wininet: Moved more InternetQueryOption implementation to vtbl.
[wine] / dlls / wininet / http.c
1 /*
2  * Wininet - Http Implementation
3  *
4  * Copyright 1999 Corel Corporation
5  * Copyright 2002 CodeWeavers Inc.
6  * Copyright 2002 TransGaming Technologies Inc.
7  * Copyright 2004 Mike McCormack for CodeWeavers
8  * Copyright 2005 Aric Stewart for CodeWeavers
9  * Copyright 2006 Robert Shearman for CodeWeavers
10  *
11  * Ulrich Czekalla
12  * David Hammerton
13  *
14  * This library is free software; you can redistribute it and/or
15  * modify it under the terms of the GNU Lesser General Public
16  * License as published by the Free Software Foundation; either
17  * version 2.1 of the License, or (at your option) any later version.
18  *
19  * This library is distributed in the hope that it will be useful,
20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22  * Lesser General Public License for more details.
23  *
24  * You should have received a copy of the GNU Lesser General Public
25  * License along with this library; if not, write to the Free Software
26  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
27  */
28
29 #include "config.h"
30 #include "wine/port.h"
31
32 #include <sys/types.h>
33 #ifdef HAVE_SYS_SOCKET_H
34 # include <sys/socket.h>
35 #endif
36 #ifdef HAVE_ARPA_INET_H
37 # include <arpa/inet.h>
38 #endif
39 #include <stdarg.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42 #ifdef HAVE_UNISTD_H
43 # include <unistd.h>
44 #endif
45 #include <time.h>
46 #include <assert.h>
47
48 #include "windef.h"
49 #include "winbase.h"
50 #include "wininet.h"
51 #include "winerror.h"
52 #define NO_SHLWAPI_STREAM
53 #define NO_SHLWAPI_REG
54 #define NO_SHLWAPI_STRFCNS
55 #define NO_SHLWAPI_GDI
56 #include "shlwapi.h"
57 #include "sspi.h"
58 #include "wincrypt.h"
59
60 #include "internet.h"
61 #include "wine/debug.h"
62 #include "wine/unicode.h"
63
64 WINE_DEFAULT_DEBUG_CHANNEL(wininet);
65
66 static const WCHAR g_szHttp1_0[] = {'H','T','T','P','/','1','.','0',0};
67 static const WCHAR g_szHttp1_1[] = {'H','T','T','P','/','1','.','1',0};
68 static const WCHAR g_szReferer[] = {'R','e','f','e','r','e','r',0};
69 static const WCHAR g_szAccept[] = {'A','c','c','e','p','t',0};
70 static const WCHAR g_szUserAgent[] = {'U','s','e','r','-','A','g','e','n','t',0};
71 static const WCHAR szHost[] = { 'H','o','s','t',0 };
72 static const WCHAR szAuthorization[] = { 'A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
73 static const WCHAR szProxy_Authorization[] = { 'P','r','o','x','y','-','A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
74 static const WCHAR szStatus[] = { 'S','t','a','t','u','s',0 };
75 static const WCHAR szKeepAlive[] = {'K','e','e','p','-','A','l','i','v','e',0};
76 static const WCHAR szGET[] = { 'G','E','T', 0 };
77
78 #define MAXHOSTNAME 100
79 #define MAX_FIELD_VALUE_LEN 256
80 #define MAX_FIELD_LEN 256
81
82 #define HTTP_REFERER    g_szReferer
83 #define HTTP_ACCEPT     g_szAccept
84 #define HTTP_USERAGENT  g_szUserAgent
85
86 #define HTTP_ADDHDR_FLAG_ADD                            0x20000000
87 #define HTTP_ADDHDR_FLAG_ADD_IF_NEW                     0x10000000
88 #define HTTP_ADDHDR_FLAG_COALESCE                       0x40000000
89 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA            0x40000000
90 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON        0x01000000
91 #define HTTP_ADDHDR_FLAG_REPLACE                        0x80000000
92 #define HTTP_ADDHDR_FLAG_REQ                            0x02000000
93
94 #define ARRAYSIZE(array) (sizeof(array)/sizeof((array)[0]))
95
96 struct HttpAuthInfo
97 {
98     LPWSTR scheme;
99     CredHandle cred;
100     CtxtHandle ctx;
101     TimeStamp exp;
102     ULONG attr;
103     ULONG max_token;
104     void *auth_data;
105     unsigned int auth_data_len;
106     BOOL finished; /* finished authenticating */
107 };
108
109 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr);
110 static BOOL HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr, BOOL clear);
111 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier);
112 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer);
113 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr);
114 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField, INT index, BOOL Request);
115 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index);
116 static LPWSTR HTTP_build_req( LPCWSTR *list, int len );
117 static BOOL WINAPI HTTP_HttpQueryInfoW( LPWININETHTTPREQW lpwhr, DWORD
118         dwInfoLevel, LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD
119         lpdwIndex);
120 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl);
121 static UINT HTTP_DecodeBase64(LPCWSTR base64, LPSTR bin);
122 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field);
123 static void HTTP_DrainContent(WININETHTTPREQW *req);
124
125 LPHTTPHEADERW HTTP_GetHeader(LPWININETHTTPREQW req, LPCWSTR head)
126 {
127     int HeaderIndex = 0;
128     HeaderIndex = HTTP_GetCustomHeaderIndex(req, head, 0, TRUE);
129     if (HeaderIndex == -1)
130         return NULL;
131     else
132         return &req->pCustHeaders[HeaderIndex];
133 }
134
135 /***********************************************************************
136  *           HTTP_Tokenize (internal)
137  *
138  *  Tokenize a string, allocating memory for the tokens.
139  */
140 static LPWSTR * HTTP_Tokenize(LPCWSTR string, LPCWSTR token_string)
141 {
142     LPWSTR * token_array;
143     int tokens = 0;
144     int i;
145     LPCWSTR next_token;
146
147     /* empty string has no tokens */
148     if (*string)
149         tokens++;
150     /* count tokens */
151     for (i = 0; string[i]; i++)
152         if (!strncmpW(string+i, token_string, strlenW(token_string)))
153         {
154             DWORD j;
155             tokens++;
156             /* we want to skip over separators, but not the null terminator */
157             for (j = 0; j < strlenW(token_string) - 1; j++)
158                 if (!string[i+j])
159                     break;
160             i += j;
161         }
162
163     /* add 1 for terminating NULL */
164     token_array = HeapAlloc(GetProcessHeap(), 0, (tokens+1) * sizeof(*token_array));
165     token_array[tokens] = NULL;
166     if (!tokens)
167         return token_array;
168     for (i = 0; i < tokens; i++)
169     {
170         int len;
171         next_token = strstrW(string, token_string);
172         if (!next_token) next_token = string+strlenW(string);
173         len = next_token - string;
174         token_array[i] = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
175         memcpy(token_array[i], string, len*sizeof(WCHAR));
176         token_array[i][len] = '\0';
177         string = next_token+strlenW(token_string);
178     }
179     return token_array;
180 }
181
182 /***********************************************************************
183  *           HTTP_FreeTokens (internal)
184  *
185  *  Frees memory returned from HTTP_Tokenize.
186  */
187 static void HTTP_FreeTokens(LPWSTR * token_array)
188 {
189     int i;
190     for (i = 0; token_array[i]; i++)
191         HeapFree(GetProcessHeap(), 0, token_array[i]);
192     HeapFree(GetProcessHeap(), 0, token_array);
193 }
194
195 /* **********************************************************************
196  * 
197  * Helper functions for the HttpSendRequest(Ex) functions
198  * 
199  */
200 static void AsyncHttpSendRequestProc(WORKREQUEST *workRequest)
201 {
202     struct WORKREQ_HTTPSENDREQUESTW const *req = &workRequest->u.HttpSendRequestW;
203     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) workRequest->hdr;
204
205     TRACE("%p\n", lpwhr);
206
207     HTTP_HttpSendRequestW(lpwhr, req->lpszHeader,
208             req->dwHeaderLength, req->lpOptional, req->dwOptionalLength,
209             req->dwContentLength, req->bEndRequest);
210
211     HeapFree(GetProcessHeap(), 0, req->lpszHeader);
212 }
213
214 static void HTTP_FixURL( LPWININETHTTPREQW lpwhr)
215 {
216     static const WCHAR szSlash[] = { '/',0 };
217     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/', 0 };
218
219     /* If we don't have a path we set it to root */
220     if (NULL == lpwhr->lpszPath)
221         lpwhr->lpszPath = WININET_strdupW(szSlash);
222     else /* remove \r and \n*/
223     {
224         int nLen = strlenW(lpwhr->lpszPath);
225         while ((nLen >0 ) && ((lpwhr->lpszPath[nLen-1] == '\r')||(lpwhr->lpszPath[nLen-1] == '\n')))
226         {
227             nLen--;
228             lpwhr->lpszPath[nLen]='\0';
229         }
230         /* Replace '\' with '/' */
231         while (nLen>0) {
232             nLen--;
233             if (lpwhr->lpszPath[nLen] == '\\') lpwhr->lpszPath[nLen]='/';
234         }
235     }
236
237     if(CSTR_EQUAL != CompareStringW( LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
238                        lpwhr->lpszPath, strlenW(lpwhr->lpszPath), szHttp, strlenW(szHttp) )
239        && lpwhr->lpszPath[0] != '/') /* not an absolute path ?? --> fix it !! */
240     {
241         WCHAR *fixurl = HeapAlloc(GetProcessHeap(), 0, 
242                              (strlenW(lpwhr->lpszPath) + 2)*sizeof(WCHAR));
243         *fixurl = '/';
244         strcpyW(fixurl + 1, lpwhr->lpszPath);
245         HeapFree( GetProcessHeap(), 0, lpwhr->lpszPath );
246         lpwhr->lpszPath = fixurl;
247     }
248 }
249
250 static LPWSTR HTTP_BuildHeaderRequestString( LPWININETHTTPREQW lpwhr, LPCWSTR verb, LPCWSTR path, LPCWSTR version )
251 {
252     LPWSTR requestString;
253     DWORD len, n;
254     LPCWSTR *req;
255     UINT i;
256     LPWSTR p;
257
258     static const WCHAR szSpace[] = { ' ',0 };
259     static const WCHAR szcrlf[] = {'\r','\n', 0};
260     static const WCHAR szColon[] = { ':',' ',0 };
261     static const WCHAR sztwocrlf[] = {'\r','\n','\r','\n', 0};
262
263     /* allocate space for an array of all the string pointers to be added */
264     len = (lpwhr->nCustHeaders)*4 + 10;
265     req = HeapAlloc( GetProcessHeap(), 0, len*sizeof(LPCWSTR) );
266
267     /* add the verb, path and HTTP version string */
268     n = 0;
269     req[n++] = verb;
270     req[n++] = szSpace;
271     req[n++] = path;
272     req[n++] = szSpace;
273     req[n++] = version;
274
275     /* Append custom request headers */
