wininet: Move insertion of cookie header from HttpOpenRequest to HttpSendRequest.
[wine] / dlls / wininet / http.c
1 /*
2  * Wininet - Http Implementation
3  *
4  * Copyright 1999 Corel Corporation
5  * Copyright 2002 CodeWeavers Inc.
6  * Copyright 2002 TransGaming Technologies Inc.
7  * Copyright 2004 Mike McCormack for CodeWeavers
8  * Copyright 2005 Aric Stewart for CodeWeavers
9  * Copyright 2006 Robert Shearman for CodeWeavers
10  *
11  * Ulrich Czekalla
12  * David Hammerton
13  *
14  * This library is free software; you can redistribute it and/or
15  * modify it under the terms of the GNU Lesser General Public
16  * License as published by the Free Software Foundation; either
17  * version 2.1 of the License, or (at your option) any later version.
18  *
19  * This library is distributed in the hope that it will be useful,
20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22  * Lesser General Public License for more details.
23  *
24  * You should have received a copy of the GNU Lesser General Public
25  * License along with this library; if not, write to the Free Software
26  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
27  */
28
29 #include "config.h"
30 #include "wine/port.h"
31
32 #include <sys/types.h>
33 #ifdef HAVE_SYS_SOCKET_H
34 # include <sys/socket.h>
35 #endif
36 #ifdef HAVE_ARPA_INET_H
37 # include <arpa/inet.h>
38 #endif
39 #include <stdarg.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42 #ifdef HAVE_UNISTD_H
43 # include <unistd.h>
44 #endif
45 #include <time.h>
46 #include <assert.h>
47
48 #include "windef.h"
49 #include "winbase.h"
50 #include "wininet.h"
51 #include "winerror.h"
52 #define NO_SHLWAPI_STREAM
53 #define NO_SHLWAPI_REG
54 #define NO_SHLWAPI_STRFCNS
55 #define NO_SHLWAPI_GDI
56 #include "shlwapi.h"
57 #include "sspi.h"
58 #include "wincrypt.h"
59
60 #include "internet.h"
61 #include "wine/debug.h"
62 #include "wine/unicode.h"
63
64 WINE_DEFAULT_DEBUG_CHANNEL(wininet);
65
66 static const WCHAR g_szHttp1_0[] = {'H','T','T','P','/','1','.','0',0};
67 static const WCHAR g_szHttp1_1[] = {'H','T','T','P','/','1','.','1',0};
68 static const WCHAR g_szReferer[] = {'R','e','f','e','r','e','r',0};
69 static const WCHAR g_szAccept[] = {'A','c','c','e','p','t',0};
70 static const WCHAR g_szUserAgent[] = {'U','s','e','r','-','A','g','e','n','t',0};
71 static const WCHAR szHost[] = { 'H','o','s','t',0 };
72 static const WCHAR szAuthorization[] = { 'A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
73 static const WCHAR szProxy_Authorization[] = { 'P','r','o','x','y','-','A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
74 static const WCHAR szStatus[] = { 'S','t','a','t','u','s',0 };
75 static const WCHAR szKeepAlive[] = {'K','e','e','p','-','A','l','i','v','e',0};
76 static const WCHAR szGET[] = { 'G','E','T', 0 };
77
78 #define MAXHOSTNAME 100
79 #define MAX_FIELD_VALUE_LEN 256
80 #define MAX_FIELD_LEN 256
81
82 #define HTTP_REFERER    g_szReferer
83 #define HTTP_ACCEPT     g_szAccept
84 #define HTTP_USERAGENT  g_szUserAgent
85
86 #define HTTP_ADDHDR_FLAG_ADD                            0x20000000
87 #define HTTP_ADDHDR_FLAG_ADD_IF_NEW                     0x10000000
88 #define HTTP_ADDHDR_FLAG_COALESCE                       0x40000000
89 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA            0x40000000
90 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON        0x01000000
91 #define HTTP_ADDHDR_FLAG_REPLACE                        0x80000000
92 #define HTTP_ADDHDR_FLAG_REQ                            0x02000000
93
94 #define ARRAYSIZE(array) (sizeof(array)/sizeof((array)[0]))
95
96 struct HttpAuthInfo
97 {
98     LPWSTR scheme;
99     CredHandle cred;
100     CtxtHandle ctx;
101     TimeStamp exp;
102     ULONG attr;
103     ULONG max_token;
104     void *auth_data;
105     unsigned int auth_data_len;
106     BOOL finished; /* finished authenticating */
107 };
108
109 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr);
110 static BOOL HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr, BOOL clear);
111 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier);
112 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer);
113 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr);
114 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField, INT index, BOOL Request);
115 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index);
116 static LPWSTR HTTP_build_req( LPCWSTR *list, int len );
117 static BOOL WINAPI HTTP_HttpQueryInfoW( LPWININETHTTPREQW lpwhr, DWORD
118         dwInfoLevel, LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD
119         lpdwIndex);
120 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl);
121 static UINT HTTP_DecodeBase64(LPCWSTR base64, LPSTR bin);
122 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field);
123 static void HTTP_DrainContent(WININETHTTPREQW *req);
124
125 LPHTTPHEADERW HTTP_GetHeader(LPWININETHTTPREQW req, LPCWSTR head)
126 {
127     int HeaderIndex = 0;
128     HeaderIndex = HTTP_GetCustomHeaderIndex(req, head, 0, TRUE);
129     if (HeaderIndex == -1)
130         return NULL;
131     else
132         return &req->pCustHeaders[HeaderIndex];
133 }
134
135 /***********************************************************************
136  *           HTTP_Tokenize (internal)
137  *
138  *  Tokenize a string, allocating memory for the tokens.
139  */
140 static LPWSTR * HTTP_Tokenize(LPCWSTR string, LPCWSTR token_string)
141 {
142     LPWSTR * token_array;
143     int tokens = 0;
144     int i;
145     LPCWSTR next_token;
146
147     /* empty string has no tokens */
148     if (*string)
149         tokens++;
150     /* count tokens */
151     for (i = 0; string[i]; i++)
152         if (!strncmpW(string+i, token_string, strlenW(token_string)))
153         {
154             DWORD j;
155             tokens++;
156             /* we want to skip over separators, but not the null terminator */
157             for (j = 0; j < strlenW(token_string) - 1; j++)
158                 if (!string[i+j])
159                     break;
160             i += j;
161         }
162
163     /* add 1 for terminating NULL */
164     token_array = HeapAlloc(GetProcessHeap(), 0, (tokens+1) * sizeof(*token_array));
165     token_array[tokens] = NULL;
166     if (!tokens)
167         return token_array;
168     for (i = 0; i < tokens; i++)
169     {
170         int len;
171         next_token = strstrW(string, token_string);
172         if (!next_token) next_token = string+strlenW(string);
173         len = next_token - string;
174         token_array[i] = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
175         memcpy(token_array[i], string, len*sizeof(WCHAR));
176         token_array[i][len] = '\0';
177         string = next_token+strlenW(token_string);
178     }
179     return token_array;
180 }
181
182 /***********************************************************************
183  *           HTTP_FreeTokens (internal)
184  *
185  *  Frees memory returned from HTTP_Tokenize.
186  */
187 static void HTTP_FreeTokens(LPWSTR * token_array)
188 {
189     int i;
190     for (i = 0; token_array[i]; i++)
191         HeapFree(GetProcessHeap(), 0, token_array[i]);
192     HeapFree(GetProcessHeap(), 0, token_array);
193 }
194
195 /* **********************************************************************
196  * 
197  * Helper functions for the HttpSendRequest(Ex) functions
198  * 
199  */
200 static void AsyncHttpSendRequestProc(WORKREQUEST *workRequest)
201 {
202     struct WORKREQ_HTTPSENDREQUESTW const *req = &workRequest->u.HttpSendRequestW;
203     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) workRequest->hdr;
204
205     TRACE("%p\n", lpwhr);
206
207     HTTP_HttpSendRequestW(lpwhr, req->lpszHeader,
208             req->dwHeaderLength, req->lpOptional, req->dwOptionalLength,
209             req->dwContentLength, req->bEndRequest);
210
211     HeapFree(GetProcessHeap(), 0, req->lpszHeader);
212 }
213
214 static void HTTP_FixURL( LPWININETHTTPREQW lpwhr)
215 {
216     static const WCHAR szSlash[] = { '/',0 };
217     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/', 0 };
218
219     /* If we don't have a path we set it to root */
220     if (NULL == lpwhr->lpszPath)
221         lpwhr->lpszPath = WININET_strdupW(szSlash);
222     else /* remove \r and \n*/
223     {
224         int nLen = strlenW(lpwhr->lpszPath);
225         while ((nLen >0 ) && ((lpwhr->lpszPath[nLen-1] == '\r')||(lpwhr->lpszPath[nLen-1] == '\n')))
226         {
227             nLen--;
228             lpwhr->lpszPath[nLen]='\0';
229         }
230         /* Replace '\' with '/' */
231         while (nLen>0) {
232             nLen--;
233             if (lpwhr->lpszPath[nLen] == '\\') lpwhr->lpszPath[nLen]='/';
234         }
235     }
236
237     if(CSTR_EQUAL != CompareStringW( LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
238                        lpwhr->lpszPath, strlenW(lpwhr->lpszPath), szHttp, strlenW(szHttp) )
239        && lpwhr->lpszPath[0] != '/') /* not an absolute path ?? --> fix it !! */
240     {
241         WCHAR *fixurl = HeapAlloc(GetProcessHeap(), 0, 
242                              (strlenW(lpwhr->lpszPath) + 2)*sizeof(WCHAR));
243         *fixurl = '/';
244         strcpyW(fixurl + 1, lpwhr->lpszPath);
245         HeapFree( GetProcessHeap(), 0, lpwhr->lpszPath );
246         lpwhr->lpszPath = fixurl;
247     }
248 }
249
250 static LPWSTR HTTP_BuildHeaderRequestString( LPWININETHTTPREQW lpwhr, LPCWSTR verb, LPCWSTR path, LPCWSTR version )
251 {
252     LPWSTR requestString;
253     DWORD len, n;
254     LPCWSTR *req;
255     UINT i;
256     LPWSTR p;
257
258     static const WCHAR szSpace[] = { ' ',0 };
259     static const WCHAR szcrlf[] = {'\r','\n', 0};
260     static const WCHAR szColon[] = { ':',' ',0 };
261     static const WCHAR sztwocrlf[] = {'\r','\n','\r','\n', 0};
262
263     /* allocate space for an array of all the string pointers to be added */
264     len = (lpwhr->nCustHeaders)*4 + 10;
265     req = HeapAlloc( GetProcessHeap(), 0, len*sizeof(LPCWSTR) );
266
267     /* add the verb, path and HTTP version string */
268     n = 0;
269     req[n++] = verb;
270     req[n++] = szSpace;
271     req[n++] = path;
272     req[n++] = szSpace;
273     req[n++] = version;
274
275     /* Append custom request headers */
276     for (i = 0; i < lpwhr->nCustHeaders; i++)
277     {
278         if (lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST)
279         {
280             req[n++] = szcrlf;
281             req[n++] = lpwhr->pCustHeaders[i].lpszField;
282             req[n++] = szColon;
283             req[n++] = lpwhr->pCustHeaders[i].lpszValue;
284
285             TRACE("Adding custom header %s (%s)\n",
286                    debugstr_w(lpwhr->pCustHeaders[i].lpszField),
287                    debugstr_w(lpwhr->pCustHeaders[i].lpszValue));
288         }
289     }
290
291     if( n >= len )
292         ERR("oops. buffer overrun\n");
293
294     req[n] = NULL;
295     requestString = HTTP_build_req( req, 4 );
296     HeapFree( GetProcessHeap(), 0, req );
297
298     /*
299      * Set (header) termination string for request
300      * Make sure there's exactly two new lines at the end of the request
301      */
302     p = &requestString[strlenW(requestString)-1];
303     while ( (*p == '\n') || (*p == '\r') )
304        p--;
305     strcpyW( p+1, sztwocrlf );
306     
307     return requestString;
308 }
309
310 static void HTTP_ProcessCookies( LPWININETHTTPREQW lpwhr )
311 {
312     static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
313     int HeaderIndex;
314     LPHTTPHEADERW setCookieHeader;
315
316     HeaderIndex = HTTP_GetCustomHeaderIndex(lpwhr, szSet_Cookie, 0, FALSE);
317     if (HeaderIndex == -1)
318             return;
319     setCookieHeader = &lpwhr->pCustHeaders[HeaderIndex];
320
321     if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES) && setCookieHeader->lpszValue)
322     {
323         int nPosStart = 0, nPosEnd = 0, len;
324         static const WCHAR szFmt[] = { 'h','t','t','p',':','/','/','%','s','/',0};
325
326         while (setCookieHeader->lpszValue[nPosEnd] != '\0')
327         {
328             LPWSTR buf_cookie, cookie_name, cookie_data;
329             LPWSTR buf_url;
330             LPWSTR domain = NULL;
331             LPHTTPHEADERW Host;
332
333             int nEqualPos = 0;
334             while (setCookieHeader->lpszValue[nPosEnd] != ';' && setCookieHeader->lpszValue[nPosEnd] != ',' &&
335                    setCookieHeader->lpszValue[nPosEnd] != '\0')
336             {
337                 nPosEnd++;
338             }
339             if (setCookieHeader->lpszValue[nPosEnd] == ';')
340             {
341                 /* fixme: not case sensitive, strcasestr is gnu only */
342                 int nDomainPosEnd = 0;
343                 int nDomainPosStart = 0, nDomainLength = 0;
344                 static const WCHAR szDomain[] = {'d','o','m','a','i','n','=',0};
345                 LPWSTR lpszDomain = strstrW(&setCookieHeader->lpszValue[nPosEnd], szDomain);
346                 if (lpszDomain)
347                 { /* they have specified their own domain, lets use it */
348                     while (lpszDomain[nDomainPosEnd] != ';' && lpszDomain[nDomainPosEnd] != ',' &&
349                            lpszDomain[nDomainPosEnd] != '\0')
350                     {
351                         nDomainPosEnd++;
352                     }
353                     nDomainPosStart = strlenW(szDomain);
354                     nDomainLength = (nDomainPosEnd - nDomainPosStart) + 1;
355                     domain = HeapAlloc(GetProcessHeap(), 0, (nDomainLength + 1)*sizeof(WCHAR));
356                     lstrcpynW(domain, &lpszDomain[nDomainPosStart], nDomainLength + 1);
357                 }
358             }
359             if (setCookieHeader->lpszValue[nPosEnd] == '\0') break;
360             buf_cookie = HeapAlloc(GetProcessHeap(), 0, ((nPosEnd - nPosStart) + 1)*sizeof(WCHAR));
361             lstrcpynW(buf_cookie, &setCookieHeader->lpszValue[nPosStart], (nPosEnd - nPosStart) + 1);
362             TRACE("%s\n", debugstr_w(buf_cookie));
363             while (buf_cookie[nEqualPos] != '=' && buf_cookie[nEqualPos] != '\0')
364             {
365                 nEqualPos++;
366             }
367             if (buf_cookie[nEqualPos] == '\0' || buf_cookie[nEqualPos + 1] == '\0')
368             {
369                 HeapFree(GetProcessHeap(), 0, buf_cookie);
370                 break;
371             }
372
373             cookie_name = HeapAlloc(GetProcessHeap(), 0, (nEqualPos + 1)*sizeof(WCHAR));
374             lstrcpynW(cookie_name, buf_cookie, nEqualPos + 1);
375             cookie_data = &buf_cookie[nEqualPos + 1];
376
377             Host = HTTP_GetHeader(lpwhr,szHost);
378             len = lstrlenW((domain ? domain : (Host?Host->lpszValue:NULL))) + 
379                 strlenW(lpwhr->lpszPath) + 9;
380             buf_url = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
381             sprintfW(buf_url, szFmt, (domain ? domain : (Host?Host->lpszValue:NULL))); /* FIXME PATH!!! */
382             InternetSetCookieW(buf_url, cookie_name, cookie_data);
383
384             HeapFree(GetProcessHeap(), 0, buf_url);
385             HeapFree(GetProcessHeap(), 0, buf_cookie);
386             HeapFree(GetProcessHeap(), 0, cookie_name);
387             HeapFree(GetProcessHeap(), 0, domain);
388             nPosStart = nPosEnd;
389         }
390     }
391 }
392
393 static inline BOOL is_basic_auth_value( LPCWSTR pszAuthValue )
394 {
395     static const WCHAR szBasic[] = {'B','a','s','i','c'}; /* Note: not nul-terminated */
396     return !strncmpiW(pszAuthValue, szBasic, ARRAYSIZE(szBasic)) &&
397         ((pszAuthValue[ARRAYSIZE(szBasic)] == ' ') || !pszAuthValue[ARRAYSIZE(szBasic)]);
398 }
399
400 static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue,
401                                   struct HttpAuthInfo **ppAuthInfo,
402                                   LPWSTR domain_and_username, LPWSTR password )
403 {
404     SECURITY_STATUS sec_status;
405     struct HttpAuthInfo *pAuthInfo = *ppAuthInfo;
406     BOOL first = FALSE;
407
408     TRACE("%s\n", debugstr_w(pszAuthValue));
409
410     if (!pAuthInfo)
411     {
412         TimeStamp exp;
413
414         first = TRUE;
415         pAuthInfo = HeapAlloc(GetProcessHeap(), 0, sizeof(*pAuthInfo));
416         if (!pAuthInfo)
417             return FALSE;
418
419         SecInvalidateHandle(&pAuthInfo->cred);
420         SecInvalidateHandle(&pAuthInfo->ctx);
421         memset(&pAuthInfo->exp, 0, sizeof(pAuthInfo->exp));
422         pAuthInfo->attr = 0;
423         pAuthInfo->auth_data = NULL;
424         pAuthInfo->auth_data_len = 0;
425         pAuthInfo->finished = FALSE;
426
427         if (is_basic_auth_value(pszAuthValue))
428         {
429             static const WCHAR szBasic[] = {'B','a','s','i','c',0};
430             pAuthInfo->scheme = WININET_strdupW(szBasic);
431             if (!pAuthInfo->scheme)
432             {
433                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
434                 return FALSE;
435             }
436         }
437         else
438         {
439             PVOID pAuthData;
440             SEC_WINNT_AUTH_IDENTITY_W nt_auth_identity;
441
442             pAuthInfo->scheme = WININET_strdupW(pszAuthValue);
443             if (!pAuthInfo->scheme)
444             {
445                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
446                 return FALSE;
447             }
448
449             if (domain_and_username)
450             {
451                 WCHAR *user = strchrW(domain_and_username, '\\');
452                 WCHAR *domain = domain_and_username;
453
454                 /* FIXME: make sure scheme accepts SEC_WINNT_AUTH_IDENTITY before calling AcquireCredentialsHandle */
455
456                 pAuthData = &nt_auth_identity;
457
458                 if (user) user++;
459                 else
460                 {
461                     user = domain_and_username;
462                     domain = NULL;
463                 }
464
465                 nt_auth_identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
466                 nt_auth_identity.User = user;
467                 nt_auth_identity.UserLength = strlenW(nt_auth_identity.User);
468                 nt_auth_identity.Domain = domain;
469                 nt_auth_identity.DomainLength = domain ? user - domain - 1 : 0;
470                 nt_auth_identity.Password = password;
471                 nt_auth_identity.PasswordLength = strlenW(nt_auth_identity.Password);
472             }
473             else
474                 /* use default credentials */
475                 pAuthData = NULL;
476
477             sec_status = AcquireCredentialsHandleW(NULL, pAuthInfo->scheme,
478                                                    SECPKG_CRED_OUTBOUND, NULL,
479                                                    pAuthData, NULL,
480                                                    NULL, &pAuthInfo->cred,
481                                                    &exp);
482             if (sec_status == SEC_E_OK)
483             {
484                 PSecPkgInfoW sec_pkg_info;
485                 sec_status = QuerySecurityPackageInfoW(pAuthInfo->scheme, &sec_pkg_info);
486                 if (sec_status == SEC_E_OK)
487                 {
488                     pAuthInfo->max_token = sec_pkg_info->cbMaxToken;
489                     FreeContextBuffer(sec_pkg_info);
490                 }
491             }
492             if (sec_status != SEC_E_OK)
493             {
494                 WARN("AcquireCredentialsHandleW for scheme %s failed with error 0x%08x\n",
495                      debugstr_w(pAuthInfo->scheme), sec_status);
496                 HeapFree(GetProcessHeap(), 0, pAuthInfo->scheme);
497                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
498                 return FALSE;
499             }
500         }
501         *ppAuthInfo = pAuthInfo;
502     }
503     else if (pAuthInfo->finished)
504         return FALSE;
505
506     if ((strlenW(pszAuthValue) < strlenW(pAuthInfo->scheme)) ||
507         strncmpiW(pszAuthValue, pAuthInfo->scheme, strlenW(pAuthInfo->scheme)))
508     {
509         ERR("authentication scheme changed from %s to %s\n",
510             debugstr_w(pAuthInfo->scheme), debugstr_w(pszAuthValue));
511         return FALSE;
512     }
513
514     if (is_basic_auth_value(pszAuthValue))
515     {
516         int userlen;
517         int passlen;
518         char *auth_data;
519
520         TRACE("basic authentication\n");
521
522         /* we don't cache credentials for basic authentication, so we can't
523          * retrieve them if the application didn't pass us any credentials */
524         if (!domain_and_username) return FALSE;
525
526         userlen = WideCharToMultiByte(CP_UTF8, 0, domain_and_username, lstrlenW(domain_and_username), NULL, 0, NULL, NULL);
527         passlen = WideCharToMultiByte(CP_UTF8, 0, password, lstrlenW(password), NULL, 0, NULL, NULL);
528
529         /* length includes a nul terminator, which will be re-used for the ':' */
530         auth_data = HeapAlloc(GetProcessHeap(), 0, userlen + 1 + passlen);
531         if (!auth_data)
532             return FALSE;
533
534         WideCharToMultiByte(CP_UTF8, 0, domain_and_username, -1, auth_data, userlen, NULL, NULL);
535         auth_data[userlen] = ':';
536         WideCharToMultiByte(CP_UTF8, 0, password, -1, &auth_data[userlen+1], passlen, NULL, NULL);
537
538         pAuthInfo->auth_data = auth_data;
539         pAuthInfo->auth_data_len = userlen + 1 + passlen;
540         pAuthInfo->finished = TRUE;
541
542         return TRUE;
543     }
544     else
545     {
546         LPCWSTR pszAuthData;
547         SecBufferDesc out_desc, in_desc;
548         SecBuffer out, in;
549         unsigned char *buffer;
550         ULONG context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE |
551             ISC_REQ_MUTUAL_AUTH | ISC_REQ_DELEGATE;
552
553         in.BufferType = SECBUFFER_TOKEN;
554         in.cbBuffer = 0;
555         in.pvBuffer = NULL;
556
557         in_desc.ulVersion = 0;
558         in_desc.cBuffers = 1;
559         in_desc.pBuffers = &in;
560
561         pszAuthData = pszAuthValue + strlenW(pAuthInfo->scheme);
562         if (*pszAuthData == ' ')
563         {
564             pszAuthData++;
565             in.cbBuffer = HTTP_DecodeBase64(pszAuthData, NULL);
566             in.pvBuffer = HeapAlloc(GetProcessHeap(), 0, in.cbBuffer);
567             HTTP_DecodeBase64(pszAuthData, in.pvBuffer);
568         }
569
570         buffer = HeapAlloc(GetProcessHeap(), 0, pAuthInfo->max_token);
571
572         out.BufferType = SECBUFFER_TOKEN;
573         out.cbBuffer = pAuthInfo->max_token;
574         out.pvBuffer = buffer;
575
576         out_desc.ulVersion = 0;
577         out_desc.cBuffers = 1;
578         out_desc.pBuffers = &out;
579
580         sec_status = InitializeSecurityContextW(first ? &pAuthInfo->cred : NULL,
581                                                 first ? NULL : &pAuthInfo->ctx,
582                                                 first ? lpwhr->lpHttpSession->lpszServerName : NULL,
583                                                 context_req, 0, SECURITY_NETWORK_DREP,
584                                                 in.pvBuffer ? &in_desc : NULL,
585                                                 0, &pAuthInfo->ctx, &out_desc,
586                                                 &pAuthInfo->attr, &pAuthInfo->exp);
587         if (sec_status == SEC_E_OK)
588         {
589             pAuthInfo->finished = TRUE;
590             pAuthInfo->auth_data = out.pvBuffer;
591             pAuthInfo->auth_data_len = out.cbBuffer;
592             TRACE("sending last auth packet\n");
593         }
594         else if (sec_status == SEC_I_CONTINUE_NEEDED)
595         {
596             pAuthInfo->auth_data = out.pvBuffer;
597             pAuthInfo->auth_data_len = out.cbBuffer;
598             TRACE("sending next auth packet\n");
599         }
600         else
601         {
602             ERR("InitializeSecurityContextW returned error 0x%08x\n", sec_status);
603             pAuthInfo->finished = TRUE;
604             HeapFree(GetProcessHeap(), 0, out.pvBuffer);
605             return FALSE;
606         }
607     }
608
609     return TRUE;
610 }
611
612 /***********************************************************************
613  *           HTTP_HttpAddRequestHeadersW (internal)
614  */
615 static BOOL WINAPI HTTP_HttpAddRequestHeadersW(LPWININETHTTPREQW lpwhr,
616         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
617 {
618     LPWSTR lpszStart;
619     LPWSTR lpszEnd;
620     LPWSTR buffer;
621     BOOL bSuccess = FALSE;
622     DWORD len;
623
624     TRACE("copying header: %s\n", debugstr_wn(lpszHeader, dwHeaderLength));
625
626     if( dwHeaderLength == ~0U )
627         len = strlenW(lpszHeader);
628     else
629         len = dwHeaderLength;
630     buffer = HeapAlloc( GetProcessHeap(), 0, sizeof(WCHAR)*(len+1) );
631     lstrcpynW( buffer, lpszHeader, len + 1);
632
633     lpszStart = buffer;
634
635     do
636     {
637         LPWSTR * pFieldAndValue;
638
639         lpszEnd = lpszStart;
640
641         while (*lpszEnd != '\0')
642         {
643             if (*lpszEnd == '\r' && *(lpszEnd + 1) == '\n')
644                  break;
645             lpszEnd++;
646         }
647
648         if (*lpszStart == '\0')
649             break;
650
651         if (*lpszEnd == '\r')
652         {
653             *lpszEnd = '\0';
654             lpszEnd += 2; /* Jump over \r\n */
655         }
656         TRACE("interpreting header %s\n", debugstr_w(lpszStart));
657         pFieldAndValue = HTTP_InterpretHttpHeader(lpszStart);
658         if (pFieldAndValue)
659         {
660             bSuccess = HTTP_VerifyValidHeader(lpwhr, pFieldAndValue[0]);
661             if (bSuccess)
662                 bSuccess = HTTP_ProcessHeader(lpwhr, pFieldAndValue[0],
663                     pFieldAndValue[1], dwModifier | HTTP_ADDHDR_FLAG_REQ);
664             HTTP_FreeTokens(pFieldAndValue);
665         }
666
667         lpszStart = lpszEnd;
668     } while (bSuccess);
669
670     HeapFree(GetProcessHeap(), 0, buffer);
671
672     return bSuccess;
673 }
674
675 /***********************************************************************
676  *           HttpAddRequestHeadersW (WININET.@)
677  *
678  * Adds one or more HTTP header to the request handler
679  *
680  * NOTE
681  * On Windows if dwHeaderLength includes the trailing '\0', then
682  * HttpAddRequestHeadersW() adds it too. However this results in an
683  * invalid Http header which is rejected by some servers so we probably
684  * don't need to match Windows on that point.
