| … | |
… | |
| 39 | package AnyEvent::HTTP; |
39 | package AnyEvent::HTTP; |
| 40 | |
40 | |
| 41 | use strict; |
41 | use strict; |
| 42 | no warnings; |
42 | no warnings; |
| 43 | |
43 | |
| 44 | use Carp; |
44 | use Errno (); |
| 45 | |
45 | |
| 46 | use AnyEvent (); |
46 | use AnyEvent 4.8 (); |
| 47 | use AnyEvent::Util (); |
47 | use AnyEvent::Util (); |
| 48 | use AnyEvent::Socket (); |
48 | use AnyEvent::Socket (); |
| 49 | use AnyEvent::Handle (); |
49 | use AnyEvent::Handle (); |
| 50 | |
50 | |
| 51 | use base Exporter::; |
51 | use base Exporter::; |
| 52 | |
52 | |
| 53 | our $VERSION = '1.05'; |
53 | our $VERSION = '1.4'; |
| 54 | |
54 | |
| 55 | our @EXPORT = qw(http_get http_post http_head http_request); |
55 | our @EXPORT = qw(http_get http_post http_head http_request); |
| 56 | |
56 | |
| 57 | our $USERAGENT = "Mozilla/5.0 (compatible; AnyEvent::HTTP/$VERSION; +http://software.schmorp.de/pkg/AnyEvent)"; |
57 | our $USERAGENT = "Mozilla/5.0 (compatible; U; AnyEvent-HTTP/$VERSION; +http://software.schmorp.de/pkg/AnyEvent)"; |
| 58 | our $MAX_RECURSE = 10; |
58 | our $MAX_RECURSE = 10; |
| 59 | our $MAX_PERSISTENT = 8; |
59 | our $MAX_PERSISTENT = 8; |
| 60 | our $PERSISTENT_TIMEOUT = 2; |
60 | our $PERSISTENT_TIMEOUT = 2; |
| 61 | our $TIMEOUT = 300; |
61 | our $TIMEOUT = 300; |
| 62 | |
62 | |
| 63 | # changing these is evil |
63 | # changing these is evil |
| 64 | our $MAX_PERSISTENT_PER_HOST = 2; |
64 | our $MAX_PERSISTENT_PER_HOST = 0; |
| 65 | our $MAX_PER_HOST = 4; |
65 | our $MAX_PER_HOST = 4; |
| 66 | |
66 | |
| 67 | our $PROXY; |
67 | our $PROXY; |
| 68 | our $ACTIVE = 0; |
68 | our $ACTIVE = 0; |
| 69 | |
69 | |
| … | |
… | |
| 94 | When called in void context, nothing is returned. In other contexts, |
94 | When called in void context, nothing is returned. In other contexts, |
| 95 | C<http_request> returns a "cancellation guard" - you have to keep the |
95 | C<http_request> returns a "cancellation guard" - you have to keep the |
| 96 | object at least alive until the callback get called. If the object gets |
96 | object at least alive until the callback get called. If the object gets |
| 97 | destroyed before the callbakc is called, the request will be cancelled. |
97 | destroyed before the callbakc is called, the request will be cancelled. |
| 98 | |
98 | |
| 99 | The callback will be called with the response data as first argument |
99 | The callback will be called with the response body data as first argument |
| 100 | (or C<undef> if it wasn't available due to errors), and a hash-ref with |
100 | (or C<undef> if an error occured), and a hash-ref with response headers as |
| 101 | response headers as second argument. |
101 | second argument. |
| 102 | |
102 | |
| 103 | All the headers in that hash are lowercased. In addition to the response |
103 | All the headers in that hash are lowercased. In addition to the response |
| 104 | headers, the "pseudo-headers" C<HTTPVersion>, C<Status> and C<Reason> |
104 | headers, the "pseudo-headers" C<HTTPVersion>, C<Status> and C<Reason> |
| 105 | contain the three parts of the HTTP Status-Line of the same name. The |
105 | contain the three parts of the HTTP Status-Line of the same name. The |
| 106 | pseudo-header C<URL> contains the original URL (which can differ from the |
106 | pseudo-header C<URL> contains the original URL (which can differ from the |
| … | |
… | |
| 108 | |
108 | |
| 109 | If the server sends a header multiple times, then their contents will be |
109 | If the server sends a header multiple times, then their contents will be |
| 110 | joined together with a comma (C<,>), as per the HTTP spec. |
110 | joined together with a comma (C<,>), as per the HTTP spec. |
| 111 | |
111 | |
| 112 | If an internal error occurs, such as not being able to resolve a hostname, |
112 | If an internal error occurs, such as not being able to resolve a hostname, |
| 113 | then C<$data> will be C<undef>, C<< $headers->{Status} >> will be C<599> |
113 | then C<$data> will be C<undef>, C<< $headers->{Status} >> will be C<59x> |