276     for (i = 0; i < lpwhr->nCustHeaders; i++)
277     {
278         if (lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST)
279         {
280             req[n++] = szcrlf;
281             req[n++] = lpwhr->pCustHeaders[i].lpszField;
282             req[n++] = szColon;
283             req[n++] = lpwhr->pCustHeaders[i].lpszValue;
284
285             TRACE("Adding custom header %s (%s)\n",
286                    debugstr_w(lpwhr->pCustHeaders[i].lpszField),
287                    debugstr_w(lpwhr->pCustHeaders[i].lpszValue));
288         }
289     }
290
291     if( n >= len )
292         ERR("oops. buffer overrun\n");
293
294     req[n] = NULL;
295     requestString = HTTP_build_req( req, 4 );
296     HeapFree( GetProcessHeap(), 0, req );
297
298     /*
299      * Set (header) termination string for request
300      * Make sure there's exactly two new lines at the end of the request
301      */
302     p = &requestString[strlenW(requestString)-1];
303     while ( (*p == '\n') || (*p == '\r') )
304        p--;
305     strcpyW( p+1, sztwocrlf );
306     
307     return requestString;
308 }
309
310 static void HTTP_ProcessCookies( LPWININETHTTPREQW lpwhr )
311 {
312     static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
313     int HeaderIndex;
314     LPHTTPHEADERW setCookieHeader;
315
316     HeaderIndex = HTTP_GetCustomHeaderIndex(lpwhr, szSet_Cookie, 0, FALSE);
317     if (HeaderIndex == -1)
318             return;
319     setCookieHeader = &lpwhr->pCustHeaders[HeaderIndex];
320
321     if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES) && setCookieHeader->lpszValue)
322     {
323         int nPosStart = 0, nPosEnd = 0, len;
324         static const WCHAR szFmt[] = { 'h','t','t','p',':','/','/','%','s','/',0};
325
326         while (setCookieHeader->lpszValue[nPosEnd] != '\0')
327         {
328             LPWSTR buf_cookie, cookie_name, cookie_data;
329             LPWSTR buf_url;
330             LPWSTR domain = NULL;
331             LPHTTPHEADERW Host;
332
333             int nEqualPos = 0;
334             while (setCookieHeader->lpszValue[nPosEnd] != ';' && setCookieHeader->lpszValue[nPosEnd] != ',' &&
335                    setCookieHeader->lpszValue[nPosEnd] != '\0')
336             {
337                 nPosEnd++;
338             }
339             if (setCookieHeader->lpszValue[nPosEnd] == ';')
340             {
341                 /* fixme: not case sensitive, strcasestr is gnu only */
342                 int nDomainPosEnd = 0;
343                 int nDomainPosStart = 0, nDomainLength = 0;
344                 static const WCHAR szDomain[] = {'d','o','m','a','i','n','=',0};
345                 LPWSTR lpszDomain = strstrW(&setCookieHeader->lpszValue[nPosEnd], szDomain);
346                 if (lpszDomain)
347                 { /* they have specified their own domain, lets use it */
348                     while (lpszDomain[nDomainPosEnd] != ';' && lpszDomain[nDomainPosEnd] != ',' &&
349                            lpszDomain[nDomainPosEnd] != '\0')
350                     {
351                         nDomainPosEnd++;
352                     }
353                     nDomainPosStart = strlenW(szDomain);
354                     nDomainLength = (nDomainPosEnd - nDomainPosStart) + 1;
355                     domain = HeapAlloc(GetProcessHeap(), 0, (nDomainLength + 1)*sizeof(WCHAR));
356                     lstrcpynW(domain, &lpszDomain[nDomainPosStart], nDomainLength + 1);
357                 }
358             }
359             if (setCookieHeader->lpszValue[nPosEnd] == '\0') break;
360             buf_cookie = HeapAlloc(GetProcessHeap(), 0, ((nPosEnd - nPosStart) + 1)*sizeof(WCHAR));
361             lstrcpynW(buf_cookie, &setCookieHeader->lpszValue[nPosStart], (nPosEnd - nPosStart) + 1);
362             TRACE("%s\n", debugstr_w(buf_cookie));
363             while (buf_cookie[nEqualPos] != '=' && buf_cookie[nEqualPos] != '\0')
364             {
365                 nEqualPos++;
366             }
367             if (buf_cookie[nEqualPos] == '\0' || buf_cookie[nEqualPos + 1] == '\0')
368             {
369                 HeapFree(GetProcessHeap(), 0, buf_cookie);
370                 break;
371             }
372
373             cookie_name = HeapAlloc(GetProcessHeap(), 0, (nEqualPos + 1)*sizeof(WCHAR));
374             lstrcpynW(cookie_name, buf_cookie, nEqualPos + 1);
375             cookie_data = &buf_cookie[nEqualPos + 1];
376
377             Host = HTTP_GetHeader(lpwhr,szHost);
378             len = lstrlenW((domain ? domain : (Host?Host->lpszValue:NULL))) + 
379                 strlenW(lpwhr->lpszPath) + 9;
380             buf_url = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
381             sprintfW(buf_url, szFmt, (domain ? domain : (Host?Host->lpszValue:NULL))); /* FIXME PATH!!! */
382             InternetSetCookieW(buf_url, cookie_name, cookie_data);
383
384             HeapFree(GetProcessHeap(), 0, buf_url);
385             HeapFree(GetProcessHeap(), 0, buf_cookie);
386             HeapFree(GetProcessHeap(), 0, cookie_name);
387             HeapFree(GetProcessHeap(), 0, domain);
388             nPosStart = nPosEnd;
389         }
390     }
391 }
392
393 static inline BOOL is_basic_auth_value( LPCWSTR pszAuthValue )
394 {
395     static const WCHAR szBasic[] = {'B','a','s','i','c'}; /* Note: not nul-terminated */
396     return !strncmpiW(pszAuthValue, szBasic, ARRAYSIZE(szBasic)) &&
397         ((pszAuthValue[ARRAYSIZE(szBasic)] == ' ') || !pszAuthValue[ARRAYSIZE(szBasic)]);
398 }
399
400 static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue,
401                                   struct HttpAuthInfo **ppAuthInfo,
402                                   LPWSTR domain_and_username, LPWSTR password )
403 {
404     SECURITY_STATUS sec_status;
405     struct HttpAuthInfo *pAuthInfo = *ppAuthInfo;
406     BOOL first = FALSE;
407
408     TRACE("%s\n", debugstr_w(pszAuthValue));
409
410     if (!pAuthInfo)
411     {
412         TimeStamp exp;
413
414         first = TRUE;
415         pAuthInfo = HeapAlloc(GetProcessHeap(), 0, sizeof(*pAuthInfo));
416         if (!pAuthInfo)
417             return FALSE;
418
419         SecInvalidateHandle(&pAuthInfo->cred);
420         SecInvalidateHandle(&pAuthInfo->ctx);
421         memset(&pAuthInfo->exp, 0, sizeof(pAuthInfo->exp));
422         pAuthInfo->attr = 0;
423         pAuthInfo->auth_data = NULL;
424         pAuthInfo->auth_data_len = 0;
425         pAuthInfo->finished = FALSE;
426
427         if (is_basic_auth_value(pszAuthValue))
428         {
429             static const WCHAR szBasic[] = {'B','a','s','i','c',0};
430             pAuthInfo->scheme = WININET_strdupW(szBasic);
431             if (!pAuthInfo->scheme)
432             {
433                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
434                 return FALSE;
435             }
436         }
437         else
438         {
439             PVOID pAuthData;
440             SEC_WINNT_AUTH_IDENTITY_W nt_auth_identity;
441
442             pAuthInfo->scheme = WININET_strdupW(pszAuthValue);
443             if (!pAuthInfo->scheme)
444             {
445                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
446                 return FALSE;
447             }
448
449             if (domain_and_username)
450             {
451                 WCHAR *user = strchrW(domain_and_username, '\\');
452                 WCHAR *domain = domain_and_username;
453
454                 /* FIXME: make sure scheme accepts SEC_WINNT_AUTH_IDENTITY before calling AcquireCredentialsHandle */
455
456                 pAuthData = &nt_auth_identity;
457
458                 if (user) user++;
459                 else
460                 {
461                     user = domain_and_username;
462                     domain = NULL;
463                 }
464
465                 nt_auth_identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
466                 nt_auth_identity.User = user;
467                 nt_auth_identity.UserLength = strlenW(nt_auth_identity.User);
468                 nt_auth_identity.Domain = domain;
469                 nt_auth_identity.DomainLength = domain ? user - domain - 1 : 0;
470                 nt_auth_identity.Password = password;
471                 nt_auth_identity.PasswordLength = strlenW(nt_auth_identity.Password);
472             }
473             else
474                 /* use default credentials */
475                 pAuthData = NULL;
476
477             sec_status = AcquireCredentialsHandleW(NULL, pAuthInfo->scheme,
478                                                    SECPKG_CRED_OUTBOUND, NULL,
479                                                    pAuthData, NULL,
480                                                    NULL, &pAuthInfo->cred,
481                                                    &exp);
482             if (sec_status == SEC_E_OK)
483             {
484                 PSecPkgInfoW sec_pkg_info;
485                 sec_status = QuerySecurityPackageInfoW(pAuthInfo->scheme, &sec_pkg_info);
486                 if (sec_status == SEC_E_OK)
487                 {
488                     pAuthInfo->max_token = sec_pkg_info->cbMaxToken;
489                     FreeContextBuffer(sec_pkg_info);
490                 }
491             }
492             if (sec_status != SEC_E_OK)
493             {
494                 WARN("AcquireCredentialsHandleW for scheme %s failed with error 0x%08x\n",
495                      debugstr_w(pAuthInfo->scheme), sec_status);
496                 HeapFree(GetProcessHeap(), 0, pAuthInfo->scheme);
497                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
498                 return FALSE;
499             }
500         }
501         *ppAuthInfo = pAuthInfo;
502     }
503     else if (pAuthInfo->finished)
504         return FALSE;
505
506     if ((strlenW(pszAuthValue) < strlenW(pAuthInfo->scheme)) ||
507         strncmpiW(pszAuthValue, pAuthInfo->scheme, strlenW(pAuthInfo->scheme)))
508     {
509         ERR("authentication scheme changed from %s to %s\n",
510             debugstr_w(pAuthInfo->scheme), debugstr_w(pszAuthValue));
511         return FALSE;
512     }
513
514     if (is_basic_auth_value(pszAuthValue))
515     {
516         int userlen;
517         int passlen;
518         char *auth_data;
519
