--- parser3/src/main/pa_request.C 2021/01/02 23:01:11 1.415 +++ parser3/src/main/pa_request.C 2025/05/25 20:55:23 1.433 @@ -1,8 +1,8 @@ /** @file Parser: request class main part. @see compile.C and execute.C. - Copyright (c) 2001-2020 Art. Lebedev Studio (http://www.artlebedev.com) - Author: Alexandr Petrosian (http://paf.design.ru) + Copyright (c) 2001-2024 Art. Lebedev Studio (http://www.artlebedev.com) + Authors: Konstantin Morshnev , Alexandr Petrosian */ #include "pa_sapi.h" @@ -33,8 +33,9 @@ #include "pa_vmemory.h" #include "pa_vconsole.h" #include "pa_vdate.h" +#include "pa_varray.h" -volatile const char * IDENT_PA_REQUEST_C="$Id: pa_request.C,v 1.415 2021/01/02 23:01:11 moko Exp $" IDENT_PA_REQUEST_H IDENT_PA_REQUEST_CHARSETS_H IDENT_PA_REQUEST_INFO_H IDENT_PA_VCONSOLE_H; +volatile const char * IDENT_PA_REQUEST_C="$Id: pa_request.C,v 1.433 2025/05/25 20:55:23 moko Exp $" IDENT_PA_REQUEST_H IDENT_PA_REQUEST_CHARSETS_H IDENT_PA_REQUEST_INFO_H IDENT_PA_VCONSOLE_H; // consts @@ -43,8 +44,9 @@ volatile const char * IDENT_PA_REQUEST_C /// content type of response when no $MAIN:defaults.content-type defined const char* DEFAULT_CONTENT_TYPE="text/html"; -const uint LOOP_LIMIT=20000; -const uint EXECUTE_RECOURSION_LIMIT=1000; +const uint LOOP_LIMIT=100000; +const uint ARRAY_LIMIT=1000000; +const uint EXECUTE_RECURSION_LIMIT=1000; const uint HTTPD_TIMEOUT=4; const size_t FILE_SIZE_LIMIT=512*1024*1024; @@ -68,15 +70,16 @@ const String auto_method_name(AUTO_METHO static const String use_method_name(USE_METHOD_NAME); static const String autouse_method_name(AUTOUSE_METHOD_NAME); -const String exception_type_part_name(EXCEPTION_TYPE_PART_NAME); -const String exception_source_part_name(EXCEPTION_SOURCE_PART_NAME); -const String exception_comment_part_name(EXCEPTION_COMMENT_PART_NAME); -const String exception_handled_part_name(EXCEPTION_HANDLED_PART_NAME); +const String::Body exception_type_part_name(EXCEPTION_TYPE_PART_NAME); +const String::Body exception_source_part_name(EXCEPTION_SOURCE_PART_NAME); +const String::Body exception_comment_part_name(EXCEPTION_COMMENT_PART_NAME); +const String::Body exception_handled_part_name(EXCEPTION_HANDLED_PART_NAME); static const String origin_key(ORIGIN_KEY); int pa_loop_limit=LOOP_LIMIT; -int pa_execute_recoursion_limit=EXECUTE_RECOURSION_LIMIT; +int pa_array_limit=ARRAY_LIMIT; +int pa_execute_recursion_limit=EXECUTE_RECURSION_LIMIT; int pa_httpd_timeout=HTTPD_TIMEOUT; size_t pa_file_size_limit=FILE_SIZE_LIMIT; @@ -101,7 +104,8 @@ static const String getter_protected_nam static const String locals_name("LOCALS"); static const String limits_name("LIMITS"); static const String loop_limit_name("max_loop"); -static const String recoursion_limit_name("max_recoursion"); +static const String array_limit_name("max_array_size"); +static const String recursion_limit_name("max_recursion"); static const String file_size_limit_name("max_file_size"); static const String lock_wait_timeout_name("lock_wait_timeout"); static const String httpd_name("HTTPD"); @@ -122,6 +126,9 @@ static const String content_disposition_ static const String content_disposition_inline(CONTENT_DISPOSITION_INLINE); static const String content_disposition_attachment(CONTENT_DISPOSITION_ATTACHMENT); +const String content_disposition_filename_name(CONTENT_DISPOSITION_FILENAME_NAME); +const String content_disposition_filename_name_asterisk("filename*"); + // defines #define CHARSET_NAME_UPPER "CHARSET" @@ -133,7 +140,7 @@ VStateless_class& VClassMAIN_create(); // Request::Request(SAPI_Info& asapi_info, Request_info& arequest_info, String::Language adefault_lang): // private - anti_endless_execute_recoursion(0), + anti_endless_execute_recursion(0), // public allow_class_replace(false), @@ -242,6 +249,17 @@ VStateless_class& Request::get_class_ref return *result; } +bool Request::add_class(const char* atype, VStateless_class *aclass){ + if(!allow_class_replace){ + if(!classes().put_dont_replace(atype, aclass)) + return true; + if(strcmp(atype, VARRAY_TYPE)) + return false; + } + classes().put(atype, aclass); + return true; +} + static void load_charset(HashStringValue::key_type akey, HashStringValue::value_type avalue, Request_charsets* charsets) { pa_charsets.load_charset(*charsets, akey, avalue->as_string()); } @@ -325,17 +343,23 @@ void Request::configure_admin(VStateless if(pa_loop_limit==0) pa_loop_limit=INT_MAX; }, "LIMITS.%s must be int"); - pa_execute_recoursion_limit=EXECUTE_RECOURSION_LIMIT; - CONF_OPTION(limits, recoursion_limit_name, { - pa_execute_recoursion_limit=option->as_int(); - if(pa_execute_recoursion_limit==0) pa_execute_recoursion_limit=INT_MAX; + pa_array_limit=ARRAY_LIMIT; + CONF_OPTION(limits, array_limit_name, { + pa_array_limit=option->as_int(); + if(pa_array_limit==0) pa_array_limit=INT_MAX; + }, "LIMITS.%s must be int"); + + pa_execute_recursion_limit=EXECUTE_RECURSION_LIMIT; + CONF_OPTION(limits, recursion_limit_name, { + pa_execute_recursion_limit=option->as_int(); + if(pa_execute_recursion_limit==0) pa_execute_recursion_limit=INT_MAX; }, "LIMITS.%s must be int"); pa_file_size_limit=FILE_SIZE_LIMIT; CONF_OPTION(limits, file_size_limit_name, { double limit=option->as_double(); if(limit >= (double)SSIZE_MAX) - throw Exception(PARSER_RUNTIME, 0, "$MAIN:LIMITS.%s must be less then %.15g", file_size_limit_name.cstr(), (double)SSIZE_MAX); + throw Exception(PARSER_RUNTIME, 0, "$MAIN:LIMITS.%s must be less than %.15g", file_size_limit_name.cstr(), (double)SSIZE_MAX); pa_file_size_limit=(size_t)limit; if(pa_file_size_limit==0) pa_file_size_limit=SSIZE_MAX; @@ -345,7 +369,7 @@ void Request::configure_admin(VStateless CONF_OPTION(limits, lock_wait_timeout_name, { double limit=option->as_double(); if(limit >= 3600*24) - throw Exception(PARSER_RUNTIME, 0, "$MAIN:LIMITS.%s must be less then %d", lock_wait_timeout_name.cstr(), 3600*24); + throw Exception(PARSER_RUNTIME, 0, "$MAIN:LIMITS.%s must be less than %d", lock_wait_timeout_name.cstr(), 3600*24); pa_lock_attempts=(unsigned int)(limit*2)+1; }, "LIMITS.%s must be number"); @@ -425,8 +449,8 @@ Table &Request::Exception_trace::table(R Operation::Origin origin=trace.origin(); if(origin.file_no) { *row+=new String(r.file_list[origin.file_no], String::L_TAINTED); // 'file' column - *row+=new String(String::Body::Format(1+origin.line), String::L_CLEAN); // 'lineno' column - *row+=new String(String::Body::Format(1+origin.col), String::L_CLEAN); // 'colno' column + *row+=new String(pa_uitoa(1+origin.line), String::L_CLEAN); // 'lineno' column + *row+=new String(pa_uitoa(1+origin.col), String::L_CLEAN); // 'colno' column } stack_trace+=row; } @@ -460,9 +484,6 @@ void Request::configure() { */ void Request::core(const char* config_filespec, bool header_only, const String &amain_method_name, const String* amain_class_name) { - VFile* body_file=NULL; - bool as_attachment=false; - try { // loading config if(config_filespec) @@ -489,7 +510,7 @@ void Request::core(const char* config_fi // extract response body Value* body_value=response.fields().get(download_name_upper); // $response:download? - as_attachment=body_value!=0; + bool as_attachment=body_value!