| 114 | and the C<Reason> pseudo-header will contain an error message. |
114 | (usually C<599>) and the C<Reason> pseudo-header will contain an error |
|
|
115 | message. |
| 115 | |
116 | |
| 116 | A typical callback might look like this: |
117 | A typical callback might look like this: |
| 117 | |
118 | |
| 118 | sub { |
119 | sub { |
| 119 | my ($body, $hdr) = @_; |
120 | my ($body, $hdr) = @_; |
| … | |
… | |
| 165 | based on the original netscape specification. |
166 | based on the original netscape specification. |
| 166 | |
167 | |
| 167 | The C<$hash_ref> must be an (initially empty) hash reference which will |
168 | The C<$hash_ref> must be an (initially empty) hash reference which will |
| 168 | get updated automatically. It is possible to save the cookie_jar to |
169 | get updated automatically. It is possible to save the cookie_jar to |
| 169 | persistent storage with something like JSON or Storable, but this is not |
170 | persistent storage with something like JSON or Storable, but this is not |
| 170 | recommended, as expire times are currently being ignored. |
171 | recommended, as expiry times are currently being ignored. |
| 171 | |
172 | |
| 172 | Note that this cookie implementation is not of very high quality, nor |
173 | Note that this cookie implementation is not of very high quality, nor |
| 173 | meant to be complete. If you want complete cookie management you have to |
174 | meant to be complete. If you want complete cookie management you have to |
| 174 | do that on your own. C<cookie_jar> is meant as a quick fix to get some |
175 | do that on your own. C<cookie_jar> is meant as a quick fix to get some |
| 175 | cookie-using sites working. Cookies are a privacy disaster, do not use |
176 | cookie-using sites working. Cookies are a privacy disaster, do not use |
| 176 | them unless required to. |
177 | them unless required to. |
|
|
178 | |
|
|
179 | =item tls_ctx => $scheme | $tls_ctx |
|
|
180 | |
|
|
181 | Specifies the AnyEvent::TLS context to be used for https connections. This |
|
|
182 | parameter follows the same rules as the C<tls_ctx> parameter to |
|
|
183 | L<AnyEvent::Handle>, but additionally, the two strings C<low> or |
|
|
184 | C<high> can be specified, which give you a predefined low-security (no |
|
|
185 | verification, highest compatibility) and high-security (CA and common-name |
|
|
186 | verification) TLS context. |
|
|
187 | |
|
|
188 | The default for this option is C<low>, which could be interpreted as "give |
|
|
189 | me the page, no matter what". |
|
|
190 | |
|
|
191 | =item on_header => $callback->($headers) |
|
|
192 | |
|
|
193 | When specified, this callback will be called with the header hash as soon |
|
|
194 | as headers have been successfully received from the remote server (not on |
|
|
195 | locally-generated errors). |
|
|
196 | |
|
|
197 | It has to return either true (in which case AnyEvent::HTTP will continue), |
|
|
198 | or false, in which case AnyEvent::HTTP will cancel the download (and call |
|
|
199 | the finish callback with an error code of C<598>). |
|
|
200 | |
|
|
201 | This callback is useful, among other things, to quickly reject unwanted |
|
|
202 | content, which, if it is supposed to be rare, can be faster than first |
|
|
203 | doing a C<HEAD> request. |
|
|
204 | |
|
|
205 | Example: cancel the request unless the content-type is "text/html". |
|
|
206 | |
|
|
207 | on_header => sub { |
|
|
208 | $_[0]{"content-type"} =~ /^text\/html\s*(?:;|$)/ |
|
|
209 | }, |
|
|
210 | |
|
|
211 | =item on_body => $callback->($partial_body, $headers) |
|
|
212 | |
|
|
213 | When specified, all body data will be passed to this callback instead of |
|
|
214 | to the completion callback. The completion callback will get the empty |
|
|
215 | string instead of the body data. |
|
|
216 | |
|
|
217 | It has to return either true (in which case AnyEvent::HTTP will continue), |
|
|
218 | or false, in which case AnyEvent::HTTP will cancel the download (and call |
|
|
219 | the completion callback with an error code of C<598>). |
|
|
220 | |
|
|