520         TRACE("basic authentication\n");
521
522         /* we don't cache credentials for basic authentication, so we can't
523          * retrieve them if the application didn't pass us any credentials */
524         if (!domain_and_username) return FALSE;
525
526         userlen = WideCharToMultiByte(CP_UTF8, 0, domain_and_username, lstrlenW(domain_and_username), NULL, 0, NULL, NULL);
527         passlen = WideCharToMultiByte(CP_UTF8, 0, password, lstrlenW(password), NULL, 0, NULL, NULL);
528
529         /* length includes a nul terminator, which will be re-used for the ':' */
530         auth_data = HeapAlloc(GetProcessHeap(), 0, userlen + 1 + passlen);
531         if (!auth_data)
532             return FALSE;
533
534         WideCharToMultiByte(CP_UTF8, 0, domain_and_username, -1, auth_data, userlen, NULL, NULL);
535         auth_data[userlen] = ':';
536         WideCharToMultiByte(CP_UTF8, 0, password, -1, &auth_data[userlen+1], passlen, NULL, NULL);
537
538         pAuthInfo->auth_data = auth_data;
539         pAuthInfo->auth_data_len = userlen + 1 + passlen;
540         pAuthInfo->finished = TRUE;
541
542         return TRUE;
543     }
544     else
545     {
546         LPCWSTR pszAuthData;
547         SecBufferDesc out_desc, in_desc;
548         SecBuffer out, in;
549         unsigned char *buffer;
550         ULONG context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE |
551             ISC_REQ_MUTUAL_AUTH | ISC_REQ_DELEGATE;
552
553         in.BufferType = SECBUFFER_TOKEN;
554         in.cbBuffer = 0;
555         in.pvBuffer = NULL;
556
557         in_desc.ulVersion = 0;
558         in_desc.cBuffers = 1;
559         in_desc.pBuffers = &in;
560
561         pszAuthData = pszAuthValue + strlenW(pAuthInfo->scheme);
562         if (*pszAuthData == ' ')
563         {
564             pszAuthData++;
565             in.cbBuffer = HTTP_DecodeBase64(pszAuthData, NULL);
566             in.pvBuffer = HeapAlloc(GetProcessHeap(), 0, in.cbBuffer);
567             HTTP_DecodeBase64(pszAuthData, in.pvBuffer);
568         }
569
570         buffer = HeapAlloc(GetProcessHeap(), 0, pAuthInfo->max_token);
571
572         out.BufferType = SECBUFFER_TOKEN;
573         out.cbBuffer = pAuthInfo->max_token;
574         out.pvBuffer = buffer;
575
576         out_desc.ulVersion = 0;
577         out_desc.cBuffers = 1;
578         out_desc.pBuffers = &out;
579
580         sec_status = InitializeSecurityContextW(first ? &pAuthInfo->cred : NULL,
581                                                 first ? NULL : &pAuthInfo->ctx,
582                                                 first ? lpwhr->lpHttpSession->lpszServerName : NULL,
583                                                 context_req, 0, SECURITY_NETWORK_DREP,
584                                                 in.pvBuffer ? &in_desc : NULL,
585                                                 0, &pAuthInfo->ctx, &out_desc,
586                                                 &pAuthInfo->attr, &pAuthInfo->exp);
587         if (sec_status == SEC_E_OK)
588         {
589             pAuthInfo->finished = TRUE;
590             pAuthInfo->auth_data = out.pvBuffer;
591             pAuthInfo->auth_data_len = out.cbBuffer;
592             TRACE("sending last auth packet\n");
593         }
594         else if (sec_status == SEC_I_CONTINUE_NEEDED)
595         {
596             pAuthInfo->auth_data = out.pvBuffer;
597             pAuthInfo->auth_data_len = out.cbBuffer;
598             TRACE("sending next auth packet\n");
599         }
600         else
601         {
602             ERR("InitializeSecurityContextW returned error 0x%08x\n", sec_status);
603             pAuthInfo->finished = TRUE;
604             HeapFree(GetProcessHeap(), 0, out.pvBuffer);
605             return FALSE;
606         }
607     }
608
609     return TRUE;
610 }
611
612 /***********************************************************************
613  *           HTTP_HttpAddRequestHeadersW (internal)
614  */
615 static BOOL WINAPI HTTP_HttpAddRequestHeadersW(LPWININETHTTPREQW lpwhr,
616         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
617 {
618     LPWSTR lpszStart;
619     LPWSTR lpszEnd;
620     LPWSTR buffer;
621     BOOL bSuccess = FALSE;
622     DWORD len;
623
624     TRACE("copying header: %s\n", debugstr_wn(lpszHeader, dwHeaderLength));
625
626     if( dwHeaderLength == ~0U )
627         len = strlenW(lpszHeader);
628     else
629         len = dwHeaderLength;
630     buffer = HeapAlloc( GetProcessHeap(), 0, sizeof(WCHAR)*(len+1) );
631     lstrcpynW( buffer, lpszHeader, len + 1);
632
633     lpszStart = buffer;
634
635     do
636     {
637         LPWSTR * pFieldAndValue;
638
639         lpszEnd = lpszStart;
640
641         while (*lpszEnd != '\0')
642         {
643             if (*lpszEnd == '\r' && *(lpszEnd + 1) == '\n')
644                  break;
645             lpszEnd++;
646         }
647
648         if (*lpszStart == '\0')
649             break;
650
651         if (*lpszEnd == '\r')
652         {
653             *lpszEnd = '\0';
654             lpszEnd += 2; /* Jump over \r\n */
655         }
656         TRACE("interpreting header %s\n", debugstr_w(lpszStart));
657         pFieldAndValue = HTTP_InterpretHttpHeader(lpszStart);
658         if (pFieldAndValue)
659         {
660             bSuccess = HTTP_VerifyValidHeader(lpwhr, pFieldAndValue[0]);
661             if (bSuccess)
662                 bSuccess = HTTP_ProcessHeader(lpwhr, pFieldAndValue[0],
663                     pFieldAndValue[1], dwModifier | HTTP_ADDHDR_FLAG_REQ);
664             HTTP_FreeTokens(pFieldAndValue);
665         }
666
667         lpszStart = lpszEnd;
668     } while (bSuccess);
669
670     HeapFree(GetProcessHeap(), 0, buffer);
671
672     return bSuccess;
673 }
674
675 /***********************************************************************
676  *           HttpAddRequestHeadersW (WININET.@)
677  *
678  * Adds one or more HTTP header to the request handler
679  *
680  * NOTE
681  * On Windows if dwHeaderLength includes the trailing '\0', then
682  * HttpAddRequestHeadersW() adds it too. However this results in an
683  * invalid Http header which is rejected by some servers so we probably
684  * don't need to match Windows on that point.
685  *
686  * RETURNS
687  *    TRUE  on success
688  *    FALSE on failure
689  *
690  */
691 BOOL WINAPI HttpAddRequestHeadersW(HINTERNET hHttpRequest,
692         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
693 {
694     BOOL bSuccess = FALSE;
695     LPWININETHTTPREQW lpwhr;
696
697     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_wn(lpszHeader, dwHeaderLength), dwHeaderLength, dwModifier);
698
699     if (!lpszHeader) 
700       return TRUE;
701
702     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
703     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
704     {
705         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
706         goto lend;
707     }
708     bSuccess = HTTP_HttpAddRequestHeadersW( lpwhr, lpszHeader, dwHeaderLength, dwModifier );
709 lend:
710     if( lpwhr )
711         WININET_Release( &lpwhr->hdr );
712
713     return bSuccess;
714 }
715
716 /***********************************************************************
717  *           HttpAddRequestHeadersA (WININET.@)
718  *
719  * Adds one or more HTTP header to the request handler
720  *
721  * RETURNS
722  *    TRUE  on success
723  *    FALSE on failure
724  *
725  */
726 BOOL WINAPI HttpAddRequestHeadersA(HINTERNET hHttpRequest,
727         LPCSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
728 {
729     DWORD len;
730     LPWSTR hdr;
731     BOOL r;
732
733     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_an(lpszHeader, dwHeaderLength), dwHeaderLength, dwModifier);
734
735     len = MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, NULL, 0 );
736     hdr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
737     MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, hdr, len );
738     if( dwHeaderLength != ~0U )
739         dwHeaderLength = len;
740
741     r = HttpAddRequestHeadersW( hHttpRequest, hdr, dwHeaderLength, dwModifier );
742
743     HeapFree( GetProcessHeap(), 0, hdr );
744
745     return r;
746 }
747
748 /***********************************************************************
749  *           HttpEndRequestA (WININET.@)
750  *
751  * Ends an HTTP request that was started by HttpSendRequestEx
752  *
753  * RETURNS
754  *    TRUE      if successful
755  *    FALSE     on failure
756  *
757  */
758 BOOL WINAPI HttpEndRequestA(HINTERNET hRequest, 
759         LPINTERNET_BUFFERSA lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
760 {
761     LPINTERNET_BUFFERSA ptr;
762     LPINTERNET_BUFFERSW lpBuffersOutW,ptrW;
763     BOOL rc = FALSE;
764
765     TRACE("(%p, %p, %08x, %08lx): stub\n", hRequest, lpBuffersOut, dwFlags,
766             dwContext);
767
768     ptr = lpBuffersOut;
769     if (ptr)
770         lpBuffersOutW = (LPINTERNET_BUFFERSW)HeapAlloc(GetProcessHeap(),
771                 HEAP_ZERO_MEMORY, sizeof(INTERNET_BUFFERSW));
772     else
773         lpBuffersOutW = NULL;
774
775     ptrW = lpBuffersOutW;
776     while (ptr)
777     {
778         if (ptr->lpvBuffer && ptr->dwBufferLength)
779             ptrW->lpvBuffer = HeapAlloc(GetProcessHeap(),0,ptr->dwBufferLength);
780         ptrW->dwBufferLength = ptr->dwBufferLength;
781         ptrW->dwBufferTotal= ptr->dwBufferTotal;
782
783         if (ptr->Next)
784             ptrW->Next = HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,
785                     sizeof(INTERNET_BUFFERSW));
786
787         ptr = ptr->Next;
788         ptrW = ptrW->Next;
789     }
790
791     rc = HttpEndRequestW(hRequest, lpBuffersOutW, dwFlags, dwContext);
792
793     if (lpBuffersOutW)
794     {
795         ptrW = lpBuffersOutW;
796         while (ptrW)
797         {
798             LPINTERNET_BUFFERSW ptrW2;
799
800             FIXME("Do we need to translate info out of these buffer?\n");
801
802             HeapFree(GetProcessHeap(),0,ptrW->lpvBuffer);
803             ptrW2 = ptrW->Next;
804             HeapFree(GetProcessHeap(),0,ptrW);
805             ptrW = ptrW2;
806         }
807     }
808
809     return rc;
810 }
811
812 /***********************************************************************