685  *
686  * RETURNS
687  *    TRUE  on success
688  *    FALSE on failure
689  *
690  */
691 BOOL WINAPI HttpAddRequestHeadersW(HINTERNET hHttpRequest,
692         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
693 {
694     BOOL bSuccess = FALSE;
695     LPWININETHTTPREQW lpwhr;
696
697     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_wn(lpszHeader, dwHeaderLength), dwHeaderLength, dwModifier);
698
699     if (!lpszHeader) 
700       return TRUE;
701
702     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
703     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
704     {
705         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
706         goto lend;
707     }
708     bSuccess = HTTP_HttpAddRequestHeadersW( lpwhr, lpszHeader, dwHeaderLength, dwModifier );
709 lend:
710     if( lpwhr )
711         WININET_Release( &lpwhr->hdr );
712
713     return bSuccess;
714 }
715
716 /***********************************************************************
717  *           HttpAddRequestHeadersA (WININET.@)
718  *
719  * Adds one or more HTTP header to the request handler
720  *
721  * RETURNS
722  *    TRUE  on success
723  *    FALSE on failure
724  *
725  */
726 BOOL WINAPI HttpAddRequestHeadersA(HINTERNET hHttpRequest,
727         LPCSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
728 {
729     DWORD len;
730     LPWSTR hdr;
731     BOOL r;
732
733     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_an(lpszHeader, dwHeaderLength), dwHeaderLength, dwModifier);
734
735     len = MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, NULL, 0 );
736     hdr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
737     MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, hdr, len );
738     if( dwHeaderLength != ~0U )
739         dwHeaderLength = len;
740
741     r = HttpAddRequestHeadersW( hHttpRequest, hdr, dwHeaderLength, dwModifier );
742
743     HeapFree( GetProcessHeap(), 0, hdr );
744
745     return r;
746 }
747
748 /***********************************************************************
749  *           HttpEndRequestA (WININET.@)
750  *
751  * Ends an HTTP request that was started by HttpSendRequestEx
752  *
753  * RETURNS
754  *    TRUE      if successful
755  *    FALSE     on failure
756  *
757  */
758 BOOL WINAPI HttpEndRequestA(HINTERNET hRequest, 
759         LPINTERNET_BUFFERSA lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
760 {
761     LPINTERNET_BUFFERSA ptr;
762     LPINTERNET_BUFFERSW lpBuffersOutW,ptrW;
763     BOOL rc = FALSE;
764
765     TRACE("(%p, %p, %08x, %08lx): stub\n", hRequest, lpBuffersOut, dwFlags,
766             dwContext);
767
768     ptr = lpBuffersOut;
769     if (ptr)
770         lpBuffersOutW = (LPINTERNET_BUFFERSW)HeapAlloc(GetProcessHeap(),
771                 HEAP_ZERO_MEMORY, sizeof(INTERNET_BUFFERSW));
772     else
773         lpBuffersOutW = NULL;
774
775     ptrW = lpBuffersOutW;
776     while (ptr)
777     {
778         if (ptr->lpvBuffer && ptr->dwBufferLength)
779             ptrW->lpvBuffer = HeapAlloc(GetProcessHeap(),0,ptr->dwBufferLength);
780         ptrW->dwBufferLength = ptr->dwBufferLength;
781         ptrW->dwBufferTotal= ptr->dwBufferTotal;
782
783         if (ptr->Next)
784             ptrW->Next = HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,
785                     sizeof(INTERNET_BUFFERSW));
786
787         ptr = ptr->Next;
788         ptrW = ptrW->Next;
789     }
790
791     rc = HttpEndRequestW(hRequest, lpBuffersOutW, dwFlags, dwContext);
792
793     if (lpBuffersOutW)
794     {
795         ptrW = lpBuffersOutW;
796         while (ptrW)
797         {
798             LPINTERNET_BUFFERSW ptrW2;
799
800             FIXME("Do we need to translate info out of these buffer?\n");
801
802             HeapFree(GetProcessHeap(),0,ptrW->lpvBuffer);
803             ptrW2 = ptrW->Next;
804             HeapFree(GetProcessHeap(),0,ptrW);
805             ptrW = ptrW2;
806         }
807     }
808
809     return rc;
810 }
811
812 /***********************************************************************
813  *           HttpEndRequestW (WININET.@)
814  *
815  * Ends an HTTP request that was started by HttpSendRequestEx
816  *
817  * RETURNS
818  *    TRUE      if successful
819  *    FALSE     on failure
820  *
821  */
822 BOOL WINAPI HttpEndRequestW(HINTERNET hRequest, 
823         LPINTERNET_BUFFERSW lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
824 {
825     BOOL rc = FALSE;
826     LPWININETHTTPREQW lpwhr;
827     INT responseLen;
828     DWORD dwBufferSize;
829
830     TRACE("-->\n");
831     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
832
833     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
834     {
835         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
836         if (lpwhr)
837             WININET_Release( &lpwhr->hdr );
838         return FALSE;
839     }
840
841     lpwhr->hdr.dwFlags |= dwFlags;
842     lpwhr->hdr.dwContext = dwContext;
843
844     /* We appear to do nothing with lpBuffersOut.. is that correct? */
845
846     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
847             INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
848
849     responseLen = HTTP_GetResponseHeaders(lpwhr, TRUE);
850     if (responseLen)
851             rc = TRUE;
852
853     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
854             INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen, sizeof(DWORD));
855
856     /* process cookies here. Is this right? */
857     HTTP_ProcessCookies(lpwhr);
858
859     dwBufferSize = sizeof(lpwhr->dwContentLength);
860     if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
861                              &lpwhr->dwContentLength,&dwBufferSize,NULL))
862         lpwhr->dwContentLength = -1;
863
864     if (lpwhr->dwContentLength == 0)
865         HTTP_FinishedReading(lpwhr);
866
867     if(!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT))
868     {
869         DWORD dwCode,dwCodeLength=sizeof(DWORD);
870         if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,&dwCode,&dwCodeLength,NULL) &&
871             (dwCode==302 || dwCode==301))
872         {
873             WCHAR szNewLocation[INTERNET_MAX_URL_LENGTH];
874             dwBufferSize=sizeof(szNewLocation);
875             if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
876             {
877                 /* redirects are always GETs */
878                 HeapFree(GetProcessHeap(),0,lpwhr->lpszVerb);
879                 lpwhr->lpszVerb = WININET_strdupW(szGET);
880                 HTTP_DrainContent(lpwhr);
881                 INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
882                                       INTERNET_STATUS_REDIRECT, szNewLocation,
883                                       dwBufferSize);
884                 rc = HTTP_HandleRedirect(lpwhr, szNewLocation);
885                 if (rc)
886                     rc = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, TRUE);
887             }
888         }
889     }
890
891     WININET_Release( &lpwhr->hdr );
892     TRACE("%i <--\n",rc);
893     return rc;
894 }
895
896 /***********************************************************************
897  *           HttpOpenRequestW (WININET.@)
898  *
899  * Open a HTTP request handle
900  *
901  * RETURNS
902  *    HINTERNET  a HTTP request handle on success
903  *    NULL       on failure
904  *
905  */
906 HINTERNET WINAPI HttpOpenRequestW(HINTERNET hHttpSession,
907         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
908         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
909         DWORD dwFlags, DWORD_PTR dwContext)
910 {
911     LPWININETHTTPSESSIONW lpwhs;
912     HINTERNET handle = NULL;
913
914     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
915           debugstr_w(lpszVerb), debugstr_w(lpszObjectName),
916           debugstr_w(lpszVersion), debugstr_w(lpszReferrer), lpszAcceptTypes,
917           dwFlags, dwContext);
918     if(lpszAcceptTypes!=NULL)
919     {
920         int i;
921         for(i=0;lpszAcceptTypes[i]!=NULL;i++)
922             TRACE("\taccept type: %s\n",debugstr_w(lpszAcceptTypes[i]));
923     }    
924
925     lpwhs = (LPWININETHTTPSESSIONW) WININET_GetObject( hHttpSession );
926     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
927     {
928         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
929         goto lend;
930     }
931
932     /*
933      * My tests seem to show that the windows version does not
934      * become asynchronous until after this point. And anyhow
935      * if this call was asynchronous then how would you get the
936      * necessary HINTERNET pointer returned by this function.
937      *
938      */
939     handle = HTTP_HttpOpenRequestW(lpwhs, lpszVerb, lpszObjectName,
940                                    lpszVersion, lpszReferrer, lpszAcceptTypes,
941                                    dwFlags, dwContext);
942 lend:
943     if( lpwhs )
944         WININET_Release( &lpwhs->hdr );
945     TRACE("returning %p\n", handle);
946     return handle;
947 }
948
949
950 /***********************************************************************
951  *           HttpOpenRequestA (WININET.@)
952  *
953  * Open a HTTP request handle
954  *
955  * RETURNS
956  *    HINTERNET  a HTTP request handle on success
957  *    NULL       on failure
958  *
959  */
960 HINTERNET WINAPI HttpOpenRequestA(HINTERNET hHttpSession,
961         LPCSTR lpszVerb, LPCSTR lpszObjectName, LPCSTR lpszVersion,
962         LPCSTR lpszReferrer , LPCSTR *lpszAcceptTypes,
963         DWORD dwFlags, DWORD_PTR dwContext)
964 {
965     LPWSTR szVerb = NULL, szObjectName = NULL;
966     LPWSTR szVersion = NULL, szReferrer = NULL, *szAcceptTypes = NULL;
967     INT len, acceptTypesCount;
968     HINTERNET rc = FALSE;
969     LPCSTR *types;
970
971     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
972           debugstr_a(lpszVerb), debugstr_a(lpszObjectName),
973           debugstr_a(lpszVersion), debugstr_a(lpszReferrer), lpszAcceptTypes,
974           dwFlags, dwContext);
975
976     if (lpszVerb)
977     {
978         len = MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, NULL, 0 );
979         szVerb = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
980         if ( !szVerb )
981             goto end;
982         MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, szVerb, len);
983     }
984
985     if (lpszObjectName)
986     {
987         len = MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, NULL, 0 );
988         szObjectName = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
989         if ( !szObjectName )
990             goto end;
991         MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, szObjectName, len );
992     }
993
994     if (lpszVersion)
995     {
996         len = MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, NULL, 0 );
997         szVersion = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
998         if ( !szVersion )
999             goto end;
1000         MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, szVersion, len );
1001     }
1002
1003     if (lpszReferrer)
1004     {
1005         len = MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, NULL, 0 );
1006         szReferrer = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1007         if ( !szReferrer )
1008             goto end;
1009         MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, szReferrer, len );
1010     }
1011
1012     if (lpszAcceptTypes)
1013     {
1014         acceptTypesCount = 0;
1015         types = lpszAcceptTypes;
1016         while (*types)
1017         {
1018             /* find out how many there are */
1019             if (((ULONG_PTR)*types >> 16) && **types)
1020             {
1021                 TRACE("accept type: %s\n", debugstr_a(*types));
1022                 acceptTypesCount++;
1023             }
1024             types++;
1025         }
1026         szAcceptTypes = HeapAlloc(GetProcessHeap(), 0, sizeof(WCHAR *) * (acceptTypesCount+1));
1027         if (!szAcceptTypes) goto end;
1028
1029         acceptTypesCount = 0;
1030         types = lpszAcceptTypes;
1031         while (*types)
1032         {
1033             if (((ULONG_PTR)*types >> 16) && **types)
1034             {
1035                 len = MultiByteToWideChar(CP_ACP, 0, *types, -1, NULL, 0 );
1036                 szAcceptTypes[acceptTypesCount] = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1037                 if (!szAcceptTypes[acceptTypesCount]) goto end;
1038
1039                 MultiByteToWideChar(CP_ACP, 0, *types, -1, szAcceptTypes[acceptTypesCount], len);
1040                 acceptTypesCount++;
1041             }
1042             types++;
1043         }
1044         szAcceptTypes[acceptTypesCount] = NULL;
1045     }
1046     else szAcceptTypes = 0;
1047
1048     rc = HttpOpenRequestW(hHttpSession, szVerb, szObjectName,
1049                           szVersion, szReferrer,
1050                           (LPCWSTR*)szAcceptTypes, dwFlags, dwContext);
1051
1052 end:
1053     if (szAcceptTypes)
1054     {
1055         acceptTypesCount = 0;
1056         while (szAcceptTypes[acceptTypesCount])
1057         {
1058             HeapFree(GetProcessHeap(), 0, szAcceptTypes[acceptTypesCount]);
1059             acceptTypesCount++;
1060         }
1061         HeapFree(GetProcessHeap(), 0, szAcceptTypes);
1062     }
1063     HeapFree(GetProcessHeap(), 0, szReferrer);
1064     HeapFree(GetProcessHeap(), 0, szVersion);
1065     HeapFree(GetProcessHeap(), 0, szObjectName);
1066     HeapFree(GetProcessHeap(), 0, szVerb);
1067
1068     return rc;
1069 }
1070
1071 /***********************************************************************
1072  *  HTTP_EncodeBase64
1073  */
1074 static UINT HTTP_EncodeBase64( LPCSTR bin, unsigned int len, LPWSTR base64 )
1075 {
1076     UINT n = 0, x;
1077     static const CHAR HTTP_Base64Enc[] =
1078         "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
1079
1080     while( len > 0 )
1081     {
1082         /* first 6 bits, all from bin[0] */
1083         base64[n++] = HTTP_Base64Enc[(bin[0] & 0xfc) >> 2];
1084         x = (bin[0] & 3) << 4;
1085
1086         /* next 6 bits, 2 from bin[0] and 4 from bin[1] */
1087         if( len == 1 )
1088         {
1089             base64[n++] = HTTP_Base64Enc[x];
1090             base64[n++] = '=';
1091             base64[n++] = '=';
1092             break;
1093         }
1094         base64[n++] = HTTP_Base64Enc[ x | ( (bin[1]&0xf0) >> 4 ) ];
1095         x = ( bin[1] & 0x0f ) << 2;
1096
1097         /* next 6 bits 4 from bin[1] and 2 from bin[2] */
1098         if( len == 2 )
1099         {
1100             base64[n++] = HTTP_Base64Enc[x];
1101             base64[n++] = '=';
1102             break;
1103         }
1104         base64[n++] = HTTP_Base64Enc[ x | ( (bin[2]&0xc0 ) >> 6 ) ];
1105
1106         /* last 6 bits, all from bin [2] */
1107         base64[n++] = HTTP_Base64Enc[ bin[2] & 0x3f ];
1108         bin += 3;
1109         len -= 3;
1110     }
1111     base64[n] = 0;
1112     return n;
1113 }
1114
1115 #define CH(x) (((x) >= 'A' && (x) <= 'Z') ? (x) - 'A' : \
1116                ((x) >= 'a' && (x) <= 'z') ? (x) - 'a' + 26 : \
1117                ((x) >= '0' && (x) <= '9') ? (x) - '0' + 52 : \
1118                ((x) == '+') ? 62 : ((x) == '/') ? 63 : -1)
1119 static const signed char HTTP_Base64Dec[256] =
1120 {
1121     CH( 0),CH( 1),CH( 2),CH( 3),CH( 4),CH( 5),CH( 6),CH( 7),CH( 8),CH( 9),
1122     CH(10),CH(11),CH(12),CH(13),CH(14),CH(15),CH(16),CH(17),CH(18),CH(19),
1123     CH(20),CH(21),CH(22),CH(23),CH(24),CH(25),CH(26),CH(27),CH(28),CH(29),
1124     CH(30),CH(31),CH(32),CH(33),CH(34),CH(35),CH(36),CH(37),CH(38),CH(39),
1125     CH(40),CH(41),CH(42),CH(43),CH(44),CH(45),CH(46),CH(47),CH(48),CH(49),
1126     CH(50),CH(51),CH(52),CH(53),CH(54),CH(55),CH(56),CH(57),CH(58),CH(59),
1127     CH(60),CH(61),CH(62),CH(63),CH(64),CH(65),CH(66),CH(67),CH(68),CH(69),
1128     CH(70),CH(71),CH(72),CH(73),CH(74),CH(75),CH(76),CH(77),CH(78),CH(79),
1129     CH(80),CH(81),CH(82),CH(83),CH(84),CH(85),CH(86),CH(87),CH(88),CH(89),
1130     CH(90),CH(91),CH(92),CH(93),CH(94),CH(95),CH(96),CH(97),CH(98),CH(99),
1131     CH(100),CH(101),CH(102),CH(103),CH(104),CH(105),CH(106),CH(107),CH(108),CH(109),
1132     CH(110),CH(111),CH(112),CH(113),CH(114),CH(115),CH(116),CH(117),CH(118),CH(119),
1133     CH(120),CH(121),CH(122),CH(123),CH(124),CH(125),CH(126),CH(127),CH(128),CH(129),
1134     CH(130),CH(131),CH(132),CH(133),CH(134),CH(135),CH(136),CH(137),CH(138),CH(139),
1135     CH(140),CH(141),CH(142),CH(143),CH(144),CH(145),CH(146),CH(147),CH(148),CH(149),
1136     CH(150),CH(151),CH(152),CH(153),CH(154),CH(155),CH(156),CH(157),CH(158),CH(159),
1137     CH(160),CH(161),CH(162),CH(163),CH(164),CH(165),CH(166),CH(167),CH(168),CH(169),
1138     CH(170),CH(171),CH(172),CH(173),CH(174),CH(175),CH(176),CH(177),CH(178),CH(179),
1139     CH(180),CH(181),CH(182),CH(183),CH(184),CH(185),CH(186),CH(187),CH(188),CH(189),
1140     CH(190),CH(191),CH(192),CH(193),CH(194),CH(195),CH(196),CH(197),CH(198),CH(199),
1141     CH(200),CH(201),CH(202),CH(203),CH(204),CH(205),CH(206),CH(207),CH(208),CH(209),
1142     CH(210),CH(211),CH(212),CH(213),CH(214),CH(215),CH(216),CH(217),CH(218),CH(219),
1143     CH(220),CH(221),CH(222),CH(223),CH(224),CH(225),CH(226),CH(227),CH(228),CH(229),
1144     CH(230),CH(231),CH(232),CH(233),CH(234),CH(235),CH(236),CH(237),CH(238),CH(239),
1145     CH(240),CH(241),CH(242),CH(243),CH(244),CH(245),CH(246),CH(247),CH(248), CH(249),
1146     CH(250),CH(251),CH(252),CH(253),CH(254),CH(255),
1147 };
1148 #undef CH
1149
1150 /***********************************************************************
1151  *  HTTP_DecodeBase64
1152  */
1153 static UINT HTTP_DecodeBase64( LPCWSTR base64, LPSTR bin )
1154 {
1155     unsigned int n = 0;
1156
1157     while(*base64)
1158     {
1159         signed char in[4];
1160
1161         if (base64[0] >= ARRAYSIZE(HTTP_Base64Dec) ||
1162             ((in[0] = HTTP_Base64Dec[base64[0]]) == -1) ||
1163             base64[1] >= ARRAYSIZE(HTTP_Base64Dec) ||
1164             ((in[1] = HTTP_Base64Dec[base64[1]]) == -1))
1165         {
1166             WARN("invalid base64: %s\n", debugstr_w(base64));
1167             return 0;
1168         }
1169         if (bin)
1170             bin[n] = (unsigned char) (in[0] << 2 | in[1] >> 4);
1171         n++;
1172
1173         if ((base64[2] == '=') && (base64[3] == '='))
1174             break;
1175         if (base64[2] > ARRAYSIZE(HTTP_Base64Dec) ||
1176             ((in[2] = HTTP_Base64Dec[base64[2]]) == -1))
1177         {
1178             WARN("invalid base64: %s\n", debugstr_w(&base64[2]));
1179             return 0;
1180         }
1181         if (bin)
1182             bin[n] = (unsigned char) (in[1] << 4 | in[2] >> 2);
1183         n++;
1184
1185         if (base64[3] == '=')
1186             break;
1187         if (base64[3] > ARRAYSIZE(HTTP_Base64Dec) ||
1188             ((in[3] = HTTP_Base64Dec[base64[3]]) == -1))
1189         {
1190             WARN("invalid base64: %s\n", debugstr_w(&base64[3]));
1191             return 0;
1192         }
1193         if (bin)
1194             bin[n] = (unsigned char) (((in[2] << 6) & 0xc0) | in[3]);
1195         n++;
1196
1197         base64 += 4;
1198     }
1199
1200     return n;
1201 }
1202
1203 /***********************************************************************
1204  *  HTTP_InsertAuthorization
1205  *
1206  *   Insert or delete the authorization field in the request header.
