View Javadoc
1   /*
2    * ====================================================================
3    * Licensed to the Apache Software Foundation (ASF) under one
4    * or more contributor license agreements.  See the NOTICE file
5    * distributed with this work for additional information
6    * regarding copyright ownership.  The ASF licenses this file
7    * to you under the Apache License, Version 2.0 (the
8    * "License"); you may not use this file except in compliance
9    * with the License.  You may obtain a copy of the License at
10   *
11   *   http://www.apache.org/licenses/LICENSE-2.0
12   *
13   * Unless required by applicable law or agreed to in writing,
14   * software distributed under the License is distributed on an
15   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16   * KIND, either express or implied.  See the License for the
17   * specific language governing permissions and limitations
18   * under the License.
19   * ====================================================================
20   *
21   * This software consists of voluntary contributions made by many
22   * individuals on behalf of the Apache Software Foundation.  For more
23   * information on the Apache Software Foundation, please see
24   * <http://www.apache.org/>.
25   *
26   */
27  package org.apache.hc.client5.http.impl.cache;
28  
29  import java.io.IOException;
30  import java.time.Instant;
31  import java.util.ArrayList;
32  import java.util.List;
33  
34  import org.apache.hc.client5.http.ClientProtocolException;
35  import org.apache.hc.client5.http.cache.HeaderConstants;
36  import org.apache.hc.client5.http.utils.DateUtils;
37  import org.apache.hc.core5.http.Header;
38  import org.apache.hc.core5.http.HeaderElement;
39  import org.apache.hc.core5.http.HeaderElements;
40  import org.apache.hc.core5.http.HttpHeaders;
41  import org.apache.hc.core5.http.HttpRequest;
42  import org.apache.hc.core5.http.HttpResponse;
43  import org.apache.hc.core5.http.HttpStatus;
44  import org.apache.hc.core5.http.HttpVersion;
45  import org.apache.hc.core5.http.ProtocolVersion;
46  import org.apache.hc.core5.http.message.BasicHeader;
47  import org.apache.hc.core5.http.message.MessageSupport;
48  
49  class ResponseProtocolCompliance {
50  
51      private static final String UNEXPECTED_100_CONTINUE = "The incoming request did not contain a "
52                      + "100-continue header, but the response was a Status 100, continue.";
53      private static final String UNEXPECTED_PARTIAL_CONTENT = "partial content was returned for a request that did not ask for it";
54  
55      /**
56       * When we get a response from a down stream server (Origin Server)
57       * we attempt to see if it is HTTP 1.1 Compliant and if not, attempt to
58       * make it so.
59       *
60       * @param originalRequest The original {@link HttpRequest}
61       * @param request The {@link HttpRequest} that generated an origin hit and response
62       * @param response The {@link HttpResponse} from the origin server
63       * @throws IOException Bad things happened
64       */
65      public void ensureProtocolCompliance(
66              final HttpRequest originalRequest,
67              final HttpRequest request,
68              final HttpResponse response) throws IOException {
69          requestDidNotExpect100ContinueButResponseIsOne(originalRequest, response);
70  
71          transferEncodingIsNotReturnedTo1_0Client(originalRequest, response);
72  
73          ensurePartialContentIsNotSentToAClientThatDidNotRequestIt(request, response);
74  
75          ensure200ForOPTIONSRequestWithNoBodyHasContentLengthZero(request, response);
76  
77          ensure206ContainsDateHeader(response);
78  
79          ensure304DoesNotContainExtraEntityHeaders(response);
80  
81          identityIsNotUsedInContentEncoding(response);
82  
83          warningsWithNonMatchingWarnDatesAreRemoved(response);
84      }
85  
86      private void warningsWithNonMatchingWarnDatesAreRemoved(
87              final HttpResponse response) {
88          final Instant responseDate = DateUtils.parseStandardDate(response, HttpHeaders.DATE);
89          if (responseDate == null) {
90              return;
91          }
92  
93          final Header[] warningHeaders = response.getHeaders(HeaderConstants.WARNING);
94  
95          if (warningHeaders == null || warningHeaders.length == 0) {
96              return;
97          }
98  
99          final List<Header> newWarningHeaders = new ArrayList<>();
100         boolean modified = false;
101         for(final Header h : warningHeaders) {
102             for(final WarningValue wv : WarningValue.getWarningValues(h)) {
103                 final Instant warnInstant = wv.getWarnDate();
104                 if (warnInstant == null || warnInstant.equals(responseDate)) {
105                     newWarningHeaders.add(new BasicHeader(HeaderConstants.WARNING,wv.toString()));
106                 } else {
