From e6903e4e7e0b3b037b95aa875d7e8f7ba7a1f365 Mon Sep 17 00:00:00 2001
From: Oliver Schmidt
Date: Fri, 5 Jun 2015 15:44:09 +0200
Subject: [PATCH] Recognize HTTPS.
Although we for sure don't support HTTPS we need to recognize it. Nowadays it has become pretty usual to redirect HTTP URLs to HTTPS URLs in order to force privacy (thanks, NSA !). So far our redirection handler didn't recognize an HTTPS URL as abslute URLs and therefore appended it to the curent URL. This led to an endless redirection loop. Now we recognize the HTTPS redirection and generate a minimal document on the fly to inform the user of (for us unrachable) the redirection target.
HTML links with HTTPS URLs are treated just like fragment-only links meaning that they get simply completely ignored.
---
apps/webbrowser/http-strings | 2 ++
apps/webbrowser/http-strings.c | 6 ++++++
apps/webbrowser/http-strings.h | 2 ++
apps/webbrowser/webclient.c | 24 +++++++++++++++++-------
apps/webbrowser/www.c | 3 ++-
5 files changed, 29 insertions(+), 8 deletions(-)
diff --git a/apps/webbrowser/http-strings b/apps/webbrowser/http-strings
index 24ddb4f90..ff6a87545 100644
--- a/apps/webbrowser/http-strings
+++ b/apps/webbrowser/http-strings
@@ -1,4 +1,5 @@
http_http "http://"
+http_https "https://"
http_200 "200 "
http_301 "301 "
http_302 "302 "
@@ -10,3 +11,4 @@ http_location "location: "
http_host "Host: "
http_crnl "\r\n"
http_html ".html"
+http_redirect "Redirect to "
diff --git a/apps/webbrowser/http-strings.c b/apps/webbrowser/http-strings.c
index aa4d45ece..72ce2c644 100644
--- a/apps/webbrowser/http-strings.c
+++ b/apps/webbrowser/http-strings.c
@@ -1,6 +1,9 @@
const char http_http[8] =
/* "http://" */
{0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, };
+const char http_https[9] =
+/* "https://" */
+{0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, };
const char http_200[5] =
/* "200 " */
{0x32, 0x30, 0x30, 0x20, };
@@ -34,3 +37,6 @@ const char http_crnl[3] =
const char http_html[6] =
/* ".html" */
{0x2e, 0x68, 0x74, 0x6d, 0x6c, };
+const char http_redirect[19] =
+/* "Redirect to " */
+{0x3c, 0x62, 0x6f, 0x64, 0x79, 0x3e, 0x52, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x20, 0x74, 0x6f, 0x20, };
diff --git a/apps/webbrowser/http-strings.h b/apps/webbrowser/http-strings.h
index 8b9bee66e..184dcf330 100644
--- a/apps/webbrowser/http-strings.h
+++ b/apps/webbrowser/http-strings.h
@@ -1,4 +1,5 @@
extern const char http_http[8];
+extern const char http_https[9];
extern const char http_200[5];
extern const char http_301[5];
extern const char http_302[5];
@@ -10,3 +11,4 @@ extern const char http_location[11];
extern const char http_host[7];
extern const char http_crnl[3];
extern const char http_html[6];
+extern const char http_redirect[19];
diff --git a/apps/webbrowser/webclient.c b/apps/webbrowser/webclient.c
index 790085cd8..5d2ce0254 100644
--- a/apps/webbrowser/webclient.c
+++ b/apps/webbrowser/webclient.c
@@ -49,7 +49,7 @@
#define HTTPFLAG_NONE 0
#define HTTPFLAG_OK 1
#define HTTPFLAG_MOVED 2
-#define HTTPFLAG_ERROR 3
+#define HTTPFLAG_HTTPS 3
#define ISO_nl 0x0a
@@ -359,8 +359,10 @@ parse_headers(uint16_t len)
sizeof(http_location) - 1) == 0) {
cptr = s.httpheaderline +
sizeof(http_location) - 1;
-
- if(strncmp(cptr, http_http, 7) == 0) {
+
+ if(strncmp(cptr, http_https, sizeof(http_https) - 1) == 0) {
+ s.httpflag = HTTPFLAG_HTTPS;
+ } else if(strncmp(cptr, http_http, 7) == 0) {
cptr += 7;
for(i = 0; i < s.httpheaderlineptr - 7; ++i) {
if(*cptr == 0 ||
@@ -407,7 +409,7 @@ newdata(void)
}
if(len > 0 && s.state == WEBCLIENT_STATE_DATA &&
- s.httpflag != HTTPFLAG_MOVED) {
+ s.httpflag == HTTPFLAG_OK) {
webclient_datahandler((char *)uip_appdata, len);
}
}
@@ -445,7 +447,6 @@ webclient_appcall(void *state)
return;
}
-
/* The acked() and newdata() functions may alter the uip_appdata
ptr, so we need to store it in the "dataptr" variable so that we
can restore it before the senddata() function is called. */
@@ -478,10 +479,18 @@ webclient_appcall(void *state)
if(uip_closed()) {
tcp_markconn(uip_conn, NULL);
- if(s.httpflag != HTTPFLAG_MOVED) {
+ switch(s.httpflag) {
+ case HTTPFLAG_HTTPS:
+ /* Send some info to the user. */
+ webclient_datahandler((char *)http_redirect, sizeof(http_redirect) - 1);
+ webclient_datahandler(s.file, strlen(s.file));
+ webclient_datahandler((char *)http_crnl, sizeof(http_crnl) - 1);
+ /* FALLTHROUGH */
+ case HTTPFLAG_OK:
/* Send NULL data to signal EOF. */
webclient_datahandler(NULL, 0);
- } else {
+ break;
+ case HTTPFLAG_MOVED:
/* conn = uip_connect(uip_conn->ripaddr, s.port);
if(conn != NULL) {
dispatcher_markconn(conn, NULL);
@@ -493,6 +502,7 @@ webclient_appcall(void *state)
}
#endif /* UIP_UDP */
webclient_get(s.host, s.port, s.file);
+ break;
}
}
}
diff --git a/apps/webbrowser/www.c b/apps/webbrowser/www.c
index d97c793e3..2722f842c 100644
--- a/apps/webbrowser/www.c
+++ b/apps/webbrowser/www.c
@@ -900,7 +900,8 @@ htmlparser_word(char *word, unsigned char wordlen)
void
htmlparser_link(char *text, unsigned char textlen, char *url)
{
- if(url[0] == ISO_hash) {
+ /* No link for https or fragment-only as we would't be able to handle it anyway. */
+ if(url[0] == ISO_hash || strncmp(url, http_https, sizeof(http_https) - 1) == 0) {
htmlparser_word(text, textlen);
} else {
add_pagewidget(text, textlen, url, CTK_WIDGET_HYPERLINK, 0);