1207  */
1208 static BOOL HTTP_InsertAuthorization( LPWININETHTTPREQW lpwhr, struct HttpAuthInfo *pAuthInfo, LPCWSTR header )
1209 {
1210     if (pAuthInfo)
1211     {
1212         static const WCHAR wszSpace[] = {' ',0};
1213         static const WCHAR wszBasic[] = {'B','a','s','i','c',0};
1214         unsigned int len;
1215         WCHAR *authorization = NULL;
1216
1217         if (pAuthInfo->auth_data_len)
1218         {
1219             /* scheme + space + base64 encoded data (3/2/1 bytes data -> 4 bytes of characters) */
1220             len = strlenW(pAuthInfo->scheme)+1+((pAuthInfo->auth_data_len+2)*4)/3;
1221             authorization = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
1222             if (!authorization)
1223                 return FALSE;
1224
1225             strcpyW(authorization, pAuthInfo->scheme);
1226             strcatW(authorization, wszSpace);
1227             HTTP_EncodeBase64(pAuthInfo->auth_data,
1228                               pAuthInfo->auth_data_len,
1229                               authorization+strlenW(authorization));
1230
1231             /* clear the data as it isn't valid now that it has been sent to the
1232              * server, unless it's Basic authentication which doesn't do
1233              * connection tracking */
1234             if (strcmpiW(pAuthInfo->scheme, wszBasic))
1235             {
1236                 HeapFree(GetProcessHeap(), 0, pAuthInfo->auth_data);
1237                 pAuthInfo->auth_data = NULL;
1238                 pAuthInfo->auth_data_len = 0;
1239             }
1240         }
1241
1242         TRACE("Inserting authorization: %s\n", debugstr_w(authorization));
1243
1244         HTTP_ProcessHeader(lpwhr, header, authorization, HTTP_ADDHDR_FLAG_REQ | HTTP_ADDHDR_FLAG_REPLACE);
1245
1246         HeapFree(GetProcessHeap(), 0, authorization);
1247     }
1248     return TRUE;
1249 }
1250
1251 static WCHAR *HTTP_BuildProxyRequestUrl(WININETHTTPREQW *req)
1252 {
1253     WCHAR new_location[INTERNET_MAX_URL_LENGTH], *url;
1254     DWORD size;
1255
1256     size = sizeof(new_location);
1257     if (HTTP_HttpQueryInfoW(req, HTTP_QUERY_LOCATION, new_location, &size, NULL))
1258     {
1259         if (!(url = HeapAlloc( GetProcessHeap(), 0, size + sizeof(WCHAR) ))) return NULL;
1260         strcpyW( url, new_location );
1261     }
1262     else
1263     {
1264         static const WCHAR slash[] = { '/',0 };
1265         static const WCHAR format[] = { 'h','t','t','p',':','/','/','%','s',':','%','d',0 };
1266         static const WCHAR formatSSL[] = { 'h','t','t','p','s',':','/','/','%','s',':','%','d',0 };
1267         WININETHTTPSESSIONW *session = req->lpHttpSession;
1268
1269         size = 16; /* "https://" + sizeof(port#) + ":/\0" */
1270         size += strlenW( session->lpszHostName ) + strlenW( req->lpszPath );
1271
1272         if (!(url = HeapAlloc( GetProcessHeap(), 0, size * sizeof(WCHAR) ))) return NULL;
1273
1274         if (req->hdr.dwFlags & INTERNET_FLAG_SECURE)
1275             sprintfW( url, formatSSL, session->lpszHostName, session->nHostPort );
1276         else
1277             sprintfW( url, format, session->lpszHostName, session->nHostPort );
1278         if (req->lpszPath[0] != '/') strcatW( url, slash );
1279         strcatW( url, req->lpszPath );
1280     }
1281     TRACE("url=%s\n", debugstr_w(url));
1282     return url;
1283 }
1284
1285 /***********************************************************************
1286  *           HTTP_DealWithProxy
1287  */
1288 static BOOL HTTP_DealWithProxy( LPWININETAPPINFOW hIC,
1289     LPWININETHTTPSESSIONW lpwhs, LPWININETHTTPREQW lpwhr)
1290 {
1291     WCHAR buf[MAXHOSTNAME];
1292     WCHAR proxy[MAXHOSTNAME + 15]; /* 15 == "http://" + sizeof(port#) + ":/\0" */
1293     static WCHAR szNul[] = { 0 };
1294     URL_COMPONENTSW UrlComponents;
1295     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/',0 };
1296     static const WCHAR szFormat[] = { 'h','t','t','p',':','/','/','%','s',0 };
1297
1298     memset( &UrlComponents, 0, sizeof UrlComponents );
1299     UrlComponents.dwStructSize = sizeof UrlComponents;
1300     UrlComponents.lpszHostName = buf;
1301     UrlComponents.dwHostNameLength = MAXHOSTNAME;
1302
1303     if( CSTR_EQUAL != CompareStringW(LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
1304                                  hIC->lpszProxy,strlenW(szHttp),szHttp,strlenW(szHttp)) )
1305         sprintfW(proxy, szFormat, hIC->lpszProxy);
1306     else
1307         strcpyW(proxy, hIC->lpszProxy);
1308     if( !InternetCrackUrlW(proxy, 0, 0, &UrlComponents) )
1309         return FALSE;
1310     if( UrlComponents.dwHostNameLength == 0 )
1311         return FALSE;
1312
1313     if( !lpwhr->lpszPath )
1314         lpwhr->lpszPath = szNul;
1315
1316     if(UrlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
1317         UrlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
1318
1319     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
1320     lpwhs->lpszServerName = WININET_strdupW(UrlComponents.lpszHostName);
1321     lpwhs->nServerPort = UrlComponents.nPort;
1322
1323     TRACE("proxy server=%s port=%d\n", debugstr_w(lpwhs->lpszServerName), lpwhs->nServerPort);
1324     return TRUE;
1325 }
1326
1327 static BOOL HTTP_ResolveName(LPWININETHTTPREQW lpwhr)
1328 {
1329     char szaddr[32];
1330     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
1331
1332     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1333                           INTERNET_STATUS_RESOLVING_NAME,
1334                           lpwhs->lpszServerName,
1335                           strlenW(lpwhs->lpszServerName)+1);
1336
1337     if (!GetAddress(lpwhs->lpszServerName, lpwhs->nServerPort,
1338                     &lpwhs->socketAddress))
1339     {
1340         INTERNET_SetLastError(ERROR_INTERNET_NAME_NOT_RESOLVED);
1341         return FALSE;
1342     }
1343
1344     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
1345               szaddr, sizeof(szaddr));
1346     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1347                           INTERNET_STATUS_NAME_RESOLVED,
1348                           szaddr, strlen(szaddr)+1);
1349
1350     TRACE("resolved %s to %s\n", debugstr_w(lpwhs->lpszServerName), szaddr);
1351     return TRUE;
1352 }
1353
1354
1355 /***********************************************************************
1356  *           HTTPREQ_Destroy (internal)
1357  *
1358  * Deallocate request handle
1359  *
1360  */
1361 static void HTTPREQ_Destroy(WININETHANDLEHEADER *hdr)
1362 {
1363     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
1364     DWORD i;
1365
1366     TRACE("\n");
1367
1368     if(lpwhr->hCacheFile)
1369         CloseHandle(lpwhr->hCacheFile);
1370
1371     if(lpwhr->lpszCacheFile) {
1372         DeleteFileW(lpwhr->lpszCacheFile); /* FIXME */
1373         HeapFree(GetProcessHeap(), 0, lpwhr->lpszCacheFile);
1374     }
1375
1376     WININET_Release(&lpwhr->lpHttpSession->hdr);
1377
1378     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
1379     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVerb);
1380     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
1381     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVersion);
1382     HeapFree(GetProcessHeap(), 0, lpwhr->lpszStatusText);
1383
1384     for (i = 0; i < lpwhr->nCustHeaders; i++)
1385     {
1386         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszField);
1387         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszValue);
1388     }
1389
1390     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders);
1391     HeapFree(GetProcessHeap(), 0, lpwhr);
1392 }
1393
1394 static void HTTPREQ_CloseConnection(WININETHANDLEHEADER *hdr)
1395 {
1396     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
1397
1398     TRACE("%p\n",lpwhr);
1399
1400     if (!NETCON_connected(&lpwhr->netConnection))
1401         return;
1402
1403     if (lpwhr->pAuthInfo)
1404     {
1405         if (SecIsValidHandle(&lpwhr->pAuthInfo->ctx))
1406             DeleteSecurityContext(&lpwhr->pAuthInfo->ctx);
1407         if (SecIsValidHandle(&lpwhr->pAuthInfo->cred))
1408             FreeCredentialsHandle(&lpwhr->pAuthInfo->cred);
1409
1410         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->auth_data);
1411         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->scheme);
1412         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo);
1413         lpwhr->pAuthInfo = NULL;
1414     }
1415     if (lpwhr->pProxyAuthInfo)
1416     {
1417         if (SecIsValidHandle(&lpwhr->pProxyAuthInfo->ctx))
1418             DeleteSecurityContext(&lpwhr->pProxyAuthInfo->ctx);
1419         if (SecIsValidHandle(&lpwhr->pProxyAuthInfo->cred))
1420             FreeCredentialsHandle(&lpwhr->pProxyAuthInfo->cred);
1421
1422         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->auth_data);
1423         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->scheme);
1424         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo);
1425         lpwhr->pProxyAuthInfo = NULL;
1426     }
1427
1428     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1429                           INTERNET_STATUS_CLOSING_CONNECTION, 0, 0);
1430
1431     NETCON_close(&lpwhr->netConnection);
1432
1433     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1434                           INTERNET_STATUS_CONNECTION_CLOSED, 0, 0);
1435 }
1436
1437 static DWORD HTTPREQ_QueryOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD *size, BOOL unicode)
1438 {
1439     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1440
1441     switch(option) {
1442     case INTERNET_OPTION_HANDLE_TYPE:
1443         TRACE("INTERNET_OPTION_HANDLE_TYPE\n");
1444
1445         if (*size < sizeof(ULONG))
1446             return ERROR_INSUFFICIENT_BUFFER;
1447
1448         *size = sizeof(DWORD);
1449         *(DWORD*)buffer = INTERNET_HANDLE_TYPE_HTTP_REQUEST;
1450         return ERROR_SUCCESS;
1451
1452     case INTERNET_OPTION_URL: {
1453         WCHAR url[INTERNET_MAX_URL_LENGTH];
1454         HTTPHEADERW *host;
1455         DWORD len;
1456         WCHAR *pch;
1457
1458         static const WCHAR httpW[] = {'h','t','t','p',':','/','/',0};
1459         static const WCHAR hostW[] = {'H','o','s','t',0};
1460
1461         TRACE("INTERNET_OPTION_URL\n");
1462
1463         host = HTTP_GetHeader(req, hostW);
1464         strcpyW(url, httpW);
1465         strcatW(url, host->lpszValue);
1466         if (NULL != (pch = strchrW(url + strlenW(httpW), ':')))
1467             *pch = 0;
1468         strcatW(url, req->lpszPath);
1469
1470         TRACE("INTERNET_OPTION_URL: %s\n",debugstr_w(url));
1471
1472         if(unicode) {
1473             len = (strlenW(url)+1) * sizeof(WCHAR);
1474             if(*size < len)
1475                 return ERROR_INSUFFICIENT_BUFFER;
1476
1477             *size = len;
1478             strcpyW(buffer, url);
1479             return ERROR_SUCCESS;
1480         }else {
1481             len = WideCharToMultiByte(CP_ACP, 0, url, -1, buffer, *size, NULL, NULL);
1482             if(len > *size)
1483                 return ERROR_INSUFFICIENT_BUFFER;
1484
1485             *size = len;
1486             return ERROR_SUCCESS;
1487         }
1488     }
1489
1490     case INTERNET_OPTION_DATAFILE_NAME: {
1491         DWORD req_size;
1492
1493         TRACE("INTERNET_OPTION_DATAFILE_NAME\n");
1494
1495         if(!req->lpszCacheFile) {
1496             *size = 0;
1497             return ERROR_INTERNET_ITEM_NOT_FOUND;
1498         }
1499
1500         if(unicode) {
1501             req_size = (lstrlenW(req->lpszCacheFile)+1) * sizeof(WCHAR);
1502             if(*size < req_size)
1503                 return ERROR_INSUFFICIENT_BUFFER;
1504
1505             *size = req_size;
1506             memcpy(buffer, req->lpszCacheFile, *size);
1507             return ERROR_SUCCESS;
1508         }else {
1509             req_size = WideCharToMultiByte(CP_ACP, 0, req->lpszCacheFile, -1, NULL, 0, NULL, NULL);
1510             if (req_size > *size)
1511                 return ERROR_INSUFFICIENT_BUFFER;
1512
1513             *size = WideCharToMultiByte(CP_ACP, 0, req->lpszCacheFile,
1514                     -1, buffer, *size, NULL, NULL);
1515             return ERROR_SUCCESS;
1516         }
1517     }
1518
1519     case INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT: {
1520         PCCERT_CONTEXT context;
1521
1522         if(*size < sizeof(INTERNET_CERTIFICATE_INFOW)) {
1523             *size = sizeof(INTERNET_CERTIFICATE_INFOW);
1524             return ERROR_INSUFFICIENT_BUFFER;
1525         }
1526
1527         context = (PCCERT_CONTEXT)NETCON_GetCert(&(req->netConnection));
1528         if(context) {
1529             INTERNET_CERTIFICATE_INFOW *info = (INTERNET_CERTIFICATE_INFOW*)buffer;
1530             DWORD len;
1531
1532             memset(info, 0, sizeof(INTERNET_CERTIFICATE_INFOW));
1533             info->ftExpiry = context->pCertInfo->NotAfter;
1534             info->ftStart = context->pCertInfo->NotBefore;
1535             if(unicode) {
1536                 len = CertNameToStrW(context->dwCertEncodingType,
1537                         &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR, NULL, 0);
1538                 info->lpszSubjectInfo = LocalAlloc(0, len*sizeof(WCHAR));
1539                 if(info->lpszSubjectInfo)
1540                     CertNameToStrW(context->dwCertEncodingType,
1541                              &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR,
1542                              info->lpszSubjectInfo, len);
1543                 len = CertNameToStrW(context->dwCertEncodingType,
1544                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR, NULL, 0);
1545                 info->lpszIssuerInfo = LocalAlloc(0, len*sizeof(WCHAR));
1546                 if (info->lpszIssuerInfo)
1547                     CertNameToStrW(context->dwCertEncodingType,
1548                              &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
1549                              info->lpszIssuerInfo, len);
1550             }else {
1551                 INTERNET_CERTIFICATE_INFOA *infoA = (INTERNET_CERTIFICATE_INFOA*)info;
1552
1553                 len = CertNameToStrA(context->dwCertEncodingType,
1554                          &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR, NULL, 0);
1555                 infoA->lpszSubjectInfo = LocalAlloc(0, len);
1556                 if(infoA->lpszSubjectInfo)
1557                     CertNameToStrA(context->dwCertEncodingType,
1558                              &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR,
1559                              infoA->lpszSubjectInfo, len);
1560                 len = CertNameToStrA(context->dwCertEncodingType,
1561                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR, NULL, 0);
1562                 infoA->lpszIssuerInfo = LocalAlloc(0, len);
1563                 if(infoA->lpszIssuerInfo)
1564                     CertNameToStrA(context->dwCertEncodingType,
1565                              &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
1566                              infoA->lpszIssuerInfo, len);
1567             }
1568
1569             /*
1570              * Contrary to MSDN, these do not appear to be set.
