Home Explore Help
Sign In
joker
/
frp
mirror of https://github.com/fatedier/frp/
1
0
Fork 0
Files Issues 0 Wiki
Tree: f2117d8331
Branches Tags
frp
/
vendor
/
golang.org
/
x
/
net
/
http
/
httpguts
/
guts.go

guts.go 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. // Copyright 2018 The Go Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a BSD-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. // Package httpguts provides functions implementing various details
    6. 

  6. // of the HTTP specification.
    7. 

  7. //
    8. 

  8. // This package is shared by the standard library (which vendors it)
    9. 

  9. // and x/net/http2. It comes with no API stability promise.
    10. 

  10. package httpguts
    11. 

  11. 

  12. import (
    13. 

  13. 	"net/textproto"
    14. 

  14. 	"strings"
    15. 

  15. )
    16. 

  16. 

  17. // SniffedContentType reports whether ct is a Content-Type that is known
    18. 

  18. // to cause client-side content sniffing.
    19. 

  19. //
    20. 

  20. // This provides just a partial implementation of mime.ParseMediaType
    21. 

  21. // with the assumption that the Content-Type is not attacker controlled.
    22. 

  22. func SniffedContentType(ct string) bool {
    23. 

  23. 	if i := strings.Index(ct, ";"); i != -1 {
    24. 

  24. 		ct = ct[:i]
    25. 

  25. 	}
    26. 

  26. 	ct = strings.ToLower(strings.TrimSpace(ct))
    27. 

  27. 	return ct == "text/plain" || ct == "application/octet-stream" ||
    28. 

  28. 		ct == "application/unknown" || ct == "unknown/unknown" || ct == "*/*" ||
    29. 

  29. 		!strings.Contains(ct, "/")
    30. 

  30. }
    31. 

  31. 

  32. // ValidTrailerHeader reports whether name is a valid header field name to appear
    33. 

  33. // in trailers.
    34. 

  34. // See RFC 7230, Section 4.1.2
    35. 

  35. func ValidTrailerHeader(name string) bool {
    36. 

  36. 	name = textproto.CanonicalMIMEHeaderKey(name)
    37. 

  37. 	if strings.HasPrefix(name, "If-") || badTrailer[name] {
    38. 

  38. 		return false
    39. 

  39. 	}
    40. 

  40. 	return true
    41. 

  41. }
    42. 

  42. 

  43. var badTrailer = map[string]bool{
    44. 

  44. 	"Authorization":       true,
    45. 

  45. 	"Cache-Control":       true,
    46. 

  46. 	"Connection":          true,
    47. 

  47. 	"Content-Encoding":    true,
    48. 

  48. 	"Content-Length":      true,
    49. 

  49. 	"Content-Range":       true,
    50. 

  50. 	"Content-Type":        true,
    51. 

  51. 	"Expect":              true,
    52. 

  52. 	"Host":                true,
    53. 

  53. 	"Keep-Alive":          true,
    54. 

  54. 	"Max-Forwards":        true,
    55. 

  55. 	"Pragma":              true,
    56. 

  56. 	"Proxy-Authenticate":  true,
    57. 

  57. 	"Proxy-Authorization": true,
    58. 

  58. 	"Proxy-Connection":    true,
    59. 

  59. 	"Range":               true,
    60. 

  60. 	"Realm":               true,
    61. 

  61. 	"Te":                  true,
    62. 

  62. 	"Trailer":             true,
    63. 

  63. 	"Transfer-Encoding":   true,
    64. 

  64. 	"Www-Authenticate":    true,
    65. 

  65. }
    66.