From 071c52772e420aae8ecb01e88651281d80c138e9 Mon Sep 17 00:00:00 2001 From: Michael R Sweet Date: Tue, 5 Oct 2021 10:45:47 -0400 Subject: [PATCH] Add support for CORS/HSTS/OSCORE/Interative Client security headers (Issue #266) All this does is add HTTP_FIELD_xxx enumerations and the corresponding strings to allow libcups implementations of HTTP clients/servers that send/receive them. For the subject bug we'll still need to do a bunch of work in cupsd (later). --- cups/http.c | 14 +++++++++++++- cups/http.h | 21 ++++++++++++++++++++- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/cups/http.c b/cups/http.c index 15881aed0b..2b5acae145 100644 --- a/cups/http.c +++ b/cups/http.c @@ -107,7 +107,19 @@ static const char * const http_fields[] = "Accept-Encoding", "Allow", "Server", - "Authentication-Info" + "Authentication-Info", + "Access-Control-Allow-Credentials", + "Access-Control-Allow-Headers", + "Access-Control-Allow-Methods", + "Access-Control-Allow-Origin", + "Access-Control-Expose-Headers", + "Access-Control-Max-Age", + "Access-Control-Request-Headers", + "Access-Control-Request-Method", + "Optional-WWW-Authenticate", + "Origin", + "OSCORE", + "Strict-Transport-Security" }; diff --git a/cups/http.h b/cups/http.h index 57dd2ebcfb..6c45301e5e 100644 --- a/cups/http.h +++ b/cups/http.h @@ -176,7 +176,26 @@ typedef enum http_field_e /**** HTTP field names ****/ HTTP_FIELD_ACCEPT_ENCODING, /* Accepting-Encoding field @since CUPS 1.7/macOS 10.9@ */ HTTP_FIELD_ALLOW, /* Allow field @since CUPS 1.7/macOS 10.9@ */ HTTP_FIELD_SERVER, /* Server field @since CUPS 1.7/macOS 10.9@ */ - HTTP_FIELD_AUTHENTICATION_INFO, /* Authentication-Info field (@since CUPS 2.2.9) */ + HTTP_FIELD_AUTHENTICATION_INFO, /* Authentication-Info field @since CUPS 2.2.9@ */ + HTTP_FIELD_ACCESS_CONTROL_ALLOW_CREDENTIALS, + /* CORS/Fetch Access-Control-Allow-Cresdentials field @since CUPS 2.4@ */ + HTTP_FIELD_ACCESS_CONTROL_ALLOW_HEADERS, + /* CORS/Fetch Access-Control-Allow-Headers field @since CUPS 2.4@ */ + HTTP_FIELD_ACCESS_CONTROL_ALLOW_METHODS, + /* CORS/Fetch Access-Control-Allow-Methods field @since CUPS 2.4@ */ + HTTP_FIELD_ACCESS_CONTROL_ALLOW_ORIGIN, + /* CORS/Fetch Access-Control-Allow-Origin field @since CUPS 2.4@ */ + HTTP_FIELD_ACCESS_CONTROL_EXPOSE_HEADERS, + /* CORS/Fetch Access-Control-Expose-Headers field @since CUPS 2.4@ */ + HTTP_FIELD_ACCESS_CONTROL_MAX_AGE, /* CORS/Fetch Access-Control-Max-Age field @since CUPS 2.4@ */ + HTTP_FIELD_ACCESS_CONTROL_REQUEST_HEADERS, + /* CORS/Fetch Access-Control-Request-Headers field @since CUPS 2.4@ */ + HTTP_FIELD_ACCESS_CONTROL_REQUEST_METHOD, + /* CORS/Fetch Access-Control-Request-Method field @since CUPS 2.4@ */ + HTTP_FIELD_OPTIONAL_WWW_AUTHENTICATE, /* RFC 8053 Optional-WWW-Authenticate field @since CUPS 2.4@ */ + HTTP_FIELD_ORIGIN, /* RFC 6454 Origin field @since CUPS 2.4@ */ + HTTP_FIELD_OSCORE, /* RFC 8613 OSCORE field @since CUPS 2.4@ */ + HTTP_FIELD_STRICT_TRANSPORT_SECURITY, /* HSTS Strict-Transport-Security field @since CUPS 2.4@ */ HTTP_FIELD_MAX /* Maximum field index */ } http_field_t;