221 | This callback is useful when the data is too large to be held in memory |
|
|
222 | (so the callback writes it to a file) or when only some information should |
|
|
223 | be extracted, or when the body should be processed incrementally. |
|
|
224 | |
|
|
225 | It is usually preferred over doing your own body handling via |
|
|
226 | C<want_body_handle>. |
|
|
227 | |
|
|
228 | =item want_body_handle => $enable |
|
|
229 | |
|
|
230 | When enabled (default is disabled), the behaviour of AnyEvent::HTTP |
|
|
231 | changes considerably: after parsing the headers, and instead of |
|
|
232 | downloading the body (if any), the completion callback will be |
|
|
233 | called. Instead of the C<$body> argument containing the body data, the |
|
|
234 | callback will receive the L<AnyEvent::Handle> object associated with the |
|
|
235 | connection. In error cases, C<undef> will be passed. When there is no body |
|
|
236 | (e.g. status C<304>), the empty string will be passed. |
|
|
237 | |
|
|
238 | The handle object might or might not be in TLS mode, might be connected to |
|
|
239 | a proxy, be a persistent connection etc., and configured in unspecified |
|
|
240 | ways. The user is responsible for this handle (it will not be used by this |
|
|
241 | module anymore). |
|
|
242 | |
|
|
243 | This is useful with some push-type services, where, after the initial |
|
|
244 | headers, an interactive protocol is used (typical example would be the |
|
|
245 | push-style twitter API which starts a JSON/XML stream). |
|
|
246 | |
|
|
247 | If you think you need this, first have a look at C<on_body>, to see if |
|
|
248 | that doesn'T solve your problem in a better way. |
| 177 | |
249 | |
| 178 | =back |
250 | =back |
| 179 | |
251 | |
| 180 | Example: make a simple HTTP GET request for http://www.nethype.de/ |
252 | Example: make a simple HTTP GET request for http://www.nethype.de/ |
| 181 | |
253 | |
| … | |
… | |
| 237 | push @{ $CO_SLOT{$_[0]}[1] }, $_[1]; |
309 | push @{ $CO_SLOT{$_[0]}[1] }, $_[1]; |
| 238 | |
310 | |
| 239 | _slot_schedule $_[0]; |
311 | _slot_schedule $_[0]; |
| 240 | } |
312 | } |
| 241 | |
313 | |
|
|
314 | our $qr_nl = qr<\015?\012>; |
|
|
315 | our $qr_nlnl = qr<\015?\012\015?\012>; |
|
|
316 | |
|
|
317 | our $TLS_CTX_LOW = { cache => 1, sslv2 => 1 }; |
|
|
318 | our $TLS_CTX_HIGH = { cache => 1, verify => 1, verify_peername => "https" }; |
|
|
319 | |
| 242 | sub http_request($$@) { |
320 | sub http_request($$@) { |
| 243 | my $cb = pop; |
321 | my $cb = pop; |
| 244 | my ($method, $url, %arg) = @_; |
322 | my ($method, $url, %arg) = @_; |
| 245 | |
323 | |
| 246 | my %hdr; |
324 | my %hdr; |
|
|
325 | |
|
|
326 | $arg{tls_ctx} = $TLS_CTX_LOW if $arg{tls_ctx} eq "low" || !exists $arg{tls_ctx}; |
|
|
327 | $arg{tls_ctx} = $TLS_CTX_HIGH if $arg{tls_ctx} eq "high"; |
| 247 | |
328 | |
| 248 | $method = uc $method; |
329 | $method = uc $method; |
| 249 | |
330 | |
| 250 | if (my $hdr = $arg{headers}) { |
331 | if (my $hdr = $arg{headers}) { |
| 251 | while (my ($k, $v) = each %$hdr) { |
332 | while (my ($k, $v) = each %$hdr) { |
| … | |
… | |
| 253 | } |
334 | } |
| 254 | } |
335 | } |
| 255 | |
336 | |
| 256 | my $recurse = exists $arg{recurse} ? delete $arg{recurse} : $MAX_RECURSE; |
337 | my $recurse = exists $arg{recurse} ? delete $arg{recurse} : $MAX_RECURSE; |
| 257 | |
338 | |
| 258 | return $cb->(undef, { Status => 599, Reason => "recursion limit reached", URL => $url }) |
339 | return $cb->(undef, { Status => 599, Reason => "Too many redirections", URL => $url }) |
| 259 | if $recurse < 0; |
340 | if $recurse < 0; |
| 260 | |
341 | |
| 261 | my $proxy = $arg{proxy} || $PROXY; |
342 | my $proxy = $arg{proxy} || $PROXY; |
| 262 | my $timeout = $arg{timeout} || $TIMEOUT; |
343 | my $timeout = $arg{timeout} || $TIMEOUT; |
| 263 | |
344 | |
| 264 | $hdr{"user-agent"} ||= $USERAGENT; |
|
|
| 265 | |
|
|
| 266 | my ($uscheme, $uauthority, $upath, $query, $fragment) = |
345 | my ($uscheme, $uauthority, $upath, $query, $fragment) = |
| 267 | $url =~ m|(?:([^:/?#]+):)?(?://([^/?#]*))?([^?#]*)(?:\?([^#]*))?(?:#(.*))?|; |
