package/http-parser.js000644 0000031752 3560116604 012077 0ustar00000000 000000 /*jshint node:true */ var assert = require('assert'); exports.HTTPParser = HTTPParser; function HTTPParser(type) { assert.ok(type === HTTPParser.REQUEST || type === HTTPParser.RESPONSE || type === undefined); if (type === undefined) { // Node v12+ } else { this.initialize(type); } } HTTPParser.prototype.initialize = function (type, async_resource) { assert.ok(type === HTTPParser.REQUEST || type === HTTPParser.RESPONSE); this.type = type; this.state = type + '_LINE'; this.info = { headers: [], upgrade: false }; this.trailers = []; this.line = ''; this.isChunked = false; this.connection = ''; this.headerSize = 0; // for preventing too big headers this.body_bytes = null; this.isUserCall = false; this.hadError = false; }; HTTPParser.encoding = 'ascii'; HTTPParser.maxHeaderSize = 80 * 1024; // maxHeaderSize (in bytes) is configurable, but 80kb by default; HTTPParser.REQUEST = 'REQUEST'; HTTPParser.RESPONSE = 'RESPONSE'; // Note: *not* starting with kOnHeaders=0 line the Node parser, because any // newly added constants (kOnTimeout in Node v12.19.0) will overwrite 0! var kOnHeaders = HTTPParser.kOnHeaders = 1; var kOnHeadersComplete = HTTPParser.kOnHeadersComplete = 2; var kOnBody = HTTPParser.kOnBody = 3; var kOnMessageComplete = HTTPParser.kOnMessageComplete = 4; // Some handler stubs, needed for compatibility HTTPParser.prototype[kOnHeaders] = HTTPParser.prototype[kOnHeadersComplete] = HTTPParser.prototype[kOnBody] = HTTPParser.prototype[kOnMessageComplete] = function () {}; var compatMode0_12 = true; Object.defineProperty(HTTPParser, 'kOnExecute', { get: function () { // hack for backward compatibility compatMode0_12 = false; return 99; } }); var methods = exports.methods = HTTPParser.methods = [ 'DELETE', 'GET', 'HEAD', 'POST', 'PUT', 'CONNECT', 'OPTIONS', 'TRACE', 'COPY', 'LOCK', 'MKCOL', 'MOVE', 'PROPFIND', 'PROPPATCH', 'SEARCH', 'UNLOCK', 'BIND', 'REBIND', 'UNBIND', 'ACL', 'REPORT', 'MKACTIVITY', 'CHECKOUT', 'MERGE', 'M-SEARCH', 'NOTIFY', 'SUBSCRIBE', 'UNSUBSCRIBE', 'PATCH', 'PURGE', 'MKCALENDAR', 'LINK', 'UNLINK' ]; var method_connect = methods.indexOf('CONNECT'); HTTPParser.prototype.reinitialize = HTTPParser; HTTPParser.prototype.close = HTTPParser.prototype.pause = HTTPParser.prototype.resume = HTTPParser.prototype.free = function () {}; HTTPParser.prototype._compatMode0_11 = false; HTTPParser.prototype.getAsyncId = function() { return 0; }; var headerState = { REQUEST_LINE: true, RESPONSE_LINE: true, HEADER: true }; HTTPParser.prototype.execute = function (chunk, start, length) { if (!(this instanceof HTTPParser)) { throw new TypeError('not a HTTPParser'); } // backward compat to node < 0.11.4 // Note: the start and length params were removed in newer version start = start || 0; length = typeof length === 'number' ? length : chunk.length; this.chunk = chunk; this.offset = start; var end = this.end = start + length; try { while (this.offset < end) { if (this[this.state]()) { break; } } } catch (err) { if (this.isUserCall) { throw err; } this.hadError = true; return err; } this.chunk = null; length = this.offset - start; if (headerState[this.state]) { this.headerSize += length; if (this.headerSize > HTTPParser.maxHeaderSize) { return new Error('max header size exceeded'); } } return length; }; var stateFinishAllowed = { REQUEST_LINE: true, RESPONSE_LINE: true, BODY_RAW: true }; HTTPParser.prototype.finish = function () { if (this.hadError) { return; } if (!stateFinishAllowed[this.state]) { return new Error('invalid state for EOF'); } if (this.state === 'BODY_RAW') { this.userCall()(this[kOnMessageComplete]()); } }; // These three methods are used for an internal speed optimization, and it also // works if theses are noops. Basically consume() asks us to read the bytes // ourselves, but if we don't do it we get them through execute(). HTTPParser.prototype.consume = HTTPParser.prototype.unconsume = HTTPParser.prototype.getCurrentBuffer = function () {}; //For correct error handling - see HTTPParser#execute //Usage: this.userCall()(userFunction('arg')); HTTPParser.prototype.userCall = function () { this.isUserCall = true; var self = this; return function (ret) { self.isUserCall = false; return ret; }; }; HTTPParser.prototype.nextRequest = function () { this.userCall()(this[kOnMessageComplete]()); this.reinitialize(this.type); }; HTTPParser.prototype.consumeLine = function () { var end = this.end, chunk = this.chunk; for (var i = this.offset; i < end; i++) { if (chunk[i] === 0x0a) { // \n var line = this.line + chunk.toString(HTTPParser.encoding, this.offset, i); if (line.charAt(line.length - 1) === '\r') { line = line.substr(0, line.length - 1); } this.line = ''; this.offset = i + 1; return line; } } //line split over multiple chunks this.line += chunk.toString(HTTPParser.encoding, this.offset, this.end); this.offset = this.end; }; var headerExp = /^([^: \t]+):[ \t]*((?:.*[^ \t])|)/; var headerContinueExp = /^[ \t]+(.*[^ \t])/; HTTPParser.prototype.parseHeader = function (line, headers) { if (line.indexOf('\r') !== -1) { throw parseErrorCode('HPE_LF_EXPECTED'); } var match = headerExp.exec(line); var k = match && match[1]; if (k) { // skip empty string (malformed header) headers.push(k); headers.push(match[2]); } else { var matchContinue = headerContinueExp.exec(line); if (matchContinue && headers.length) { if (headers[headers.length - 1]) { headers[headers.length - 1] += ' '; } headers[headers.length - 1] += matchContinue[1]; } } }; var requestExp = /^([A-Z-]+) ([^ ]+) HTTP\/(\d)\.(\d)$/; HTTPParser.prototype.REQUEST_LINE = function () { var line = this.consumeLine(); if (!line) { return; } var match = requestExp.exec(line); if (match === null) { throw parseErrorCode('HPE_INVALID_CONSTANT'); } this.info.method = this._compatMode0_11 ? match[1] : methods.indexOf(match[1]); if (this.info.method === -1) { throw new Error('invalid request method'); } this.info.url = match[2]; this.info.versionMajor = +match[3]; this.info.versionMinor = +match[4]; this.body_bytes = 0; this.state = 'HEADER'; }; var responseExp = /^HTTP\/(\d)\.(\d) (\d{3}) ?(.*)$/; HTTPParser.prototype.RESPONSE_LINE = function () { var line = this.consumeLine(); if (!line) { return; } var match = responseExp.exec(line); if (match === null) { throw parseErrorCode('HPE_INVALID_CONSTANT'); } this.info.versionMajor = +match[1]; this.info.versionMinor = +match[2]; var statusCode = this.info.statusCode = +match[3]; this.info.statusMessage = match[4]; // Implied zero length. if ((statusCode / 100 | 0) === 1 || statusCode === 204 || statusCode === 304) { this.body_bytes = 0; } this.state = 'HEADER'; }; HTTPParser.prototype.shouldKeepAlive = function () { if (this.info.versionMajor > 0 && this.info.versionMinor > 0) { if (this.connection.indexOf('close') !== -1) { return false; } } else if (this.connection.indexOf('keep-alive') === -1) { return false; } if (this.body_bytes !== null || this.isChunked) { // || skipBody return true; } return false; }; HTTPParser.prototype.HEADER = function () { var line = this.consumeLine(); if (line === undefined) { return; } var info = this.info; if (line) { this.parseHeader(line, info.headers); } else { var headers = info.headers; var hasContentLength = false; var currentContentLengthValue; var hasUpgradeHeader = false; for (var i = 0; i < headers.length; i += 2) { switch (headers[i].toLowerCase()) { case 'transfer-encoding': this.isChunked = headers[i + 1].toLowerCase() === 'chunked'; break; case 'content-length': currentContentLengthValue = +headers[i + 1]; if (hasContentLength) { // Fix duplicate Content-Length header with same values. // Throw error only if values are different. // Known issues: // https://github.com/request/request/issues/2091#issuecomment-328715113 // https://github.com/nodejs/node/issues/6517#issuecomment-216263771 if (currentContentLengthValue !