107                     modified = true;
108                 }
109             }
110         }
111         if (modified) {
112             response.removeHeaders(HeaderConstants.WARNING);
113             for(final Header h : newWarningHeaders) {
114                 response.addHeader(h);
115             }
116         }
117     }
118 
119     private void identityIsNotUsedInContentEncoding(final HttpResponse response) {
120         final Header[] hdrs = response.getHeaders(HttpHeaders.CONTENT_ENCODING);
121         if (hdrs == null || hdrs.length == 0) {
122             return;
123         }
124         final List<Header> newHeaders = new ArrayList<>();
125         boolean modified = false;
126         for (final Header h : hdrs) {
127             final StringBuilder buf = new StringBuilder();
128             boolean first = true;
129             for (final HeaderElement elt : MessageSupport.parse(h)) {
130                 if ("identity".equalsIgnoreCase(elt.getName())) {
131                     modified = true;
132                 } else {
133                     if (!first) {
134                         buf.append(",");
135                     }
136                     buf.append(elt);
137                     first = false;
138                 }
139             }
140             final String newHeaderValue = buf.toString();
141             if (!newHeaderValue.isEmpty()) {
142                 newHeaders.add(new BasicHeader(HttpHeaders.CONTENT_ENCODING, newHeaderValue));
143             }
144         }
145         if (!modified) {
146             return;
147         }
148         response.removeHeaders(HttpHeaders.CONTENT_ENCODING);
149         for (final Header h : newHeaders) {
150             response.addHeader(h);
151         }
152     }
153 
154     private void ensure206ContainsDateHeader(final HttpResponse response) {
155         if (response.getFirstHeader(HttpHeaders.DATE) == null) {
156             response.addHeader(HttpHeaders.DATE, DateUtils.formatStandardDate(Instant.now()));
157         }
158 
159     }
160 
161     private void ensurePartialContentIsNotSentToAClientThatDidNotRequestIt(final HttpRequest request,
162             final HttpResponse response) throws IOException {
163         if (request.getFirstHeader(HeaderConstants.RANGE) != null
164                 || response.getCode() != HttpStatus.SC_PARTIAL_CONTENT) {
165             return;
166         }
167         throw new ClientProtocolException(UNEXPECTED_PARTIAL_CONTENT);
168     }
169 
170     private void ensure200ForOPTIONSRequestWithNoBodyHasContentLengthZero(final HttpRequest request,
171             final HttpResponse response) {
172         if (!request.getMethod().equalsIgnoreCase(HeaderConstants.OPTIONS_METHOD)) {
173             return;
174         }
175 
176         if (response.getCode() != HttpStatus.SC_OK) {
177             return;
178         }
179 
180         if (response.getFirstHeader(HttpHeaders.CONTENT_LENGTH) == null) {
181             response.addHeader(HttpHeaders.CONTENT_LENGTH, "0");
182         }
183     }
184 
185     private void ensure304DoesNotContainExtraEntityHeaders(final HttpResponse response) {
186         final String[] disallowedEntityHeaders = { HeaderConstants.ALLOW, HttpHeaders.CONTENT_ENCODING,
187                 "Content-Language", HttpHeaders.CONTENT_LENGTH, "Content-MD5",
188                 "Content-Range", HttpHeaders.CONTENT_TYPE, HeaderConstants.LAST_MODIFIED
189         };
190         if (response.getCode() == HttpStatus.SC_NOT_MODIFIED) {
191             for(final String hdr : disallowedEntityHeaders) {
192                 response.removeHeaders(hdr);
193             }
194         }
195     }
196 
197     private void requestDidNotExpect100ContinueButResponseIsOne(
198             final HttpRequest originalRequest, final HttpResponse response) throws IOException {
199         if (response.getCode() != HttpStatus.SC_CONTINUE) {
200             return;
201         }
202 
203         final Header header = originalRequest.getFirstHeader(HttpHeaders.EXPECT);
204         if (header != null && header.getValue().equalsIgnoreCase(HeaderElements.CONTINUE)) {
205             return;
206         }
207         throw new ClientProtocolException(UNEXPECTED_100_CONTINUE);
208     }
209 
210     private void transferEncodingIsNotReturnedTo1_0Client(
211             final HttpRequest originalRequest, final HttpResponse response) {
212         final ProtocolVersion version = originalRequest.getVersion() != null ? originalRequest.getVersion() : HttpVersion.DEFAULT;
213         if (version.compareToVersion(HttpVersion.HTTP_1_1) >= 0) {
214             return;
215         }
216 
217         removeResponseTransferEncoding(response);
218     }
219 
220     private void removeResponseTransferEncoding(final HttpResponse response) {
221         response.removeHeaders("TE");
222         response.removeHeaders(HttpHeaders.TRANSFER_ENCODING);
223     }
224 
225 }