } diff --git a/modules/http_server_simple/http_parser.h b/modules/http_server_simple/http_parser.h index d3b373f4e..867a3d2c7 100644 --- a/modules/http_server_simple/http_parser.h +++ b/modules/http_server_simple/http_parser.h @@ -69,8 +69,6 @@ protected: bool _error; private: - String chr_len_to_str(const char *at, size_t length); - int process_multipart_data(const char *at, size_t length); void _process_multipart_header_value(const String &val); void process_urlenc_data();