=0; if(!body_value) body_value=response.fields().get(body_name_upper); // $response:body if(!body_value) @@ -504,23 +525,24 @@ void Request::core(const char* config_fi }); } - body_file=body_value->as_vfile(flang, &charsets); - + // can throw exceptions while handling $response:download[] + output_result(body_value->as_vfile(flang, &charsets), header_only, as_attachment); } catch(const Exception& e) { // request handling problem - try { - // we're returning not result, but error explanation - Request::Exception_details details=get_details(e); - const char* exception_cstr=get_exception_cstr(e, details); - - // reset language to default - flang=fdefault_lang; - // reset response - response.fields().clear(); + // we're returning not result, but error explanation + Request::Exception_details details=get_details(e); + const char* exception_cstr=get_exception_cstr(e, details); + + // reset language to default + flang=fdefault_lang; + // reset response + response.fields().clear(); + SAPI::clear_headers(sapi_info); - // this is what we'd return in $response:body - const String* body_string=0; + // this is what we'd return in $response:body + const String* body_string=0; + try { // maybe we'd be lucky enough as to report an error in a gracefull way... if(const Method *method=main_class.get_method(*new String(UNHANDLED_EXCEPTION_METHOD_NAME))) { // preparing parameters to @unhandled_exception[exception;stack] @@ -541,27 +563,23 @@ void Request::core(const char* config_fi if(!vhandled || !vhandled->as_bool()) { SAPI::log(sapi_info, "%s", exception_cstr); } - - if(body_string) { // could report an error beautifully? - VString body_vstring(*body_string); - - body_file=body_vstring.as_vfile(flang, &charsets); - as_attachment=false; - } else { - // doing that ugly - SAPI::send_error(sapi_info, exception_cstr, !strcmp(e.type(), "file.missing") ? "404" : "500"); - return; - } - - } catch(const Exception& e) { // exception in unhandled exception + } catch(const Exception& e) { // exception in @unhandled_exception Request::Exception_details details=get_details(e); - // unconditionally log the beast in exception handler - throw Exception(0, 0, "Unhandled exception in %s", get_exception_cstr(e, details)); + // logging both initial and new exceptions + SAPI::log(sapi_info, "%s", exception_cstr); + SAPI::log(sapi_info, "Exception in @unhandled_exception at %s", get_exception_cstr(e, details)); + SAPI::send_error(sapi_info, "Exception in @unhandled_exception, details are available in Parser error log."); + return; } - } - // write out the result outside of try as network exceptions should not be handled by parser code. - output_result(body_file, header_only, as_attachment); + if(body_string) { // could report an error beautifully? + VString body_vstring(*body_string); + output_result(body_vstring.as_vfile(flang, &charsets), header_only, false); + } else { + // doing that ugly + SAPI::send_error(sapi_info, exception_cstr, strcmp(e.type(), "file.missing") ? "500" : "404"); + } + } } uint Request::register_file(String::Body file_spec) { @@ -691,7 +709,7 @@ void Request::use_buf(VStateless_class& configure_admin(cclass/*, executed.method->name*/); // locate and execute possible @auto[] static - execute_method_if_exists(cclass, auto_method_name, vfilespec); + execute_auto_method_if_exists(cclass, auto_method_name, vfilespec); cclass.enable_default_setter(); } @@ -712,7 +730,7 @@ const String& Request::full_disk_path(co result << relative_name; return result; } - if(relative_name.pos("://")!