#pragma once
#include <wtf/Forward.h>
#include <wtf/HashSet.h>
#include <wtf/Optional.h>
#include <wtf/WallTime.h>
#include <wtf/text/StringHash.h>
#include <wtf/text/WTFString.h>
namespace WebCore {
typedef HashSet<String, ASCIICaseInsensitiveHash> HTTPHeaderSet;
enum class HTTPHeaderName;
enum class XSSProtectionDisposition {
Invalid,
Disabled,
Enabled,
BlockEnabled,
};
enum ContentTypeOptionsDisposition {
ContentTypeOptionsNone,
ContentTypeOptionsNosniff
};
enum XFrameOptionsDisposition {
XFrameOptionsNone,
XFrameOptionsDeny,
XFrameOptionsSameOrigin,
XFrameOptionsAllowAll,
XFrameOptionsInvalid,
XFrameOptionsConflict
};
bool isValidReasonPhrase(const String&);
bool isValidHTTPHeaderValue(const String&);
bool isValidAcceptHeaderValue(const String&);
bool isValidLanguageHeaderValue(const String&);
bool isValidHTTPToken(const String&);
bool parseHTTPRefresh(const String& refresh, double& delay, String& url);
std::optional<WallTime> parseHTTPDate(const String&);
String filenameFromHTTPContentDisposition(const String&);
String extractMIMETypeFromMediaType(const String&);
String extractCharsetFromMediaType(const String&);
void findCharsetInMediaType(const String& mediaType, unsigned int& charsetPos, unsigned int& charsetLen, unsigned int start = 0);
XSSProtectionDisposition parseXSSProtectionHeader(const String& header, String& failureReason, unsigned& failurePosition, String& reportURL);
AtomicString extractReasonPhraseFromHTTPStatusLine(const String&);
XFrameOptionsDisposition parseXFrameOptionsHeader(const String&);
WEBCORE_EXPORT bool parseRange(const String&, long long& rangeOffset, long long& rangeEnd, long long& rangeSuffixLength);
ContentTypeOptionsDisposition parseContentTypeOptionsHeader(const String& header);
enum HTTPVersion { Unknown, HTTP_1_0, HTTP_1_1 };
size_t parseHTTPRequestLine(const char* data, size_t length, String& failureReason, String& method, String& url, HTTPVersion&);
size_t parseHTTPHeader(const char* data, size_t length, String& failureReason, StringView& nameStr, String& valueStr, bool strict = true);
size_t parseHTTPRequestBody(const char* data, size_t length, Vector<unsigned char>& body);
void parseAccessControlExposeHeadersAllowList(const String& headerValue, HTTPHeaderSet&);
bool isForbiddenHeaderName(const String&);
bool isForbiddenResponseHeaderName(const String&);
bool isForbiddenMethod(const String&);
bool isSimpleHeader(const String& name, const String& value);
bool isCrossOriginSafeHeader(HTTPHeaderName, const HTTPHeaderSet&);
bool isCrossOriginSafeHeader(const String&, const HTTPHeaderSet&);
bool isCrossOriginSafeRequestHeader(HTTPHeaderName, const String&);
String normalizeHTTPMethod(const String&);
inline bool isHTTPSpace(UChar character)
{
return character <= ' ' && (character == ' ' || character == '\n' || character == '\t' || character == '\r');
}
inline String stripLeadingAndTrailingHTTPSpaces(const String& string)
{
return string.stripLeadingAndTrailingCharacters(isHTTPSpace);
}
inline StringView stripLeadingAndTrailingHTTPSpaces(StringView string)
{
return string.stripLeadingAndTrailingMatchedCharacters(isHTTPSpace);
}
}