Class: Fluent::Plugin::HttpInput::Handler

Inherits:

Object

• Object
• Fluent::Plugin::HttpInput::Handler

Defined in:

lib/fluent/plugin/in_http.rb

Constant Summary

RES_200_STATUS =

"200 OK".freeze

RES_403_STATUS =

"403 Forbidden".freeze

Instance Attribute Summary

• #content_type ⇒ Object readonly

  Returns the value of attribute content_type.

Instance Method Summary

• #close ⇒ Object
• #closing? ⇒ Boolean
• #handle_get_request ⇒ Object

  Azure App Service sends GET requests for health checking purpose.

• #handle_options_request ⇒ Object

  Web browsers can send an OPTIONS request before performing POST to check if cross-origin requests are supported.

• #include_cors_allow_origin ⇒ Object
• #initialize(io, km, callback, body_size_limit, decompression_size_limit, format_name, log, cors_allow_origins, cors_allow_credentials, add_query_params) ⇒ Handler constructor

  A new instance of Handler.

• #on_body(chunk) ⇒ Object
• #on_close ⇒ Object
• #on_headers_complete(headers) ⇒ Object
• #on_message_begin ⇒ Object
• #on_message_complete ⇒ Object
• #on_read(data) ⇒ Object
• #on_write_complete ⇒ Object
• #parse_query(query) ⇒ Object
• #send_response(code, header, body) ⇒ Object
• #send_response_and_close(code, header, body) ⇒ Object
• #send_response_nobody(code, header) ⇒ Object
• #step_idle ⇒ Object

Constructor Details

#initialize(io, km, callback, body_size_limit, decompression_size_limit, format_name, log, cors_allow_origins, cors_allow_credentials, add_query_params) ⇒ Handler

Returns a new instance of Handler.

# File 'lib/fluent/plugin/in_http.rb', line 349

def initialize(io, km, callback, body_size_limit, decompression_size_limit, format_name, log,
               cors_allow_origins, cors_allow_credentials, add_query_params)
  @io = io
  @km = km
  @callback = callback
  @body_size_limit = body_size_limit
  @decompression_size_limit = decompression_size_limit
  @next_close = false
  @format_name = format_name
  @log = log
  @cors_allow_origins = cors_allow_origins
  @cors_allow_credentials = cors_allow_credentials
  @idle = 0
  @add_query_params = add_query_params
  @km.add(self)

  @remote_port, @remote_addr = io.remote_port, io.remote_addr
  @parser = Http::Parser.new(self)
end

Instance Attribute Details

#content_type ⇒ Object (readonly)

Returns the value of attribute content_type.

# File 'lib/fluent/plugin/in_http.rb', line 347

def content_type
  @content_type
end

Instance Method Details

#close ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 594

def close
  @io.close
end

#closing? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/fluent/plugin/in_http.rb', line 607

def closing?
  @next_close
end

#handle_get_request ⇒ Object

Azure App Service sends GET requests for health checking purpose. Respond with ‘200 OK` to accommodate it.

# File 'lib/fluent/plugin/in_http.rb', line 459

def handle_get_request
  return send_response_and_close(RES_200_STATUS, {}, "")
end

#handle_options_request ⇒ Object

Web browsers can send an OPTIONS request before performing POST to check if cross-origin requests are supported.

# File 'lib/fluent/plugin/in_http.rb', line 465

def handle_options_request
  # Is CORS enabled in the first place?
  if @cors_allow_origins.nil?
    return send_response_and_close(RES_403_STATUS, {}, "")
  end

  # in_http does not support HTTP methods except POST
  if @access_control_request_method != 'POST'
    return send_response_and_close(RES_403_STATUS, {}, "")
  end

  header = {
    "Access-Control-Allow-Methods" => "POST",
    "Access-Control-Allow-Headers" => @access_control_request_headers || "",
  }

  # Check the origin and send back a CORS response
  if @cors_allow_origins.include?('*')
    header["Access-Control-Allow-Origin"] = "*"
    send_response_and_close(RES_200_STATUS, header, "")
  elsif include_cors_allow_origin
    header["Access-Control-Allow-Origin"] = @origin
    if @cors_allow_credentials
      header["Access-Control-Allow-Credentials"] = true
    end
    send_response_and_close(RES_200_STATUS, header, "")
  else
    send_response_and_close(RES_403_STATUS, {}, "")
  end
end

#include_cors_allow_origin ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 634

def include_cors_allow_origin
  if @origin.nil?
    return false
  end

  if @cors_allow_origins.include?(@origin)
    return true
  end
  filtered_cors_allow_origins = @cors_allow_origins.select {|origin| origin != ""}
  r = filtered_cors_allow_origins.find do |origin|
    (start_str, end_str) = origin.split("*", 2)
    @origin.start_with?(start_str) && @origin.end_with?(end_str)
  end

  !r.nil?
end

#on_body(chunk) ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 444

def on_body(chunk)
  if @body.bytesize + chunk.bytesize > @body_size_limit
    unless closing?
      send_response_and_close("413 Request Entity Too Large", {}, "Too large")
    end
    return
  end
  @body << chunk
end

