3 HTTP protocol implementation for LuCI
4 (c) 2008 Freifunk Leipzig / Jo-Philipp Wich <xm@leipzig.freifunk.net>
6 Licensed under the Apache License, Version 2.0 (the "License");
7 you may not use this file except in compliance with the License.
8 You may obtain a copy of the License at
10 http://www.apache.org/licenses/LICENSE-2.0
16 module("luci.http.protocol", package.seeall)
21 HTTP_MAX_CONTENT = 1024^2 -- 1 MB maximum content size
22 HTTP_MAX_READBUF = 1024 -- 1 kB read buffer size
24 HTTP_DEFAULT_CTYPE = "text/html" -- default content type
25 HTTP_DEFAULT_VERSION = "1.0" -- HTTP default version
28 -- Decode an urlencoded string.
29 -- Returns the decoded value.
30 function urldecode( str )
32 local function __chrdec( hex )
33 return string.char( tonumber( hex, 16 ) )
36 if type(str) == "string" then
37 str = str:gsub( "+", " " ):gsub( "%%([a-fA-F0-9][a-fA-F0-9])", __chrdec )
44 -- Extract and split urlencoded data pairs, separated bei either "&" or ";" from given url.
45 -- Returns a table value with urldecoded values.
46 function urldecode_params( url )
51 url = url:gsub( "^.+%?([^?]+)", "%1" )
54 for i, pair in ipairs(luci.util.split( url, "[&;]+", nil, true )) do
57 local key = urldecode( pair:match("^([^=]+)") )
58 local val = urldecode( pair:match("^[^=]+=(.+)$") )
61 if type(key) == "string" and key:len() > 0 then
62 if type(val) ~= "string" then val = "" end
64 if not params[key] then
66 elseif type(params[key]) ~= "table" then
67 params[key] = { params[key], val }
69 table.insert( params[key], val )
78 -- Encode given string in urlencoded format.
79 -- Returns the encoded string.
80 function urlencode( str )
82 local function __chrenc( chr )
84 "%%%02x", string.byte( chr )
88 if type(str) == "string" then
90 "([^a-zA-Z0-9$_%-%.+!*'(),])",
99 -- Encode given table to urlencoded string.
100 -- Returns the encoded string.
101 function urlencode_params( tbl )
104 for k, v in pairs(tbl) do
105 enc = enc .. ( enc and "&" or "" ) ..
106 urlencode(k) .. "=" ..
114 -- Decode MIME encoded data.
115 -- Returns a table with decoded values.
116 function mimedecode( data, boundary, filecb )
120 -- create a line reader
121 local reader = _linereader( data, HTTP_MAX_READBUF )
124 local in_part = false
125 local in_file = false
126 local in_fbeg = false
134 -- try to read all mime parts
135 for line, eol in reader do
137 -- update content length
138 clen = clen + line:len()
140 if clen >= HTTP_MAX_CONTENT then
144 -- when no boundary is given, try to find it
146 boundary = line:match("^%-%-([^\r\n]+)\r?\n$")
149 -- Got a valid boundary line or reached max allowed size.
150 if ( boundary and line:sub(1,2) == "--" and line:len() > #boundary + 2 and
151 line:sub( 3, 2 + #boundary ) == boundary ) or not in_size
153 -- Flush the data of the previous mime part.
154 -- When field and/or buffer are set to nil we should discard
155 -- the previous section entirely due to format violations.
156 if type(field) == "string" and field:len() > 0 and
157 type(buffer) == "string"
159 -- According to the rfc the \r\n preceeding a boundary
160 -- is assumed to be part of the boundary itself.
161 -- Since we are reading line by line here, this crlf
162 -- is part of the last line of our section content,
163 -- so strip it before storing the buffer.
164 buffer = buffer:gsub("\r?\n$","")
166 -- If we're in a file part and a file callback has been provided
167 -- then do a final call and send eof.
