Bug in HTCache? from James Gallagher on 2000-03-15 (www-lib@w3.org from January to March 2000)

From: James Gallagher <jimg@dcz.dods.org>
Date: Tue, 14 Mar 2000 21:14:08 -0800 (PST)
To: www-lib@w3.org
Message-ID: <14543.7200.651465.289528@dcz.dods.org>

Hi,

I've been using the HTTP 1.1 cache and think I've found a bug. If a URL has a
query string and that query includes a comma, then the cache index file
records bogus information for that URL. I *think* this is bug because I'm not
sure that commas, etc. are really legal in URLs. However, I've got an
application that uses them, so I needed a fix. Included are my patches for
HTCache.c to enable the cache to work with URLs that contain "," ";" "=" "<,>"
or "(,)" characters. Also, I discovered that the documentation for
HTNextLWSToken (in HTWWWStr.c) was off a bit, so I'm including a patch for
that, too.

--- src-old/HTCache.c	Tue Mar 14 20:58:49 2000
+++ src/HTCache.c	Tue Mar 14 20:51:44 2000
@@ -348,9 +348,22 @@
 	**  Read the line and create the cache object
 	*/
 	{
+#if 0
 	    char * url = HTNextField(&line);
 	    char * cachename = HTNextField(&line);
 	    char * etag = HTNextField(&line);
+#endif
+	    /* Changed from HTNextField(...) to HTNextLWSToken(...).
+	       HTNextField uses spaces "," ";" "<" etc. as delimiters.
+	       However, some of those characters might appear in the query
+	       section of a URL (e.g., http://...cgi?param=val). Using
+	       HTNextField causes a bogus entry to appear in the cache index
+	       file since `val' is parsed as the cache name and not part of
+	       the url. Switching to HTNextLWSToken fixes this. 3/14/2000
+	       jhrg */ 
+	    char * url = HTNextLWSToken(&line);
+	    char * cachename = HTNextLWSToken(&line);
+	    char * etag = HTNextLWSToken(&line);
 	    StrAllocCopy(cache->url, url);
 	    StrAllocCopy(cache->cachename, cachename);
 	    if (strcmp(etag, HT_CACHE_EMPTY_ETAG)) StrAllocCopy(cache->etag, etag);
@@ -1366,16 +1379,9 @@
 	    HTParentAnchor * anchor = HTRequest_anchor(request);
 	    HTCache * cache = HTCache_find(anchor);
 	    if (cache) {
-		/* 
-		** If we receive a 204 and the method is unsafe then we have
-		** to delete the cache body but not the header information
-		*/
-		if (status == 204) {
+		if (status == 204)
 		    HTCache_updateMeta(cache, request, response);
-		    cache->size = 0;
-		    cache->range = YES;
-		    REMOVE(cache->cachename);
-		} else
+		else
 		    HTCache_remove(cache);
 	    }
 	    HTCache_touch(request, response, anchor);

--- src-old/HTWWWStr.c	Tue Mar 14 20:58:56 2000
+++ src/HTWWWStr.c	Tue Mar 14 20:52:38 2000
@@ -87,9 +87,7 @@
 **	-----------------------------
 **	On entry,
 **	*pstr	points to a string containing a word separated
-**		by white white space "," ";" or "=". The word
-**		can optionally be quoted using <"> or "<" ">"
-**		Comments surrrounded by '(' ')' are filtered out
+**		by white white space. 
 **
 ** 	On exit,
 **	*pstr	has been moved to the first delimiter past the

James

-- 
__________________________________________________________________________
James Gallagher		         The Distributed Oceanographic Data System
jgallagher@gso.uri.edu               http://unidata.ucar.edu/packages/dods
Voice: 541.757.7992					 Fax: 541.758.3254

Received on Wednesday, 15 March 2000 00:14:19 UTC