346 | $url =~ m|(?:([^:/?#]+):)?(?://([^/?#]*))?([^?#]*)(?:\?([^#]*))?(?:#(.*))?|; |
| 268 | |
347 | |
| 269 | $uscheme = lc $uscheme; |
348 | $uscheme = lc $uscheme; |
| 270 | |
349 | |
| 271 | my $uport = $uscheme eq "http" ? 80 |
350 | my $uport = $uscheme eq "http" ? 80 |
| 272 | : $uscheme eq "https" ? 443 |
351 | : $uscheme eq "https" ? 443 |
| 273 | : return $cb->(undef, { Status => 599, Reason => "only http and https URL schemes supported", URL => $url }); |
352 | : return $cb->(undef, { Status => 599, Reason => "Only http and https URL schemes supported", URL => $url }); |
| 274 | |
|
|
| 275 | $hdr{referer} ||= "$uscheme://$uauthority$upath"; # leave out fragment and query string, just a heuristic |
|
|
| 276 | |
353 | |
| 277 | $uauthority =~ /^(?: .*\@ )? ([^\@:]+) (?: : (\d+) )?$/x |
354 | $uauthority =~ /^(?: .*\@ )? ([^\@:]+) (?: : (\d+) )?$/x |
| 278 | or return $cb->(undef, { Status => 599, Reason => "unparsable URL", URL => $url }); |
355 | or return $cb->(undef, { Status => 599, Reason => "Unparsable URL", URL => $url }); |
| 279 | |
356 | |
| 280 | my $uhost = $1; |
357 | my $uhost = $1; |
| 281 | $uport = $2 if defined $2; |
358 | $uport = $2 if defined $2; |
|
|
359 | |
|
|
360 | $hdr{host} = defined $2 ? "$uhost:$2" : "$uhost"; |
| 282 | |
361 | |
| 283 | $uhost =~ s/^\[(.*)\]$/$1/; |
362 | $uhost =~ s/^\[(.*)\]$/$1/; |
| 284 | $upath .= "?$query" if length $query; |
363 | $upath .= "?$query" if length $query; |
| 285 | |
364 | |
| 286 | $upath =~ s%^/?%/%; |
365 | $upath =~ s%^/?%/%; |
| … | |
… | |
| 317 | } |
396 | } |
| 318 | |
397 | |
| 319 | my ($rhost, $rport, $rscheme, $rpath); # request host, port, path |
398 | my ($rhost, $rport, $rscheme, $rpath); # request host, port, path |
| 320 | |
399 | |
| 321 | if ($proxy) { |
400 | if ($proxy) { |
| 322 | ($rhost, $rport, $rscheme, $rpath) = (@$proxy, $url); |
401 | ($rpath, $rhost, $rport, $rscheme) = ($url, @$proxy); |
| 323 | |
402 | |
| 324 | # don't support https requests over https-proxy transport, |
403 | # don't support https requests over https-proxy transport, |
| 325 | # can't be done with tls as spec'ed. |
404 | # can't be done with tls as spec'ed, unless you double-encrypt. |
| 326 | $rscheme = "http" if $uscheme eq "https" && $rscheme eq "https"; |
405 | $rscheme = "http" if $uscheme eq "https" && $rscheme eq "https"; |
| 327 | } else { |
406 | } else { |
| 328 | ($rhost, $rport, $rscheme, $rpath) = ($uhost, $uport, $uscheme, $upath); |
407 | ($rhost, $rport, $rscheme, $rpath) = ($uhost, $uport, $uscheme, $upath); |
| 329 | } |
408 | } |
| 330 | |
409 | |
| 331 | $hdr{host} = $uhost; |
410 | $hdr{"user-agent"} ||= $USERAGENT; |
|
|
411 | $hdr{referer} ||= "$uscheme://$uauthority$upath"; # leave out fragment and query string, just a heuristic |
|
|
412 | |
| 332 | $hdr{"content-length"} = length $arg{body}; |
413 | $hdr{"content-length"} = length $arg{body}; |
| 333 | |
414 | |
| 334 | my %state = (connect_guard => 1); |
415 | my %state = (connect_guard => 1); |
| 335 | |
416 | |
| 336 | _get_slot $uhost, sub { |
417 | _get_slot $uhost, sub { |
| … | |
… | |
| 338 | |
419 | |
| 339 | return unless $state{connect_guard}; |
420 | return unless $state{connect_guard}; |
| 340 | |
421 | |
| 341 | $state{connect_guard} = AnyEvent::Socket::tcp_connect $rhost, $rport, sub { |
422 | $state{connect_guard} = AnyEvent::Socket::tcp_connect $rhost, $rport, sub { |
| 342 | $state{fh} = shift |
423 | $state{fh} = shift |
|
|
424 | or do { |
|
|
425 | my $err = "$!"; |
|
|
426 | %state = (); |
| 343 | or return $cb->(undef, { Status => 599, Reason => "$!", URL => $url }); |
427 | return $cb->(undef, { Status => 599, Reason => $err, URL => $url }); |
|
|
428 | }; |
| 344 | |
429 | |
| 345 | delete $state{connect_guard}; # reduce memory usage, save a tree |
430 | pop; # free memory, save a tree |
|
|
431 | |
|
|
432 | return unless delete $state{connect_guard}; |
| 346 | |
433 | |
| 347 | # get handle |
434 | # get handle |
| 348 | $state{handle} = new AnyEvent::Handle |
435 | $state{handle} = new AnyEvent::Handle |
| 349 | fh => $state{fh}; |
436 | fh => $state{fh}, |