=STRING_NOT_FOUND // something like "http://xxx" + if(relative_name.starts_with("http://") || relative_name.starts_with("parser://") #ifdef WIN32 || relative_name.pos(":")==1 // DRIVE: || relative_name.starts_with("\\\\") // UNC1 @@ -755,10 +773,10 @@ static void output_sole_piece(Request& r output=Charset::transcode(output, r.charsets.source(), r.charsets.client()); // prepare header: Content-Length - SAPI::add_header_attribute(r.sapi_info, HTTP_CONTENT_LENGTH, format(output.length, "%u")); + SAPI::add_header_attribute(r.sapi_info, HTTP_CONTENT_LENGTH, pa_uitoa(output.length)); // send header - SAPI::send_header(r.sapi_info); + SAPI::send_headers(r.sapi_info); // send body if(!header_only) @@ -787,9 +805,9 @@ static void parse_range(const String* s, while(*p==' ' || *p=='\t') p++; if(*p >= '0' && *p <= '9'){ - const char *s=p; + const char *n=p; while(*p>='0' && *p<='9') p++; - r.start = pa_atoul(pa_strdup(s,p-s)); + r.start = pa_atoul(pa_strdup(n, p-n)); } while(*p==' ' || *p=='\t') p++; @@ -799,9 +817,9 @@ static void parse_range(const String* s, while(*p==' ' || *p=='\t') p++; if(*p >= '0' && *p <= '9'){ - const char *s=p; + const char *n=p; while(*p>='0' && *p<='9') p++; - r.end = pa_atoul(pa_strdup(s,p-s)); + r.end = pa_atoul(pa_strdup(n, p-n)); } while(*p==' ' || *p=='\t') p++; @@ -822,13 +840,12 @@ struct Send_range_action_info { static void send_range(struct stat& /*finfo*/, int f, const String& /*file_spec*/, void *context){ Send_range_action_info &info = *(Send_range_action_info*)context; - SAPI::send_header(info.r->sapi_info); + SAPI::send_headers(info.r->sapi_info); pa_lseek(f, info.offset, SEEK_SET); - const size_t BUFSIZE = 128*0x400; - char buf[BUFSIZE]; + char buf[FILE_BUFFER_SIZE]; do{ - size_t to_read = info.part_length < BUFSIZE ? (size_t)info.part_length : BUFSIZE; + size_t to_read = info.part_length < FILE_BUFFER_SIZE ? (size_t)info.part_length : FILE_BUFFER_SIZE; size_t to_write = file_block_read(f, buf, to_read); if(to_write == 0) @@ -887,13 +904,13 @@ static void output_pieces(Request& r, bo } } - SAPI::add_header_attribute(r.sapi_info, HTTP_CONTENT_LENGTH, format((double)part_length, "%.15g")); + SAPI::add_header_attribute(r.sapi_info, HTTP_CONTENT_LENGTH, pa_uitoa(part_length)); if(add_last_modified) SAPI::add_header_attribute(r.sapi_info, "last-modified", attributed_meaning_to_string(date, String::L_AS_IS, true).cstr()); if(header_only){ - SAPI::send_header(r.sapi_info); + SAPI::send_headers(r.sapi_info); } else { Send_range_action_info info = { &r, offset, part_length}; file_read_action_under_lock(r.full_disk_path(filename), "send", send_range, &info); @@ -917,9 +934,13 @@ void Request::output_result(VFile* body_ // Content-Disposition, use $.name[] to avoid const String* disposition_name = sname ? sname->is_empty() ? NULL : sname : sfile; if(disposition_name) { + String& filename = *new String(pa_filename(disposition_name->cstr()), String::L_URI); + String& filename_asterisk = *new String(charsets.client().NAME(), String::L_CLEAN) << (*new String("''")) << filename; + VHash& hash=*new VHash(); hash.hash().put(value_name, new VString(as_attachment ? content_disposition_attachment : content_disposition_inline)); - hash.hash().put(content_disposition_filename_name, new VString(*new String(*disposition_name, String::L_HTTP_HEADER))); + hash.hash().put(content_disposition_filename_name, new VString(filename)); + hash.hash().put(content_disposition_filename_name_asterisk, new VString(filename_asterisk)); response.fields().put(content_disposition_name_upper, &hash); } @@ -952,9 +973,8 @@ void Request::output_result(VFile* body_ VDate* vdate=0; if(Value* v=body_file->fields().get("mdate")) { - if(Value* vdatep=v->as(VDATE_TYPE)) - vdate=static_cast(vdatep); - else + vdate=dynamic_cast(v); + if(!vdate) throw Exception(PARSER_RUNTIME, 0, "mdate must be a date"); } if(!vdate)