813  *           HttpEndRequestW (WININET.@)
814  *
815  * Ends an HTTP request that was started by HttpSendRequestEx
816  *
817  * RETURNS
818  *    TRUE      if successful
819  *    FALSE     on failure
820  *
821  */
822 BOOL WINAPI HttpEndRequestW(HINTERNET hRequest, 
823         LPINTERNET_BUFFERSW lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
824 {
825     BOOL rc = FALSE;
826     LPWININETHTTPREQW lpwhr;
827     INT responseLen;
828     DWORD dwBufferSize;
829
830     TRACE("-->\n");
831     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
832
833     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
834     {
835         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
836         if (lpwhr)
837             WININET_Release( &lpwhr->hdr );
838         return FALSE;
839     }
840
841     lpwhr->hdr.dwFlags |= dwFlags;
842     lpwhr->hdr.dwContext = dwContext;
843
844     /* We appear to do nothing with lpBuffersOut.. is that correct? */
845
846     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
847             INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
848
849     responseLen = HTTP_GetResponseHeaders(lpwhr, TRUE);
850     if (responseLen)
851             rc = TRUE;
852
853     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
854             INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen, sizeof(DWORD));
855
856     /* process cookies here. Is this right? */
857     HTTP_ProcessCookies(lpwhr);
858
859     dwBufferSize = sizeof(lpwhr->dwContentLength);
860     if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
861                              &lpwhr->dwContentLength,&dwBufferSize,NULL))
862         lpwhr->dwContentLength = -1;
863
864     if (lpwhr->dwContentLength == 0)
865         HTTP_FinishedReading(lpwhr);
866
867     if(!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT))
868     {
869         DWORD dwCode,dwCodeLength=sizeof(DWORD);
870         if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,&dwCode,&dwCodeLength,NULL) &&
871             (dwCode==302 || dwCode==301))
872         {
873             WCHAR szNewLocation[INTERNET_MAX_URL_LENGTH];
874             dwBufferSize=sizeof(szNewLocation);
875             if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
876             {
877                 /* redirects are always GETs */
878                 HeapFree(GetProcessHeap(),0,lpwhr->lpszVerb);
879                 lpwhr->lpszVerb = WININET_strdupW(szGET);
880                 HTTP_DrainContent(lpwhr);
881                 INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
882                                       INTERNET_STATUS_REDIRECT, szNewLocation,
883                                       dwBufferSize);
884                 rc = HTTP_HandleRedirect(lpwhr, szNewLocation);
885                 if (rc)
886                     rc = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, TRUE);
887             }
888         }
889     }
890
891     WININET_Release( &lpwhr->hdr );
892     TRACE("%i <--\n",rc);
893     return rc;
894 }
895
896 /***********************************************************************
897  *           HttpOpenRequestW (WININET.@)
898  *
899  * Open a HTTP request handle
900  *
901  * RETURNS
902  *    HINTERNET  a HTTP request handle on success
903  *    NULL       on failure
904  *
905  */
906 HINTERNET WINAPI HttpOpenRequestW(HINTERNET hHttpSession,
907         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
908         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
909         DWORD dwFlags, DWORD_PTR dwContext)
910 {
911     LPWININETHTTPSESSIONW lpwhs;
912     HINTERNET handle = NULL;
913
914     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
915           debugstr_w(lpszVerb), debugstr_w(lpszObjectName),
916           debugstr_w(lpszVersion), debugstr_w(lpszReferrer), lpszAcceptTypes,
917           dwFlags, dwContext);
918     if(lpszAcceptTypes!=NULL)
919     {
920         int i;
921         for(i=0;lpszAcceptTypes[i]!=NULL;i++)
922             TRACE("\taccept type: %s\n",debugstr_w(lpszAcceptTypes[i]));
923     }    
924
925     lpwhs = (LPWININETHTTPSESSIONW) WININET_GetObject( hHttpSession );
926     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
927     {
928         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
929         goto lend;
930     }
931
932     /*
933      * My tests seem to show that the windows version does not
934      * become asynchronous until after this point. And anyhow
935      * if this call was asynchronous then how would you get the
936      * necessary HINTERNET pointer returned by this function.
937      *
938      */
939     handle = HTTP_HttpOpenRequestW(lpwhs, lpszVerb, lpszObjectName,
940                                    lpszVersion, lpszReferrer, lpszAcceptTypes,
941                                    dwFlags, dwContext);
942 lend:
943     if( lpwhs )
944         WININET_Release( &lpwhs->hdr );
945     TRACE("returning %p\n", handle);
946     return handle;
947 }
948
949
950 /***********************************************************************
951  *           HttpOpenRequestA (WININET.@)
952  *
953  * Open a HTTP request handle
954  *
955  * RETURNS
956  *    HINTERNET  a HTTP request handle on success
957  *    NULL       on failure
958  *
959  */
960 HINTERNET WINAPI HttpOpenRequestA(HINTERNET hHttpSession,
961         LPCSTR lpszVerb, LPCSTR lpszObjectName, LPCSTR lpszVersion,
962         LPCSTR lpszReferrer , LPCSTR *lpszAcceptTypes,
963         DWORD dwFlags, DWORD_PTR dwContext)
964 {
965     LPWSTR szVerb = NULL, szObjectName = NULL;
966     LPWSTR szVersion = NULL, szReferrer = NULL, *szAcceptTypes = NULL;
967     INT len, acceptTypesCount;
968     HINTERNET rc = FALSE;
969     LPCSTR *types;
970
971     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
972           debugstr_a(lpszVerb), debugstr_a(lpszObjectName),
973           debugstr_a(lpszVersion), debugstr_a(lpszReferrer), lpszAcceptTypes,
974           dwFlags, dwContext);
975
976     if (lpszVerb)
977     {
978         len = MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, NULL, 0 );
979         szVerb = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
980         if ( !szVerb )
981             goto end;
982         MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, szVerb, len);
983     }
984
985     if (lpszObjectName)
986     {
987         len = MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, NULL, 0 );
988         szObjectName = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
989         if ( !szObjectName )
990             goto end;
991         MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, szObjectName, len );
992     }
993
994     if (lpszVersion)
995     {
996         len = MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, NULL, 0 );
997         szVersion = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
998         if ( !szVersion )
999             goto end;
1000         MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, szVersion, len );
1001     }
1002
1003     if (lpszReferrer)
1004     {
1005         len = MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, NULL, 0 );
1006         szReferrer = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1007         if ( !szReferrer )
1008             goto end;
1009         MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, szReferrer, len );
1010     }
1011
1012     if (lpszAcceptTypes)
1013     {
1014         acceptTypesCount = 0;
1015         types = lpszAcceptTypes;
1016         while (*types)
1017         {
1018             /* find out how many there are */
1019             if (((ULONG_PTR)*types >> 16) && **types)
1020             {
1021                 TRACE("accept type: %s\n", debugstr_a(*types));
1022                 acceptTypesCount++;
1023             }
1024             types++;
1025         }
1026         szAcceptTypes = HeapAlloc(GetProcessHeap(), 0, sizeof(WCHAR *) * (acceptTypesCount+1));
1027         if (!szAcceptTypes) goto end;
1028
1029         acceptTypesCount = 0;
1030         types = lpszAcceptTypes;
1031         while (*types)
1032         {
1033             if (((ULONG_PTR)*types >> 16) && **types)
1034             {
1035                 len = MultiByteToWideChar(CP_ACP, 0, *types, -1, NULL, 0 );
1036                 szAcceptTypes[acceptTypesCount] = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1037                 if (!szAcceptTypes[acceptTypesCount]) goto end;
1038
1039                 MultiByteToWideChar(CP_ACP, 0, *types, -1, szAcceptTypes[acceptTypesCount], len);
1040                 acceptTypesCount++;
1041             }
1042             types++;
1043         }
1044         szAcceptTypes[acceptTypesCount] = NULL;
1045     }
1046     else szAcceptTypes = 0;
1047
1048     rc = HttpOpenRequestW(hHttpSession, szVerb, szObjectName,
1049                           szVersion, szReferrer,
1050                           (LPCWSTR*)szAcceptTypes, dwFlags, dwContext);
1051
1052 end:
1053     if (szAcceptTypes)
1054     {
1055         acceptTypesCount = 0;
1056         while (szAcceptTypes[acceptTypesCount])
1057         {
1058             HeapFree(GetProcessHeap(), 0, szAcceptTypes[acceptTypesCount]);
1059             acceptTypesCount++;
1060         }
1061         HeapFree(GetProcessHeap(), 0, szAcceptTypes);
1062     }
1063     HeapFree(GetProcessHeap(), 0, szReferrer);
1064     HeapFree(GetProcessHeap(), 0, szVersion);
1065     HeapFree(GetProcessHeap(), 0, szObjectName);
1066     HeapFree(GetProcessHeap(), 0, szVerb);
1067
1068     return rc;
1069 }
1070
1071 /***********************************************************************
1072  *  HTTP_EncodeBase64
1073  */
1074 static UINT HTTP_EncodeBase64( LPCSTR bin, unsigned int len, LPWSTR base64 )
1075 {
1076     UINT n = 0, x;
1077     static const CHAR HTTP_Base64Enc[] =
1078         "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
1079
1080     while( len > 0 )
1081     {
1082         /* first 6 bits, all from bin[0] */
1083         base64[n++] = HTTP_Base64Enc[(bin[0] & 0xfc) >> 2];
1084         x = (bin[0] & 3) << 4;
1085
1086         /* next 6 bits, 2 from bin[0] and 4 from bin[1] */
1087         if( len == 1 )
1088         {
