#include <htp.h>
The configuration structure associated with this transaction.
The connection to which this transaction belongs.
The connection parsed associated with this transaction.
unsigned int htp_tx_t::flags |
Parsing flags: HTP_INVALID_CHUNKING, HTP_INVALID_FOLDING, HTP_REQUEST_SMUGGLING, HTP_MULTI_PACKET_HEAD, HTP_FIELD_UNPARSEABLE.
Transaction-specific REQUEST_BODY_DATA hook. Behaves as the configuration hook with the same name.
Transaction-specific RESPONSE_BODY_DATA hook. Behaves as the configuration hook with the same name.
Is the configuration structure shared with other transactions or connections? As a rule of thumb transactions will initially share their configuration structure, but copy-on-write may be used when an attempt to modify configuration is detected.
This structure holds a parsed request_uri, with the missing information added (e.g., adding port number from the TCP information) and the fields normalized. This structure should be used to make decisions about a request. To inspect raw data, either use request_uri, or parsed_uri_incomplete.
This structure holds the individual components parsed out of the request URI. No attempt is made to normalize the contents or replace the missing pieces with defaults. The purpose of this field is to allow you to look at the data as it was supplied. Use parsed_uri when you need to act on data. Note that this field will never have the port as a number.
unsigned int htp_tx_t::progress |
Transaction progress. Look for the TX_PROGRESS_* constants for more information.
Is this request using a short-style HTTP/0.9 request?
Compression: COMPRESSION_NONE, COMPRESSION_GZIP or COMPRESSION_DEFLATE.
This field will contain the request content type when that information is available in request headers. The contents of the field will be converted to lowercase and any parameters (e.g., character set information) removed.
Request cookies
size_t htp_tx_t::request_entity_len |
The actual entity length (the length _before_ transformations have been applied). This field will change as a request body is being received, with the final value available once the entire body has been received.
TODO The length of the files uploaded using multipart/form-data, or in a request that uses PUT (in which case this field will be equal to the entity length field). This field will be zero in all other cases.
Original request header lines. This list stores instances of htp_header_line_t.
How many request headers were there before trailers?
Parsed request headers.
Contains raw request headers. This field is generated on demand, use htp_tx_get_request_headers_raw() to get it.
How many request header lines have been included in the raw buffer (above).
Contains request header separator.
unsigned int htp_tx_t::request_ignored_lines |
The first line of this request.
How many NUL bytes are there in the request line?
The offset of the first NUL byte.
The first line of this request including ws+line terminator(s).
The actual message length (the length _after_ transformations have been applied). This field will change as a request body is being received, with the final value available once the entire body has been received.
Request method.
Request method, as number. Available only if we were able to recognize the request method.
Request body MULTIPART parser. Available only when the body is in the multipart/form-data format and when the parser was invoked in configuration.
TODO The length of the data transmitted in a request body, minus the length of the files (if any). At worst, this field will be equal to the entity length if the entity encoding is not recognized. If we recognise the encoding (e.g., if it is application/x-www-form-urlencoded or multipart/form-data), the decoder may be able to separate the data from everything else, in which case the value in this field will be lower.
Parameters from request body.
Parameters from the query string.
Request protocol, as text.
Protocol version as a number: -1 means unknown, 9 (HTTP_0_9) means 0.9, 100 (HTTP_1_0) means 1.0 and 101 (HTTP_1_1) means 1.1.
Request transfer coding: IDENTITY or CHUNKED. Only available on requests that have bodies (-1 otherwise).
Request URI, raw, as given to us on the request line.
Normalized request URI as a single string. The availability of this field depends on configuration. Use htp_config_set_generate_request_uri_normalized() to ask for the field to be generated.
Request body URLENCODED parser. Available only when the request body is in the application/x-www-form-urlencoded format.
Query string URLENCODED parser. Available only when the query string is not NULL and not empty.
Compression; currently COMPRESSION_NONE or COMPRESSION_GZIP.
The actual entity length (the length _before_ transformations have been applied). This field will change as a request body is being received, with the final value available once the entire body has been received.
Original response header lines.
Parsed response headers.
Contains response header separator.
unsigned int htp_tx_t::response_ignored_lines |
How many empty lines did we ignore before reaching the status line?
Response line.
Response line including ws+line terminator(s).
The message associated with the response status code.
The actual message length (the length _after_ transformations have been applied). This field will change as a request body is being received, with the final value available once the entire body has been received.
Response protocol, as text.
Response protocol as number. Only available if we were able to parse the protocol version.
Response status code, as text.
This field is set by the protocol decoder with it thinks that the backend server will reject a request with a particular status code.
Response status code, available only if we were able to parse it.
Response transfer coding: IDENTITY or CHUNKED. Only available on responses that have bodies.
Have we seen the server respond with a 100 response?
void* htp_tx_t::user_data |
The user data associated with this transaction.