def _on_headers(self, data): try: data = native_str(data.decode("latin1")) eol = data.find("\r\n") start_line = data[:eol] try: method, uri, version = start_line.split(" ") except ValueError: raise _BadRequestException("Malformed HTTP request line") if not version.startswith("HTTP/"): raise _BadRequestException( "Malformed HTTP version in HTTP Request-Line") try: headers = httputil.HTTPHeaders.parse(data[eol:]) content_length = int(headers.get("Content-Length", 0)) except ValueError: raise _BadRequestException("Malformed Content-Length header") self._request = HTTPRequest(connection=self, method=method, uri=uri, version=version, headers=headers, remote_ip=self._remote_ip) if content_length: megabytes = int(content_length) / (1024 * 1024) if megabytes > GLSettings.memory_copy.maximum_filesize: raise _BadRequestException( "Request exceeded size limit %d" % GLSettings.memory_copy.maximum_filesize) if headers.get("Expect") == "100-continue": self.transport.write("HTTP/1.1 100 (Continue)\r\n\r\n") if content_length < 100000: self._contentbuffer = StringIO() else: self._contentbuffer = GLSecureTemporaryFile( GLSettings.tmp_upload_path) self.content_length = content_length self.setRawMode() return self.request_callback(self._request) except _BadRequestException as e: log.msg("Exception while handling HTTP request from %s: %s" % (self._remote_ip, e)) self.transport.loseConnection()
def _on_headers(self, data): try: data = native_str(data.decode("latin1")) eol = data.find("\r\n") start_line = data[:eol] try: method, uri, version = start_line.split(" ") except ValueError: raise _BadRequestException("Malformed HTTP request line") if not version.startswith("HTTP/"): raise _BadRequestException( "Malformed HTTP version in HTTP Request-Line") try: headers = httputil.HTTPHeaders.parse(data[eol:]) content_length = int(headers.get("Content-Length", 0)) except ValueError: raise _BadRequestException( "Malformed Content-Length header") self._request = HTTPRequest( connection=self, method=method, uri=uri, version=version, headers=headers, remote_ip=self._remote_ip) if content_length: megabytes = int(content_length) / (1024 * 1024) if megabytes > GLSettings.memory_copy.maximum_filesize: raise _BadRequestException("Request exceeded size limit %d" % GLSettings.memory_copy.maximum_filesize) if headers.get("Expect") == "100-continue": self.transport.write("HTTP/1.1 100 (Continue)\r\n\r\n") if content_length < 100000: self._contentbuffer = StringIO() else: self._contentbuffer = GLSecureTemporaryFile(GLSettings.tmp_upload_path) self.content_length = content_length self.setRawMode() return self.request_callback(self._request) except _BadRequestException as e: log.msg("Exception while handling HTTP request from %s: %s" % (self._remote_ip, e)) self.transport.loseConnection()
def _on_headers(self, data): try: data = native_str(data.decode("latin1")) eol = data.find("\r\n") start_line = data[:eol] try: method, uri, version = start_line.split(" ") except ValueError: raise _BadRequestException("Malformed HTTP request line") if not version.startswith("HTTP/"): raise _BadRequestException( "Malformed HTTP version in HTTP Request-Line") headers = httputil.HTTPHeaders.parse(data[eol:]) self._request = HTTPRequest( connection=self, method=method, uri=uri, version=version, headers=headers, remote_ip=self._remote_ip) try: self.content_length = int(headers.get("Content-Length", 0)) except ValueError: raise _BadRequestException("Malformed Content-Length header") # we always use secure temporary files in case of large json or file uploads if self.content_length < 100000 and self._request.headers.get("Content-Disposition") is None: self._contentbuffer = StringIO('') else: self._contentbuffer = GLSecureTemporaryFile(GLSetting.tmp_upload_path) if headers.get("Expect") == "100-continue": self.transport.write("HTTP/1.1 100 (Continue)\r\n\r\n") c_d_header = self._request.headers.get("Content-Disposition") if c_d_header is not None: key, pdict = parse_header(c_d_header) if key != 'attachment' or 'filename' not in pdict: raise _BadRequestException("Malformed Content-Disposition header") self.file_upload = True self.uploaded_file['filename'] = pdict['filename'] self.uploaded_file['content_type'] = self._request.headers.get("Content-Type", 'application/octet-stream') self.uploaded_file['body'] = self._contentbuffer self.uploaded_file['body_len'] = int(self.content_length) self.uploaded_file['body_filepath'] = self._contentbuffer.filepath megabytes = int(self.content_length) / (1024 * 1024) if self.file_upload: limit_type = "upload" limit = GLSetting.memory_copy.maximum_filesize else: limit_type = "json" limit = 1000000 # 1MB fixme: add GLSetting.memory_copy.maximum_jsonsize # is 1MB probably too high. probably this variable must be in kB # less than 1 megabytes is always accepted if megabytes > limit: log.err("Tried %s request larger than expected (%dMb > %dMb)" % (limit_type, megabytes, limit)) # In HTTP Protocol errors need to be managed differently than handlers raise errors.HTTPRawLimitReach if self.content_length > 0: self.setRawMode() return elif self.file_upload: self._on_request_body(self.uploaded_file) self.file_upload = False self.uploaded_file = {} return self.request_callback(self._request) except Exception as exception: log.msg("Malformed HTTP request from %s: %s" % (self._remote_ip, exception)) log.exception(exception) if self._request: self._request.finish() if self.transport: self.transport.loseConnection()
def _on_headers(self, data): try: data = native_str(data.decode("latin1")) eol = data.find("\r\n") start_line = data[:eol] try: method, uri, version = start_line.split(" ") except ValueError: raise _BadRequestException("Malformed HTTP request line") if not version.startswith("HTTP/"): raise _BadRequestException("Malformed HTTP version in HTTP Request-Line") headers = httputil.HTTPHeaders.parse(data[eol:]) self._request = HTTPRequest( connection=self, method=method, uri=uri, version=version, headers=headers, remote_ip=self._remote_ip ) content_length = int(headers.get("Content-Length", 0)) self.content_length = content_length if content_length: if headers.get("Expect") == "100-continue": self.transport.write("HTTP/1.1 100 (Continue)\r\n\r\n") if content_length < 100000: self._contentbuffer = StringIO("") else: self._contentbuffer = TemporaryFile() c_d_header = self._request.headers.get("Content-Disposition") if c_d_header is not None: c_d_header = c_d_header.lower() m = content_disposition_re.match(c_d_header) if m is None: raise Exception self.file_upload = True self.uploaded_file["filename"] = m.group(1) self.uploaded_file["content_type"] = self._request.headers.get( "Content-Type", "application/octet-stream" ) self.uploaded_file["body"] = self._contentbuffer self.uploaded_file["body_len"] = int(content_length) megabytes = int(content_length) / (1024 * 1024) if self.file_upload: limit_type = "upload" limit = GLSetting.memory_copy.maximum_filesize else: limit_type = "json" limit = 1000000 # 1MB fixme: add GLSetting.memory_copy.maximum_jsonsize # is 1MB probably too high. probably this variable must be # in kB # less than 1 megabytes is always accepted if megabytes > limit: log.err("Tried %s request larger than expected (%dMb > %dMb)" % (limit_type, megabytes, limit)) # In HTTP Protocol errors need to be managed differently than handlers raise errors.HTTPRawLimitReach self.setRawMode() return self.request_callback(self._request) except Exception as exception: log.msg("Malformed HTTP request from %s: %s" % (self._remote_ip, exception)) log.exception(exception) if self._request: self._request.finish() if self.transport: self.transport.loseConnection()