Pre-allocate, check, and consume method, scheme, and content-type headers at
the server.
Verify that method, scheme, and te trailers are present, and error out if not.
Complain if content-type doesn't match the format, but don't error out.
This currently, for now, blindly allows all three schemes (grpc, http, https)
without verification, although that will change once the C implementation
finishes switching to http/https.
Cloned from CL 82558661 by 'g4 patch'.
Original change by klempner@klempner:grpc_metadata:808:citc on 2014/12/19 18:41:47.
Change on 2015/01/12 by ctiller <ctiller@google.com>
-------------
Created by MOE: http://code.google.com/p/moe-java
MOE_MIGRATED_REVID=83785251
diff --git a/src/core/channel/http_server_filter.c b/src/core/channel/http_server_filter.c
index 9a20d79..44eab43 100644
--- a/src/core/channel/http_server_filter.c
+++ b/src/core/channel/http_server_filter.c
@@ -32,13 +32,26 @@
*/
#include "src/core/channel/http_server_filter.h"
+
+#include <string.h>
#include <grpc/support/log.h>
-typedef struct call_data { int sent_status; } call_data;
+typedef struct call_data {
+ int sent_status;
+ int seen_scheme;
+ int seen_method;
+ int seen_te_trailers;
+} call_data;
typedef struct channel_data {
grpc_mdelem *te_trailers;
- grpc_mdelem *status_md;
+ grpc_mdelem *method;
+ grpc_mdelem *http_scheme;
+ grpc_mdelem *https_scheme;
+ /* TODO(klempner): Remove this once we stop using it */
+ grpc_mdelem *grpc_scheme;
+ grpc_mdelem *content_type;
+ grpc_mdelem *status;
} channel_data;
/* used to silence 'variable not used' warnings */
@@ -56,20 +69,54 @@
channel_data *channeld = elem->channel_data;
GRPC_CALL_LOG_OP(GPR_INFO, elem, op);
- ignore_unused(calld);
- ignore_unused(channeld);
-
switch (op->type) {
case GRPC_RECV_METADATA:
- /* check if it's a te: trailers header */
- if (op->data.metadata == channeld->te_trailers) {
+ /* Check if it is one of the headers we care about. */
+ if (op->data.metadata == channeld->te_trailers ||
+ op->data.metadata == channeld->method ||
+ op->data.metadata == channeld->http_scheme ||
+ op->data.metadata == channeld->https_scheme ||
+ op->data.metadata == channeld->grpc_scheme ||
+ op->data.metadata == channeld->content_type) {
/* swallow it */
+ if (op->data.metadata == channeld->method) {
+ calld->seen_method = 1;
+ } else if (op->data.metadata->key == channeld->http_scheme->key) {
+ calld->seen_scheme = 1;
+ } else if (op->data.metadata == channeld->te_trailers) {
+ calld->seen_te_trailers = 1;
+ }
+ /* TODO(klempner): Track that we've seen all the headers we should
+ require */
grpc_mdelem_unref(op->data.metadata);
op->done_cb(op->user_data, GRPC_OP_OK);
- } else if (op->data.metadata->key == channeld->te_trailers->key) {
- gpr_log(GPR_ERROR, "Invalid te: header: '%s'",
+ } else if (op->data.metadata->key == channeld->content_type->key) {
+ if (strncmp(grpc_mdstr_as_c_string(op->data.metadata->value),
+ "application/grpc+", 17) == 0) {
+ /* Although the C implementation doesn't (currently) generate them,
+ any
+ custom +-suffix is explicitly valid. */
+ /* TODO(klempner): We should consider preallocating common values such
+ as +proto or +json, or at least stashing them if we see them. */
+ /* TODO(klempner): Should we be surfacing this to application code? */
+ } else {
+ /* TODO(klempner): We're currently allowing this, but we shouldn't
+ see it without a proxy so log for now. */
+ gpr_log(GPR_INFO, "Unexpected content-type %s",
+ channeld->content_type->key);
+ }
+ grpc_mdelem_unref(op->data.metadata);
+ op->done_cb(op->user_data, GRPC_OP_OK);
+ } else if (op->data.metadata->key == channeld->te_trailers->key ||
+ op->data.metadata->key == channeld->method->key ||
+ op->data.metadata->key == channeld->http_scheme->key ||
+ op->data.metadata->key == channeld->content_type->key) {
+ gpr_log(GPR_ERROR, "Invalid %s: header: '%s'",
+ grpc_mdstr_as_c_string(op->data.metadata->key),
grpc_mdstr_as_c_string(op->data.metadata->value));
- /* swallow it */
+ /* swallow it and error everything out. */
+ /* TODO(klempner): We ought to generate more descriptive error messages
+ on the wire here. */
grpc_mdelem_unref(op->data.metadata);
op->done_cb(op->user_data, GRPC_OP_OK);
grpc_call_element_send_cancel(elem);
@@ -78,14 +125,33 @@
grpc_call_next_op(elem, op);
}
break;
+ case GRPC_RECV_END_OF_INITIAL_METADATA:
+ /* Have we seen the required http2 transport headers?