== this.body_bytes) { throw parseErrorCode('HPE_UNEXPECTED_CONTENT_LENGTH'); } } else { hasContentLength = true; this.body_bytes = currentContentLengthValue; } break; case 'connection': this.connection += headers[i + 1].toLowerCase(); break; case 'upgrade': hasUpgradeHeader = true; break; } } // if both isChunked and hasContentLength, isChunked wins // This is required so the body is parsed using the chunked method, and matches // Chrome's behavior. We could, maybe, ignore them both (would get chunked // encoding into the body), and/or disable shouldKeepAlive to be more // resilient. if (this.isChunked && hasContentLength) { hasContentLength = false; this.body_bytes = null; } // Logic from https://github.com/nodejs/http-parser/blob/921d5585515a153fa00e411cf144280c59b41f90/http_parser.c#L1727-L1737 // "For responses, "Upgrade: foo" and "Connection: upgrade" are // mandatory only when it is a 101 Switching Protocols response, // otherwise it is purely informational, to announce support. if (hasUpgradeHeader && this.connection.indexOf('upgrade') != -1) { info.upgrade = this.type === HTTPParser.REQUEST || info.statusCode === 101; } else { info.upgrade = info.method === method_connect; } if (this.isChunked && info.upgrade) { this.isChunked = false; } info.shouldKeepAlive = this.shouldKeepAlive(); //problem which also exists in original node: we should know skipBody before calling onHeadersComplete var skipBody; if (compatMode0_12) { skipBody = this.userCall()(this[kOnHeadersComplete](info)); } else { skipBody = this.userCall()(this[kOnHeadersComplete](info.versionMajor, info.versionMinor, info.headers, info.method, info.url, info.statusCode, info.statusMessage, info.upgrade, info.shouldKeepAlive)); } if (skipBody === 2) { this.nextRequest(); return true; } else if (this.isChunked && !skipBody) { this.state = 'BODY_CHUNKHEAD'; } else if (skipBody || this.body_bytes === 0) { this.nextRequest(); // For older versions of node (v6.x and older?), that return skipBody=1 or skipBody=true, // need this "return true;" if it's an upgrade request. return info.upgrade; } else if (this.body_bytes === null) { this.state = 'BODY_RAW'; } else { this.state = 'BODY_SIZED'; } } }; HTTPParser.prototype.BODY_CHUNKHEAD = function () { var line = this.consumeLine(); if (line === undefined) { return; } this.body_bytes = parseInt(line, 16); if (!this.body_bytes) { this.state = 'BODY_CHUNKTRAILERS'; } else { this.state = 'BODY_CHUNK'; } }; HTTPParser.prototype.BODY_CHUNK = function () { var length = Math.min(this.end - this.offset, this.body_bytes); this.userCall()(this[kOnBody](this.chunk, this.offset, length)); this.offset += length; this.body_bytes -= length; if (!this.body_bytes) { this.state = 'BODY_CHUNKEMPTYLINE'; } }; HTTPParser.prototype.BODY_CHUNKEMPTYLINE = function () { var line = this.consumeLine(); if (line === undefined) { return; } assert.equal(line, ''); this.state = 'BODY_CHUNKHEAD'; }; HTTPParser.prototype.BODY_CHUNKTRAILERS = function () { var line = this.consumeLine(); if (line === undefined) { return; } if (line) { this.parseHeader(line, this.trailers); } else { if (this.trailers.length) { this.userCall()(this[kOnHeaders](this.trailers, '')); } this.nextRequest(); } }; HTTPParser.prototype.BODY_RAW = function () { var length = this.end - this.offset; this.userCall()(this[kOnBody](this.chunk, this.offset, length)); this.offset = this.end; }; HTTPParser.prototype.BODY_SIZED = function () { var length = Math.min(this.end - this.offset, this.body_bytes); this.userCall()(this[kOnBody](this.chunk, this.offset, length)); this.offset += length; this.body_bytes -= length; if (!this.body_bytes) { this.nextRequest(); } }; // backward compat to node < 0.11.6 ['Headers', 'HeadersComplete', 'Body', 'MessageComplete'].forEach(function (name) { var k = HTTPParser['kOn' + name]; Object.defineProperty(HTTPParser.prototype, 'on' + name, { get: function () { return this[k]; }, set: function (to) { // hack for backward