168 if in_file and type(filecb) == "function" then
169 filecb( field, filename, buffer, true )
170 params[field] = filename
174 params[field] = buffer
184 -- Abort here if we reached maximum allowed size
185 if not in_size then break end
187 -- Do we got the last boundary?
188 if line:len() > #boundary + 4 and
189 line:sub( #boundary + 2, #boundary + 4 ) == "--"
191 -- No more processing
194 -- It's a middle boundary
198 local hlen, headers = extract_headers( reader )
200 -- Check for valid headers
201 if headers['Content-Disposition'] then
203 -- Got no content type header, assume content-type "text/plain"
204 if not headers['Content-Type'] then
205 headers['Content-Type'] = 'text/plain'
209 local hdrvals = luci.util.split(
210 headers['Content-Disposition'], '; '
213 -- Valid form data part?
214 if hdrvals[1] == "form-data" and hdrvals[2]:match("^name=") then
216 -- Store field identifier
217 field = hdrvals[2]:match('^name="(.+)"$')
219 -- Do we got a file upload field?
220 if #hdrvals == 3 and hdrvals[3]:match("^filename=") then
223 filename = hdrvals[3]:match('^filename="(.+)"$')
226 -- Entering next part processing
232 -- Processing content
235 -- XXX: Would be really good to switch from line based to
236 -- buffered reading here.
239 -- If we're in a file part and a file callback has been provided
240 -- then call the callback and reset the buffer.
241 if in_file and type(filecb) == "function" then
243 -- If we're not processing the first chunk, then call
245 filecb( field, filename, buffer, false )
248 -- Clear in_fbeg flag after first run
254 -- Append date to buffer
255 buffer = buffer .. line
263 -- Extract "magic", the first line of a http message.
264 -- Returns the message type ("get", "post" or "response"), the requested uri
265 -- if it is a valid http request or the status code if the line descripes a
266 -- http response. For requests the third parameter is nil, for responses it
267 -- contains the human readable status description.
268 function extract_magic( reader )
270 for line in reader do
272 local method, uri = line:match("^([A-Z]+) ([^ ]+) HTTP/[01]%.[019]\r?\n$")
276 return method:lower(), uri, nil
280 local code, message = line:match("^HTTP/[01]%.[019] ([0-9]+) ([^\r\n]+)\r?\n$")
284 return "response", code + 0, message
295 -- Extract headers from given string.
296 -- Returns a table of extracted headers and the remainder of the parsed data.
297 function extract_headers( reader, tbl )
299 local headers = tbl or { }
302 -- Iterate line by line
303 for line in reader do
305 -- Look for a valid header format
306 local hdr, val = line:match( "^([A-Z][A-Za-z0-9%-_]+): +([^\r\n]+)\r?\n$" )
308 if type(hdr) == "string" and hdr:len() > 0 and
309 type(val) == "string" and val:len() > 0
311 count = count + line:len()
314 elseif line:match("^\r?\n$") then
316 return count + line:len(), headers
319 -- junk data, don't add length
320 return count, headers
324 return count, headers
328 -- Parse a http message
329 function parse_message( data, filecb )
331 local reader = _linereader( data, HTTP_MAX_READBUF )
332 local message = parse_message_header( reader )
335 parse_message_body( reader, message, filecb )
342 -- Parse a http message header
343 function parse_message_header( data )
345 -- Create a line reader
346 local reader = _linereader( data, HTTP_MAX_READBUF )
349 -- Try to extract magic
350 local method, arg1, arg2 = extract_magic( reader )
352 -- Does it looks like a valid message?
355 message.request_method = method
356 message.status_code = arg2 and arg1 or 200
357 message.status_message = arg2 or nil
358 message.request_uri = arg2 and nil or arg1
360 if method == "response" then
361 message.type = "response"
363 message.type = "request"
367 local hlen, hdrs = extract_headers( reader )
370 if hlen > 2 and type(hdrs) == "table" then
372 message.headers = hdrs
374 -- Process get parameters
375 if ( method == "get" or method == "post" ) and
376 message.request_uri:match("?")