1571              * lpszProtocolName
1572              * lpszSignatureAlgName
1573              * lpszEncryptionAlgName
1574              * dwKeySize
1575              */
1576             CertFreeCertificateContext(context);
1577             return ERROR_SUCCESS;
1578         }
1579     }
1580     }
1581
1582     return INET_QueryOption(option, buffer, size, unicode);
1583 }
1584
1585 static DWORD HTTPREQ_SetOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD size)
1586 {
1587     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1588
1589     switch(option) {
1590     case INTERNET_OPTION_SEND_TIMEOUT:
1591     case INTERNET_OPTION_RECEIVE_TIMEOUT:
1592         TRACE("INTERNET_OPTION_SEND/RECEIVE_TIMEOUT\n");
1593
1594         if (size != sizeof(DWORD))
1595             return ERROR_INVALID_PARAMETER;
1596
1597         return NETCON_set_timeout(&req->netConnection, option == INTERNET_OPTION_SEND_TIMEOUT,
1598                     *(DWORD*)buffer);
1599     }
1600
1601     return ERROR_INTERNET_INVALID_OPTION;
1602 }
1603
1604 static DWORD HTTP_Read(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1605 {
1606     int bytes_read;
1607
1608     if(!NETCON_recv(&req->netConnection, buffer, min(size, req->dwContentLength - req->dwContentRead),
1609                      sync ? MSG_WAITALL : 0, &bytes_read)) {
1610         if(req->dwContentLength != -1 && req->dwContentRead != req->dwContentLength)
1611             ERR("not all data received %d/%d\n", req->dwContentRead, req->dwContentLength);
1612
1613         /* always return success, even if the network layer returns an error */
1614         *read = 0;
1615         HTTP_FinishedReading(req);
1616         return ERROR_SUCCESS;
1617     }
1618
1619     req->dwContentRead += bytes_read;
1620     *read = bytes_read;
1621
1622     if(req->lpszCacheFile) {
1623         BOOL res;
1624         DWORD dwBytesWritten;
1625
1626         res = WriteFile(req->hCacheFile, buffer, bytes_read, &dwBytesWritten, NULL);
1627         if(!res)
1628             WARN("WriteFile failed: %u\n", GetLastError());
1629     }
1630
1631     if(!bytes_read && (req->dwContentRead == req->dwContentLength))
1632         HTTP_FinishedReading(req);
1633
1634     return ERROR_SUCCESS;
1635 }
1636
1637 static DWORD get_chunk_size(const char *buffer)
1638 {
1639     const char *p;
1640     DWORD size = 0;
1641
1642     for (p = buffer; *p; p++)
1643     {
1644         if (*p >= '0' && *p <= '9') size = size * 16 + *p - '0';
1645         else if (*p >= 'a' && *p <= 'f') size = size * 16 + *p - 'a' + 10;
1646         else if (*p >= 'A' && *p <= 'F') size = size * 16 + *p - 'A' + 10;
1647         else if (*p == ';') break;
1648     }
1649     return size;
1650 }
1651
1652 static DWORD HTTP_ReadChunked(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1653 {
1654     char reply[MAX_REPLY_LEN], *p = buffer;
1655     DWORD buflen, to_read, to_write = size;
1656     int bytes_read;
1657
1658     *read = 0;
1659     for (;;)
1660     {
1661         if (*read == size) break;
1662
1663         if (req->dwContentLength == ~0UL) /* new chunk */
1664         {
1665             buflen = sizeof(reply);
1666             if (!NETCON_getNextLine(&req->netConnection, reply, &buflen)) break;
1667
1668             if (!(req->dwContentLength = get_chunk_size(reply)))
1669             {
1670                 /* zero sized chunk marks end of transfer; read any trailing headers and return */
1671                 HTTP_GetResponseHeaders(req, FALSE);
1672                 break;
1673             }
1674         }
1675         to_read = min(to_write, req->dwContentLength - req->dwContentRead);
1676
1677         if (!NETCON_recv(&req->netConnection, p, to_read, sync ? MSG_WAITALL : 0, &bytes_read))
1678         {
1679             if (bytes_read != to_read)
1680                 ERR("Not all data received %d/%d\n", bytes_read, to_read);
1681
1682             /* always return success, even if the network layer returns an error */
1683             *read = 0;
1684             break;
1685         }
1686         if (!bytes_read) break;
1687
1688         req->dwContentRead += bytes_read;
1689         to_write -= bytes_read;
1690         *read += bytes_read;
1691
1692         if (req->lpszCacheFile)
1693         {
1694             DWORD dwBytesWritten;
1695
1696             if (!WriteFile(req->hCacheFile, p, bytes_read, &dwBytesWritten, NULL))
1697                 WARN("WriteFile failed: %u\n", GetLastError());
1698         }
1699         p += bytes_read;
1700
1701         if (req->dwContentRead == req->dwContentLength) /* chunk complete */
1702         {
1703             req->dwContentRead = 0;
1704             req->dwContentLength = ~0UL;
1705
1706             buflen = sizeof(reply);
1707             if (!NETCON_getNextLine(&req->netConnection, reply, &buflen))
1708             {
1709                 ERR("Malformed chunk\n");
1710                 *read = 0;
1711                 break;
1712             }
1713         }
1714     }
1715     if (!*read) HTTP_FinishedReading(req);
1716     return ERROR_SUCCESS;
1717 }
1718
1719 static DWORD HTTPREQ_Read(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1720 {
1721     WCHAR encoding[20];
1722     DWORD buflen = sizeof(encoding);
1723     static const WCHAR szChunked[] = {'c','h','u','n','k','e','d',0};
1724
1725     if (HTTP_HttpQueryInfoW(req, HTTP_QUERY_TRANSFER_ENCODING, encoding, &buflen, NULL) &&
1726         !strcmpiW(encoding, szChunked))
1727     {
1728         return HTTP_ReadChunked(req, buffer, size, read, sync);
1729     }
1730     else
1731         return HTTP_Read(req, buffer, size, read, sync);
1732 }
1733
1734 static DWORD HTTPREQ_ReadFile(WININETHANDLEHEADER *hdr, void *buffer, DWORD size, DWORD *read)
1735 {
1736     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1737     return HTTPREQ_Read(req, buffer, size, read, TRUE);
1738 }
1739
1740 static void HTTPREQ_AsyncReadFileExProc(WORKREQUEST *workRequest)
1741 {
1742     struct WORKREQ_INTERNETREADFILEEXA const *data = &workRequest->u.InternetReadFileExA;
1743     WININETHTTPREQW *req = (WININETHTTPREQW*)workRequest->hdr;
1744     INTERNET_ASYNC_RESULT iar;
1745     DWORD res;
1746
1747     TRACE("INTERNETREADFILEEXA %p\n", workRequest->hdr);
1748
1749     res = HTTPREQ_Read(req, data->lpBuffersOut->lpvBuffer,
1750             data->lpBuffersOut->dwBufferLength, &data->lpBuffersOut->dwBufferLength, TRUE);
1751
1752     iar.dwResult = res == ERROR_SUCCESS;
1753     iar.dwError = res;
1754
1755     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext,
1756                           INTERNET_STATUS_REQUEST_COMPLETE, &iar,
1757                           sizeof(INTERNET_ASYNC_RESULT));
1758 }
1759
1760 static DWORD HTTPREQ_ReadFileExA(WININETHANDLEHEADER *hdr, INTERNET_BUFFERSA *buffers,
1761         DWORD flags, DWORD_PTR context)
1762 {
1763
1764     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1765     DWORD res;
1766
1767     if (flags & ~(IRF_ASYNC|IRF_NO_WAIT))
1768         FIXME("these dwFlags aren't implemented: 0x%x\n", flags & ~(IRF_ASYNC|IRF_NO_WAIT));
1769
1770     if (buffers->dwStructSize != sizeof(*buffers))
1771         return ERROR_INVALID_PARAMETER;
1772
1773     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
1774
1775     if (hdr->dwFlags & INTERNET_FLAG_ASYNC) {
1776         DWORD available = 0;
1777
1778         NETCON_query_data_available(&req->netConnection, &available);
1779         if (!available)
1780         {
1781             WORKREQUEST workRequest;
1782
1783             workRequest.asyncproc = HTTPREQ_AsyncReadFileExProc;
1784             workRequest.hdr = WININET_AddRef(&req->hdr);
1785             workRequest.u.InternetReadFileExA.lpBuffersOut = buffers;
1786
1787             INTERNET_AsyncCall(&workRequest);
1788
1789             return ERROR_IO_PENDING;
1790         }
1791     }
1792
1793     res = HTTPREQ_Read(req, buffers->lpvBuffer, buffers->dwBufferLength, &buffers->dwBufferLength,
1794             !(flags & IRF_NO_WAIT));
1795
1796     if (res == ERROR_SUCCESS) {
1797         DWORD size = buffers->dwBufferLength;
1798         INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_RESPONSE_RECEIVED,
1799                 &size, sizeof(size));
1800     }
1801
1802     return res;
1803 }
1804
1805 static BOOL HTTPREQ_WriteFile(WININETHANDLEHEADER *hdr, const void *buffer, DWORD size, DWORD *written)
1806 {
1807     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW)hdr;
1808
1809     return NETCON_send(&lpwhr->netConnection, buffer, size, 0, (LPINT)written);
1810 }
1811
1812 static void HTTPREQ_AsyncQueryDataAvailableProc(WORKREQUEST *workRequest)
1813 {
1814     WININETHTTPREQW *req = (WININETHTTPREQW*)workRequest->hdr;
1815     INTERNET_ASYNC_RESULT iar;
1816     char buffer[4048];
1817
1818     TRACE("%p\n", workRequest->hdr);
1819
1820     iar.dwResult = NETCON_recv(&req->netConnection, buffer,
1821                                min(sizeof(buffer), req->dwContentLength - req->dwContentRead),
1822                                MSG_PEEK, (int *)&iar.dwError);
1823
1824     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_REQUEST_COMPLETE, &iar,
1825                           sizeof(INTERNET_ASYNC_RESULT));
1826 }
1827
1828 static DWORD HTTPREQ_QueryDataAvailable(WININETHANDLEHEADER *hdr, DWORD *available, DWORD flags, DWORD_PTR ctx)
1829 {
1830     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1831     BYTE buffer[4048];
1832     BOOL async;
1833
1834     TRACE("(%p %p %x %lx)\n", req, available, flags, ctx);
1835
1836     if(!NETCON_query_data_available(&req->netConnection, available) || *available)
1837         return ERROR_SUCCESS;
1838
1839     /* Even if we are in async mode, we need to determine whether
1840      * there is actually more data available. We do this by trying
1841      * to peek only a single byte in async mode. */
1842     async = (req->lpHttpSession->lpAppInfo->hdr.dwFlags & INTERNET_FLAG_ASYNC) != 0;
1843
1844     if (NETCON_recv(&req->netConnection, buffer,
1845                     min(async ? 1 : sizeof(buffer), req->dwContentLength - req->dwContentRead),
1846                     MSG_PEEK, (int *)available) && async && *available)
1847     {
1848         WORKREQUEST workRequest;
1849
1850         *available = 0;
1851         workRequest.asyncproc = HTTPREQ_AsyncQueryDataAvailableProc;
1852         workRequest.hdr = WININET_AddRef( &req->hdr );
1853
1854         INTERNET_AsyncCall(&workRequest);
1855
1856         return ERROR_IO_PENDING;
1857     }
1858
1859     return ERROR_SUCCESS;
1860 }
1861
1862 static const HANDLEHEADERVtbl HTTPREQVtbl = {
1863     HTTPREQ_Destroy,
1864     HTTPREQ_CloseConnection,
1865     HTTPREQ_QueryOption,
1866     HTTPREQ_SetOption,
1867     HTTPREQ_ReadFile,
1868     HTTPREQ_ReadFileExA,
1869     HTTPREQ_WriteFile,
1870     HTTPREQ_QueryDataAvailable,
1871     NULL
1872 };
1873
1874 /***********************************************************************
1875  *           HTTP_HttpOpenRequestW (internal)
1876  *
1877  * Open a HTTP request handle
1878  *
1879  * RETURNS
1880  *    HINTERNET  a HTTP request handle on success
1881  *    NULL       on failure
1882  *
1883  */
1884 HINTERNET WINAPI HTTP_HttpOpenRequestW(LPWININETHTTPSESSIONW lpwhs,
1885         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
1886         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
1887         DWORD dwFlags, DWORD_PTR dwContext)
1888 {
1889     LPWININETAPPINFOW hIC = NULL;
1890     LPWININETHTTPREQW lpwhr;
1891     LPWSTR lpszHostName = NULL;
1892     HINTERNET handle = NULL;
1893     static const WCHAR szHostForm[] = {'%','s',':','%','u',0};
1894     DWORD len;
1895
1896     TRACE("-->\n");
1897
1898     assert( lpwhs->hdr.htype == WH_HHTTPSESSION );
1899     hIC = lpwhs->lpAppInfo;
1900
1901     lpwhr = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPREQW));
1902     if (NULL == lpwhr)
1903     {
1904         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1905         goto lend;
1906     }
1907     lpwhr->hdr.htype = WH_HHTTPREQ;
1908     lpwhr->hdr.vtbl = &HTTPREQVtbl;
1909     lpwhr->hdr.dwFlags = dwFlags;
1910     lpwhr->hdr.dwContext = dwContext;
1911     lpwhr->hdr.refs = 1;
1912     lpwhr->hdr.lpfnStatusCB = lpwhs->hdr.lpfnStatusCB;
1913     lpwhr->hdr.dwInternalFlags = lpwhs->hdr.dwInternalFlags & INET_CALLBACKW;
1914
1915     WININET_AddRef( &lpwhs->hdr );
1916     lpwhr->lpHttpSession = lpwhs;
1917     list_add_head( &lpwhs->hdr.children, &lpwhr->hdr.entry );
1918
1919     lpszHostName = HeapAlloc(GetProcessHeap(), 0, sizeof(WCHAR) *
1920             (strlenW(lpwhs->lpszHostName) + 7 /* length of ":65535" + 1 */));
1921     if (NULL == lpszHostName)
1922     {
1923         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1924         goto lend;
1925     }
1926
1927     handle = WININET_AllocHandle( &lpwhr->hdr );
1928     if (NULL == handle)
1929     {
1930         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1931         goto lend;
1932     }
1933
1934     if (!NETCON_init(&lpwhr->netConnection, dwFlags & INTERNET_FLAG_SECURE))
1935     {
1936         InternetCloseHandle( handle );
1937         handle = NULL;
1938         goto lend;
1939     }
1940
1941     if (lpszObjectName && *lpszObjectName) {
1942         HRESULT rc;
1943
1944         len = 0;
1945         rc = UrlEscapeW(lpszObjectName, NULL, &len, URL_ESCAPE_SPACES_ONLY);
1946         if (rc != E_POINTER)
1947             len = strlenW(lpszObjectName)+1;
1948         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
1949         rc = UrlEscapeW(lpszObjectName, lpwhr->lpszPath, &len,
1950                    URL_ESCAPE_SPACES_ONLY);
1951         if (rc)
1952         {
1953             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(lpszObjectName),rc);
1954             strcpyW(lpwhr->lpszPath,lpszObjectName);
1955         }
1956     }
1957
1958     if (lpszReferrer && *lpszReferrer)
1959         HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpszReferrer, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
1960
1961     if (lpszAcceptTypes)
1962     {
1963         int i;
1964         for (i = 0; lpszAcceptTypes[i]; i++)
1965         {
1966             if (!*lpszAcceptTypes[i]) continue;
1967             HTTP_ProcessHeader(lpwhr, HTTP_ACCEPT, lpszAcceptTypes[i],
1968                                HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA |
1969                                HTTP_ADDHDR_FLAG_REQ |
1970                                (i == 0 ? HTTP_ADDHDR_FLAG_REPLACE : 0));
1971         }
1972     }
1973
1974     lpwhr->lpszVerb = WININET_strdupW(lpszVerb && *lpszVerb ? lpszVerb : szGET);
1975
1976     if (lpszVersion)
1977         lpwhr->lpszVersion = WININET_strdupW(lpszVersion);
1978     else
1979         lpwhr->lpszVersion = WININET_strdupW(g_szHttp1_1);
1980
1981     if (lpwhs->nHostPort != INTERNET_INVALID_PORT_NUMBER &&
1982         lpwhs->nHostPort != INTERNET_DEFAULT_HTTP_PORT &&
1983         lpwhs->nHostPort != INTERNET_DEFAULT_HTTPS_PORT)
1984     {
1985         sprintfW(lpszHostName, szHostForm, lpwhs->lpszHostName, lpwhs->nHostPort);
1986         HTTP_ProcessHeader(lpwhr, szHost, lpszHostName,
1987                 HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
1988     }
1989     else
1990         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName,
1991                 HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
1992
1993     if (lpwhs->nServerPort == INTERNET_INVALID_PORT_NUMBER)
1994         lpwhs->nServerPort = (dwFlags & INTERNET_FLAG_SECURE ?
1995                         INTERNET_DEFAULT_HTTPS_PORT :
1996                         INTERNET_DEFAULT_HTTP_PORT);
1997
1998     if (lpwhs->nHostPort == INTERNET_INVALID_PORT_NUMBER)
1999         lpwhs->nHostPort = (dwFlags & INTERNET_FLAG_SECURE ?
