Page MenuHomePhabricator
Files F14362773

D5747.id18879.diff
No OneTemporary
Actions

D5747.id18879.diff
View Options

diff --git a/src/httpserver.cpp b/src/httpserver.cpp
--- a/src/httpserver.cpp
+++ b/src/httpserver.cpp
@@ -233,22 +233,30 @@
}
auto hreq = std::make_unique<HTTPRequest>(req);
- LogPrint(BCLog::HTTP, "Received a %s request for %s from %s\n",
- RequestMethodString(hreq->GetRequestMethod()), hreq->GetURI(),
- hreq->GetPeer().ToString());
-
// Early address-based allow check
if (!ClientAllowed(hreq->GetPeer())) {
+ LogPrint(BCLog::HTTP,
+ "HTTP request from %s rejected: Client network is not allowed "
+ "RPC access\n",
+ hreq->GetPeer().ToString());
hreq->WriteReply(HTTP_FORBIDDEN);
return;
}
// Early reject unknown HTTP methods
if (hreq->GetRequestMethod() == HTTPRequest::UNKNOWN) {
+ LogPrint(BCLog::HTTP,
+ "HTTP request from %s rejected: Unknown HTTP request method\n",
+ hreq->GetPeer().ToString());
hreq->WriteReply(HTTP_BADMETHOD);
return;
}
+ LogPrint(BCLog::HTTP, "Received a %s request for %s from %s\n",
+ RequestMethodString(hreq->GetRequestMethod()),
+ SanitizeString(hreq->GetURI(), SAFE_CHARS_URI).substr(0, 100),
+ hreq->GetPeer().ToString());
+
// Find registered handler for prefix
std::string strURI = hreq->GetURI();
std::string path;
diff --git a/src/util/strencodings.h b/src/util/strencodings.h
--- a/src/util/strencodings.h
+++ b/src/util/strencodings.h
@@ -29,6 +29,8 @@
SAFE_CHARS_UA_COMMENT,
//! Chars allowed in filenames
SAFE_CHARS_FILENAME,
+ //! Chars allowed in URIs (RFC 3986)
+ SAFE_CHARS_URI,
};
/**
diff --git a/src/util/strencodings.cpp b/src/util/strencodings.cpp
--- a/src/util/strencodings.cpp
+++ b/src/util/strencodings.cpp
@@ -23,6 +23,8 @@
CHARS_ALPHA_NUM + " .,;-_?@",
// SAFE_CHARS_FILENAME
CHARS_ALPHA_NUM + ".-_",
+ // SAFE_CHARS_URI
+ CHARS_ALPHA_NUM + "!*'();:@&=+$,/?#[]-_.~%",
};
std::string SanitizeString(const std::string &str, int rule) {

File Metadata

Mime Type
text/plain
Expires
Mon, May 12, 01:48 (20 h, 52 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5736909
Default Alt Text
D5747.id18879.diff (2 KB)

Event Timeline