jellyfin/Emby.Server.Implementations/SocketSharp/WebSocketSharpRequest.cs

407 lines
13 KiB
C#
Raw Normal View History

2019-02-25 22:34:32 +00:00
using System;
using System.Collections.Generic;
using System.Globalization;
using System.IO;
using System.Net;
using System.Text;
using MediaBrowser.Model.Services;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Extensions;
2019-02-25 22:34:32 +00:00
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Primitives;
using Microsoft.Net.Http.Headers;
using IHttpFile = MediaBrowser.Model.Services.IHttpFile;
using IHttpRequest = MediaBrowser.Model.Services.IHttpRequest;
using IResponse = MediaBrowser.Model.Services.IResponse;
namespace Emby.Server.Implementations.SocketSharp
{
public partial class WebSocketSharpRequest : IHttpRequest
{
private readonly HttpRequest request;
public WebSocketSharpRequest(HttpRequest httpContext, HttpResponse response, string operationName, ILogger logger)
{
this.OperationName = operationName;
this.request = httpContext;
this.Response = new WebSocketSharpResponse(logger, response);
2019-02-25 22:34:32 +00:00
}
public HttpRequest HttpRequest => request;
public IResponse Response { get; }
2019-02-25 22:34:32 +00:00
public string OperationName { get; set; }
public object Dto { get; set; }
2019-02-26 18:48:18 +00:00
public string RawUrl => request.GetEncodedPathAndQuery();
2019-02-25 22:34:32 +00:00
public string AbsoluteUri => request.GetDisplayUrl().TrimEnd('/');
2019-02-25 22:34:32 +00:00
public string XForwardedFor
=> StringValues.IsNullOrEmpty(request.Headers["X-Forwarded-For"]) ? null : request.Headers["X-Forwarded-For"].ToString();
public int? XForwardedPort
=> StringValues.IsNullOrEmpty(request.Headers["X-Forwarded-Port"]) ? (int?)null : int.Parse(request.Headers["X-Forwarded-Port"], CultureInfo.InvariantCulture);
public string XForwardedProtocol => StringValues.IsNullOrEmpty(request.Headers["X-Forwarded-Proto"]) ? null : request.Headers["X-Forwarded-Proto"].ToString();
public string XRealIp => StringValues.IsNullOrEmpty(request.Headers["X-Real-IP"]) ? null : request.Headers["X-Real-IP"].ToString();
private string remoteIp;
2019-02-16 15:54:18 +00:00
public string RemoteIp
{
get
{
if (remoteIp != null)
{
return remoteIp;
}
2019-02-25 22:34:32 +00:00
var temp = CheckBadChars(XForwardedFor.AsSpan());
2019-02-16 15:54:18 +00:00
if (temp.Length != 0)
{
return remoteIp = temp.ToString();
}
temp = CheckBadChars(XRealIp.AsSpan());
2019-02-16 15:54:18 +00:00
if (temp.Length != 0)
{
return remoteIp = NormalizeIp(temp).ToString();
}
return remoteIp = NormalizeIp(request.HttpContext.Connection.RemoteIpAddress.ToString().AsSpan()).ToString();
2019-02-16 15:54:18 +00:00
}
}
2019-02-25 22:34:32 +00:00
private static readonly char[] HttpTrimCharacters = new char[] { (char)0x09, (char)0xA, (char)0xB, (char)0xC, (char)0xD, (char)0x20 };
// CheckBadChars - throws on invalid chars to be not found in header name/value
2019-02-16 15:54:18 +00:00
internal static ReadOnlySpan<char> CheckBadChars(ReadOnlySpan<char> name)
2019-02-25 22:34:32 +00:00
{
2019-02-16 15:54:18 +00:00
if (name.Length == 0)
2019-02-25 22:34:32 +00:00
{
return name;
}
// VALUE check
// Trim spaces from both ends
name = name.Trim(HttpTrimCharacters);
// First, check for correctly formed multi-line value
// Second, check for absence of CTL characters
int crlf = 0;
for (int i = 0; i < name.Length; ++i)
{
char c = (char)(0x000000ff & (uint)name[i]);
switch (crlf)
{
case 0:
if (c == '\r')
{
crlf = 1;
}
else if (c == '\n')
{
// Technically this is bad HTTP. But it would be a breaking change to throw here.
