Add support for CORS/HSTS/OSCORE/Interative Client security headers (…

…Issue #266) All this does is add HTTP_FIELD_xxx enumerations and the corresponding strings to allow libcups implementations of HTTP clients/servers that send/receive them. For the subject bug we'll still need to do a bunch of work in cupsd (later).
OpenPrinting · Oct 5, 2021 · bccf2f9 · bccf2f9
1 parent aecf854
commit bccf2f9
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 2 deletions.
diff --git a/cups/http.c b/cups/http.c
@@ -107,7 +107,19 @@ static const char * const http_fields[] =
 			  "Accept-Encoding",
 			  "Allow",
 			  "Server",
-			  "Authentication-Info"
+			  "Authentication-Info",
+			  "Access-Control-Allow-Credentials",
+			  "Access-Control-Allow-Headers",
+			  "Access-Control-Allow-Methods",
+			  "Access-Control-Allow-Origin",
+			  "Access-Control-Expose-Headers",
+			  "Access-Control-Max-Age",
+			  "Access-Control-Request-Headers",
+			  "Access-Control-Request-Method",
+			  "Optional-WWW-Authenticate",
+			  "Origin",
+			  "OSCORE",
+			  "Strict-Transport-Security"
 			};
 
 

diff --git a/cups/http.h b/cups/http.h
@@ -176,7 +176,26 @@ typedef enum http_field_e		/**** HTTP field names ****/
   HTTP_FIELD_ACCEPT_ENCODING,		/* Accepting-Encoding field @since CUPS 1.7/macOS 10.9@ */
   HTTP_FIELD_ALLOW,			/* Allow field @since CUPS 1.7/macOS 10.9@ */
   HTTP_FIELD_SERVER,			/* Server field @since CUPS 1.7/macOS 10.9@ */
-  HTTP_FIELD_AUTHENTICATION_INFO,	/* Authentication-Info field (@since CUPS 2.2.9) */
+  HTTP_FIELD_AUTHENTICATION_INFO,	/* Authentication-Info field @since CUPS 2.2.9@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_CREDENTIALS,
+					/* CORS/Fetch Access-Control-Allow-Cresdentials field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_HEADERS,
+					/* CORS/Fetch Access-Control-Allow-Headers field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_METHODS,
+					/* CORS/Fetch Access-Control-Allow-Methods field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_ALLOW_ORIGIN,
+					/* CORS/Fetch Access-Control-Allow-Origin field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_EXPOSE_HEADERS,
+					/* CORS/Fetch Access-Control-Expose-Headers field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_MAX_AGE,	/* CORS/Fetch Access-Control-Max-Age field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_REQUEST_HEADERS,
+					/* CORS/Fetch Access-Control-Request-Headers field @since CUPS 2.4@ */
+  HTTP_FIELD_ACCESS_CONTROL_REQUEST_METHOD,
+					/* CORS/Fetch Access-Control-Request-Method field @since CUPS 2.4@ */
+  HTTP_FIELD_OPTIONAL_WWW_AUTHENTICATE,	/* RFC 8053 Optional-WWW-Authenticate field @since CUPS 2.4@ */
+  HTTP_FIELD_ORIGIN,			/* RFC 6454 Origin field @since CUPS 2.4@ */
+  HTTP_FIELD_OSCORE,			/* RFC 8613 OSCORE field @since CUPS 2.4@ */
+  HTTP_FIELD_STRICT_TRANSPORT_SECURITY,	/* HSTS Strict-Transport-Security field @since CUPS 2.4@ */
   HTTP_FIELD_MAX			/* Maximum field index */
 } http_field_t;