compatibility this._compatMode0_11 = true; method_connect = 'CONNECT'; return (this[k] = to); } }); }); function parseErrorCode(code) { var err = new Error('Parse Error'); err.code = code; return err; } package/package.json000644 0000001526 3560116604 011552 0ustar00000000 000000 { "name": "http-parser-js", "version": "0.5.3", "description": "A pure JS HTTP parser for node.", "main": "http-parser.js", "scripts": { "test": "python tests/test.py && node tests/iojs/test-http-parser-durability.js", "testv12": "python tests/test.py --node-args=\"--http-parser=legacy\" && node --http-parser=legacy tests/iojs/test-http-parser-durability.js" }, "repository": { "type": "git", "url": "git://github.com/creationix/http-parser-js.git" }, "files": [ "http-parser.js" ], "keywords": [ "http" ], "author": "Tim Caswell (https://github.com/creationix)", "contributors": [ "Jimb Esser (https://github.com/Jimbly)", "Lawrence Rowe (https://github.com/lrowe)", "Jan Schär (https://github.com/jscissr)", "Paul Rütter (https://github.com/paulrutter)" ], "license": "MIT" } package/CHANGELOG.md000644 0000000521 3560116604 011067 0ustar00000000 000000 # HTTP Parser ## 0.4.4 Made 'maxHeaderSize' configurable. ```js // Monkey patch before you require http for the first time. process.binding('http_parser').HTTPParser = require('http-parser-js').HTTPParser; require('http-parser-js').HTTPParser.maxHeaderSize = 1024 * 1024; // 1MB instead of 80kb var http = require('http'); // ... ```package/LICENSE.md000644 0000012074 3560116604 010670 0ustar00000000 000000 Copyright (c) 2015 Tim Caswell (https://github.com/creationix) and other contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Some files from the tests folder are from joyent/node and mscedex/io.js, a fork of nodejs/io.js: - tests/iojs/test-http-parser-durability.js This file is from https://github.com/mscdex/io.js/blob/js-http-parser/test/pummel/test-http-parser-durability.js with modifications by Jan Schär (jscissr). """ Copyright io.js contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ - tests/fixtures/* tests/parallel/* tests/testpy/* tests/common.js tests/test.py tests/utils.py These files are from https://github.com/nodejs/node with changes by Jan Schär (jscissr). Node.js is licensed for use as follows: """ Copyright Node.js contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ This license applies to parts of Node.js originating from the https://github.com/joyent/node repository: """ Copyright Joyent, Inc. and other Node contributors. All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ package/README.md000644 0000002454 3560116604 010544 0ustar00000000 000000 # HTTP Parser This library parses HTTP protocol for requests and responses. It was created to replace `http_parser.c` since calling C++ function from JS is really slow in V8. However, it is now primarily useful in having a more flexible/tolerant HTTP parser when dealing with legacy services that do not meet the strict HTTP parsing rules Node's parser follows. This is packaged as a standalone npm module. To use in node, monkeypatch HTTPParser. ```js // Monkey patch before you require http for the first time. process.binding('http_parser').HTTPParser = require('http-parser-js').HTTPParser; var http = require('http'); // ... ``` ## Testing Simply do `npm test`. The tests are copied from node and mscedex/io.js, with some modifcations. ## Status This should now be usable in any node application, it now supports (nearly) everything `http_parser.c` does while still being tolerant with corrupted headers, and other kinds of malformed data. ### Node Versions `http-parser-js` should work via monkey-patching on Node v6-v11, and v13. Node v12.x renamed the internal http parser, and did not expose it for monkey-patching, so to be able to monkey-patch on Node v12, you must run `node --http-parser=legacy file.js` to opt in to the old, monkey-patchable http_parser binding. ## License MIT. See LICENSE.md