1089             base64[n++] = HTTP_Base64Enc[x];
1090             base64[n++] = '=';
1091             base64[n++] = '=';
1092             break;
1093         }
1094         base64[n++] = HTTP_Base64Enc[ x | ( (bin[1]&0xf0) >> 4 ) ];
1095         x = ( bin[1] & 0x0f ) << 2;
1096
1097         /* next 6 bits 4 from bin[1] and 2 from bin[2] */
1098         if( len == 2 )
1099         {
1100             base64[n++] = HTTP_Base64Enc[x];
1101             base64[n++] = '=';
1102             break;
1103         }
1104         base64[n++] = HTTP_Base64Enc[ x | ( (bin[2]&0xc0 ) >> 6 ) ];
1105
1106         /* last 6 bits, all from bin [2] */
1107         base64[n++] = HTTP_Base64Enc[ bin[2] & 0x3f ];
1108         bin += 3;
1109         len -= 3;
1110     }
1111     base64[n] = 0;
1112     return n;
1113 }
1114
1115 #define CH(x) (((x) >= 'A' && (x) <= 'Z') ? (x) - 'A' : \
1116                ((x) >= 'a' && (x) <= 'z') ? (x) - 'a' + 26 : \
1117                ((x) >= '0' && (x) <= '9') ? (x) - '0' + 52 : \
1118                ((x) == '+') ? 62 : ((x) == '/') ? 63 : -1)
1119 static const signed char HTTP_Base64Dec[256] =
1120 {
1121     CH( 0),CH( 1),CH( 2),CH( 3),CH( 4),CH( 5),CH( 6),CH( 7),CH( 8),CH( 9),
1122     CH(10),CH(11),CH(12),CH(13),CH(14),CH(15),CH(16),CH(17),CH(18),CH(19),
1123     CH(20),CH(21),CH(22),CH(23),CH(24),CH(25),CH(26),CH(27),CH(28),CH(29),
1124     CH(30),CH(31),CH(32),CH(33),CH(34),CH(35),CH(36),CH(37),CH(38),CH(39),
1125     CH(40),CH(41),CH(42),CH(43),CH(44),CH(45),CH(46),CH(47),CH(48),CH(49),
1126     CH(50),CH(51),CH(52),CH(53),CH(54),CH(55),CH(56),CH(57),CH(58),CH(59),
1127     CH(60),CH(61),CH(62),CH(63),CH(64),CH(65),CH(66),CH(67),CH(68),CH(69),
1128     CH(70),CH(71),CH(72),CH(73),CH(74),CH(75),CH(76),CH(77),CH(78),CH(79),
1129     CH(80),CH(81),CH(82),CH(83),CH(84),CH(85),CH(86),CH(87),CH(88),CH(89),
1130     CH(90),CH(91),CH(92),CH(93),CH(94),CH(95),CH(96),CH(97),CH(98),CH(99),
1131     CH(100),CH(101),CH(102),CH(103),CH(104),CH(105),CH(106),CH(107),CH(108),CH(109),
1132     CH(110),CH(111),CH(112),CH(113),CH(114),CH(115),CH(116),CH(117),CH(118),CH(119),
1133     CH(120),CH(121),CH(122),CH(123),CH(124),CH(125),CH(126),CH(127),CH(128),CH(129),
1134     CH(130),CH(131),CH(132),CH(133),CH(134),CH(135),CH(136),CH(137),CH(138),CH(139),
1135     CH(140),CH(141),CH(142),CH(143),CH(144),CH(145),CH(146),CH(147),CH(148),CH(149),
1136     CH(150),CH(151),CH(152),CH(153),CH(154),CH(155),CH(156),CH(157),CH(158),CH(159),
1137     CH(160),CH(161),CH(162),CH(163),CH(164),CH(165),CH(166),CH(167),CH(168),CH(169),
1138     CH(170),CH(171),CH(172),CH(173),CH(174),CH(175),CH(176),CH(177),CH(178),CH(179),
1139     CH(180),CH(181),CH(182),CH(183),CH(184),CH(185),CH(186),CH(187),CH(188),CH(189),
1140     CH(190),CH(191),CH(192),CH(193),CH(194),CH(195),CH(196),CH(197),CH(198),CH(199),
1141     CH(200),CH(201),CH(202),CH(203),CH(204),CH(205),CH(206),CH(207),CH(208),CH(209),
1142     CH(210),CH(211),CH(212),CH(213),CH(214),CH(215),CH(216),CH(217),CH(218),CH(219),
1143     CH(220),CH(221),CH(222),CH(223),CH(224),CH(225),CH(226),CH(227),CH(228),CH(229),
1144     CH(230),CH(231),CH(232),CH(233),CH(234),CH(235),CH(236),CH(237),CH(238),CH(239),
1145     CH(240),CH(241),CH(242),CH(243),CH(244),CH(245),CH(246),CH(247),CH(248), CH(249),
1146     CH(250),CH(251),CH(252),CH(253),CH(254),CH(255),
1147 };
1148 #undef CH
1149
1150 /***********************************************************************
1151  *  HTTP_DecodeBase64
1152  */
1153 static UINT HTTP_DecodeBase64( LPCWSTR base64, LPSTR bin )
1154 {
1155     unsigned int n = 0;
1156
1157     while(*base64)
1158     {
1159         signed char in[4];
1160
1161         if (base64[0] >= ARRAYSIZE(HTTP_Base64Dec) ||
1162             ((in[0] = HTTP_Base64Dec[base64[0]]) == -1) ||
1163             base64[1] >= ARRAYSIZE(HTTP_Base64Dec) ||
1164             ((in[1] = HTTP_Base64Dec[base64[1]]) == -1))
1165         {
1166             WARN("invalid base64: %s\n", debugstr_w(base64));
1167             return 0;
1168         }
1169         if (bin)
1170             bin[n] = (unsigned char) (in[0] << 2 | in[1] >> 4);
1171         n++;
1172
1173         if ((base64[2] == '=') && (base64[3] == '='))
1174             break;
1175         if (base64[2] > ARRAYSIZE(HTTP_Base64Dec) ||
1176             ((in[2] = HTTP_Base64Dec[base64[2]]) == -1))
1177         {
1178             WARN("invalid base64: %s\n", debugstr_w(&base64[2]));
1179             return 0;
1180         }
1181         if (bin)
1182             bin[n] = (unsigned char) (in[1] << 4 | in[2] >> 2);
1183         n++;
1184
1185         if (base64[3] == '=')
1186             break;
1187         if (base64[3] > ARRAYSIZE(HTTP_Base64Dec) ||
1188             ((in[3] = HTTP_Base64Dec[base64[3]]) == -1))
1189         {
1190             WARN("invalid base64: %s\n", debugstr_w(&base64[3]));
1191             return 0;
1192         }
1193         if (bin)
1194             bin[n] = (unsigned char) (((in[2] << 6) & 0xc0) | in[3]);
1195         n++;
1196
1197         base64 += 4;
1198     }
1199
1200     return n;
1201 }
1202
1203 /***********************************************************************
1204  *  HTTP_InsertAuthorization
1205  *
1206  *   Insert or delete the authorization field in the request header.
1207  */
1208 static BOOL HTTP_InsertAuthorization( LPWININETHTTPREQW lpwhr, struct HttpAuthInfo *pAuthInfo, LPCWSTR header )
1209 {
1210     if (pAuthInfo)
1211     {
1212         static const WCHAR wszSpace[] = {' ',0};
1213         static const WCHAR wszBasic[] = {'B','a','s','i','c',0};
1214         unsigned int len;
1215         WCHAR *authorization = NULL;
1216
1217         if (pAuthInfo->auth_data_len)
1218         {
1219             /* scheme + space + base64 encoded data (3/2/1 bytes data -> 4 bytes of characters) */
1220             len = strlenW(pAuthInfo->scheme)+1+((pAuthInfo->auth_data_len+2)*4)/3;
1221             authorization = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
1222             if (!authorization)
1223                 return FALSE;
1224
1225             strcpyW(authorization, pAuthInfo->scheme);
1226             strcatW(authorization, wszSpace);
1227             HTTP_EncodeBase64(pAuthInfo->auth_data,
1228                               pAuthInfo->auth_data_len,
1229                               authorization+strlenW(authorization));
1230
1231             /* clear the data as it isn't valid now that it has been sent to the
1232              * server, unless it's Basic authentication which doesn't do
1233              * connection tracking */
1234             if (strcmpiW(pAuthInfo->scheme, wszBasic))
1235             {
1236                 HeapFree(GetProcessHeap(), 0, pAuthInfo->auth_data);
1237                 pAuthInfo->auth_data = NULL;
1238                 pAuthInfo->auth_data_len = 0;
1239             }
1240         }
1241
1242         TRACE("Inserting authorization: %s\n", debugstr_w(authorization));
1243
1244         HTTP_ProcessHeader(lpwhr, header, authorization, HTTP_ADDHDR_FLAG_REQ | HTTP_ADDHDR_FLAG_REPLACE);
1245
1246         HeapFree(GetProcessHeap(), 0, authorization);
1247     }
1248     return TRUE;
1249 }
1250
1251 static WCHAR *HTTP_BuildProxyRequestUrl(WININETHTTPREQW *req)
1252 {
1253     WCHAR new_location[INTERNET_MAX_URL_LENGTH], *url;
1254     DWORD size;
1255
1256     size = sizeof(new_location);
1257     if (HTTP_HttpQueryInfoW(req, HTTP_QUERY_LOCATION, new_location, &size, NULL))
1258     {
1259         if (!(url = HeapAlloc( GetProcessHeap(), 0, size + sizeof(WCHAR) ))) return NULL;
1260         strcpyW( url, new_location );
1261     }
1262     else
1263     {
1264         static const WCHAR slash[] = { '/',0 };
1265         static const WCHAR format[] = { 'h','t','t','p',':','/','/','%','s',':','%','d',0 };
1266         static const WCHAR formatSSL[] = { 'h','t','t','p','s',':','/','/','%','s',':','%','d',0 };
1267         WININETHTTPSESSIONW *session = req->lpHttpSession;
1268
1269         size = 16; /* "https://" + sizeof(port#) + ":/\0" */
1270         size += strlenW( session->lpszHostName ) + strlenW( req->lpszPath );
1271
1272         if (!(url = HeapAlloc( GetProcessHeap(), 0, size * sizeof(WCHAR) ))) return NULL;
1273
1274         if (req->hdr.dwFlags & INTERNET_FLAG_SECURE)
1275             sprintfW( url, formatSSL, session->lpszHostName, session->nHostPort );
1276         else
1277             sprintfW( url, format, session->lpszHostName, session->nHostPort );
1278         if (req->lpszPath[0] != '/') strcatW( url, slash );
1279         strcatW( url, req->lpszPath );
1280     }
1281     TRACE("url=%s\n", debugstr_w(url));
1282     return url;
1283 }
1284
1285 /***********************************************************************
1286  *           HTTP_DealWithProxy
1287  */
1288 static BOOL HTTP_DealWithProxy( LPWININETAPPINFOW hIC,
1289     LPWININETHTTPSESSIONW lpwhs, LPWININETHTTPREQW lpwhr)
1290 {
1291     WCHAR buf[MAXHOSTNAME];
1292     WCHAR proxy[MAXHOSTNAME + 15]; /* 15 == "http://" + sizeof(port#) + ":/\0" */
1293     static WCHAR szNul[] = { 0 };
1294     URL_COMPONENTSW UrlComponents;
1295     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/',0 };
1296     static const WCHAR szFormat[] = { 'h','t','t','p',':','/','/','%','s',0 };
1297
1298     memset( &UrlComponents, 0, sizeof UrlComponents );
1299     UrlComponents.dwStructSize = sizeof UrlComponents;
1300     UrlComponents.lpszHostName = buf;
1301     UrlComponents.dwHostNameLength = MAXHOSTNAME;
1302
1303     if( CSTR_EQUAL != CompareStringW(LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
1304                                  hIC->lpszProxy,strlenW(szHttp),szHttp,strlenW(szHttp)) )
1305         sprintfW(proxy, szFormat, hIC->lpszProxy);
1306     else
1307         strcpyW(proxy, hIC->lpszProxy);
1308     if( !InternetCrackUrlW(proxy, 0, 0, &UrlComponents) )
1309         return FALSE;
1310     if( UrlComponents.dwHostNameLength == 0 )
1311         return FALSE;
1312
1313     if( !lpwhr->lpszPath )
1314         lpwhr->lpszPath = szNul;
1315
1316     if(UrlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
1317         UrlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
1318
1319     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
1320     lpwhs->lpszServerName = WININET_strdupW(UrlComponents.lpszHostName);