|
|
437 | timeout => $timeout, |
|
|
438 | peername => $rhost, |
|
|
439 | tls_ctx => $arg{tls_ctx}; |
| 350 | |
440 | |
| 351 | # limit the number of persistent connections |
441 | # limit the number of persistent connections |
|
|
442 | # keepalive not yet supported |
| 352 | if ($KA_COUNT{$_[1]} < $MAX_PERSISTENT_PER_HOST) { |
443 | if ($KA_COUNT{$_[1]} < $MAX_PERSISTENT_PER_HOST) { |
| 353 | ++$KA_COUNT{$_[1]}; |
444 | ++$KA_COUNT{$_[1]}; |
| 354 | $state{handle}{ka_count_guard} = AnyEvent::Util::guard { --$KA_COUNT{$_[1]} }; |
445 | $state{handle}{ka_count_guard} = AnyEvent::Util::guard { |
|
|
446 | --$KA_COUNT{$_[1]} |
|
|
447 | }; |
| 355 | $hdr{connection} = "keep-alive"; |
448 | $hdr{connection} = "keep-alive"; |
| 356 | delete $hdr{connection}; # keep-alive not yet supported |
|
|
| 357 | } else { |
449 | } else { |
| 358 | delete $hdr{connection}; |
450 | delete $hdr{connection}; |
| 359 | } |
451 | } |
| 360 | |
452 | |
| 361 | # (re-)configure handle |
453 | # (re-)configure handle |
| 362 | $state{handle}->timeout ($timeout); |
|
|
| 363 | $state{handle}->on_error (sub { |
454 | $state{handle}->on_error (sub { |
| 364 | my $errno = "$!"; |
|
|
| 365 | %state = (); |
455 | %state = (); |
| 366 | $cb->(undef, { Status => 599, Reason => $errno, URL => $url }); |
456 | $cb->(undef, { Status => 599, Reason => $_[2], URL => $url }); |
| 367 | }); |
457 | }); |
| 368 | $state{handle}->on_eof (sub { |
458 | $state{handle}->on_eof (sub { |
| 369 | %state = (); |
459 | %state = (); |
| 370 | $cb->(undef, { Status => 599, Reason => "unexpected end-of-file", URL => $url }); |
460 | $cb->(undef, { Status => 599, Reason => "Unexpected end-of-file", URL => $url }); |
| 371 | }); |
461 | }); |
| 372 | |
462 | |
| 373 | $state{handle}->starttls ("connect") if $rscheme eq "https"; |
463 | $state{handle}->starttls ("connect") if $rscheme eq "https"; |
| 374 | |
464 | |
| 375 | # handle actual, non-tunneled, request |
465 | # handle actual, non-tunneled, request |
| 376 | my $handle_actual_request = sub { |
466 | my $handle_actual_request = sub { |
| 377 | # $state{handle}->starttls ("connect") if $uscheme eq "https"; |
467 | $state{handle}->starttls ("connect") if $uscheme eq "https" && !exists $state{handle}{tls}; |
| 378 | |
468 | |
| 379 | # send request |
469 | # send request |
| 380 | $state{handle}->push_write ( |
470 | $state{handle}->push_write ( |
| 381 | "$method $rpath HTTP/1.0\015\012" |
471 | "$method $rpath HTTP/1.0\015\012" |
| 382 | . (join "", map "\u$_: $hdr{$_}\015\012", keys %hdr) |
472 | . (join "", map "\u$_: $hdr{$_}\015\012", keys %hdr) |
| … | |
… | |
| 385 | ); |
475 | ); |
| 386 | |
476 | |
| 387 | %hdr = (); # reduce memory usage, save a kitten |
477 | %hdr = (); # reduce memory usage, save a kitten |
| 388 | |
478 | |
| 389 | # status line |
479 | # status line |
| 390 | $state{handle}->push_read (line => qr/\015?\012/, sub { |
480 | $state{handle}->push_read (line => $qr_nl, sub { |
| 391 | $_[1] =~ /^HTTP\/([0-9\.]+) \s+ ([0-9]{3}) (?: \s+ ([^\015\012]*) )?/ix |
481 | $_[1] =~ /^HTTP\/([0-9\.]+) \s+ ([0-9]{3}) (?: \s+ ([^\015\012]*) )?/ix |
| 392 | or return (%state = (), $cb->(undef, { Status => 599, Reason => "invalid server response ($_[1])", URL => $url })); |
482 | or return (%state = (), $cb->(undef, { Status => 599, Reason => "Invalid server response ($_[1])", URL => $url })); |
| 393 | |
483 | |
| 394 | my %hdr = ( # response headers |
484 | my %hdr = ( # response headers |
| 395 | HTTPVersion => ",$1", |
485 | HTTPVersion => ",$1", |
| 396 | Status => ",$2", |
486 | Status => ",$2", |
| 397 | Reason => ",$3", |
487 | Reason => ",$3", |
| 398 | URL => ",$url" |
488 | URL => ",$url" |
| 399 | ); |
489 | ); |
| 400 | |
490 | |
| 401 | # headers, could be optimized a bit |
491 | # headers, could be optimized a bit |
| 402 | $state{handle}->unshift_read (line => qr/\015?\012\015?\012/, sub { |
492 | $state{handle}->unshift_read (line => $qr_nlnl, sub { |
| 403 | for ("$_[1]\012") { |
493 | for ("$_[1]\012") { |
| 404 | y/\015//d; # weed out any \015, as they show up in the weirdest of places. |