// Is there an exploit?
crlf = 2;
}
else if (c == 127 || (c < ' ' && c != '\t'))
{
2019-02-16 15:54:18 +00:00
throw new ArgumentException("net_WebHeaderInvalidControlChars", nameof(name));
2019-02-25 22:34:32 +00:00
}
break;
case 1:
if (c == '\n')
{
crlf = 2;
break;
}
2019-02-16 15:54:18 +00:00
throw new ArgumentException("net_WebHeaderInvalidCRLFChars", nameof(name));
2019-02-25 22:34:32 +00:00
case 2:
if (c == ' ' || c == '\t')
{
crlf = 0;
break;
}
2019-02-16 15:54:18 +00:00
throw new ArgumentException("net_WebHeaderInvalidCRLFChars", nameof(name));
2019-02-25 22:34:32 +00:00
}
}
if (crlf != 0)
{
2019-02-16 15:54:18 +00:00
throw new ArgumentException("net_WebHeaderInvalidCRLFChars", nameof(name));
2019-02-25 22:34:32 +00:00
}
return name;
}
2019-02-16 15:54:18 +00:00
private ReadOnlySpan<char> NormalizeIp(ReadOnlySpan<char> ip)
2019-02-25 22:34:32 +00:00
{
2019-02-16 15:54:18 +00:00
if (ip.Length != 0 && !ip.IsWhiteSpace())
2019-02-25 22:34:32 +00:00
{
// Handle ipv4 mapped to ipv6
const string srch = "::ffff:";
var index = ip.IndexOf(srch.AsSpan(), StringComparison.OrdinalIgnoreCase);
2019-02-25 22:34:32 +00:00
if (index == 0)
{
2019-02-16 15:54:18 +00:00
ip = ip.Slice(srch.Length);
2019-02-25 22:34:32 +00:00
}
}
return ip;
}
public string[] AcceptTypes => request.Headers.GetCommaSeparatedValues(HeaderNames.Accept);
private Dictionary<string, object> items;
public Dictionary<string, object> Items => items ?? (items = new Dictionary<string, object>());
private string responseContentType;
public string ResponseContentType
{
get =>
responseContentType
?? (responseContentType = GetResponseContentType(HttpRequest));
set => this.responseContentType = value;
}
public const string FormUrlEncoded = "application/x-www-form-urlencoded";
public const string MultiPartFormData = "multipart/form-data";
public static string GetResponseContentType(HttpRequest httpReq)
{
var specifiedContentType = GetQueryStringContentType(httpReq);
if (!string.IsNullOrEmpty(specifiedContentType))
{
return specifiedContentType;
}
const string serverDefaultContentType = "application/json";
var acceptContentTypes = httpReq.Headers.GetCommaSeparatedValues(HeaderNames.Accept);
2019-02-25 22:34:32 +00:00
string defaultContentType = null;
if (HasAnyOfContentTypes(httpReq, FormUrlEncoded, MultiPartFormData))
{
defaultContentType = serverDefaultContentType;
}
var acceptsAnything = false;
var hasDefaultContentType = defaultContentType != null;
if (acceptContentTypes != null)
{
foreach (var acceptsType in acceptContentTypes)
{
// TODO: @bond move to Span when Span.Split lands
// https://github.com/dotnet/corefx/issues/26528
var contentType = acceptsType?.Split(';')[0].Trim();
acceptsAnything = contentType.Equals("*/*", StringComparison.OrdinalIgnoreCase);
if (acceptsAnything)
{
break;
}
}
if (acceptsAnything)
{
if (hasDefaultContentType)
{
return defaultContentType;
}
else
{
return serverDefaultContentType;
}
}
}
if (acceptContentTypes == null && httpReq.ContentType == Soap11)
{
return Soap11;
}
// We could also send a '406 Not Acceptable', but this is allowed also
return serverDefaultContentType;
}
public const string Soap11 = "text/xml; charset=utf-8";
public static bool HasAnyOfContentTypes(HttpRequest request, params string[] contentTypes)
{
if (contentTypes == null || request.ContentType == null)
{
return false;
}
foreach (var contentType in contentTypes)
{
if (IsContentType(request, contentType))
{
return true;
}
}
return false;
}