#on_close ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 373

def on_close
  @km.delete(self)
end

#on_headers_complete(headers) ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 390

def on_headers_complete(headers)
  expect = nil
  size = nil

  if @parser.http_version == [1, 1]
    @keep_alive = true
  else
    @keep_alive = false
  end
  @env = {}
  @content_type = ""
  @content_encoding = ""
  headers.each_pair {|k,v|
    @env["HTTP_#{k.tr('-','_').upcase}"] = v
    case k
    when /\AExpect\z/i
      expect = v
    when /\AContent-Length\Z/i
      size = v.to_i
    when /\AContent-Type\Z/i
      @content_type = v
    when /\AContent-Encoding\Z/i
      @content_encoding = v
    when /\AConnection\Z/i
      if /close/i.match?(v)
        @keep_alive = false
      elsif /Keep-alive/i.match?(v)
        @keep_alive = true
      end
    when /\AOrigin\Z/i
      @origin  = v
    when /\AX-Forwarded-For\Z/i
      # For multiple X-Forwarded-For headers. Use first header value.
      v = v.first if v.is_a?(Array)
      @remote_addr = v.split(",").first
    when /\AAccess-Control-Request-Method\Z/i
      @access_control_request_method = v
    when /\AAccess-Control-Request-Headers\Z/i
      @access_control_request_headers = v
    end
  }
  if expect
    if expect == '100-continue'.freeze
      if !size || size < @body_size_limit
        send_response_nobody("100 Continue", {})
      else
        send_response_and_close("413 Request Entity Too Large", {}, "Too large")
      end
    else
      send_response_and_close("417 Expectation Failed", {}, "")
    end
  end
end

#on_message_begin ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 386

def on_message_begin
  @body = ''
end

#on_message_complete ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 496

def on_message_complete
  return if closing?

  if @parser.http_method == 'GET'.freeze
    return handle_get_request()
  end

  if @parser.http_method == 'OPTIONS'.freeze
    return handle_options_request()
  end

  # CORS check
  # ==========
  # For every incoming request, we check if we have some CORS
  # restrictions and allow listed origins through @cors_allow_origins.
  # If origin is empty, it's likely a server-to-server request and considered safe.
  unless @cors_allow_origins.nil?
    unless @cors_allow_origins.include?('*') || include_cors_allow_origin || @origin.nil?
      send_response_and_close(RES_403_STATUS, {'Connection' => 'close'}, "")
      return
    end
  end

  # Content Encoding
  # =================
  # Decode payload according to the "Content-Encoding" header.
  # For now, we only support 'gzip' and 'deflate'.
  begin
    if @content_encoding == 'gzip'.freeze
      @body = Extractor.decompress_gzip(@body, limit: @decompression_size_limit)
    elsif @content_encoding == 'deflate'.freeze
      @body = Extractor.decompress_deflate(@body, limit: @decompression_size_limit)
    end
  rescue
    @log.warn 'fails to decode payload', error: $!.to_s
    send_response_and_close(RES_400_STATUS, {}, "")
    return
  end

  @env['REMOTE_ADDR'] = @remote_addr if @remote_addr

  uri = URI.parse(@parser.request_url)
  params = parse_query(uri.query)

  if @format_name != 'default'
    params[EVENT_RECORD_PARAMETER] = @body
  elsif /^application\/x-www-form-urlencoded/.match?(@content_type)
    params.update parse_query(@body)
  elsif @content_type =~ /^multipart\/form-data; boundary=(.+)/
    boundary = WEBrick::HTTPUtils.dequote($1)
    params.update WEBrick::HTTPUtils.parse_form_data(@body, boundary)
  elsif /^application\/json/.match?(@content_type)
    params['json'] = @body
  elsif /^application\/csp-report/.match?(@content_type)
    params['json'] = @body
  elsif /^application\/msgpack/.match?(@content_type)
    params['msgpack'] = @body
  elsif /^application\/x-ndjson/.match?(@content_type)
    params['ndjson'] = @body
  end
  path_info = uri.path

  if (@add_query_params)

    query_params = parse_query(uri.query)

    query_params.each_pair {|k,v|
      params["QUERY_#{k.tr('-','_').upcase}"] = v
    }
  end

  params.merge!(@env)

  @env.clear

  code, header, body = @callback.call(path_info, params)
  body = body.to_s
  header = header.dup if header.frozen?

  unless @cors_allow_origins.nil?
    if @cors_allow_origins.include?('*')
      header['Access-Control-Allow-Origin'] = '*'
    elsif include_cors_allow_origin
      header['Access-Control-Allow-Origin'] = @origin
      if @cors_allow_credentials
        header["Access-Control-Allow-Credentials"] = true
      end
    end
  end

  if @keep_alive
    header['Connection'] = 'Keep-Alive'.freeze
    send_response(code, header, body)
  else
    send_response_and_close(code, header, body)
  end
end

#on_read(data) ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 377

def on_read(data)
  @idle = 0
  @parser << data
rescue
  @log.warn "unexpected error", error: $!.to_s
  @log.warn_backtrace
  @io.close
end

#on_write_complete ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 598

def on_write_complete
  @io.close if @next_close
end

#parse_query(query) ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 651

def parse_query(query)
  query.nil? ? {} : Hash[URI.decode_www_form(query, Encoding::ASCII_8BIT)]
end

#send_response(code, header, body) ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 611

def send_response(code, header, body)
  header['Content-Length'] ||= body.bytesize
  header['Content-Type'] ||= 'text/plain'.freeze

  data = %[HTTP/1.1 #{code}\r\n]
  header.each_pair {|k,v|
    data << "#{k}: #{v}\r\n"
  }
  data << "\r\n".freeze
  @io.write(data)

  @io.write(body)
end

#send_response_and_close(code, header, body) ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 602

def send_response_and_close(code, header, body)
  send_response(code, header, body)
  @next_close = true
end

#send_response_nobody(code, header) ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 625

def send_response_nobody(code, header)
  data = %[HTTP/1.1 #{code}\r\n]
  header.each_pair {|k,v|
    data << "#{k}: #{v}\r\n"
  }
  data << "\r\n".freeze
  @io.write(data)
end

#step_idle ⇒ Object

# File 'lib/fluent/plugin/in_http.rb', line 369

def step_idle
  @idle += 1
end