494 | y/\015//d; # weed out any \015, as they show up in the weirdest of places. |
| 405 | |
495 | |
| 406 | # we support spaces in field names, as lotus domino |
496 | # things seen, not parsed: |
| 407 | # creates them (actually spaces around seperators |
497 | # p3pP="NON CUR OTPi OUR NOR UNI" |
| 408 | # are strictly allowed in http, they are a security issue). |
498 | |
| 409 | $hdr{lc $1} .= ",$2" |
499 | $hdr{lc $1} .= ",$2" |
| 410 | while /\G |
500 | while /\G |
| 411 | ([^:\000-\037]+): |
501 | ([^:\000-\037]*): |
| 412 | [\011\040]* |
502 | [\011\040]* |
| 413 | ((?: [^\012]+ | \012[\011\040] )*) |
503 | ((?: [^\012]+ | \012[\011\040] )*) |
| 414 | \012 |
504 | \012 |
| 415 | /gxc; |
505 | /gxc; |
| 416 | |
506 | |
| 417 | /\G$/ |
507 | /\G$/ |
| 418 | or return (%state = (), $cb->(undef, { Status => 599, Reason => "garbled response headers", URL => $url })); |
508 | or return (%state = (), $cb->(undef, { Status => 599, Reason => "Garbled response headers", URL => $url })); |
| 419 | } |
509 | } |
| 420 | |
510 | |
| 421 | substr $_, 0, 1, "" |
511 | substr $_, 0, 1, "" |
| 422 | for values %hdr; |
512 | for values %hdr; |
| 423 | |
513 | |
|
|
514 | # redirect handling |
|
|
515 | # microsoft and other shitheads don't give a shit for following standards, |
|
|
516 | # try to support some common forms of broken Location headers. |
|
|
517 | if ($hdr{location} !~ /^(?: $ | [^:\/?\#]+ : )/x) { |
|
|
518 | $hdr{location} =~ s/^\.\/+//; |
|
|
519 | |
|
|
520 | my $url = "$rscheme://$uhost:$uport"; |
|
|
521 | |
|
|
522 | unless ($hdr{location} =~ s/^\///) { |
|
|
523 | $url .= $upath; |
|
|
524 | $url =~ s/\/[^\/]*$//; |
|
|
525 | } |
|
|
526 | |
|
|
527 | $hdr{location} = "$url/$hdr{location}"; |
|
|
528 | } |
|
|
529 | |
|
|
530 | my $redirect; |
|
|
531 | |
|
|
532 | if ($recurse) { |
|
|
533 | if ($hdr{Status} =~ /^30[12]$/ && $method ne "POST") { |
|
|
534 | # apparently, mozilla et al. just change POST to GET here |
|
|
535 | # more research is needed before we do the same |
|
|
536 | $redirect = 1; |
|
|
537 | } elsif ($hdr{Status} == 303) { |
|
|
538 | # even http/1.1 is unclear on how to mutate the method |
|
|
539 | $method = "GET" unless $method eq "HEAD"; |
|
|
540 | $redirect = 1; |
|
|
541 | } elsif ($hdr{Status} == 307 && $method =~ /^(?:GET|HEAD)$/) { |
|
|
542 | $redirect = 1; |
|
|
543 | } |
|
|
544 | } |
|
|
545 | |
| 424 | my $finish = sub { |
546 | my $finish = sub { |
| 425 | # TODO: use destroy method, when/if available |
|
|
| 426 | #$state{handle}->destroy; |
547 | $state{handle}->destroy if $state{handle}; |
| 427 | $state{handle}->on_eof (undef); |
|
|
| 428 | $state{handle}->on_error (undef); |
|
|
| 429 | %state = (); |
548 | %state = (); |
| 430 | |
549 | |
| 431 | # set-cookie processing |
550 | # set-cookie processing |
| 432 | if ($arg{cookie_jar}) { |
551 | if ($arg{cookie_jar}) { |
| 433 | for ($hdr{"set-cookie"}) { |
552 | for ($_[1]{"set-cookie"}) { |
| 434 | # parse NAME=VALUE |
553 | # parse NAME=VALUE |
| 435 | my @kv; |
554 | my @kv; |
| 436 | |
555 | |
| 437 | while (/\G\s* ([^=;,[:space:]]+) \s*=\s* (?: "((?:[^\\"]+|\\.)*)" | ([^=;,[:space:]]*) )/gcxs) { |
556 | while (/\G\s* ([^=;,[:space:]]+) \s*=\s* (?: "((?:[^\\"]+|\\.)*)" | ([^=;,[:space:]]*) )/gcxs) { |
| 438 | my $name = $1; |
557 | my $name = $1; |
| … | |
… | |
| 476 | |
595 | |
| 477 | redo if /\G\s*,/gc; |
596 | redo if /\G\s*,/gc; |
| 478 | } |
597 | } |
| 479 | } |
598 | } |
| 480 | |
599 | |
| 481 | # microsoft and other shitheads don't give a shit for following standards, |
600 | if ($redirect) { |
| 482 | # try to support some common forms of broken Location headers. |
601 | # we ignore any errors, as it is very common to receive |
| 483 | if ($_[1]{location} !~ /^(?: $ | [^:\/?\#]+ : )/x) { |
602 | # Content-Length != 0 but no actual body |
| 484 | $_[1]{location} =~ s/^\.\/+//; |
603 | # we also access %hdr, as $_[1] might be an erro |
| 485 | |
|
|
| 486 | my $url = "$rscheme://$uhost:$uport"; |
|
|
| 487 | |
|
|
| 488 | unless ($_[1]{location} =~ s/^\///) { |
|
|
| 489 | $url .= $upath; |
