summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorcathugger <cathugger@cock.li>2019-06-05 00:49:15 +0300
committerMax Kellermann <max@musicpd.org>2019-06-05 21:53:46 +0200
commitf9ca2f52c17aa037c5cffb28b9052a4003cad36d (patch)
tree0053ae764ef732bbb5fadc79f3b876db429ad2d2 /src
parent4b81cf0c2c62d3591750037a8260b7e074d687c0 (diff)
output/httpd: reject some well-known request paths
Return `404 not found` for some common well-known paths, as clients requesting them usually do that automatically and don't expect endless audio stram. Closes #572
Diffstat (limited to 'src')
-rw-r--r--src/output/plugins/httpd/HttpdClient.cxx22
-rw-r--r--src/output/plugins/httpd/HttpdClient.hxx5
2 files changed, 25 insertions, 2 deletions
diff --git a/src/output/plugins/httpd/HttpdClient.cxx b/src/output/plugins/httpd/HttpdClient.cxx
index 3de895092..40435fae1 100644
--- a/src/output/plugins/httpd/HttpdClient.cxx
+++ b/src/output/plugins/httpd/HttpdClient.cxx
@@ -83,6 +83,17 @@ HttpdClient::HandleLine(const char *line) noexcept
return false;
}
+ /* blacklist some well-known request paths */
+ if ((strncmp(line, "favicon.ico", 11) == 0 &&
+ (line[11] == '\0' || line[11] == ' ')) ||
+ (strncmp(line, "robots.txt", 10) == 0 &&
+ (line[10] == '\0' || line[10] == ' ')) ||
+ (strncmp(line, "sitemap.xml", 11) == 0 &&
+ (line[11] == '\0' || line[11] == ' ')) ||
+ (strncmp(line, ".well-known/", 12) == 0)) {
+ should_reject = true;
+ }
+
line = strchr(line, ' ');
if (line == nullptr || strncmp(line + 1, "HTTP/", 5) != 0) {
/* HTTP/0.9 without request headers */
@@ -129,7 +140,14 @@ HttpdClient::SendResponse() noexcept
assert(state == State::RESPONSE);
- if (metadata_requested) {
+ if (should_reject) {
+ response =
+ "HTTP/1.1 404 not found\r\n"
+ "Content-Type: text/plain\r\n"
+ "Connection: close\r\n"
+ "\r\n"
+ "404 not found";
+ } else if (metadata_requested) {
allocated =
icy_server_metadata_header(httpd.name, httpd.genre,
httpd.website,
@@ -415,7 +433,7 @@ HttpdClient::OnSocketInput(void *data, size_t length) noexcept
if (!SendResponse())
return InputResult::CLOSED;
- if (head_method) {
+ if (head_method || should_reject) {
LockClose();
return InputResult::CLOSED;
}
diff --git a/src/output/plugins/httpd/HttpdClient.hxx b/src/output/plugins/httpd/HttpdClient.hxx
index 751d3f2c3..7977cf419 100644
--- a/src/output/plugins/httpd/HttpdClient.hxx
+++ b/src/output/plugins/httpd/HttpdClient.hxx
@@ -83,6 +83,11 @@ class HttpdClient final
*/
bool head_method = false;
+ /**
+ * Should we reject this request?
+ */
+ bool should_reject = false;
+
/* ICY */
/**