2000                         INTERNET_DEFAULT_HTTPS_PORT :
2001                         INTERNET_DEFAULT_HTTP_PORT);
2002
2003     if (NULL != hIC->lpszProxy && hIC->lpszProxy[0] != 0)
2004         HTTP_DealWithProxy( hIC, lpwhs, lpwhr );
2005
2006     INTERNET_SendCallback(&lpwhs->hdr, dwContext,
2007                           INTERNET_STATUS_HANDLE_CREATED, &handle,
2008                           sizeof(handle));
2009
2010 lend:
2011     HeapFree(GetProcessHeap(), 0, lpszHostName);
2012     if( lpwhr )
2013         WININET_Release( &lpwhr->hdr );
2014
2015     TRACE("<-- %p (%p)\n", handle, lpwhr);
2016     return handle;
2017 }
2018
2019 /* read any content returned by the server so that the connection can be
2020  * reused */
2021 static void HTTP_DrainContent(WININETHTTPREQW *req)
2022 {
2023     DWORD bytes_read;
2024
2025     if (!NETCON_connected(&req->netConnection)) return;
2026
2027     if (req->dwContentLength == -1)
2028         NETCON_close(&req->netConnection);
2029
2030     do
2031     {
2032         char buffer[2048];
2033         if (HTTP_Read(req, buffer, sizeof(buffer), &bytes_read, TRUE) != ERROR_SUCCESS)
2034             return;
2035     } while (bytes_read);
2036 }
2037
2038 static const WCHAR szAccept[] = { 'A','c','c','e','p','t',0 };
2039 static const WCHAR szAccept_Charset[] = { 'A','c','c','e','p','t','-','C','h','a','r','s','e','t', 0 };
2040 static const WCHAR szAccept_Encoding[] = { 'A','c','c','e','p','t','-','E','n','c','o','d','i','n','g',0 };
2041 static const WCHAR szAccept_Language[] = { 'A','c','c','e','p','t','-','L','a','n','g','u','a','g','e',0 };
2042 static const WCHAR szAccept_Ranges[] = { 'A','c','c','e','p','t','-','R','a','n','g','e','s',0 };
2043 static const WCHAR szAge[] = { 'A','g','e',0 };
2044 static const WCHAR szAllow[] = { 'A','l','l','o','w',0 };
2045 static const WCHAR szCache_Control[] = { 'C','a','c','h','e','-','C','o','n','t','r','o','l',0 };
2046 static const WCHAR szConnection[] = { 'C','o','n','n','e','c','t','i','o','n',0 };
2047 static const WCHAR szContent_Base[] = { 'C','o','n','t','e','n','t','-','B','a','s','e',0 };
2048 static const WCHAR szContent_Encoding[] = { 'C','o','n','t','e','n','t','-','E','n','c','o','d','i','n','g',0 };
2049 static const WCHAR szContent_ID[] = { 'C','o','n','t','e','n','t','-','I','D',0 };
2050 static const WCHAR szContent_Language[] = { 'C','o','n','t','e','n','t','-','L','a','n','g','u','a','g','e',0 };
2051 static const WCHAR szContent_Length[] = { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',0 };
2052 static const WCHAR szContent_Location[] = { 'C','o','n','t','e','n','t','-','L','o','c','a','t','i','o','n',0 };
2053 static const WCHAR szContent_MD5[] = { 'C','o','n','t','e','n','t','-','M','D','5',0 };
2054 static const WCHAR szContent_Range[] = { 'C','o','n','t','e','n','t','-','R','a','n','g','e',0 };
2055 static const WCHAR szContent_Transfer_Encoding[] = { 'C','o','n','t','e','n','t','-','T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
2056 static const WCHAR szContent_Type[] = { 'C','o','n','t','e','n','t','-','T','y','p','e',0 };
2057 static const WCHAR szCookie[] = { 'C','o','o','k','i','e',0 };
2058 static const WCHAR szDate[] = { 'D','a','t','e',0 };
2059 static const WCHAR szFrom[] = { 'F','r','o','m',0 };
2060 static const WCHAR szETag[] = { 'E','T','a','g',0 };
2061 static const WCHAR szExpect[] = { 'E','x','p','e','c','t',0 };
2062 static const WCHAR szExpires[] = { 'E','x','p','i','r','e','s',0 };
2063 static const WCHAR szIf_Match[] = { 'I','f','-','M','a','t','c','h',0 };
2064 static const WCHAR szIf_Modified_Since[] = { 'I','f','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2065 static const WCHAR szIf_None_Match[] = { 'I','f','-','N','o','n','e','-','M','a','t','c','h',0 };
2066 static const WCHAR szIf_Range[] = { 'I','f','-','R','a','n','g','e',0 };
2067 static const WCHAR szIf_Unmodified_Since[] = { 'I','f','-','U','n','m','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2068 static const WCHAR szLast_Modified[] = { 'L','a','s','t','-','M','o','d','i','f','i','e','d',0 };
2069 static const WCHAR szLocation[] = { 'L','o','c','a','t','i','o','n',0 };
2070 static const WCHAR szMax_Forwards[] = { 'M','a','x','-','F','o','r','w','a','r','d','s',0 };
2071 static const WCHAR szMime_Version[] = { 'M','i','m','e','-','V','e','r','s','i','o','n',0 };
2072 static const WCHAR szPragma[] = { 'P','r','a','g','m','a',0 };
2073 static const WCHAR szProxy_Authenticate[] = { 'P','r','o','x','y','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
2074 static const WCHAR szProxy_Connection[] = { 'P','r','o','x','y','-','C','o','n','n','e','c','t','i','o','n',0 };
2075 static const WCHAR szPublic[] = { 'P','u','b','l','i','c',0 };
2076 static const WCHAR szRange[] = { 'R','a','n','g','e',0 };
2077 static const WCHAR szReferer[] = { 'R','e','f','e','r','e','r',0 };
2078 static const WCHAR szRetry_After[] = { 'R','e','t','r','y','-','A','f','t','e','r',0 };
2079 static const WCHAR szServer[] = { 'S','e','r','v','e','r',0 };
2080 static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
2081 static const WCHAR szTransfer_Encoding[] = { 'T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
2082 static const WCHAR szUnless_Modified_Since[] = { 'U','n','l','e','s','s','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2083 static const WCHAR szUpgrade[] = { 'U','p','g','r','a','d','e',0 };
2084 static const WCHAR szURI[] = { 'U','R','I',0 };
2085 static const WCHAR szUser_Agent[] = { 'U','s','e','r','-','A','g','e','n','t',0 };
2086 static const WCHAR szVary[] = { 'V','a','r','y',0 };
2087 static const WCHAR szVia[] = { 'V','i','a',0 };
2088 static const WCHAR szWarning[] = { 'W','a','r','n','i','n','g',0 };
2089 static const WCHAR szWWW_Authenticate[] = { 'W','W','W','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
2090
2091 static const LPCWSTR header_lookup[] = {
2092     szMime_Version,             /* HTTP_QUERY_MIME_VERSION = 0 */
2093     szContent_Type,             /* HTTP_QUERY_CONTENT_TYPE = 1 */
2094     szContent_Transfer_Encoding,/* HTTP_QUERY_CONTENT_TRANSFER_ENCODING = 2 */
2095     szContent_ID,               /* HTTP_QUERY_CONTENT_ID = 3 */
2096     NULL,                       /* HTTP_QUERY_CONTENT_DESCRIPTION = 4 */
2097     szContent_Length,           /* HTTP_QUERY_CONTENT_LENGTH =  5 */
2098     szContent_Language,         /* HTTP_QUERY_CONTENT_LANGUAGE =  6 */
2099     szAllow,                    /* HTTP_QUERY_ALLOW = 7 */
2100     szPublic,                   /* HTTP_QUERY_PUBLIC = 8 */
2101     szDate,                     /* HTTP_QUERY_DATE = 9 */
2102     szExpires,                  /* HTTP_QUERY_EXPIRES = 10 */
2103     szLast_Modified,            /* HTTP_QUERY_LAST_MODIFIED = 11 */
2104     NULL,                       /* HTTP_QUERY_MESSAGE_ID = 12 */
2105     szURI,                      /* HTTP_QUERY_URI = 13 */
2106     szFrom,                     /* HTTP_QUERY_DERIVED_FROM = 14 */
2107     NULL,                       /* HTTP_QUERY_COST = 15 */
2108     NULL,                       /* HTTP_QUERY_LINK = 16 */
2109     szPragma,                   /* HTTP_QUERY_PRAGMA = 17 */
2110     NULL,                       /* HTTP_QUERY_VERSION = 18 */
2111     szStatus,                   /* HTTP_QUERY_STATUS_CODE = 19 */
2112     NULL,                       /* HTTP_QUERY_STATUS_TEXT = 20 */
2113     NULL,                       /* HTTP_QUERY_RAW_HEADERS = 21 */
2114     NULL,                       /* HTTP_QUERY_RAW_HEADERS_CRLF = 22 */
2115     szConnection,               /* HTTP_QUERY_CONNECTION = 23 */
2116     szAccept,                   /* HTTP_QUERY_ACCEPT = 24 */
2117     szAccept_Charset,           /* HTTP_QUERY_ACCEPT_CHARSET = 25 */
2118     szAccept_Encoding,          /* HTTP_QUERY_ACCEPT_ENCODING = 26 */
2119     szAccept_Language,          /* HTTP_QUERY_ACCEPT_LANGUAGE = 27 */
2120     szAuthorization,            /* HTTP_QUERY_AUTHORIZATION = 28 */
2121     szContent_Encoding,         /* HTTP_QUERY_CONTENT_ENCODING = 29 */
2122     NULL,                       /* HTTP_QUERY_FORWARDED = 30 */
2123     NULL,                       /* HTTP_QUERY_FROM = 31 */
2124     szIf_Modified_Since,        /* HTTP_QUERY_IF_MODIFIED_SINCE = 32 */
2125     szLocation,                 /* HTTP_QUERY_LOCATION = 33 */
2126     NULL,                       /* HTTP_QUERY_ORIG_URI = 34 */
2127     szReferer,                  /* HTTP_QUERY_REFERER = 35 */
2128     szRetry_After,              /* HTTP_QUERY_RETRY_AFTER = 36 */
2129     szServer,                   /* HTTP_QUERY_SERVER = 37 */
2130     NULL,                       /* HTTP_TITLE = 38 */
2131     szUser_Agent,               /* HTTP_QUERY_USER_AGENT = 39 */
2132     szWWW_Authenticate,         /* HTTP_QUERY_WWW_AUTHENTICATE = 40 */
2133     szProxy_Authenticate,       /* HTTP_QUERY_PROXY_AUTHENTICATE = 41 */
2134     szAccept_Ranges,            /* HTTP_QUERY_ACCEPT_RANGES = 42 */
2135     szSet_Cookie,               /* HTTP_QUERY_SET_COOKIE = 43 */
2136     szCookie,                   /* HTTP_QUERY_COOKIE = 44 */
2137     NULL,                       /* HTTP_QUERY_REQUEST_METHOD = 45 */
2138     NULL,                       /* HTTP_QUERY_REFRESH = 46 */
2139     NULL,                       /* HTTP_QUERY_CONTENT_DISPOSITION = 47 */
2140     szAge,                      /* HTTP_QUERY_AGE = 48 */
2141     szCache_Control,            /* HTTP_QUERY_CACHE_CONTROL = 49 */
2142     szContent_Base,             /* HTTP_QUERY_CONTENT_BASE = 50 */
2143     szContent_Location,         /* HTTP_QUERY_CONTENT_LOCATION = 51 */
2144     szContent_MD5,              /* HTTP_QUERY_CONTENT_MD5 = 52 */
2145     szContent_Range,            /* HTTP_QUERY_CONTENT_RANGE = 53 */
2146     szETag,                     /* HTTP_QUERY_ETAG = 54 */
2147     szHost,                     /* HTTP_QUERY_HOST = 55 */
2148     szIf_Match,                 /* HTTP_QUERY_IF_MATCH = 56 */
2149     szIf_None_Match,            /* HTTP_QUERY_IF_NONE_MATCH = 57 */
2150     szIf_Range,                 /* HTTP_QUERY_IF_RANGE = 58 */
2151     szIf_Unmodified_Since,      /* HTTP_QUERY_IF_UNMODIFIED_SINCE = 59 */
2152     szMax_Forwards,             /* HTTP_QUERY_MAX_FORWARDS = 60 */
2153     szProxy_Authorization,      /* HTTP_QUERY_PROXY_AUTHORIZATION = 61 */
2154     szRange,                    /* HTTP_QUERY_RANGE = 62 */
2155     szTransfer_Encoding,        /* HTTP_QUERY_TRANSFER_ENCODING = 63 */
2156     szUpgrade,                  /* HTTP_QUERY_UPGRADE = 64 */
2157     szVary,                     /* HTTP_QUERY_VARY = 65 */
2158     szVia,                      /* HTTP_QUERY_VIA = 66 */
2159     szWarning,                  /* HTTP_QUERY_WARNING = 67 */
2160     szExpect,                   /* HTTP_QUERY_EXPECT = 68 */
2161     szProxy_Connection,         /* HTTP_QUERY_PROXY_CONNECTION = 69 */
2162     szUnless_Modified_Since,    /* HTTP_QUERY_UNLESS_MODIFIED_SINCE = 70 */
2163 };
2164
2165 #define LAST_TABLE_HEADER (sizeof(header_lookup)/sizeof(header_lookup[0]))
2166
2167 /***********************************************************************
2168  *           HTTP_HttpQueryInfoW (internal)
2169  */
2170 static BOOL WINAPI HTTP_HttpQueryInfoW( LPWININETHTTPREQW lpwhr, DWORD dwInfoLevel,
2171         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2172 {
2173     LPHTTPHEADERW lphttpHdr = NULL;
2174     BOOL bSuccess = FALSE;
2175     BOOL request_only = dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS;
2176     INT requested_index = lpdwIndex ? *lpdwIndex : 0;
2177     INT level = (dwInfoLevel & ~HTTP_QUERY_MODIFIER_FLAGS_MASK);
2178     INT index = -1;
2179
2180     /* Find requested header structure */
2181     switch (level)
2182     {
2183     case HTTP_QUERY_CUSTOM:
2184         index = HTTP_GetCustomHeaderIndex(lpwhr, lpBuffer, requested_index, request_only);
2185         break;
2186
2187     case HTTP_QUERY_RAW_HEADERS_CRLF:
2188         {
2189             LPWSTR headers;
2190             DWORD len;
2191             BOOL ret = FALSE;
2192
2193             if (request_only)
2194                 headers = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, lpwhr->lpszVersion);
2195             else
2196                 headers = lpwhr->lpszRawHeaders;
2197
2198             len = (strlenW(headers) + 1) * sizeof(WCHAR);
2199             if (len > *lpdwBufferLength)
2200             {
2201                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2202                 ret = FALSE;
2203             }
2204             else if (lpBuffer)
2205             {
2206                 memcpy(lpBuffer, headers, len);
2207                 TRACE("returning data: %s\n", debugstr_wn(lpBuffer, len / sizeof(WCHAR)));
2208                 ret = TRUE;
2209             }
2210             *lpdwBufferLength = len;
2211
2212             if (request_only)
2213                 HeapFree(GetProcessHeap(), 0, headers);
2214             return ret;
2215         }
2216     case HTTP_QUERY_RAW_HEADERS:
2217         {
2218             static const WCHAR szCrLf[] = {'\r','\n',0};
2219             LPWSTR * ppszRawHeaderLines = HTTP_Tokenize(lpwhr->lpszRawHeaders, szCrLf);
2220             DWORD i, size = 0;
2221             LPWSTR pszString = (WCHAR*)lpBuffer;
2222
2223             for (i = 0; ppszRawHeaderLines[i]; i++)
2224                 size += strlenW(ppszRawHeaderLines[i]) + 1;
2225
2226             if (size + 1 > *lpdwBufferLength/sizeof(WCHAR))
2227             {
2228                 HTTP_FreeTokens(ppszRawHeaderLines);
2229                 *lpdwBufferLength = (size + 1) * sizeof(WCHAR);
2230                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2231                 return FALSE;
2232             }
2233
2234             for (i = 0; ppszRawHeaderLines[i]; i++)
2235             {
2236                 DWORD len = strlenW(ppszRawHeaderLines[i]);
2237                 memcpy(pszString, ppszRawHeaderLines[i], (len+1)*sizeof(WCHAR));
2238                 pszString += len+1;
2239             }
2240             *pszString = '\0';
2241
2242             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, size));
2243
2244             *lpdwBufferLength = size * sizeof(WCHAR);
2245             HTTP_FreeTokens(ppszRawHeaderLines);
2246
2247             return TRUE;
2248         }
2249     case HTTP_QUERY_STATUS_TEXT:
2250         if (lpwhr->lpszStatusText)
2251         {
2252             DWORD len = strlenW(lpwhr->lpszStatusText);
2253             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
2254             {
2255                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
2256                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2257                 return FALSE;
2258             }
2259             memcpy(lpBuffer, lpwhr->lpszStatusText, (len+1)*sizeof(WCHAR));
2260             *lpdwBufferLength = len * sizeof(WCHAR);
2261
2262             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, len));
2263
2264             return TRUE;
2265         }
2266         break;
2267     case HTTP_QUERY_VERSION:
2268         if (lpwhr->lpszVersion)
2269         {
2270             DWORD len = strlenW(lpwhr->lpszVersion);
2271             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
2272             {
2273                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
2274                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2275                 return FALSE;
2276             }
2277             memcpy(lpBuffer, lpwhr->lpszVersion, (len+1)*sizeof(WCHAR));
2278             *lpdwBufferLength = len * sizeof(WCHAR);
2279
2280             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, len));
2281
2282             return TRUE;
2283         }
2284         break;
2285     default:
2286         assert (LAST_TABLE_HEADER == (HTTP_QUERY_UNLESS_MODIFIED_SINCE + 1));
2287
2288         if (level >= 0 && level < LAST_TABLE_HEADER && header_lookup[level])
2289             index = HTTP_GetCustomHeaderIndex(lpwhr, header_lookup[level],
2290                                               requested_index,request_only);
2291     }
2292
2293     if (index >= 0)
2294         lphttpHdr = &lpwhr->pCustHeaders[index];
2295
2296     /* Ensure header satisfies requested attributes */
2297     if (!lphttpHdr ||
2298         ((dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS) &&
2299          (~lphttpHdr->wFlags & HDR_ISREQUEST)))
2300     {
2301         INTERNET_SetLastError(ERROR_HTTP_HEADER_NOT_FOUND);
2302         return bSuccess;
2303     }
2304
2305     if (lpdwIndex)
2306         (*lpdwIndex)++;
2307
2308     /* coalesce value to requested type */
2309     if (dwInfoLevel & HTTP_QUERY_FLAG_NUMBER)
2310     {
2311         *(int *)lpBuffer = atoiW(lphttpHdr->lpszValue);
2312         bSuccess = TRUE;
2313
2314         TRACE(" returning number : %d\n", *(int *)lpBuffer);
2315     }
2316     else if (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME)
2317     {
2318         time_t tmpTime;
2319         struct tm tmpTM;
2320         SYSTEMTIME *STHook;
2321
2322         tmpTime = ConvertTimeString(lphttpHdr->lpszValue);
2323
2324         tmpTM = *gmtime(&tmpTime);
2325         STHook = (SYSTEMTIME *) lpBuffer;
2326         if(STHook==NULL)
2327             return bSuccess;
2328
2329         STHook->wDay = tmpTM.tm_mday;
2330         STHook->wHour = tmpTM.tm_hour;
2331         STHook->wMilliseconds = 0;
2332         STHook->wMinute = tmpTM.tm_min;
2333         STHook->wDayOfWeek = tmpTM.tm_wday;
2334         STHook->wMonth = tmpTM.tm_mon + 1;
2335         STHook->wSecond = tmpTM.tm_sec;
2336         STHook->wYear = tmpTM.tm_year;
2337         
2338         bSuccess = TRUE;
2339         
2340         TRACE(" returning time : %04d/%02d/%02d - %d - %02d:%02d:%02d.%02d\n", 
2341               STHook->wYear, STHook->wMonth, STHook->wDay, STHook->wDayOfWeek,
2342               STHook->wHour, STHook->wMinute, STHook->wSecond, STHook->wMilliseconds);
2343     }
2344     else if (lphttpHdr->lpszValue)
2345     {
2346         DWORD len = (strlenW(lphttpHdr->lpszValue) + 1) * sizeof(WCHAR);
2347
2348         if (len > *lpdwBufferLength)
2349         {
2350             *lpdwBufferLength = len;
2351             INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2352             return bSuccess;
2353         }
2354
2355         memcpy(lpBuffer, lphttpHdr->lpszValue, len);
2356         *lpdwBufferLength = len - sizeof(WCHAR);
2357         bSuccess = TRUE;
2358
2359         TRACE(" returning string : %s\n", debugstr_w(lpBuffer));
2360     }
2361     return bSuccess;
2362 }
2363
2364 /***********************************************************************
2365  *           HttpQueryInfoW (WININET.@)
2366  *
2367  * Queries for information about an HTTP request
2368  *
2369  * RETURNS
2370  *    TRUE  on success
2371  *    FALSE on failure
2372  *
2373  */
2374 BOOL WINAPI HttpQueryInfoW(HINTERNET hHttpRequest, DWORD dwInfoLevel,
2375         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2376 {
2377     BOOL bSuccess = FALSE;
2378     LPWININETHTTPREQW lpwhr;
2379
2380     if (TRACE_ON(wininet)) {
2381 #define FE(x) { x, #x }
2382         static const wininet_flag_info query_flags[] = {
2383             FE(HTTP_QUERY_MIME_VERSION),
2384             FE(HTTP_QUERY_CONTENT_TYPE),
2385             FE(HTTP_QUERY_CONTENT_TRANSFER_ENCODING),
2386             FE(HTTP_QUERY_CONTENT_ID),
2387             FE(HTTP_QUERY_CONTENT_DESCRIPTION),
2388             FE(HTTP_QUERY_CONTENT_LENGTH),
2389             FE(HTTP_QUERY_CONTENT_LANGUAGE),
2390             FE(HTTP_QUERY_ALLOW),
2391             FE(HTTP_QUERY_PUBLIC),
2392             FE(HTTP_QUERY_DATE),
2393             FE(HTTP_QUERY_EXPIRES),
2394             FE(HTTP_QUERY_LAST_MODIFIED),
2395             FE(HTTP_QUERY_MESSAGE_ID),
2396             FE(HTTP_QUERY_URI),
2397             FE(HTTP_QUERY_DERIVED_FROM),
2398             FE(HTTP_QUERY_COST),
2399             FE(HTTP_QUERY_LINK),
2400             FE(HTTP_QUERY_PRAGMA),
2401             FE(HTTP_QUERY_VERSION),
2402             FE(HTTP_QUERY_STATUS_CODE),
2403             FE(HTTP_QUERY_STATUS_TEXT),
2404             FE(HTTP_QUERY_RAW_HEADERS),
2405             FE(HTTP_QUERY_RAW_HEADERS_CRLF),
2406             FE(HTTP_QUERY_CONNECTION),
2407             FE(HTTP_QUERY_ACCEPT),
2408             FE(HTTP_QUERY_ACCEPT_CHARSET),
2409             FE(HTTP_QUERY_ACCEPT_ENCODING),
2410             FE(HTTP_QUERY_ACCEPT_LANGUAGE),
2411             FE(HTTP_QUERY_AUTHORIZATION),
2412             FE(HTTP_QUERY_CONTENT_ENCODING),
2413             FE(HTTP_QUERY_FORWARDED),
2414             FE(HTTP_QUERY_FROM),
2415             FE(HTTP_QUERY_IF_MODIFIED_SINCE),
2416             FE(HTTP_QUERY_LOCATION),
2417             FE(HTTP_QUERY_ORIG_URI),
2418             FE(HTTP_QUERY_REFERER),
2419             FE(HTTP_QUERY_RETRY_AFTER),
2420             FE(HTTP_QUERY_SERVER),
2421             FE(HTTP_QUERY_TITLE),
2422             FE(HTTP_QUERY_USER_AGENT),
2423             FE(HTTP_QUERY_WWW_AUTHENTICATE),
2424             FE(HTTP_QUERY_PROXY_AUTHENTICATE),
2425             FE(HTTP_QUERY_ACCEPT_RANGES),
2426         FE(HTTP_QUERY_SET_COOKIE),
2427         FE(HTTP_QUERY_COOKIE),
2428             FE(HTTP_QUERY_REQUEST_METHOD),
2429             FE(HTTP_QUERY_REFRESH),
2430             FE(HTTP_QUERY_CONTENT_DISPOSITION),
2431             FE(HTTP_QUERY_AGE),
2432             FE(HTTP_QUERY_CACHE_CONTROL),
2433             FE(HTTP_QUERY_CONTENT_BASE),
2434             FE(HTTP_QUERY_CONTENT_LOCATION),
2435             FE(HTTP_QUERY_CONTENT_MD5),
2436             FE(HTTP_QUERY_CONTENT_RANGE),
2437             FE(HTTP_QUERY_ETAG),
2438             FE(HTTP_QUERY_HOST),
2439             FE(HTTP_QUERY_IF_MATCH),
2440             FE(HTTP_QUERY_IF_NONE_MATCH),
2441             FE(HTTP_QUERY_IF_RANGE),
2442             FE(HTTP_QUERY_IF_UNMODIFIED_SINCE),
2443             FE(HTTP_QUERY_MAX_FORWARDS),
2444             FE(HTTP_QUERY_PROXY_AUTHORIZATION),
2445             FE(HTTP_QUERY_RANGE),
2446             FE(HTTP_QUERY_TRANSFER_ENCODING),
2447             FE(HTTP_QUERY_UPGRADE),
2448             FE(HTTP_QUERY_VARY),
2449             FE(HTTP_QUERY_VIA),
2450             FE(HTTP_QUERY_WARNING),
2451             FE(HTTP_QUERY_CUSTOM)
2452         };
2453         static const wininet_flag_info modifier_flags[] = {
2454             FE(HTTP_QUERY_FLAG_REQUEST_HEADERS),
2455             FE(HTTP_QUERY_FLAG_SYSTEMTIME),
2456             FE(HTTP_QUERY_FLAG_NUMBER),
2457             FE(HTTP_QUERY_FLAG_COALESCE)
2458         };
2459 #undef FE
2460         DWORD info_mod = dwInfoLevel & HTTP_QUERY_MODIFIER_FLAGS_MASK;
2461         DWORD info = dwInfoLevel & HTTP_QUERY_HEADER_MASK;
2462         DWORD i;
2463
2464         TRACE("(%p, 0x%08x)--> %d\n", hHttpRequest, dwInfoLevel, dwInfoLevel);
2465         TRACE("  Attribute:");
2466         for (i = 0; i < (sizeof(query_flags) / sizeof(query_flags[0])); i++) {
2467             if (query_flags[i].val == info) {
2468                 TRACE(" %s", query_flags[i].name);
2469                 break;
2470             }
2471         }
2472         if (i == (sizeof(query_flags) / sizeof(query_flags[0]))) {
2473             TRACE(" Unknown (%08x)", info);
2474         }
2475
2476         TRACE(" Modifier:");
2477         for (i = 0; i < (sizeof(modifier_flags) / sizeof(modifier_flags[0])); i++) {
2478             if (modifier_flags[i].val & info_mod) {
2479                 TRACE(" %s", modifier_flags[i].name);
2480                 info_mod &= ~ modifier_flags[i].val;
2481             }
2482         }
2483         
2484         if (info_mod) {
2485             TRACE(" Unknown (%08x)", info_mod);
2486         }
2487         TRACE("\n");
2488     }
2489     
2490     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
2491     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
2492     {
2493         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2494         goto lend;
2495     }
2496
2497     if (lpBuffer == NULL)
2498         *lpdwBufferLength = 0;
2499     bSuccess = HTTP_HttpQueryInfoW( lpwhr, dwInfoLevel,
2500                                     lpBuffer, lpdwBufferLength, lpdwIndex);
2501
2502 lend:
2503     if( lpwhr )
2504          WININET_Release( &lpwhr->hdr );
2505
2506     TRACE("%d <--\n", bSuccess);
2507     return bSuccess;
2508 }
2509
2510 /***********************************************************************
2511  *           HttpQueryInfoA (WININET.@)
2512  *
2513  * Queries for information about an HTTP request
2514  *
2515  * RETURNS
2516  *    TRUE  on success
2517  *    FALSE on failure
2518  *
2519  */
2520 BOOL WINAPI HttpQueryInfoA(HINTERNET hHttpRequest, DWORD dwInfoLevel,
2521         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2522 {
2523     BOOL result;
2524     DWORD len;
2525     WCHAR* bufferW;
2526
2527     if((dwInfoLevel & HTTP_QUERY_FLAG_NUMBER) ||
2528        (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME))
2529     {
2530         return HttpQueryInfoW( hHttpRequest, dwInfoLevel, lpBuffer,
2531                                lpdwBufferLength, lpdwIndex );
2532     }
2533
2534     if (lpBuffer)
2535     {
2536         DWORD alloclen;
2537         len = (*lpdwBufferLength)*sizeof(WCHAR);
2538         if ((dwInfoLevel & HTTP_QUERY_HEADER_MASK) == HTTP_QUERY_CUSTOM)
2539         {
2540             alloclen = MultiByteToWideChar( CP_ACP, 0, lpBuffer, -1, NULL, 0 ) * sizeof(WCHAR);
2541             if (alloclen < len)
2542                 alloclen = len;
2543         }
2544         else
2545             alloclen = len;
2546         bufferW = HeapAlloc( GetProcessHeap(), 0, alloclen );
2547         /* buffer is in/out because of HTTP_QUERY_CUSTOM */
2548         if ((dwInfoLevel & HTTP_QUERY_HEADER_MASK) == HTTP_QUERY_CUSTOM)
2549             MultiByteToWideChar( CP_ACP, 0, lpBuffer, -1, bufferW, alloclen / sizeof(WCHAR) );
2550     } else
2551     {
2552         bufferW = NULL;
2553         len = 0;
2554     }
2555
2556     result = HttpQueryInfoW( hHttpRequest, dwInfoLevel, bufferW,
2557                            &len, lpdwIndex );
2558     if( result )
2559     {
2560         len = WideCharToMultiByte( CP_ACP,0, bufferW, len / sizeof(WCHAR) + 1,
2561                                      lpBuffer, *lpdwBufferLength, NULL, NULL );
2562         *lpdwBufferLength = len - 1;
2563
2564         TRACE("lpBuffer: %s\n", debugstr_a(lpBuffer));
2565     }
2566     else
2567         /* since the strings being returned from HttpQueryInfoW should be
2568          * only ASCII characters, it is reasonable to assume that all of
2569          * the Unicode characters can be reduced to a single byte */
2570         *lpdwBufferLength = len / sizeof(WCHAR);
2571
2572     HeapFree(GetProcessHeap(), 0, bufferW );
2573
2574     return result;
2575 }
2576
2577 /***********************************************************************
2578  *           HttpSendRequestExA (WININET.@)
2579  *
2580  * Sends the specified request to the HTTP server and allows chunked
2581  * transfers.