|
|
| 490 | $url =~ s/\/[^\/]*$//; |
|
|
| 491 | } |
|
|
| 492 | |
|
|
| 493 | $_[1]{location} = "$url/$_[1]{location}"; |
|
|
| 494 | } |
|
|
| 495 | |
|
|
| 496 | if ($_[1]{Status} =~ /^30[12]$/ && $recurse && $method ne "POST") { |
|
|
| 497 | # apparently, mozilla et al. just change POST to GET here |
|
|
| 498 | # more research is needed before we do the same |
|
|
| 499 | http_request ($method, $_[1]{location}, %arg, recurse => $recurse - 1, $cb); |
|
|
| 500 | } elsif ($_[1]{Status} == 303 && $recurse) { |
|
|
| 501 | # even http/1.1 is unclear on how to mutate the method |
|
|
| 502 | $method = "GET" unless $method eq "HEAD"; |
|
|
| 503 | http_request ($method => $_[1]{location}, %arg, recurse => $recurse - 1, $cb); |
604 | http_request ($method => $hdr{location}, %arg, recurse => $recurse - 1, $cb); |
| 504 | } elsif ($_[1]{Status} == 307 && $recurse && $method =~ /^(?:GET|HEAD)$/) { |
|
|
| 505 | http_request ($method => $_[1]{location}, %arg, recurse => $recurse - 1, $cb); |
|
|
| 506 | } else { |
605 | } else { |
| 507 | $cb->($_[0], $_[1]); |
606 | $cb->($_[0], $_[1]); |
| 508 | } |
607 | } |
| 509 | }; |
608 | }; |
| 510 | |
609 | |
| 511 | if ($hdr{Status} =~ /^(?:1..|204|304)$/ or $method eq "HEAD") { |
610 | my $len = $hdr{"content-length"}; |
|
|
611 | |
|
|
612 | if (!$redirect && $arg{on_header} && !$arg{on_header}(\%hdr)) { |
|
|
613 | $finish->(undef, { Status => 598, Reason => "Request cancelled by on_header", URL => $url }); |
|
|
614 | } elsif ( |
|
|
615 | $hdr{Status} =~ /^(?:1..|[23]04)$/ |
|
|
616 | or $method eq "HEAD" |
|
|
617 | or (defined $len && !$len) |
|
|
618 | ) { |
|
|
619 | # no body |
| 512 | $finish->(undef, \%hdr); |
620 | $finish->("", \%hdr); |
| 513 | } else { |
621 | } else { |
| 514 | if (exists $hdr{"content-length"}) { |
622 | # body handling, four different code paths |
| 515 | $_[0]->unshift_read (chunk => $hdr{"content-length"}, sub { |
623 | # for want_body_handle, on_body (2x), normal (2x) |
| 516 | # could cache persistent connection now |
624 | # we might read too much here, but it does not matter yet (no pers. connections) |
| 517 | if ($hdr{connection} =~ /\bkeep-alive\b/i) { |
625 | if (!$redirect && $arg{want_body_handle}) { |
| 518 | # but we don't, due to misdesigns, this is annoyingly complex |
626 | $_[0]->on_eof (undef); |
|
|
627 | $_[0]->on_error (undef); |
|
|
628 | $_[0]->on_read (undef); |
|
|
629 | |
|
|
630 | $finish->(delete $state{handle}, \%hdr); |
|
|
631 | |
|
|
632 | } elsif ($arg{on_body}) { |
|
|
633 | $_[0]->on_error (sub { $finish->(undef, { Status => 599, Reason => $_[2], URL => $url }) }); |
|
|
634 | if ($len) { |
|
|
635 | $_[0]->on_eof (undef); |
|
|
636 | $_[0]->on_read (sub { |
|
|
637 | $len -= length $_[0]{rbuf}; |
|
|
638 | |
|
|
639 | $arg{on_body}(delete $_[0]{rbuf}, \%hdr) |
|
|
640 | or $finish->(undef, { Status => 598, Reason => "Request cancelled by on_body", URL => $url }); |
|
|
641 | |
|
|
642 | $len > 0 |
|
|
643 | or $finish->("", \%hdr); |
| 519 | }; |
644 | }); |
| 520 | |
645 | } else { |
|
|
646 | $_[0]->on_eof (sub { |
| 521 | $finish->($_[1], \%hdr); |
647 | $finish->("", \%hdr); |
|
|
648 | }); |
|
|
649 | $_[0]->on_read (sub { |
|
|
650 | $arg{on_body}(delete $_[0]{rbuf}, \%hdr) |
|
|
651 | or $finish->(undef, { Status => 598, Reason => "Request cancelled by on_body", URL => $url }); |
|
|
652 | }); |
| 522 | }); |
653 | } |
| 523 | } else { |
654 | } else { |
| 524 | # too bad, need to read until we get an error or EOF, |
|
|
| 525 | # no way to detect winged data. |
|
|
| 526 | $_[0]->on_error (sub { |
|
|
| 527 | $finish->($_[0]{rbuf}, \%hdr); |
|
|
| 528 | }); |
|
|
| 529 | $_[0]->on_eof (undef); |
655 | $_[0]->on_eof (undef); |
|
|
656 | |
|
|
657 | if ($len) { |
|
|
658 | $_[0]->on_error (sub { $finish->(undef, { Status => 599, Reason => $_[2], URL => $url }) }); |
|
|
659 | $_[0]->on_read (sub { |
|
|
660 | $finish->((substr delete $_[0]{rbuf}, 0, $len, ""), \%hdr) |
|
|
661 | if $len <= length $_[0]{rbuf}; |
|
|
662 | }); |
|
|
663 | } else { |
|
|
664 | $_[0]->on_error (sub { |
|
|