1321     lpwhs->nServerPort = UrlComponents.nPort;
1322
1323     TRACE("proxy server=%s port=%d\n", debugstr_w(lpwhs->lpszServerName), lpwhs->nServerPort);
1324     return TRUE;
1325 }
1326
1327 static BOOL HTTP_ResolveName(LPWININETHTTPREQW lpwhr)
1328 {
1329     char szaddr[32];
1330     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
1331
1332     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1333                           INTERNET_STATUS_RESOLVING_NAME,
1334                           lpwhs->lpszServerName,
1335                           strlenW(lpwhs->lpszServerName)+1);
1336
1337     if (!GetAddress(lpwhs->lpszServerName, lpwhs->nServerPort,
1338                     &lpwhs->socketAddress))
1339     {
1340         INTERNET_SetLastError(ERROR_INTERNET_NAME_NOT_RESOLVED);
1341         return FALSE;
1342     }
1343
1344     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
1345               szaddr, sizeof(szaddr));
1346     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1347                           INTERNET_STATUS_NAME_RESOLVED,
1348                           szaddr, strlen(szaddr)+1);
1349
1350     TRACE("resolved %s to %s\n", debugstr_w(lpwhs->lpszServerName), szaddr);
1351     return TRUE;
1352 }
1353
1354
1355 /***********************************************************************
1356  *           HTTPREQ_Destroy (internal)
1357  *
1358  * Deallocate request handle
1359  *
1360  */
1361 static void HTTPREQ_Destroy(WININETHANDLEHEADER *hdr)
1362 {
1363     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
1364     DWORD i;
1365
1366     TRACE("\n");
1367
1368     if(lpwhr->hCacheFile)
1369         CloseHandle(lpwhr->hCacheFile);
1370
1371     if(lpwhr->lpszCacheFile) {
1372         DeleteFileW(lpwhr->lpszCacheFile); /* FIXME */
1373         HeapFree(GetProcessHeap(), 0, lpwhr->lpszCacheFile);
1374     }
1375
1376     WININET_Release(&lpwhr->lpHttpSession->hdr);
1377
1378     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
1379     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVerb);
1380     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
1381     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVersion);
1382     HeapFree(GetProcessHeap(), 0, lpwhr->lpszStatusText);
1383
1384     for (i = 0; i < lpwhr->nCustHeaders; i++)
1385     {
1386         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszField);
1387         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszValue);
1388     }
1389
1390     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders);
1391     HeapFree(GetProcessHeap(), 0, lpwhr);
1392 }
1393
1394 static void HTTPREQ_CloseConnection(WININETHANDLEHEADER *hdr)
1395 {
1396     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
1397
1398     TRACE("%p\n",lpwhr);
1399
1400     if (!NETCON_connected(&lpwhr->netConnection))
1401         return;
1402
1403     if (lpwhr->pAuthInfo)
1404     {
1405         if (SecIsValidHandle(&lpwhr->pAuthInfo->ctx))
1406             DeleteSecurityContext(&lpwhr->pAuthInfo->ctx);
1407         if (SecIsValidHandle(&lpwhr->pAuthInfo->cred))
1408             FreeCredentialsHandle(&lpwhr->pAuthInfo->cred);
1409
1410         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->auth_data);
1411         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->scheme);
1412         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo);
1413         lpwhr->pAuthInfo = NULL;
1414     }
1415     if (lpwhr->pProxyAuthInfo)
1416     {
1417         if (SecIsValidHandle(&lpwhr->pProxyAuthInfo->ctx))
1418             DeleteSecurityContext(&lpwhr->pProxyAuthInfo->ctx);
1419         if (SecIsValidHandle(&lpwhr->pProxyAuthInfo->cred))
1420             FreeCredentialsHandle(&lpwhr->pProxyAuthInfo->cred);
1421
1422         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->auth_data);
1423         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->scheme);
1424         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo);
1425         lpwhr->pProxyAuthInfo = NULL;
1426     }
1427
1428     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1429                           INTERNET_STATUS_CLOSING_CONNECTION, 0, 0);
1430
1431     NETCON_close(&lpwhr->netConnection);
1432
1433     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1434                           INTERNET_STATUS_CONNECTION_CLOSED, 0, 0);
1435 }
1436
1437 static DWORD HTTPREQ_QueryOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD *size, BOOL unicode)
1438 {
1439     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1440
1441     switch(option) {
1442     case INTERNET_OPTION_HANDLE_TYPE:
1443         TRACE("INTERNET_OPTION_HANDLE_TYPE\n");
1444
1445         if (*size < sizeof(ULONG))
1446             return ERROR_INSUFFICIENT_BUFFER;
1447
1448         *size = sizeof(DWORD);
1449         *(DWORD*)buffer = INTERNET_HANDLE_TYPE_HTTP_REQUEST;
1450         return ERROR_SUCCESS;
1451
1452     case INTERNET_OPTION_URL: {
1453         WCHAR url[INTERNET_MAX_URL_LENGTH];
1454         HTTPHEADERW *host;
1455         DWORD len;
1456         WCHAR *pch;
1457
1458         static const WCHAR httpW[] = {'h','t','t','p',':','/','/',0};
1459         static const WCHAR hostW[] = {'H','o','s','t',0};
1460
1461         TRACE("INTERNET_OPTION_URL\n");
1462
1463         host = HTTP_GetHeader(req, hostW);
1464         strcpyW(url, httpW);
1465         strcatW(url, host->lpszValue);
1466         if (NULL != (pch = strchrW(url + strlenW(httpW), ':')))
1467             *pch = 0;
1468         strcatW(url, req->lpszPath);
1469
1470         TRACE("INTERNET_OPTION_URL: %s\n",debugstr_w(url));
1471
1472         if(unicode) {
1473             len = (strlenW(url)+1) * sizeof(WCHAR);
1474             if(*size < len)
1475                 return ERROR_INSUFFICIENT_BUFFER;
1476
1477             *size = len;
1478             strcpyW(buffer, url);
1479             return ERROR_SUCCESS;
1480         }else {
1481             len = WideCharToMultiByte(CP_ACP, 0, url, -1, buffer, *size, NULL, NULL);
1482             if(len > *size)
1483                 return ERROR_INSUFFICIENT_BUFFER;
1484
1485             *size = len;
1486             return ERROR_SUCCESS;
1487         }
1488     }
1489
1490     case INTERNET_OPTION_DATAFILE_NAME: {
1491         DWORD req_size;
1492
1493         TRACE("INTERNET_OPTION_DATAFILE_NAME\n");
1494
1495         if(!req->lpszCacheFile) {
1496             *size = 0;
1497             return ERROR_INTERNET_ITEM_NOT_FOUND;
1498         }
1499
1500         if(unicode) {
1501             req_size = (lstrlenW(req->lpszCacheFile)+1) * sizeof(WCHAR);
1502             if(*size < req_size)
1503                 return ERROR_INSUFFICIENT_BUFFER;
1504
1505             *size = req_size;
1506             memcpy(buffer, req->lpszCacheFile, *size);
1507             return ERROR_SUCCESS;
1508         }else {
1509             req_size = WideCharToMultiByte(CP_ACP, 0, req->lpszCacheFile, -1, NULL, 0, NULL, NULL);
1510             if (req_size > *size)
1511                 return ERROR_INSUFFICIENT_BUFFER;
1512
1513             *size = WideCharToMultiByte(CP_ACP, 0, req->lpszCacheFile,
1514                     -1, buffer, *size, NULL, NULL);
1515             return ERROR_SUCCESS;
1516         }
1517     }
1518
1519     case INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT: {
1520         PCCERT_CONTEXT context;
1521
1522         if(*size < sizeof(INTERNET_CERTIFICATE_INFOW)) {
1523             *size = sizeof(INTERNET_CERTIFICATE_INFOW);
1524             return ERROR_INSUFFICIENT_BUFFER;
1525         }
1526
1527         context = (PCCERT_CONTEXT)NETCON_GetCert(&(req->netConnection));
1528         if(context) {
1529             INTERNET_CERTIFICATE_INFOW *info = (INTERNET_CERTIFICATE_INFOW*)buffer;
1530             DWORD len;
1531
1532             memset(info, 0, sizeof(INTERNET_CERTIFICATE_INFOW));
1533             info->ftExpiry = context->pCertInfo->NotAfter;
1534             info->ftStart = context->pCertInfo->NotBefore;
1535             if(unicode) {
1536                 len = CertNameToStrW(context->dwCertEncodingType,
1537                         &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR, NULL, 0);
1538                 info->lpszSubjectInfo = LocalAlloc(0, len*sizeof(WCHAR));
1539                 if(info->lpszSubjectInfo)
1540                     CertNameToStrW(context->dwCertEncodingType,
1541                              &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR,
1542                              info->lpszSubjectInfo, len);
1543                 len = CertNameToStrW(context->dwCertEncodingType,
1544                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR, NULL, 0);
1545                 info->lpszIssuerInfo = LocalAlloc(0, len*sizeof(WCHAR));
1546                 if (info->lpszIssuerInfo)
1547                     CertNameToStrW(context->dwCertEncodingType,
1548                              &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
1549                              info->lpszIssuerInfo, len);
1550             }else {
1551                 INTERNET_CERTIFICATE_INFOA *infoA = (INTERNET_CERTIFICATE_INFOA*)info;
1552
1553                 len = CertNameToStrA(context->dwCertEncodingType,
1554                          &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR, NULL, 0);
1555                 infoA->lpszSubjectInfo = LocalAlloc(0, len);
1556                 if(infoA->lpszSubjectInfo)
1557                     CertNameToStrA(context->dwCertEncodingType,
1558                              &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR,
1559                              infoA->lpszSubjectInfo, len);
1560                 len = CertNameToStrA(context->dwCertEncodingType,
1561                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR, NULL, 0);
1562                 infoA->lpszIssuerInfo = LocalAlloc(0, len);
1563                 if(infoA->lpszIssuerInfo)
1564                     CertNameToStrA(context->dwCertEncodingType,
1565                              &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
1566                              infoA->lpszIssuerInfo, len);
1567             }
1568
1569             /*
1570              * Contrary to MSDN, these do not appear to be set.