2582  *
2583  * RETURNS
2584  *  Success: TRUE
2585  *  Failure: FALSE, call GetLastError() for more information.
2586  */
2587 BOOL WINAPI HttpSendRequestExA(HINTERNET hRequest,
2588                                LPINTERNET_BUFFERSA lpBuffersIn,
2589                                LPINTERNET_BUFFERSA lpBuffersOut,
2590                                DWORD dwFlags, DWORD_PTR dwContext)
2591 {
2592     INTERNET_BUFFERSW BuffersInW;
2593     BOOL rc = FALSE;
2594     DWORD headerlen;
2595     LPWSTR header = NULL;
2596
2597     TRACE("(%p, %p, %p, %08x, %08lx)\n", hRequest, lpBuffersIn,
2598             lpBuffersOut, dwFlags, dwContext);
2599
2600     if (lpBuffersIn)
2601     {
2602         BuffersInW.dwStructSize = sizeof(LPINTERNET_BUFFERSW);
2603         if (lpBuffersIn->lpcszHeader)
2604         {
2605             headerlen = MultiByteToWideChar(CP_ACP,0,lpBuffersIn->lpcszHeader,
2606                     lpBuffersIn->dwHeadersLength,0,0);
2607             header = HeapAlloc(GetProcessHeap(),0,headerlen*sizeof(WCHAR));
2608             if (!(BuffersInW.lpcszHeader = header))
2609             {
2610                 INTERNET_SetLastError(ERROR_OUTOFMEMORY);
2611                 return FALSE;
2612             }
2613             BuffersInW.dwHeadersLength = MultiByteToWideChar(CP_ACP, 0,
2614                     lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2615                     header, headerlen);
2616         }
2617         else
2618             BuffersInW.lpcszHeader = NULL;
2619         BuffersInW.dwHeadersTotal = lpBuffersIn->dwHeadersTotal;
2620         BuffersInW.lpvBuffer = lpBuffersIn->lpvBuffer;
2621         BuffersInW.dwBufferLength = lpBuffersIn->dwBufferLength;
2622         BuffersInW.dwBufferTotal = lpBuffersIn->dwBufferTotal;
2623         BuffersInW.Next = NULL;
2624     }
2625
2626     rc = HttpSendRequestExW(hRequest, lpBuffersIn ? &BuffersInW : NULL, NULL, dwFlags, dwContext);
2627
2628     HeapFree(GetProcessHeap(),0,header);
2629
2630     return rc;
2631 }
2632
2633 /***********************************************************************
2634  *           HttpSendRequestExW (WININET.@)
2635  *
2636  * Sends the specified request to the HTTP server and allows chunked
2637  * transfers
2638  *
2639  * RETURNS
2640  *  Success: TRUE
2641  *  Failure: FALSE, call GetLastError() for more information.
2642  */
2643 BOOL WINAPI HttpSendRequestExW(HINTERNET hRequest,
2644                    LPINTERNET_BUFFERSW lpBuffersIn,
2645                    LPINTERNET_BUFFERSW lpBuffersOut,
2646                    DWORD dwFlags, DWORD_PTR dwContext)
2647 {
2648     BOOL ret = FALSE;
2649     LPWININETHTTPREQW lpwhr;
2650     LPWININETHTTPSESSIONW lpwhs;
2651     LPWININETAPPINFOW hIC;
2652
2653     TRACE("(%p, %p, %p, %08x, %08lx)\n", hRequest, lpBuffersIn,
2654             lpBuffersOut, dwFlags, dwContext);
2655
2656     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
2657
2658     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2659     {
2660         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2661         goto lend;
2662     }
2663
2664     lpwhs = lpwhr->lpHttpSession;
2665     assert(lpwhs->hdr.htype == WH_HHTTPSESSION);
2666     hIC = lpwhs->lpAppInfo;
2667     assert(hIC->hdr.htype == WH_HINIT);
2668
2669     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2670     {
2671         WORKREQUEST workRequest;
2672         struct WORKREQ_HTTPSENDREQUESTW *req;
2673
2674         workRequest.asyncproc = AsyncHttpSendRequestProc;
2675         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2676         req = &workRequest.u.HttpSendRequestW;
2677         if (lpBuffersIn)
2678         {
2679             if (lpBuffersIn->lpcszHeader)
2680                 /* FIXME: this should use dwHeadersLength or may not be necessary at all */
2681                 req->lpszHeader = WININET_strdupW(lpBuffersIn->lpcszHeader);
2682             else
2683                 req->lpszHeader = NULL;
2684             req->dwHeaderLength = lpBuffersIn->dwHeadersLength;
2685             req->lpOptional = lpBuffersIn->lpvBuffer;
2686             req->dwOptionalLength = lpBuffersIn->dwBufferLength;
2687             req->dwContentLength = lpBuffersIn->dwBufferTotal;
2688         }
2689         else
2690         {
2691             req->lpszHeader = NULL;
2692             req->dwHeaderLength = 0;
2693             req->lpOptional = NULL;
2694             req->dwOptionalLength = 0;
2695             req->dwContentLength = 0;
2696         }
2697
2698         req->bEndRequest = FALSE;
2699
2700         INTERNET_AsyncCall(&workRequest);
2701         /*
2702          * This is from windows.
2703          */
2704         INTERNET_SetLastError(ERROR_IO_PENDING);
2705     }
2706     else
2707     {
2708         if (lpBuffersIn)
2709             ret = HTTP_HttpSendRequestW(lpwhr, lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2710                                         lpBuffersIn->lpvBuffer, lpBuffersIn->dwBufferLength,
2711                                         lpBuffersIn->dwBufferTotal, FALSE);
2712         else
2713             ret = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, FALSE);
2714     }
2715
2716 lend:
2717     if ( lpwhr )
2718         WININET_Release( &lpwhr->hdr );
2719
2720     TRACE("<---\n");
2721     return ret;
2722 }
2723
2724 /***********************************************************************
2725  *           HttpSendRequestW (WININET.@)
2726  *
2727  * Sends the specified request to the HTTP server
2728  *
2729  * RETURNS
2730  *    TRUE  on success
2731  *    FALSE on failure
2732  *
2733  */
2734 BOOL WINAPI HttpSendRequestW(HINTERNET hHttpRequest, LPCWSTR lpszHeaders,
2735         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2736 {
2737     LPWININETHTTPREQW lpwhr;
2738     LPWININETHTTPSESSIONW lpwhs = NULL;
2739     LPWININETAPPINFOW hIC = NULL;
2740     BOOL r;
2741
2742     TRACE("%p, %s, %i, %p, %i)\n", hHttpRequest,
2743             debugstr_wn(lpszHeaders, dwHeaderLength), dwHeaderLength, lpOptional, dwOptionalLength);
2744
2745     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
2746     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2747     {
2748         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2749         r = FALSE;
2750         goto lend;
2751     }
2752
2753     lpwhs = lpwhr->lpHttpSession;
2754     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
2755     {
2756         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2757         r = FALSE;
2758         goto lend;
2759     }
2760
2761     hIC = lpwhs->lpAppInfo;
2762     if (NULL == hIC ||  hIC->hdr.htype != WH_HINIT)
2763     {
2764         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2765         r = FALSE;
2766         goto lend;
2767     }
2768
2769     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2770     {
2771         WORKREQUEST workRequest;
2772         struct WORKREQ_HTTPSENDREQUESTW *req;
2773
2774         workRequest.asyncproc = AsyncHttpSendRequestProc;
2775         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2776         req = &workRequest.u.HttpSendRequestW;
2777         if (lpszHeaders)
2778         {
2779             req->lpszHeader = HeapAlloc(GetProcessHeap(), 0, dwHeaderLength * sizeof(WCHAR));
2780             memcpy(req->lpszHeader, lpszHeaders, dwHeaderLength * sizeof(WCHAR));
2781         }
2782         else
2783             req->lpszHeader = 0;
2784         req->dwHeaderLength = dwHeaderLength;
2785         req->lpOptional = lpOptional;
2786         req->dwOptionalLength = dwOptionalLength;
2787         req->dwContentLength = dwOptionalLength;
2788         req->bEndRequest = TRUE;
2789
2790         INTERNET_AsyncCall(&workRequest);
2791         /*
2792          * This is from windows.
2793          */
2794         INTERNET_SetLastError(ERROR_IO_PENDING);
2795         r = FALSE;
2796     }
2797     else
2798     {
2799         r = HTTP_HttpSendRequestW(lpwhr, lpszHeaders,
2800                 dwHeaderLength, lpOptional, dwOptionalLength,
2801                 dwOptionalLength, TRUE);
2802     }
2803 lend:
2804     if( lpwhr )
2805         WININET_Release( &lpwhr->hdr );
2806     return r;
2807 }
2808
2809 /***********************************************************************
2810  *           HttpSendRequestA (WININET.@)
2811  *
2812  * Sends the specified request to the HTTP server
2813  *
2814  * RETURNS
2815  *    TRUE  on success
2816  *    FALSE on failure
2817  *
2818  */
2819 BOOL WINAPI HttpSendRequestA(HINTERNET hHttpRequest, LPCSTR lpszHeaders,
2820         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2821 {
2822     BOOL result;
2823     LPWSTR szHeaders=NULL;
2824     DWORD nLen=dwHeaderLength;
2825     if(lpszHeaders!=NULL)
2826     {
2827         nLen=MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,NULL,0);
2828         szHeaders=HeapAlloc(GetProcessHeap(),0,nLen*sizeof(WCHAR));
2829         MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,szHeaders,nLen);
2830     }
2831     result=HttpSendRequestW(hHttpRequest, szHeaders, nLen, lpOptional, dwOptionalLength);
2832     HeapFree(GetProcessHeap(),0,szHeaders);
2833     return result;
2834 }
2835
2836 static BOOL HTTP_GetRequestURL(WININETHTTPREQW *req, LPWSTR buf)
2837 {
2838     LPHTTPHEADERW host_header;
2839
2840     static const WCHAR formatW[] = {'h','t','t','p',':','/','/','%','s','%','s',0};
2841
2842     host_header = HTTP_GetHeader(req, szHost);
2843     if(!host_header)
2844         return FALSE;
2845
2846     sprintfW(buf, formatW, host_header->lpszValue, req->lpszPath); /* FIXME */
2847     return TRUE;
2848 }
2849
2850 /***********************************************************************
2851  *           HTTP_HandleRedirect (internal)
2852  */
2853 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl)
2854 {
2855     static const WCHAR szContentType[] = {'C','o','n','t','e','n','t','-','T','y','p','e',0};
2856     static const WCHAR szContentLength[] = {'C','o','n','t','e','n','t','-','L','e','n','g','t','h',0};
2857     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
2858     LPWININETAPPINFOW hIC = lpwhs->lpAppInfo;
2859     BOOL using_proxy = hIC->lpszProxy && hIC->lpszProxy[0];
2860     WCHAR path[INTERNET_MAX_URL_LENGTH];
2861     int index;
2862
2863     if(lpszUrl[0]=='/')
2864     {
2865         /* if it's an absolute path, keep the same session info */
2866         lstrcpynW(path, lpszUrl, INTERNET_MAX_URL_LENGTH);
2867     }
2868     else
2869     {
2870         URL_COMPONENTSW urlComponents;
2871         WCHAR protocol[32], hostName[MAXHOSTNAME], userName[1024];
2872         static WCHAR szHttp[] = {'h','t','t','p',0};
2873         static WCHAR szHttps[] = {'h','t','t','p','s',0};
2874         DWORD url_length = 0;
2875         LPWSTR orig_url;
2876         LPWSTR combined_url;
2877
2878         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2879         urlComponents.lpszScheme = (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE) ? szHttps : szHttp;
2880         urlComponents.dwSchemeLength = 0;
2881         urlComponents.lpszHostName = lpwhs->lpszHostName;
2882         urlComponents.dwHostNameLength = 0;
2883         urlComponents.nPort = lpwhs->nHostPort;
2884         urlComponents.lpszUserName = lpwhs->lpszUserName;
2885         urlComponents.dwUserNameLength = 0;
2886         urlComponents.lpszPassword = NULL;
2887         urlComponents.dwPasswordLength = 0;
2888         urlComponents.lpszUrlPath = lpwhr->lpszPath;
2889         urlComponents.dwUrlPathLength = 0;
2890         urlComponents.lpszExtraInfo = NULL;
2891         urlComponents.dwExtraInfoLength = 0;
2892
2893         if (!InternetCreateUrlW(&urlComponents, 0, NULL, &url_length) &&
2894             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2895             return FALSE;
2896
2897         orig_url = HeapAlloc(GetProcessHeap(), 0, url_length);
2898
2899         /* convert from bytes to characters */
2900         url_length = url_length / sizeof(WCHAR) - 1;
2901         if (!InternetCreateUrlW(&urlComponents, 0, orig_url, &url_length))
2902         {
2903             HeapFree(GetProcessHeap(), 0, orig_url);
2904             return FALSE;
2905         }
2906
2907         url_length = 0;
2908         if (!InternetCombineUrlW(orig_url, lpszUrl, NULL, &url_length, ICU_ENCODE_SPACES_ONLY) &&
2909             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2910         {
2911             HeapFree(GetProcessHeap(), 0, orig_url);
2912             return FALSE;
2913         }
2914         combined_url = HeapAlloc(GetProcessHeap(), 0, url_length * sizeof(WCHAR));
2915
2916         if (!InternetCombineUrlW(orig_url, lpszUrl, combined_url, &url_length, ICU_ENCODE_SPACES_ONLY))
2917         {
2918             HeapFree(GetProcessHeap(), 0, orig_url);
2919             HeapFree(GetProcessHeap(), 0, combined_url);
2920             return FALSE;
2921         }
2922         HeapFree(GetProcessHeap(), 0, orig_url);
2923
2924         userName[0] = 0;
2925         hostName[0] = 0;
2926         protocol[0] = 0;
2927
2928         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2929         urlComponents.lpszScheme = protocol;
2930         urlComponents.dwSchemeLength = 32;
2931         urlComponents.lpszHostName = hostName;
2932         urlComponents.dwHostNameLength = MAXHOSTNAME;
2933         urlComponents.lpszUserName = userName;
2934         urlComponents.dwUserNameLength = 1024;
2935         urlComponents.lpszPassword = NULL;
2936         urlComponents.dwPasswordLength = 0;
2937         urlComponents.lpszUrlPath = path;
2938         urlComponents.dwUrlPathLength = 2048;
2939         urlComponents.lpszExtraInfo = NULL;
2940         urlComponents.dwExtraInfoLength = 0;
2941         if(!InternetCrackUrlW(combined_url, strlenW(combined_url), 0, &urlComponents))
2942         {
2943             HeapFree(GetProcessHeap(), 0, combined_url);
2944             return FALSE;
2945         }
2946
2947         HeapFree(GetProcessHeap(), 0, combined_url);
2948
2949         if (!strncmpW(szHttp, urlComponents.lpszScheme, strlenW(szHttp)) &&
2950             (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2951         {
2952             TRACE("redirect from secure page to non-secure page\n");
2953             /* FIXME: warn about from secure redirect to non-secure page */
2954             lpwhr->hdr.dwFlags &= ~INTERNET_FLAG_SECURE;
2955         }
2956         if (!strncmpW(szHttps, urlComponents.lpszScheme, strlenW(szHttps)) &&
2957             !(lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2958         {
2959             TRACE("redirect from non-secure page to secure page\n");
2960             /* FIXME: notify about redirect to secure page */
2961             lpwhr->hdr.dwFlags |= INTERNET_FLAG_SECURE;
2962         }
2963
2964         if (urlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
2965         {
2966             if (lstrlenW(protocol)>4) /*https*/
2967                 urlComponents.nPort = INTERNET_DEFAULT_HTTPS_PORT;
2968             else /*http*/
2969                 urlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
2970         }
2971
2972 #if 0
2973         /*
2974          * This upsets redirects to binary files on sourceforge.net 
2975          * and gives an html page instead of the target file
2976          * Examination of the HTTP request sent by native wininet.dll
2977          * reveals that it doesn't send a referrer in that case.
2978          * Maybe there's a flag that enables this, or maybe a referrer
2979          * shouldn't be added in case of a redirect.