665 | $! == Errno::EPIPE || !$! |
|
|
666 | ? $finish->(delete $_[0]{rbuf}, \%hdr) |
|
|
667 | : $finish->(undef, { Status => 599, Reason => $_[2], URL => $url }); |
|
|
668 | }); |
| 530 | $_[0]->on_read (sub { }); |
669 | $_[0]->on_read (sub { }); |
|
|
670 | } |
| 531 | } |
671 | } |
| 532 | } |
672 | } |
| 533 | }); |
673 | }); |
| 534 | }); |
674 | }); |
| 535 | }; |
675 | }; |
| … | |
… | |
| 538 | if ($proxy && $uscheme eq "https") { |
678 | if ($proxy && $uscheme eq "https") { |
| 539 | # oh dear, we have to wrap it into a connect request |
679 | # oh dear, we have to wrap it into a connect request |
| 540 | |
680 | |
| 541 | # maybe re-use $uauthority with patched port? |
681 | # maybe re-use $uauthority with patched port? |
| 542 | $state{handle}->push_write ("CONNECT $uhost:$uport HTTP/1.0\015\012Host: $uhost\015\012\015\012"); |
682 | $state{handle}->push_write ("CONNECT $uhost:$uport HTTP/1.0\015\012Host: $uhost\015\012\015\012"); |
| 543 | $state{handle}->push_read (line => qr/\015?\012\015?\012/, sub { |
683 | $state{handle}->push_read (line => $qr_nlnl, sub { |
| 544 | $_[1] =~ /^HTTP\/([0-9\.]+) \s+ ([0-9]{3}) (?: \s+ ([^\015\012]*) )?/ix |
684 | $_[1] =~ /^HTTP\/([0-9\.]+) \s+ ([0-9]{3}) (?: \s+ ([^\015\012]*) )?/ix |
| 545 | or return (%state = (), $cb->(undef, { Status => 599, Reason => "invalid proxy connect response ($_[1])", URL => $url })); |
685 | or return (%state = (), $cb->(undef, { Status => 599, Reason => "Invalid proxy connect response ($_[1])", URL => $url })); |
| 546 | |
686 | |
| 547 | if ($2 == 200) { |
687 | if ($2 == 200) { |
| 548 | $rpath = $upath; |
688 | $rpath = $upath; |
| 549 | &$handle_actual_request; |
689 | &$handle_actual_request; |
| 550 | } else { |
690 | } else { |
| … | |
… | |
| 596 | The default value for the C<recurse> request parameter (default: C<10>). |
736 | The default value for the C<recurse> request parameter (default: C<10>). |
| 597 | |
737 | |
| 598 | =item $AnyEvent::HTTP::USERAGENT |
738 | =item $AnyEvent::HTTP::USERAGENT |
| 599 | |
739 | |
| 600 | The default value for the C<User-Agent> header (the default is |
740 | The default value for the C<User-Agent> header (the default is |
| 601 | C<Mozilla/5.0 (compatible; AnyEvent::HTTP/$VERSION; +http://software.schmorp.de/pkg/AnyEvent)>). |
741 | C<Mozilla/5.0 (compatible; U; AnyEvent-HTTP/$VERSION; +http://software.schmorp.de/pkg/AnyEvent)>). |
| 602 | |
742 | |
| 603 | =item $AnyEvent::HTTP::MAX_PERSISTENT |
743 | =item $AnyEvent::HTTP::MAX_PER_HOST |
| 604 | |
744 | |
| 605 | The maximum number of persistent connections to keep open (default: 8). |
745 | The maximum number of concurrent conenctions to the same host (identified |
|
|
746 | by the hostname). If the limit is exceeded, then the additional requests |
|
|
747 | are queued until previous connections are closed. |
| 606 | |
748 | |
| 607 | Not implemented currently. |
749 | The default value for this is C<4>, and it is highly advisable to not |
| 608 | |
750 | increase it. |
| 609 | =item $AnyEvent::HTTP::PERSISTENT_TIMEOUT |
|
|
| 610 | |
|
|
| 611 | The maximum time to cache a persistent connection, in seconds (default: 2). |
|
|
| 612 | |
|
|
| 613 | Not implemented currently. |
|
|
| 614 | |
751 | |
| 615 | =item $AnyEvent::HTTP::ACTIVE |
752 | =item $AnyEvent::HTTP::ACTIVE |
| 616 | |
753 | |
| 617 | The number of active connections. This is not the number of currently |
754 | The number of active connections. This is not the number of currently |
| 618 | running requests, but the number of currently open and non-idle TCP |
755 | running requests, but the number of currently open and non-idle TCP |
| … | |
… | |
| 636 | =head1 AUTHOR |
773 | =head1 AUTHOR |
| 637 | |
774 | |
| 638 | Marc Lehmann <schmorp@schmorp.de> |
775 | Marc Lehmann <schmorp@schmorp.de> |
| 639 | http://home.schmorp.de/ |
776 | http://home.schmorp.de/ |
| 640 | |
777 | |
|
|
778 | With many thanks to Дмитрий Шалашов, who provided countless |
|
|
779 | testcases and bugreports. |
|
|
780 | |
| 641 | =cut |
781 | =cut |
| 642 | |
782 | |
| 643 | 1 |
783 | 1 |
| 644 | |
784 | |