1571              * lpszProtocolName
1572              * lpszSignatureAlgName
1573              * lpszEncryptionAlgName
1574              * dwKeySize
1575              */
1576             CertFreeCertificateContext(context);
1577             return ERROR_SUCCESS;
1578         }
1579     }
1580     }
1581
1582     return INET_QueryOption(option, buffer, size, unicode);
1583 }
1584
1585 static DWORD HTTPREQ_SetOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD size)
1586 {
1587     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1588
1589     switch(option) {
1590     case INTERNET_OPTION_SEND_TIMEOUT:
1591     case INTERNET_OPTION_RECEIVE_TIMEOUT:
1592         TRACE("INTERNET_OPTION_SEND/RECEIVE_TIMEOUT\n");
1593
1594         if (size != sizeof(DWORD))
1595             return ERROR_INVALID_PARAMETER;
1596
1597         return NETCON_set_timeout(&req->netConnection, option == INTERNET_OPTION_SEND_TIMEOUT,
1598                     *(DWORD*)buffer);
1599     }
1600
1601     return ERROR_INTERNET_INVALID_OPTION;
1602 }
1603
1604 static DWORD HTTP_Read(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1605 {
1606     int bytes_read;
1607
1608     if(!NETCON_recv(&req->netConnection, buffer, min(size, req->dwContentLength - req->dwContentRead),
1609                      sync ? MSG_WAITALL : 0, &bytes_read)) {
1610         if(req->dwContentLength != -1 && req->dwContentRead != req->dwContentLength)
1611             ERR("not all data received %d/%d\n", req->dwContentRead, req->dwContentLength);
1612
1613         /* always return success, even if the network layer returns an error */
1614         *read = 0;
1615         HTTP_FinishedReading(req);
1616         return ERROR_SUCCESS;
1617     }
1618
1619     req->dwContentRead += bytes_read;
1620     *read = bytes_read;
1621
1622     if(req->lpszCacheFile) {
1623         BOOL res;
1624         DWORD dwBytesWritten;
1625
1626         res = WriteFile(req->hCacheFile, buffer, bytes_read, &dwBytesWritten, NULL);
1627         if(!res)
1628             WARN("WriteFile failed: %u\n", GetLastError());
1629     }
1630
1631     if(!bytes_read && (req->dwContentRead == req->dwContentLength))
1632         HTTP_FinishedReading(req);
1633
1634     return ERROR_SUCCESS;
1635 }
1636
1637 static DWORD get_chunk_size(const char *buffer)
1638 {
1639     const char *p;
1640     DWORD size = 0;
1641
1642     for (p = buffer; *p; p++)
1643     {
1644         if (*p >= '0' && *p <= '9') size = size * 16 + *p - '0';
1645         else if (*p >= 'a' && *p <= 'f') size = size * 16 + *p - 'a' + 10;
1646         else if (*p >= 'A' && *p <= 'F') size = size * 16 + *p - 'A' + 10;
1647         else if (*p == ';') break;
1648     }
1649     return size;
1650 }
1651
1652 static DWORD HTTP_ReadChunked(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1653 {
1654     char reply[MAX_REPLY_LEN], *p = buffer;
1655     DWORD buflen, to_read, to_write = size;
1656     int bytes_read;
1657
1658     *read = 0;
1659     for (;;)
1660     {
1661         if (*read == size) break;
1662
1663         if (req->dwContentLength == ~0UL) /* new chunk */
1664         {
1665             buflen = sizeof(reply);
1666             if (!NETCON_getNextLine(&req->netConnection, reply, &buflen)) break;
1667
1668             if (!(req->dwContentLength = get_chunk_size(reply)))
1669             {
1670                 /* zero sized chunk marks end of transfer; read any trailing headers and return */
1671                 HTTP_GetResponseHeaders(req, FALSE);
1672                 break;
1673             }
1674         }
1675         to_read = min(to_write, req->dwContentLength - req->dwContentRead);
1676
1677         if (!NETCON_recv(&req->netConnection, p, to_read, sync ? MSG_WAITALL : 0, &bytes_read))
1678         {
1679             if (bytes_read != to_read)
1680                 ERR("Not all data received %d/%d\n", bytes_read, to_read);
1681
1682             /* always return success, even if the network layer returns an error */
1683             *read = 0;
1684             break;
1685         }
1686         if (!bytes_read) break;
1687
1688         req->dwContentRead += bytes_read;
1689         to_write -= bytes_read;
1690         *read += bytes_read;
1691
1692         if (req->lpszCacheFile)
1693         {
1694             DWORD dwBytesWritten;
1695
1696             if (!WriteFile(req->hCacheFile, p, bytes_read, &dwBytesWritten, NULL))
1697                 WARN("WriteFile failed: %u\n", GetLastError());
1698         }
1699         p += bytes_read;
1700
1701         if (req->dwContentRead == req->dwContentLength) /* chunk complete */
1702         {
1703             req->dwContentRead = 0;
1704             req->dwContentLength = ~0UL;
1705
1706             buflen = sizeof(reply);
1707             if (!NETCON_getNextLine(&req->netConnection, reply, &buflen))
1708             {
1709                 ERR("Malformed chunk\n");
1710                 *read = 0;
1711                 break;
1712             }
1713         }
1714     }
1715     if (!*read) HTTP_FinishedReading(req);
1716     return ERROR_SUCCESS;
1717 }
1718
1719 static DWORD HTTPREQ_Read(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1720 {
1721     WCHAR encoding[20];
1722     DWORD buflen = sizeof(encoding);
1723     static const WCHAR szChunked[] = {'c','h','u','n','k','e','d',0};
1724
1725     if (HTTP_HttpQueryInfoW(req, HTTP_QUERY_TRANSFER_ENCODING, encoding, &buflen, NULL) &&
1726         !strcmpiW(encoding, szChunked))
1727     {
1728         return HTTP_ReadChunked(req, buffer, size, read, sync);
1729     }
1730     else
1731         return HTTP_Read(req, buffer, size, read, sync);
1732 }
1733
1734 static DWORD HTTPREQ_ReadFile(WININETHANDLEHEADER *hdr, void *buffer, DWORD size, DWORD *read)
1735 {
1736     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1737     return HTTPREQ_Read(req, buffer, size, read, TRUE);
1738 }
1739
1740 static void HTTPREQ_AsyncReadFileExProc(WORKREQUEST *workRequest)
1741 {
1742     struct WORKREQ_INTERNETREADFILEEXA const *data = &workRequest->u.InternetReadFileExA;
1743     WININETHTTPREQW *req = (WININETHTTPREQW*)workRequest->hdr;
1744     INTERNET_ASYNC_RESULT iar;
1745     DWORD res;
1746
1747     TRACE("INTERNETREADFILEEXA %p\n", workRequest->hdr);
1748
1749     res = HTTPREQ_Read(req, data->lpBuffersOut->lpvBuffer,
1750             data->lpBuffersOut->dwBufferLength, &data->lpBuffersOut->dwBufferLength, TRUE);
1751
1752     iar.dwResult = res == ERROR_SUCCESS;
1753     iar.dwError = res;
1754
1755     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext,
1756                           INTERNET_STATUS_REQUEST_COMPLETE, &iar,
1757                           sizeof(INTERNET_ASYNC_RESULT));
1758 }
1759
1760 static DWORD HTTPREQ_ReadFileExA(WININETHANDLEHEADER *hdr, INTERNET_BUFFERSA *buffers,
1761         DWORD flags, DWORD_PTR context)
1762 {
1763
1764     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1765     DWORD res;
1766
1767     if (flags & ~(IRF_ASYNC|IRF_NO_WAIT))
1768         FIXME("these dwFlags aren't implemented: 0x%x\n", flags & ~(IRF_ASYNC|IRF_NO_WAIT));
1769
1770     if (buffers->dwStructSize != sizeof(*buffers))
1771         return ERROR_INVALID_PARAMETER;
1772
1773     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
1774
1775     if (hdr->dwFlags & INTERNET_FLAG_ASYNC) {
1776         DWORD available = 0;
1777
1778         NETCON_query_data_available(&req->netConnection, &available);
1779         if (!available)
1780         {
1781             WORKREQUEST workRequest;
1782
1783             workRequest.asyncproc = HTTPREQ_AsyncReadFileExProc;
1784             workRequest.hdr = WININET_AddRef(&req->hdr);
1785             workRequest.u.InternetReadFileExA.lpBuffersOut = buffers;
1786
1787             INTERNET_AsyncCall(&workRequest);
1788
1789             return ERROR_IO_PENDING;
1790         }
1791     }
1792
1793     res = HTTPREQ_Read(req, buffers->lpvBuffer, buffers->dwBufferLength, &buffers->dwBufferLength,
1794             !(flags & IRF_NO_WAIT));
1795
1796     if (res == ERROR_SUCCESS) {
1797         DWORD size = buffers->dwBufferLength;
1798         INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_RESPONSE_RECEIVED,
1799                 &size, sizeof(size));
1800     }
1801
1802     return res;
1803 }
1804
1805 static BOOL HTTPREQ_WriteFile(WININETHANDLEHEADER *hdr, const void *buffer, DWORD size, DWORD *written)
1806 {
1807     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW)hdr;
1808