378 message.params = urldecode_params( message.request_uri )
383 -- Populate common environment variables
385 CONTENT_LENGTH = hdrs['Content-Length'];
386 CONTENT_TYPE = hdrs['Content-Type'];
387 REQUEST_METHOD = message.request_method;
388 REQUEST_URI = message.request_uri;
389 SCRIPT_NAME = message.request_uri:gsub("?.+$","");
390 SCRIPT_FILENAME = "" -- XXX implement me
393 -- Populate HTTP_* environment variables
394 for i, hdr in ipairs( {
405 local var = 'HTTP_' .. hdr:upper():gsub("%-","_")
406 local val = hdrs[hdr]
408 message.env[var] = val
418 -- Parse a http message body
419 function parse_message_body( reader, message, filecb )
421 if type(message) == "table" then
422 local env = message.env
424 local clen = ( env.CONTENT_LENGTH or HTTP_MAX_CONTENT ) + 0
426 -- Process post method
427 if env.REQUEST_METHOD:lower() == "post" and env.CONTENT_TYPE then
429 -- Is it multipart/form-data ?
430 if env.CONTENT_TYPE:match("^multipart/form%-data") then
432 -- Read multipart/mime data
433 for k, v in pairs( mimedecode(
435 env.CONTENT_TYPE:match("boundary=(.+)"),
438 message.params[k] = v
441 -- Is it x-www-form-urlencoded?
442 elseif env.CONTENT_TYPE:match('^application/x%-www%-form%-urlencoded') then
447 for chunk, eol in reader do
449 post_data = post_data .. chunk
451 -- Abort on eol or if maximum allowed size or content length is reached
452 if eol or #post_data >= HTTP_MAX_CONTENT or #post_data > clen then
458 for k, v in pairs( urldecode_params( post_data ) ) do
459 message.params[k] = v
462 -- Unhandled encoding
463 -- If a file callback is given then feed it line by line, else
464 -- store whole buffer in message.content
469 for chunk in reader do
473 -- We have a callback, feed it.
474 if type(filecb) == "function" then
476 filecb( "_post", nil, chunk, false )
478 -- Append to .content buffer.
481 type(message.content) == "string"
482 and message.content .. chunk
486 -- Abort if maximum allowed size or content length is reached
487 if len >= HTTP_MAX_CONTENT or len >= clen then
492 -- Send eof to callback
493 if type(filecb) == "function" then
494 filecb( "_post", nil, "", true )
502 -- Wrap given object into a line read iterator
503 function _linereader( obj, bufsz )
505 bufsz = ( bufsz and bufsz >= 256 ) and bufsz or 256
507 local __read = function() return nil end
508 local __eof = function(x) return type(x) ~= "string" or #x == 0 end
515 if type(obj) == "string" then
517 __read = function() return obj:sub( _pos, _pos + bufsz - #_buf - 1 ) end
519 -- object implements a receive() or read() function
520 elseif type(obj) == "userdata" and ( type(obj.receive) == "function" or type(obj.read) == "function" ) then
522 if type(obj.read) == "function" then
523 __read = function() return obj:read( bufsz - #_buf ) end
525 __read = function() return obj:receive( bufsz - #_buf ) end
528 -- object is a function
529 elseif type(obj) == "function" then
533 -- no usable data type
541 -- generic block to line algorithm
544 local buffer = __read()
546 if __eof( buffer ) then
550 _pos = _pos + #buffer
551 buffer = _buf .. buffer
553 local crlf, endpos = buffer:find("\r?\n")
557 _buf = buffer:sub( endpos + 1, #buffer )
558 return buffer:sub( 1, endpos ), true
561 _eof = __eof( buffer )
563 -- clear overflow buffer