2980          */
2981
2982         /* consider the current host as the referrer */
2983         if (lpwhs->lpszServerName && *lpwhs->lpszServerName)
2984             HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpwhs->lpszServerName,
2985                            HTTP_ADDHDR_FLAG_REQ|HTTP_ADDREQ_FLAG_REPLACE|
2986                            HTTP_ADDHDR_FLAG_ADD_IF_NEW);
2987 #endif
2988         
2989         HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
2990         if (urlComponents.nPort != INTERNET_DEFAULT_HTTP_PORT &&
2991             urlComponents.nPort != INTERNET_DEFAULT_HTTPS_PORT)
2992         {
2993             int len;
2994             static const WCHAR fmt[] = {'%','s',':','%','i',0};
2995             len = lstrlenW(hostName);
2996             len += 7; /* 5 for strlen("65535") + 1 for ":" + 1 for '\0' */
2997             lpwhs->lpszHostName = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
2998             sprintfW(lpwhs->lpszHostName, fmt, hostName, urlComponents.nPort);
2999         }
3000         else
3001             lpwhs->lpszHostName = WININET_strdupW(hostName);
3002
3003         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
3004
3005         HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
3006         lpwhs->lpszUserName = NULL;
3007         if (userName[0])
3008             lpwhs->lpszUserName = WININET_strdupW(userName);
3009
3010         if (!using_proxy)
3011         {
3012             if (strcmpiW(lpwhs->lpszServerName, hostName) || lpwhs->nServerPort != urlComponents.nPort)
3013             {
3014                 HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
3015                 lpwhs->lpszServerName = WININET_strdupW(hostName);
3016                 lpwhs->nServerPort = urlComponents.nPort;
3017
3018                 NETCON_close(&lpwhr->netConnection);
3019                 if (!HTTP_ResolveName(lpwhr)) return FALSE;
3020                 if (!NETCON_init(&lpwhr->netConnection, lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE)) return FALSE;
3021             }
3022         }
3023         else
3024             TRACE("Redirect through proxy\n");
3025     }
3026
3027     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
3028     lpwhr->lpszPath=NULL;
3029     if (*path)
3030     {
3031         DWORD needed = 0;
3032         HRESULT rc;
3033
3034         rc = UrlEscapeW(path, NULL, &needed, URL_ESCAPE_SPACES_ONLY);
3035         if (rc != E_POINTER)
3036             needed = strlenW(path)+1;
3037         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, needed*sizeof(WCHAR));
3038         rc = UrlEscapeW(path, lpwhr->lpszPath, &needed,
3039                         URL_ESCAPE_SPACES_ONLY);
3040         if (rc)
3041         {
3042             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(path),rc);
3043             strcpyW(lpwhr->lpszPath,path);
3044         }
3045     }
3046
3047     /* Remove custom content-type/length headers on redirects.  */
3048     index = HTTP_GetCustomHeaderIndex(lpwhr, szContentType, 0, TRUE);
3049     if (0 <= index)
3050         HTTP_DeleteCustomHeader(lpwhr, index);
3051     index = HTTP_GetCustomHeaderIndex(lpwhr, szContentLength, 0, TRUE);
3052     if (0 <= index)
3053         HTTP_DeleteCustomHeader(lpwhr, index);
3054
3055     return TRUE;
3056 }
3057
3058 /***********************************************************************
3059  *           HTTP_build_req (internal)
3060  *
3061  *  concatenate all the strings in the request together
3062  */
3063 static LPWSTR HTTP_build_req( LPCWSTR *list, int len )
3064 {
3065     LPCWSTR *t;
3066     LPWSTR str;
3067
3068     for( t = list; *t ; t++  )
3069         len += strlenW( *t );
3070     len++;
3071
3072     str = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
3073     *str = 0;
3074
3075     for( t = list; *t ; t++ )
3076         strcatW( str, *t );
3077
3078     return str;
3079 }
3080
3081 static BOOL HTTP_SecureProxyConnect(LPWININETHTTPREQW lpwhr)
3082 {
3083     LPWSTR lpszPath;
3084     LPWSTR requestString;
3085     INT len;
3086     INT cnt;
3087     INT responseLen;
3088     char *ascii_req;
3089     BOOL ret;
3090     static const WCHAR szConnect[] = {'C','O','N','N','E','C','T',0};
3091     static const WCHAR szFormat[] = {'%','s',':','%','d',0};
3092     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
3093
3094     TRACE("\n");
3095
3096     lpszPath = HeapAlloc( GetProcessHeap(), 0, (lstrlenW( lpwhs->lpszHostName ) + 13)*sizeof(WCHAR) );
3097     sprintfW( lpszPath, szFormat, lpwhs->lpszHostName, lpwhs->nHostPort );
3098     requestString = HTTP_BuildHeaderRequestString( lpwhr, szConnect, lpszPath, g_szHttp1_1 );
3099     HeapFree( GetProcessHeap(), 0, lpszPath );
3100
3101     len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3102                                 NULL, 0, NULL, NULL );
3103     len--; /* the nul terminator isn't needed */
3104     ascii_req = HeapAlloc( GetProcessHeap(), 0, len );
3105     WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3106                             ascii_req, len, NULL, NULL );
3107     HeapFree( GetProcessHeap(), 0, requestString );
3108
3109     TRACE("full request -> %s\n", debugstr_an( ascii_req, len ) );
3110
3111     ret = NETCON_send( &lpwhr->netConnection, ascii_req, len, 0, &cnt );
3112     HeapFree( GetProcessHeap(), 0, ascii_req );
3113     if (!ret || cnt < 0)
3114         return FALSE;
3115
3116     responseLen = HTTP_GetResponseHeaders( lpwhr, TRUE );
3117     if (!responseLen)
3118         return FALSE;
3119
3120     return TRUE;
3121 }
3122
3123 static void HTTP_InsertCookies(LPWININETHTTPREQW lpwhr)
3124 {
3125     static const WCHAR szUrlForm[] = {'h','t','t','p',':','/','/','%','s',0};
3126     LPWSTR lpszCookies, lpszUrl = NULL;
3127     DWORD nCookieSize, len;
3128     LPHTTPHEADERW Host = HTTP_GetHeader(lpwhr,szHost);
3129
3130     len = lstrlenW(Host->lpszValue) + strlenW(szUrlForm);
3131     lpszUrl = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
3132     sprintfW( lpszUrl, szUrlForm, Host->lpszValue );
3133
3134     if (InternetGetCookieW(lpszUrl, NULL, NULL, &nCookieSize))
3135     {
3136         int cnt = 0;
3137         static const WCHAR szCookie[] = {'C','o','o','k','i','e',':',' ',0};
3138         static const WCHAR szcrlf[] = {'\r','\n',0};
3139
3140         lpszCookies = HeapAlloc(GetProcessHeap(), 0, (nCookieSize + 1 + 8)*sizeof(WCHAR));
3141
3142         cnt += sprintfW(lpszCookies, szCookie);
3143         InternetGetCookieW(lpszUrl, NULL, lpszCookies + cnt, &nCookieSize);
3144         strcatW(lpszCookies, szcrlf);
3145
3146         HTTP_HttpAddRequestHeadersW(lpwhr, lpszCookies, strlenW(lpszCookies),
3147                                HTTP_ADDREQ_FLAG_ADD);
3148         HeapFree(GetProcessHeap(), 0, lpszCookies);
3149     }
3150     HeapFree(GetProcessHeap(), 0, lpszUrl);
3151 }
3152
3153 /***********************************************************************
3154  *           HTTP_HttpSendRequestW (internal)
3155  *
3156  * Sends the specified request to the HTTP server
3157  *
3158  * RETURNS
3159  *    TRUE  on success
3160  *    FALSE on failure
3161  *
3162  */
3163 BOOL WINAPI HTTP_HttpSendRequestW(LPWININETHTTPREQW lpwhr, LPCWSTR lpszHeaders,
3164         DWORD dwHeaderLength, LPVOID lpOptional, DWORD dwOptionalLength,
3165         DWORD dwContentLength, BOOL bEndRequest)
3166 {
3167     INT cnt;
3168     BOOL bSuccess = FALSE;
3169     LPWSTR requestString = NULL;
3170     INT responseLen;
3171     BOOL loop_next;
3172     INTERNET_ASYNC_RESULT iar;
3173     static const WCHAR szPost[] = { 'P','O','S','T',0 };
3174     static const WCHAR szContentLength[] =
3175         { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',':',' ','%','l','i','\r','\n',0 };
3176     WCHAR contentLengthStr[sizeof szContentLength/2 /* includes \r\n */ + 20 /* int */ ];
3177
3178     TRACE("--> %p\n", lpwhr);
3179
3180     assert(lpwhr->hdr.htype == WH_HHTTPREQ);
3181
3182     /* if the verb is NULL default to GET */
3183     if (!lpwhr->lpszVerb)
3184         lpwhr->lpszVerb = WININET_strdupW(szGET);
3185
3186     if (dwContentLength || !strcmpW(lpwhr->lpszVerb, szPost))
3187     {
3188         sprintfW(contentLengthStr, szContentLength, dwContentLength);
3189         HTTP_HttpAddRequestHeadersW(lpwhr, contentLengthStr, -1L, HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3190     }
3191     if (lpwhr->lpHttpSession->lpAppInfo->lpszAgent)
3192     {
3193         WCHAR *agent_header;
3194         static const WCHAR user_agent[] = {'U','s','e','r','-','A','g','e','n','t',':',' ','%','s','\r','\n',0};
3195         int len;
3196
3197         len = strlenW(lpwhr->lpHttpSession->lpAppInfo->lpszAgent) + strlenW(user_agent);
3198         agent_header = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
3199         sprintfW(agent_header, user_agent, lpwhr->lpHttpSession->lpAppInfo->lpszAgent);
3200
3201         HTTP_HttpAddRequestHeadersW(lpwhr, agent_header, strlenW(agent_header), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3202         HeapFree(GetProcessHeap(), 0, agent_header);
3203     }
3204     if (lpwhr->hdr.dwFlags & INTERNET_FLAG_PRAGMA_NOCACHE)
3205     {
3206         static const WCHAR pragma_nocache[] = {'P','r','a','g','m','a',':',' ','n','o','-','c','a','c','h','e','\r','\n',0};
3207         HTTP_HttpAddRequestHeadersW(lpwhr, pragma_nocache, strlenW(pragma_nocache), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3208     }
3209     if ((lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_CACHE_WRITE) && !strcmpW(lpwhr->lpszVerb, szPost))
3210     {
3211         static const WCHAR cache_control[] = {'C','a','c','h','e','-','C','o','n','t','r','o','l',':',
3212                                               ' ','n','o','-','c','a','c','h','e','\r','\n',0};
3213         HTTP_HttpAddRequestHeadersW(lpwhr, cache_control, strlenW(cache_control), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3214     }
3215
3216     do
3217     {
3218         DWORD len;
3219         char *ascii_req;
3220
3221         loop_next = FALSE;
3222
3223         /* like native, just in case the caller forgot to call InternetReadFile
3224          * for all the data */
3225         HTTP_DrainContent(lpwhr);
3226         lpwhr->dwContentRead = 0;
3227
3228         if (TRACE_ON(wininet))
3229         {
3230             LPHTTPHEADERW Host = HTTP_GetHeader(lpwhr,szHost);
3231             TRACE("Going to url %s %s\n", debugstr_w(Host->lpszValue), debugstr_w(lpwhr->lpszPath));
3232         }
3233
3234         HTTP_FixURL(lpwhr);
3235         if (lpwhr->hdr.dwFlags & INTERNET_FLAG_KEEP_CONNECTION)
3236         {
3237             HTTP_ProcessHeader(lpwhr, szConnection, szKeepAlive, HTTP_ADDHDR_FLAG_REQ | HTTP_ADDHDR_FLAG_REPLACE);
3238         }
3239         HTTP_InsertAuthorization(lpwhr, lpwhr->pAuthInfo, szAuthorization);
3240         HTTP_InsertAuthorization(lpwhr, lpwhr->pProxyAuthInfo, szProxy_Authorization);
3241
3242         if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES))
3243             HTTP_InsertCookies(lpwhr);
3244
3245         /* add the headers the caller supplied */
3246         if( lpszHeaders && dwHeaderLength )
3247         {
3248             HTTP_HttpAddRequestHeadersW(lpwhr, lpszHeaders, dwHeaderLength,
3249                         HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REPLACE);
3250         }
3251
3252         if (lpwhr->lpHttpSession->lpAppInfo->lpszProxy && lpwhr->lpHttpSession->lpAppInfo->lpszProxy[0])
3253         {
3254             WCHAR *url = HTTP_BuildProxyRequestUrl(lpwhr);
3255             requestString = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, url, lpwhr->lpszVersion);
3256             HeapFree(GetProcessHeap(), 0, url);
3257         }
3258         else
3259             requestString = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, lpwhr->lpszVersion);
3260
3261  
3262         TRACE("Request header -> %s\n", debugstr_w(requestString) );
3263
3264         /* Send the request and store the results */
3265         if (!HTTP_OpenConnection(lpwhr))
3266             goto lend;
3267
3268         /* send the request as ASCII, tack on the optional data */
3269         if( !lpOptional )
3270             dwOptionalLength = 0;
3271         len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3272                                    NULL, 0, NULL, NULL );
3273         ascii_req = HeapAlloc( GetProcessHeap(), 0, len + dwOptionalLength );
3274         WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3275                              ascii_req, len, NULL, NULL );
3276         if( lpOptional )
3277             memcpy( &ascii_req[len-1], lpOptional, dwOptionalLength );
3278         len = (len + dwOptionalLength - 1);
3279         ascii_req[len] = 0;
3280         TRACE("full request -> %s\n", debugstr_a(ascii_req) );
3281
3282         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3283                               INTERNET_STATUS_SENDING_REQUEST, NULL, 0);
3284
3285         NETCON_send(&lpwhr->netConnection, ascii_req, len, 0, &cnt);
3286         HeapFree( GetProcessHeap(), 0, ascii_req );
3287
3288         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3289                               INTERNET_STATUS_REQUEST_SENT,
3290                               &len, sizeof(DWORD));
3291
3292         if (bEndRequest)
3293         {
3294             DWORD dwBufferSize;
3295             DWORD dwStatusCode;
3296             WCHAR encoding[20];
3297             static const WCHAR szChunked[] = {'c','h','u','n','k','e','d',0};
3298
3299             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3300                                 INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
3301     
3302             if (cnt < 0)
3303                 goto lend;
3304     
3305             responseLen = HTTP_GetResponseHeaders(lpwhr, TRUE);
3306             if (responseLen)
3307                 bSuccess = TRUE;
3308     
3309             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3310                                 INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen,
3311                                 sizeof(DWORD));
3312
3313             HTTP_ProcessCookies(lpwhr);
3314
3315             dwBufferSize = sizeof(lpwhr->dwContentLength);
3316             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
3317                                      &lpwhr->dwContentLength,&dwBufferSize,NULL))
3318                 lpwhr->dwContentLength = -1;
3319
3320             if (lpwhr->dwContentLength == 0)
3321                 HTTP_FinishedReading(lpwhr);
3322
3323             /* Correct the case where both a Content-Length and Transfer-encoding = chunked are set */
3324
3325             dwBufferSize = sizeof(encoding);
3326             if (HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_TRANSFER_ENCODING, encoding, &dwBufferSize, NULL) &&
3327                 !strcmpiW(encoding, szChunked))
3328             {
3329                 lpwhr->dwContentLength = -1;
3330             }
3331
3332             dwBufferSize = sizeof(dwStatusCode);
3333             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,
3334                                      &dwStatusCode,&dwBufferSize,NULL))
3335                 dwStatusCode = 0;
3336
3337             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT) && bSuccess)
3338             {
3339                 WCHAR szNewLocation[INTERNET_MAX_URL_LENGTH];
3340                 dwBufferSize=sizeof(szNewLocation);
3341                 if ((dwStatusCode==HTTP_STATUS_REDIRECT || dwStatusCode==HTTP_STATUS_MOVED) &&
3342                     HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
3343                 {
3344                     HTTP_DrainContent(lpwhr);
3345                     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3346                                           INTERNET_STATUS_REDIRECT, szNewLocation,
3347                                           dwBufferSize);
3348                     bSuccess = HTTP_HandleRedirect(lpwhr, szNewLocation);
3349                     if (bSuccess)
3350                     {
3351                         HeapFree(GetProcessHeap(), 0, requestString);
3352                         loop_next = TRUE;
3353                     }
3354                 }
3355             }
3356             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTH) && bSuccess)
3357             {
3358                 WCHAR szAuthValue[2048];
3359                 dwBufferSize=2048;
3360                 if (dwStatusCode == HTTP_STATUS_DENIED)
3361                 {
3362                     DWORD dwIndex = 0;
3363                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_WWW_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
3364                     {
3365                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
3366                                                  &lpwhr->pAuthInfo,
3367                                                  lpwhr->lpHttpSession->lpszUserName,
3368                                                  lpwhr->lpHttpSession->lpszPassword))
3369                         {
3370                             loop_next = TRUE;
3371                             break;
3372                         }
3373                     }
3374                 }
3375                 if (dwStatusCode == HTTP_STATUS_PROXY_AUTH_REQ)
3376                 {
3377                     DWORD dwIndex = 0;
3378                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_PROXY_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
3379                     {
3380                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
3381                                                  &lpwhr->pProxyAuthInfo,
3382                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyUsername,
3383                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyPassword))
3384                         {
3385                             loop_next = TRUE;
3386                             break;
3387                         }
3388                     }
3389                 }
3390             }
3391         }
3392         else
3393             bSuccess = TRUE;
3394     }
3395     while (loop_next);
3396
3397     /* FIXME: Better check, when we have to create the cache file */
3398     if(bSuccess && (lpwhr->hdr.dwFlags & INTERNET_FLAG_NEED_FILE)) {
3399         WCHAR url[INTERNET_MAX_URL_LENGTH];
3400         WCHAR cacheFileName[MAX_PATH+1];
3401         BOOL b;
3402
3403         b = HTTP_GetRequestURL(lpwhr, url);
3404         if(!b) {
3405             WARN("Could not get URL\n");
3406             goto lend;
3407         }
3408
3409         b = CreateUrlCacheEntryW(url, lpwhr->dwContentLength > 0 ? lpwhr->dwContentLength : 0, NULL, cacheFileName, 0);
3410         if(b) {
3411             lpwhr->lpszCacheFile = WININET_strdupW(cacheFileName);
3412             lpwhr->hCacheFile = CreateFileW(lpwhr->lpszCacheFile, GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE,
3413                       NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
3414             if(lpwhr->hCacheFile == INVALID_HANDLE_VALUE) {
3415                 WARN("Could not create file: %u\n", GetLastError());
3416                 lpwhr->hCacheFile = NULL;
3417             }
3418         }else {
3419             WARN("Could not create cache entry: %08x\n", GetLastError());
3420         }
3421     }
3422
3423 lend:
3424
3425     HeapFree(GetProcessHeap(), 0, requestString);
3426
3427     /* TODO: send notification for P3P header */
3428
3429     iar.dwResult = (DWORD_PTR)lpwhr->hdr.hInternet;
3430     iar.dwError = bSuccess ? ERROR_SUCCESS : INTERNET_GetLastError();
3431
3432     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3433                           INTERNET_STATUS_REQUEST_COMPLETE, &iar,
3434                           sizeof(INTERNET_ASYNC_RESULT));
3435
3436     TRACE("<--\n");
3437     if (bSuccess) INTERNET_SetLastError(ERROR_SUCCESS);
3438     return bSuccess;
3439 }
3440
3441 /***********************************************************************
3442  *           HTTPSESSION_Destroy (internal)
3443  *
3444  * Deallocate session handle
3445  *
3446  */
3447 static void HTTPSESSION_Destroy(WININETHANDLEHEADER *hdr)
3448 {
3449     LPWININETHTTPSESSIONW lpwhs = (LPWININETHTTPSESSIONW) hdr;
3450
3451     TRACE("%p\n", lpwhs);
3452
3453     WININET_Release(&lpwhs->lpAppInfo->hdr);
3454
3455     HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
3456     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
3457     HeapFree(GetProcessHeap(), 0, lpwhs->lpszPassword);
3458     HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
3459     HeapFree(GetProcessHeap(), 0, lpwhs);
3460 }
3461
3462 static DWORD HTTPSESSION_QueryOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD *size, BOOL unicode)
3463 {
3464     switch(option) {
3465     case INTERNET_OPTION_HANDLE_TYPE:
3466         TRACE("INTERNET_OPTION_HANDLE_TYPE\n");
3467
3468         if (*size < sizeof(ULONG))
3469             return ERROR_INSUFFICIENT_BUFFER;
3470
3471         *size = sizeof(DWORD);
3472         *(DWORD*)buffer = INTERNET_HANDLE_TYPE_CONNECT_HTTP;
3473         return ERROR_SUCCESS;
3474     }
3475
3476     return INET_QueryOption(option, buffer, size, unicode);
3477 }
3478
3479 static const HANDLEHEADERVtbl HTTPSESSIONVtbl = {
3480     HTTPSESSION_Destroy,
3481     NULL,
3482     HTTPSESSION_QueryOption,
3483     NULL,
3484     NULL,
3485     NULL,
3486     NULL,
3487     NULL,
3488     NULL
3489 };
3490
3491
3492 /***********************************************************************
3493  *           HTTP_Connect  (internal)
3494  *
3495  * Create http session handle
3496  *
3497  * RETURNS
3498  *   HINTERNET a session handle on success
3499  *   NULL on failure
3500  *
3501  */
3502 HINTERNET HTTP_Connect(LPWININETAPPINFOW hIC, LPCWSTR lpszServerName,
3503         INTERNET_PORT nServerPort, LPCWSTR lpszUserName,
3504         LPCWSTR lpszPassword, DWORD dwFlags, DWORD_PTR dwContext,
3505         DWORD dwInternalFlags)
3506 {
3507     LPWININETHTTPSESSIONW lpwhs = NULL;
3508     HINTERNET handle = NULL;
3509
3510     TRACE("-->\n");
3511
3512     if (!lpszServerName || !lpszServerName[0])
3513     {
3514         INTERNET_SetLastError(ERROR_INVALID_PARAMETER);
3515         goto lerror;
3516     }
3517
3518     assert( hIC->hdr.htype == WH_HINIT );
3519
3520     lpwhs = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPSESSIONW));
3521     if (NULL == lpwhs)
3522     {
3523         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3524         goto lerror;
3525     }
3526
3527    /*
3528     * According to my tests. The name is not resolved until a request is sent
3529     */
3530
3531     lpwhs->hdr.htype = WH_HHTTPSESSION;
3532     lpwhs->hdr.vtbl = &HTTPSESSIONVtbl;
3533     lpwhs->hdr.dwFlags = dwFlags;
3534     lpwhs->hdr.dwContext = dwContext;
3535     lpwhs->hdr.dwInternalFlags = dwInternalFlags | (hIC->hdr.dwInternalFlags & INET_CALLBACKW);
3536     lpwhs->hdr.refs = 1;
3537     lpwhs->hdr.lpfnStatusCB = hIC->hdr.lpfnStatusCB;
3538
3539     WININET_AddRef( &hIC->hdr );
3540     lpwhs->lpAppInfo = hIC;
3541     list_add_head( &hIC->hdr.children, &lpwhs->hdr.entry );
3542
3543     handle = WININET_AllocHandle( &lpwhs->hdr );
3544     if (NULL == handle)
3545     {
3546         ERR("Failed to alloc handle\n");
3547         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3548         goto lerror;
3549     }
3550
3551     if(hIC->lpszProxy && hIC->dwAccessType == INTERNET_OPEN_TYPE_PROXY) {
3552         if(strchrW(hIC->lpszProxy, ' '))
3553             FIXME("Several proxies not implemented.\n");
3554         if(hIC->lpszProxyBypass)
3555             FIXME("Proxy bypass is ignored.\n");
3556     }
3557     if (lpszServerName && lpszServerName[0])
3558     {
3559         lpwhs->lpszServerName = WININET_strdupW(lpszServerName);
3560         lpwhs->lpszHostName = WININET_strdupW(lpszServerName);
3561     }
3562     if (lpszUserName && lpszUserName[0])
3563         lpwhs->lpszUserName = WININET_strdupW(lpszUserName);
3564     if (lpszPassword && lpszPassword[0])
3565         lpwhs->lpszPassword = WININET_strdupW(lpszPassword);
3566     lpwhs->nServerPort = nServerPort;
3567     lpwhs->nHostPort = nServerPort;
3568
3569     /* Don't send a handle created callback if this handle was created with InternetOpenUrl */
3570     if (!(lpwhs->hdr.dwInternalFlags & INET_OPENURL))
3571     {
3572         INTERNET_SendCallback(&hIC->hdr, dwContext,
3573                               INTERNET_STATUS_HANDLE_CREATED, &handle,
3574                               sizeof(handle));
3575     }
3576
3577 lerror:
3578     if( lpwhs )
3579         WININET_Release( &lpwhs->hdr );
3580
3581 /*
3582  * an INTERNET_STATUS_REQUEST_COMPLETE is NOT sent here as per my tests on
3583  * windows
3584  */
3585
3586     TRACE("%p --> %p (%p)\n", hIC, handle, lpwhs);
3587     return handle;
3588 }
3589
3590
3591 /***********************************************************************
3592  *           HTTP_OpenConnection (internal)
3593  *
3594  * Connect to a web server
3595  *
3596  * RETURNS
3597  *
3598  *   TRUE  on success
3599  *   FALSE on failure
3600  */
3601 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr)
3602 {
3603     BOOL bSuccess = FALSE;
3604     LPWININETHTTPSESSIONW lpwhs;
3605     LPWININETAPPINFOW hIC = NULL;
3606     char szaddr[32];
3607
3608     TRACE("-->\n");
3609
3610
3611     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
3612     {
3613         INTERNET_SetLastError(ERROR_INVALID_PARAMETER);
3614         goto lend;
3615     }
3616
3617     if (NETCON_connected(&lpwhr->netConnection))
3618     {
3619         bSuccess = TRUE;
3620         goto lend;
3621     }
3622     if (!HTTP_ResolveName(lpwhr)) goto lend;
3623
3624     lpwhs = lpwhr->lpHttpSession;
3625
3626     hIC = lpwhs->lpAppInfo;
3627     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
3628               szaddr, sizeof(szaddr));
3629     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3630                           INTERNET_STATUS_CONNECTING_TO_SERVER,
3631                           szaddr,
3632                           strlen(szaddr)+1);
3633
3634     if (!NETCON_create(&lpwhr->netConnection, lpwhs->socketAddress.sin_family,
3635                          SOCK_STREAM, 0))
3636     {
3637         WARN("Socket creation failed: %u\n", INTERNET_GetLastError());
3638         goto lend;
3639     }
3640
3641     if (!NETCON_connect(&lpwhr->netConnection, (struct sockaddr *)&lpwhs->socketAddress,
3642                       sizeof(lpwhs->socketAddress)))
3643        goto lend;
3644
3645     if (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE)
3646     {
3647         /* Note: we differ from Microsoft's WinINet here. they seem to have
3648          * a bug that causes no status callbacks to be sent when starting
3649          * a tunnel to a proxy server using the CONNECT verb. i believe our
3650          * behaviour to be more correct and to not cause any incompatibilities
3651          * because using a secure connection through a proxy server is a rare
3652          * case that would be hard for anyone to depend on */
3653         if (hIC->lpszProxy && !HTTP_SecureProxyConnect(lpwhr))
3654             goto lend;
3655
3656         if (!NETCON_secure_connect(&lpwhr->netConnection, lpwhs->lpszHostName))
3657         {
3658             WARN("Couldn't connect securely to host\n");
3659             goto lend;
3660         }
3661     }
3662
3663     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3664                           INTERNET_STATUS_CONNECTED_TO_SERVER,
3665                           szaddr, strlen(szaddr)+1);
3666
3667     bSuccess = TRUE;
3668
3669 lend:
3670     TRACE("%d <--\n", bSuccess);
3671     return bSuccess;
3672 }
3673
3674
3675 /***********************************************************************
3676  *           HTTP_clear_response_headers (internal)
3677  *
3678  * clear out any old response headers
3679  */
3680 static void HTTP_clear_response_headers( LPWININETHTTPREQW lpwhr )
3681 {
3682     DWORD i;
3683
3684     for( i=0; i<lpwhr->nCustHeaders; i++)
3685     {
3686         if( !lpwhr->pCustHeaders[i].lpszField )
3687             continue;
3688         if( !lpwhr->pCustHeaders[i].lpszValue )
3689             continue;
3690         if ( lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST )
3691             continue;
3692         HTTP_DeleteCustomHeader( lpwhr, i );
3693         i--;
3694     }
3695 }
3696
3697 /***********************************************************************
3698  *           HTTP_GetResponseHeaders (internal)
3699  *
3700  * Read server response
3701  *
3702  * RETURNS
3703  *
3704  *   TRUE  on success
3705  *   FALSE on error
3706  */
3707 static INT HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr, BOOL clear)
3708 {
3709     INT cbreaks = 0;
3710     WCHAR buffer[MAX_REPLY_LEN];
3711     DWORD buflen = MAX_REPLY_LEN;
3712     BOOL bSuccess = FALSE;
3713     INT  rc = 0;
3714     static const WCHAR szCrLf[] = {'\r','\n',0};
3715     static const WCHAR szHundred[] = {'1','0','0',0};
3716     char bufferA[MAX_REPLY_LEN];
3717     LPWSTR status_code, status_text;
3718     DWORD cchMaxRawHeaders = 1024;
3719     LPWSTR lpszRawHeaders = HeapAlloc(GetProcessHeap(), 0, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3720     DWORD cchRawHeaders = 0;
3721
3722     TRACE("-->\n");
3723
3724     /* clear old response headers (eg. from a redirect response) */
3725     if (clear) HTTP_clear_response_headers( lpwhr );
3726
3727     if (!NETCON_connected(&lpwhr->netConnection))
3728         goto lend;
3729
3730     do {
3731         /*
3732          * HACK peek at the buffer
3733          */
3734         buflen = MAX_REPLY_LEN;
3735         NETCON_recv(&lpwhr->netConnection, buffer, buflen, MSG_PEEK, &rc);
3736
3737         /*
3738          * We should first receive 'HTTP/1.x nnn OK' where nnn is the status code.