+ (:method, :scheme, content-type, with :path and :authority covered
+ at the channel level right now) */
+ if (calld->seen_method && calld->seen_scheme && calld->seen_te_trailers) {
+ grpc_call_next_op(elem, op);
+ } else {
+ if (!calld->seen_method) {
+ gpr_log(GPR_ERROR, "Missing :method header");
+ } else if (!calld->seen_scheme) {
+ gpr_log(GPR_ERROR, "Missing :scheme header");
+ } else if (!calld->seen_te_trailers) {
+ gpr_log(GPR_ERROR, "Missing te trailers header");
+ }
+ /* Error this call out */
+ op->done_cb(op->user_data, GRPC_OP_OK);
+ grpc_call_element_send_cancel(elem);
+ }
+ break;
case GRPC_SEND_START:
case GRPC_SEND_METADATA:
/* If we haven't sent status 200 yet, we need to so so because it needs to
come before any non : prefixed metadata. */
if (!calld->sent_status) {
calld->sent_status = 1;
- /* status_md is reffed by grpc_call_element_send_metadata */
- grpc_call_element_send_metadata(elem, channeld->status_md);
+ /* status is reffed by grpc_call_element_send_metadata */
+ grpc_call_element_send_metadata(elem, channeld->status);
}
grpc_call_next_op(elem, op);
break;
@@ -124,6 +190,9 @@
/* initialize members */
calld->sent_status = 0;
+ calld->seen_scheme = 0;
+ calld->seen_method = 0;
+ calld->seen_te_trailers = 0;
}
/* Destructor for call_data */
@@ -151,7 +220,13 @@
/* initialize members */
channeld->te_trailers = grpc_mdelem_from_strings(mdctx, "te", "trailers");
- channeld->status_md = grpc_mdelem_from_strings(mdctx, ":status", "200");
+ channeld->status = grpc_mdelem_from_strings(mdctx, ":status", "200");
+ channeld->method = grpc_mdelem_from_strings(mdctx, ":method", "POST");
+ channeld->http_scheme = grpc_mdelem_from_strings(mdctx, ":scheme", "http");
+ channeld->https_scheme = grpc_mdelem_from_strings(mdctx, ":scheme", "https");
+ channeld->grpc_scheme = grpc_mdelem_from_strings(mdctx, ":scheme", "grpc");
+ channeld->content_type =
+ grpc_mdelem_from_strings(mdctx, "content-type", "application/grpc");
}
/* Destructor for channel data */
@@ -160,7 +235,12 @@
channel_data *channeld = elem->channel_data;
grpc_mdelem_unref(channeld->te_trailers);
- grpc_mdelem_unref(channeld->status_md);
+ grpc_mdelem_unref(channeld->status);
+ grpc_mdelem_unref(channeld->method);
+ grpc_mdelem_unref(channeld->http_scheme);
+ grpc_mdelem_unref(channeld->https_scheme);
+ grpc_mdelem_unref(channeld->grpc_scheme);
+ grpc_mdelem_unref(channeld->content_type);
}
const grpc_channel_filter grpc_http_server_filter = {