public static bool IsContentType(HttpRequest request, string contentType)
{
return request.ContentType.StartsWith(contentType, StringComparison.OrdinalIgnoreCase);
}
private static string GetQueryStringContentType(HttpRequest httpReq)
{
2019-02-26 21:40:25 +00:00
ReadOnlySpan<char> format = httpReq.Query["format"].ToString().AsSpan();
2019-02-25 22:34:32 +00:00
if (format == null)
{
const int formatMaxLength = 4;
2019-02-26 21:40:25 +00:00
ReadOnlySpan<char> pi = httpReq.Path.ToString().AsSpan();
2019-02-25 22:34:32 +00:00
if (pi == null || pi.Length <= formatMaxLength)
{
return null;
}
if (pi[0] == '/')
{
2019-02-26 21:40:25 +00:00
pi = pi.Slice(1);
2019-02-25 22:34:32 +00:00
}
format = LeftPart(pi, '/');
if (format.Length > formatMaxLength)
{
return null;
}
}
format = LeftPart(format, '.');
2019-02-26 21:40:25 +00:00
if (format.Contains("json".AsSpan(), StringComparison.OrdinalIgnoreCase))
2019-02-25 22:34:32 +00:00
{
return "application/json";
}
2019-02-26 21:40:25 +00:00
else if (format.Contains("xml".AsSpan(), StringComparison.OrdinalIgnoreCase))
2019-02-25 22:34:32 +00:00
{
return "application/xml";
}
return null;
}
2019-02-26 21:40:25 +00:00
public static ReadOnlySpan<char> LeftPart(ReadOnlySpan<char> strVal, char needle)
2019-02-25 22:34:32 +00:00
{
if (strVal == null)
{
return null;
}
2019-02-26 21:40:25 +00:00
var pos = strVal.IndexOf(needle);
2019-02-25 22:34:32 +00:00
return pos == -1 ? strVal : strVal.Slice(0, pos);
}
public string PathInfo => this.request.Path.Value;
2019-02-25 22:34:32 +00:00
public string UserAgent => request.Headers[HeaderNames.UserAgent];
public IHeaderDictionary Headers => request.Headers;
2019-02-25 22:34:32 +00:00
public IQueryCollection QueryString => request.Query;
2019-02-25 22:34:32 +00:00
public bool IsLocal => string.Equals(request.HttpContext.Connection.LocalIpAddress.ToString(), request.HttpContext.Connection.RemoteIpAddress.ToString());
2019-02-25 22:34:32 +00:00
private string httpMethod;
public string HttpMethod =>
httpMethod
?? (httpMethod = request.Method);
public string Verb => HttpMethod;
public string ContentType => request.ContentType;
private Encoding ContentEncoding
2019-02-25 22:34:32 +00:00
{
get
{
// TODO is this necessary?
if (UserAgent != null && CultureInfo.InvariantCulture.CompareInfo.IsPrefix(UserAgent, "UP"))
{
string postDataCharset = Headers["x-up-devcap-post-charset"];
if (!string.IsNullOrEmpty(postDataCharset))
{
try
{
return Encoding.GetEncoding(postDataCharset);
}
catch (ArgumentException)
{
}
}
}
return request.GetTypedHeaders().ContentType.Encoding ?? Encoding.UTF8;
}
2019-02-25 22:34:32 +00:00
}
public Uri UrlReferrer => request.GetTypedHeaders().Referer;
public static Encoding GetEncoding(string contentTypeHeader)
{
var param = GetParameter(contentTypeHeader.AsSpan(), "charset=");
2019-02-25 22:34:32 +00:00
if (param == null)
{
return null;
}
try
{
return Encoding.GetEncoding(param);
}
catch (ArgumentException)
{
return null;
}
}
public Stream InputStream => request.Body;
public long ContentLength => request.ContentLength ?? 0;
private IHttpFile[] httpFiles;
public IHttpFile[] Files
{
get
{
if (httpFiles == null)
{
if (files == null)
{
return httpFiles = Array.Empty<IHttpFile>();
}
httpFiles = new IHttpFile[files.Count];
var i = 0;
foreach (var pair in files)
{
var reqFile = pair.Value;
httpFiles[i] = new HttpFile
{
ContentType = reqFile.ContentType,
ContentLength = reqFile.ContentLength,
FileName = reqFile.FileName,
InputStream = reqFile.InputStream,
};
i++;
}
}
return httpFiles;
}
}
}
}