3739          */
3740         memset(buffer, 0, MAX_REPLY_LEN);
3741         if (!NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3742             goto lend;
3743         MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3744
3745         /* split the version from the status code */
3746         status_code = strchrW( buffer, ' ' );
3747         if( !status_code )
3748             goto lend;
3749         *status_code++=0;
3750
3751         /* split the status code from the status text */
3752         status_text = strchrW( status_code, ' ' );
3753         if( !status_text )
3754             goto lend;
3755         *status_text++=0;
3756
3757         TRACE("version [%s] status code [%s] status text [%s]\n",
3758            debugstr_w(buffer), debugstr_w(status_code), debugstr_w(status_text) );
3759
3760     } while (!strcmpW(status_code, szHundred)); /* ignore "100 Continue" responses */
3761
3762     /* Add status code */
3763     HTTP_ProcessHeader(lpwhr, szStatus, status_code,
3764             HTTP_ADDHDR_FLAG_REPLACE);
3765
3766     HeapFree(GetProcessHeap(),0,lpwhr->lpszVersion);
3767     HeapFree(GetProcessHeap(),0,lpwhr->lpszStatusText);
3768
3769     lpwhr->lpszVersion= WININET_strdupW(buffer);
3770     lpwhr->lpszStatusText = WININET_strdupW(status_text);
3771
3772     /* Restore the spaces */
3773     *(status_code-1) = ' ';
3774     *(status_text-1) = ' ';
3775
3776     /* regenerate raw headers */
3777     while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3778     {
3779         cchMaxRawHeaders *= 2;
3780         lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3781     }
3782     memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3783     cchRawHeaders += (buflen-1);
3784     memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3785     cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3786     lpszRawHeaders[cchRawHeaders] = '\0';
3787
3788     /* Parse each response line */
3789     do
3790     {
3791         buflen = MAX_REPLY_LEN;
3792         if (NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3793         {
3794             LPWSTR * pFieldAndValue;
3795
3796             TRACE("got line %s, now interpreting\n", debugstr_a(bufferA));
3797             MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3798
3799             while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3800             {
3801                 cchMaxRawHeaders *= 2;
3802                 lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3803             }
3804             memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3805             cchRawHeaders += (buflen-1);
3806             memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3807             cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3808             lpszRawHeaders[cchRawHeaders] = '\0';
3809
3810             pFieldAndValue = HTTP_InterpretHttpHeader(buffer);
3811             if (!pFieldAndValue)
3812                 break;
3813
3814             HTTP_ProcessHeader(lpwhr, pFieldAndValue[0], pFieldAndValue[1], 
3815                 HTTP_ADDREQ_FLAG_ADD );
3816
3817             HTTP_FreeTokens(pFieldAndValue);
3818         }
3819         else
3820         {
3821             cbreaks++;
3822             if (cbreaks >= 2)
3823                break;
3824         }
3825     }while(1);
3826
3827     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
3828     lpwhr->lpszRawHeaders = lpszRawHeaders;
3829     TRACE("raw headers: %s\n", debugstr_w(lpszRawHeaders));
3830     bSuccess = TRUE;
3831
3832 lend:
3833
3834     TRACE("<--\n");
3835     if (bSuccess)
3836         return rc;
3837     else
3838     {
3839         HeapFree(GetProcessHeap(), 0, lpszRawHeaders);
3840         return 0;
3841     }
3842 }
3843
3844
3845 static void strip_spaces(LPWSTR start)
3846 {
3847     LPWSTR str = start;
3848     LPWSTR end;
3849
3850     while (*str == ' ' && *str != '\0')
3851         str++;
3852
3853     if (str != start)
3854         memmove(start, str, sizeof(WCHAR) * (strlenW(str) + 1));
3855
3856     end = start + strlenW(start) - 1;
3857     while (end >= start && *end == ' ')
3858     {
3859         *end = '\0';
3860         end--;
3861     }
3862 }
3863
3864
3865 /***********************************************************************
3866  *           HTTP_InterpretHttpHeader (internal)
3867  *
3868  * Parse server response
3869  *
3870  * RETURNS
3871  *
3872  *   Pointer to array of field, value, NULL on success.
3873  *   NULL on error.
3874  */
3875 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer)
3876 {
3877     LPWSTR * pTokenPair;
3878     LPWSTR pszColon;
3879     INT len;
3880
3881     pTokenPair = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*pTokenPair)*3);
3882
3883     pszColon = strchrW(buffer, ':');
3884     /* must have two tokens */
3885     if (!pszColon)
3886     {
3887         HTTP_FreeTokens(pTokenPair);
3888         if (buffer[0])
3889             TRACE("No ':' in line: %s\n", debugstr_w(buffer));
3890         return NULL;
3891     }
3892
3893     pTokenPair[0] = HeapAlloc(GetProcessHeap(), 0, (pszColon - buffer + 1) * sizeof(WCHAR));
3894     if (!pTokenPair[0])
3895     {
3896         HTTP_FreeTokens(pTokenPair);
3897         return NULL;
3898     }
3899     memcpy(pTokenPair[0], buffer, (pszColon - buffer) * sizeof(WCHAR));
3900     pTokenPair[0][pszColon - buffer] = '\0';
3901
3902     /* skip colon */
3903     pszColon++;
3904     len = strlenW(pszColon);
3905     pTokenPair[1] = HeapAlloc(GetProcessHeap(), 0, (len + 1) * sizeof(WCHAR));
3906     if (!pTokenPair[1])
3907     {
3908         HTTP_FreeTokens(pTokenPair);
3909         return NULL;
3910     }
3911     memcpy(pTokenPair[1], pszColon, (len + 1) * sizeof(WCHAR));
3912
3913     strip_spaces(pTokenPair[0]);
3914     strip_spaces(pTokenPair[1]);
3915
3916     TRACE("field(%s) Value(%s)\n", debugstr_w(pTokenPair[0]), debugstr_w(pTokenPair[1]));
3917     return pTokenPair;
3918 }
3919
3920 /***********************************************************************
3921  *           HTTP_ProcessHeader (internal)
3922  *
3923  * Stuff header into header tables according to <dwModifier>
3924  *
3925  */
3926
3927 #define COALESCEFLAGS (HTTP_ADDHDR_FLAG_COALESCE|HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA|HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
3928
3929 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier)
3930 {
3931     LPHTTPHEADERW lphttpHdr = NULL;
3932     BOOL bSuccess = FALSE;
3933     INT index = -1;
3934     BOOL request_only = dwModifier & HTTP_ADDHDR_FLAG_REQ;
3935
3936     TRACE("--> %s: %s - 0x%08x\n", debugstr_w(field), debugstr_w(value), dwModifier);
3937
3938     /* REPLACE wins out over ADD */
3939     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
3940         dwModifier &= ~HTTP_ADDHDR_FLAG_ADD;
3941     
3942     if (dwModifier & HTTP_ADDHDR_FLAG_ADD)
3943         index = -1;
3944     else
3945         index = HTTP_GetCustomHeaderIndex(lpwhr, field, 0, request_only);
3946
3947     if (index >= 0)
3948     {
3949         if (dwModifier & HTTP_ADDHDR_FLAG_ADD_IF_NEW)
3950         {
3951             return FALSE;
3952         }
3953         lphttpHdr = &lpwhr->pCustHeaders[index];
3954     }
3955     else if (value)
3956     {
3957         HTTPHEADERW hdr;
3958
3959         hdr.lpszField = (LPWSTR)field;
3960         hdr.lpszValue = (LPWSTR)value;
3961         hdr.wFlags = hdr.wCount = 0;
3962
3963         if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3964             hdr.wFlags |= HDR_ISREQUEST;
3965
3966         return HTTP_InsertCustomHeader(lpwhr, &hdr);
3967     }
3968     /* no value to delete */
3969     else return TRUE;
3970
3971     if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3972             lphttpHdr->wFlags |= HDR_ISREQUEST;
3973     else
3974         lphttpHdr->wFlags &= ~HDR_ISREQUEST;
3975
3976     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
3977     {
3978         HTTP_DeleteCustomHeader( lpwhr, index );
3979
3980         if (value)
3981         {
3982             HTTPHEADERW hdr;
3983
3984             hdr.lpszField = (LPWSTR)field;
3985             hdr.lpszValue = (LPWSTR)value;
3986             hdr.wFlags = hdr.wCount = 0;
3987
3988             if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3989                 hdr.wFlags |= HDR_ISREQUEST;
3990
3991             return HTTP_InsertCustomHeader(lpwhr, &hdr);
3992         }
3993
3994         return TRUE;
3995     }
3996     else if (dwModifier & COALESCEFLAGS)
3997     {
3998         LPWSTR lpsztmp;
3999         WCHAR ch = 0;
4000         INT len = 0;
4001         INT origlen = strlenW(lphttpHdr->lpszValue);
4002         INT valuelen = strlenW(value);
4003
4004         if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA)
4005         {
4006             ch = ',';
4007             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
4008         }
4009         else if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
4010         {
4011             ch = ';';
4012             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
4013         }
4014
4015         len = origlen + valuelen + ((ch > 0) ? 2 : 0);
4016
4017         lpsztmp = HeapReAlloc(GetProcessHeap(), 0, lphttpHdr->lpszValue, (len+1)*sizeof(WCHAR));
4018         if (lpsztmp)
4019         {
4020             lphttpHdr->lpszValue = lpsztmp;
4021     /* FIXME: Increment lphttpHdr->wCount. Perhaps lpszValue should be an array */
4022             if (ch > 0)
4023             {
4024                 lphttpHdr->lpszValue[origlen] = ch;
4025                 origlen++;
4026                 lphttpHdr->lpszValue[origlen] = ' ';
4027                 origlen++;
4028             }
4029
4030             memcpy(&lphttpHdr->lpszValue[origlen], value, valuelen*sizeof(WCHAR));
4031             lphttpHdr->lpszValue[len] = '\0';
4032             bSuccess = TRUE;
4033         }
4034         else
4035         {
4036             WARN("HeapReAlloc (%d bytes) failed\n",len+1);
4037             INTERNET_SetLastError(ERROR_OUTOFMEMORY);
4038         }
4039     }
4040     TRACE("<-- %d\n",bSuccess);
4041     return bSuccess;
4042 }
4043
4044
4045 /***********************************************************************
4046  *           HTTP_FinishedReading (internal)
4047  *
4048  * Called when all content from server has been read by client.
4049  *
4050  */
4051 BOOL HTTP_FinishedReading(LPWININETHTTPREQW lpwhr)
4052 {
4053     WCHAR szVersion[10];
4054     WCHAR szConnectionResponse[20];
4055     DWORD dwBufferSize = sizeof(szVersion);
4056     BOOL keepalive = FALSE;
4057
4058     TRACE("\n");
4059
4060     /* as per RFC 2068, S8.1.2.1, if the client is HTTP/1.1 then assume that
4061      * the connection is keep-alive by default */
4062     if (!HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_VERSION, szVersion,
4063                              &dwBufferSize, NULL) ||
4064         strcmpiW(szVersion, g_szHttp1_1))
4065     {
4066         keepalive = TRUE;
4067     }
4068
4069     dwBufferSize = sizeof(szConnectionResponse);
4070     if (HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_PROXY_CONNECTION, szConnectionResponse, &dwBufferSize, NULL) ||
4071         HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_CONNECTION, szConnectionResponse, &dwBufferSize, NULL))
4072     {
4073         keepalive = !strcmpiW(szConnectionResponse, szKeepAlive);
4074     }
4075
4076     if (!keepalive)
4077     {
4078         HTTPREQ_CloseConnection(&lpwhr->hdr);
4079     }
4080
4081     /* FIXME: store data in the URL cache here */
4082
4083     return TRUE;
4084 }
4085
4086
4087 /***********************************************************************
4088  *           HTTP_GetCustomHeaderIndex (internal)
4089  *
4090  * Return index of custom header from header array
4091  *
4092  */
4093 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField,
4094                                      int requested_index, BOOL request_only)
4095 {
4096     DWORD index;
4097
4098     TRACE("%s\n", debugstr_w(lpszField));
4099
4100     for (index = 0; index < lpwhr->nCustHeaders; index++)
4101     {
4102         if (strcmpiW(lpwhr->pCustHeaders[index].lpszField, lpszField))
4103             continue;
4104
4105         if (request_only && !(lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
4106             continue;
4107
4108         if (!request_only && (lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
4109             continue;
4110
4111         if (requested_index == 0)
4112             break;
4113         requested_index --;
4114     }
4115
4116     if (index >= lpwhr->nCustHeaders)
4117         index = -1;
4118
4119     TRACE("Return: %d\n", index);
4120     return index;
4121 }
4122
4123
4124 /***********************************************************************
4125  *           HTTP_InsertCustomHeader (internal)
4126  *
4127  * Insert header into array
4128  *
4129  */
4130 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr)
4131 {
4132     INT count;
4133     LPHTTPHEADERW lph = NULL;
4134     BOOL r = FALSE;
4135
4136     TRACE("--> %s: %s\n", debugstr_w(lpHdr->lpszField), debugstr_w(lpHdr->lpszValue));
4137     count = lpwhr->nCustHeaders + 1;
4138     if (count > 1)
4139         lph = HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, lpwhr->pCustHeaders, sizeof(HTTPHEADERW) * count);
4140     else
4141         lph = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(HTTPHEADERW) * count);
4142
4143     if (NULL != lph)
4144     {
4145         lpwhr->pCustHeaders = lph;
4146         lpwhr->pCustHeaders[count-1].lpszField = WININET_strdupW(lpHdr->lpszField);
4147         lpwhr->pCustHeaders[count-1].lpszValue = WININET_strdupW(lpHdr->lpszValue);
4148         lpwhr->pCustHeaders[count-1].wFlags = lpHdr->wFlags;
4149         lpwhr->pCustHeaders[count-1].wCount= lpHdr->wCount;
4150         lpwhr->nCustHeaders++;
4151         r = TRUE;
4152     }
4153     else
4154     {
4155         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
4156     }
4157
4158     return r;
4159 }
4160
4161
4162 /***********************************************************************
4163  *           HTTP_DeleteCustomHeader (internal)
4164  *
4165  * Delete header from array
4166  *  If this function is called, the indexs may change.
4167  */
4168 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index)
4169 {
4170     if( lpwhr->nCustHeaders <= 0 )
4171         return FALSE;
4172     if( index >= lpwhr->nCustHeaders )
4173         return FALSE;
4174     lpwhr->nCustHeaders--;
4175
4176     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[index].lpszField);
4177     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[index].lpszValue);
4178
4179     memmove( &lpwhr->pCustHeaders[index], &lpwhr->pCustHeaders[index+1],
4180              (lpwhr->nCustHeaders - index)* sizeof(HTTPHEADERW) );
4181     memset( &lpwhr->pCustHeaders[lpwhr->nCustHeaders], 0, sizeof(HTTPHEADERW) );
4182
4183     return TRUE;
4184 }
4185
4186
4187 /***********************************************************************
4188  *           HTTP_VerifyValidHeader (internal)
4189  *
4190  * Verify the given header is not invalid for the given http request
4191  *
4192  */
4193 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field)
4194 {
4195     /* Accept-Encoding is stripped from HTTP/1.0 requests. It is invalid */
4196     if (!strcmpW(lpwhr->lpszVersion, g_szHttp1_0) && !strcmpiW(field, szAccept_Encoding))
4197         return FALSE;
4198
4199     return TRUE;
4200 }
4201
4202 /***********************************************************************
4203  *          IsHostInProxyBypassList (@)
4204  *
4205  * Undocumented
4206  *
4207  */
4208 BOOL WINAPI IsHostInProxyBypassList(DWORD flags, LPCSTR szHost, DWORD length)
4209 {
4210    FIXME("STUB: flags=%d host=%s length=%d\n",flags,szHost,length);
4211    return FALSE;
4212 }