1809     return NETCON_send(&lpwhr->netConnection, buffer, size, 0, (LPINT)written);
1810 }
1811
1812 static void HTTPREQ_AsyncQueryDataAvailableProc(WORKREQUEST *workRequest)
1813 {
1814     WININETHTTPREQW *req = (WININETHTTPREQW*)workRequest->hdr;
1815     INTERNET_ASYNC_RESULT iar;
1816     char buffer[4048];
1817
1818     TRACE("%p\n", workRequest->hdr);
1819
1820     iar.dwResult = NETCON_recv(&req->netConnection, buffer,
1821                                min(sizeof(buffer), req->dwContentLength - req->dwContentRead),
1822                                MSG_PEEK, (int *)&iar.dwError);
1823
1824     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_REQUEST_COMPLETE, &iar,
1825                           sizeof(INTERNET_ASYNC_RESULT));
1826 }
1827
1828 static DWORD HTTPREQ_QueryDataAvailable(WININETHANDLEHEADER *hdr, DWORD *available, DWORD flags, DWORD_PTR ctx)
1829 {
1830     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1831     BYTE buffer[4048];
1832     BOOL async;
1833
1834     TRACE("(%p %p %x %lx)\n", req, available, flags, ctx);
1835
1836     if(!NETCON_query_data_available(&req->netConnection, available) || *available)
1837         return ERROR_SUCCESS;
1838
1839     /* Even if we are in async mode, we need to determine whether
1840      * there is actually more data available. We do this by trying
1841      * to peek only a single byte in async mode. */
1842     async = (req->lpHttpSession->lpAppInfo->hdr.dwFlags & INTERNET_FLAG_ASYNC) != 0;
1843
1844     if (NETCON_recv(&req->netConnection, buffer,
1845                     min(async ? 1 : sizeof(buffer), req->dwContentLength - req->dwContentRead),
1846                     MSG_PEEK, (int *)available) && async && *available)
1847     {
1848         WORKREQUEST workRequest;
1849
1850         *available = 0;
1851         workRequest.asyncproc = HTTPREQ_AsyncQueryDataAvailableProc;
1852         workRequest.hdr = WININET_AddRef( &req->hdr );
1853
1854         INTERNET_AsyncCall(&workRequest);
1855
1856         return ERROR_IO_PENDING;
1857     }
1858
1859     return ERROR_SUCCESS;
1860 }
1861
1862 static const HANDLEHEADERVtbl HTTPREQVtbl = {
1863     HTTPREQ_Destroy,
1864     HTTPREQ_CloseConnection,
1865     HTTPREQ_QueryOption,
1866     HTTPREQ_SetOption,
1867     HTTPREQ_ReadFile,
1868     HTTPREQ_ReadFileExA,
1869     HTTPREQ_WriteFile,
1870     HTTPREQ_QueryDataAvailable,
1871     NULL
1872 };
1873
1874 /***********************************************************************
1875  *           HTTP_HttpOpenRequestW (internal)
1876  *
1877  * Open a HTTP request handle
1878  *
1879  * RETURNS
1880  *    HINTERNET  a HTTP request handle on success
1881  *    NULL       on failure
1882  *
1883  */
1884 HINTERNET WINAPI HTTP_HttpOpenRequestW(LPWININETHTTPSESSIONW lpwhs,
1885         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
1886         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
1887         DWORD dwFlags, DWORD_PTR dwContext)
1888 {
1889     LPWININETAPPINFOW hIC = NULL;
1890     LPWININETHTTPREQW lpwhr;
1891     LPWSTR lpszCookies;
1892     LPWSTR lpszUrl = NULL;
1893     LPWSTR lpszHostName = NULL;
1894     DWORD nCookieSize;
1895     HINTERNET handle = NULL;
1896     static const WCHAR szUrlForm[] = {'h','t','t','p',':','/','/','%','s',0};
1897     static const WCHAR szHostForm[] = {'%','s',':','%','u',0};
1898     DWORD len;
1899     LPHTTPHEADERW Host;
1900
1901     TRACE("-->\n");
1902
1903     assert( lpwhs->hdr.htype == WH_HHTTPSESSION );
1904     hIC = lpwhs->lpAppInfo;
1905
1906     lpwhr = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPREQW));
1907     if (NULL == lpwhr)
1908     {
1909         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1910         goto lend;
1911     }
1912     lpwhr->hdr.htype = WH_HHTTPREQ;
1913     lpwhr->hdr.vtbl = &HTTPREQVtbl;
1914     lpwhr->hdr.dwFlags = dwFlags;
1915     lpwhr->hdr.dwContext = dwContext;
1916     lpwhr->hdr.refs = 1;
1917     lpwhr->hdr.lpfnStatusCB = lpwhs->hdr.lpfnStatusCB;
1918     lpwhr->hdr.dwInternalFlags = lpwhs->hdr.dwInternalFlags & INET_CALLBACKW;
1919
1920     WININET_AddRef( &lpwhs->hdr );
1921     lpwhr->lpHttpSession = lpwhs;
1922     list_add_head( &lpwhs->hdr.children, &lpwhr->hdr.entry );
1923
1924     lpszHostName = HeapAlloc(GetProcessHeap(), 0, sizeof(WCHAR) *
1925             (strlenW(lpwhs->lpszHostName) + 7 /* length of ":65535" + 1 */));
1926     if (NULL == lpszHostName)
1927     {
1928         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1929         goto lend;
1930     }
1931
1932     handle = WININET_AllocHandle( &lpwhr->hdr );
1933     if (NULL == handle)
1934     {
1935         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1936         goto lend;
1937     }
1938
1939     if (!NETCON_init(&lpwhr->netConnection, dwFlags & INTERNET_FLAG_SECURE))
1940     {
1941         InternetCloseHandle( handle );
1942         handle = NULL;
1943         goto lend;
1944     }
1945
1946     if (lpszObjectName && *lpszObjectName) {
1947         HRESULT rc;
1948
1949         len = 0;
1950         rc = UrlEscapeW(lpszObjectName, NULL, &len, URL_ESCAPE_SPACES_ONLY);
1951         if (rc != E_POINTER)
1952             len = strlenW(lpszObjectName)+1;
1953         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
1954         rc = UrlEscapeW(lpszObjectName, lpwhr->lpszPath, &len,
1955                    URL_ESCAPE_SPACES_ONLY);
1956         if (rc)
1957         {
1958             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(lpszObjectName),rc);
1959             strcpyW(lpwhr->lpszPath,lpszObjectName);
1960         }
1961     }
1962
1963     if (lpszReferrer && *lpszReferrer)
1964         HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpszReferrer, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
1965
1966     if (lpszAcceptTypes)
1967     {
1968         int i;
1969         for (i = 0; lpszAcceptTypes[i]; i++)
1970         {
1971             if (!*lpszAcceptTypes[i]) continue;
1972             HTTP_ProcessHeader(lpwhr, HTTP_ACCEPT, lpszAcceptTypes[i],
1973                                HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA |
1974                                HTTP_ADDHDR_FLAG_REQ |
1975                                (i == 0 ? HTTP_ADDHDR_FLAG_REPLACE : 0));
1976         }
1977     }
1978
1979     lpwhr->lpszVerb = WININET_strdupW(lpszVerb && *lpszVerb ? lpszVerb : szGET);
1980
1981     if (lpszVersion)
1982         lpwhr->lpszVersion = WININET_strdupW(lpszVersion);
1983     else
1984         lpwhr->lpszVersion = WININET_strdupW(g_szHttp1_1);
1985
1986     if (lpwhs->nHostPort != INTERNET_INVALID_PORT_NUMBER &&
1987         lpwhs->nHostPort != INTERNET_DEFAULT_HTTP_PORT &&
1988         lpwhs->nHostPort != INTERNET_DEFAULT_HTTPS_PORT)
1989     {
1990         sprintfW(lpszHostName, szHostForm, lpwhs->lpszHostName, lpwhs->nHostPort);
1991         HTTP_ProcessHeader(lpwhr, szHost, lpszHostName,
1992                 HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
1993     }
1994     else
1995         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName,
1996                 HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
1997
1998     if (lpwhs->nServerPort == INTERNET_INVALID_PORT_NUMBER)
1999         lpwhs->nServerPort = (dwFlags & INTERNET_FLAG_SECURE ?
2000                         INTERNET_DEFAULT_HTTPS_PORT :
2001                         INTERNET_DEFAULT_HTTP_PORT);
2002
2003     if (lpwhs->nHostPort == INTERNET_INVALID_PORT_NUMBER)
2004         lpwhs->nHostPort = (dwFlags & INTERNET_FLAG_SECURE ?
2005                         INTERNET_DEFAULT_HTTPS_PORT :
2006                         INTERNET_DEFAULT_HTTP_PORT);
2007
2008     if (NULL != hIC->lpszProxy && hIC->lpszProxy[0] != 0)
2009         HTTP_DealWithProxy( hIC, lpwhs, lpwhr );
2010
2011     Host = HTTP_GetHeader(lpwhr,szHost);
2012
2013     len = lstrlenW(Host->lpszValue) + strlenW(szUrlForm);
2014     lpszUrl = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
2015     sprintfW( lpszUrl, szUrlForm, Host->lpszValue );
2016
2017     if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES) &&
2018         InternetGetCookieW(lpszUrl, NULL, NULL, &nCookieSize))
2019     {
2020         int cnt = 0;
2021         static const WCHAR szCookie[] = {'C','o','o','k','i','e',':',' ',0};
2022         static const WCHAR szcrlf[] = {'\r','\n',0};
2023
2024         lpszCookies = HeapAlloc(GetProcessHeap(), 0, (nCookieSize + 1 + 8)*sizeof(WCHAR));
2025
2026         cnt += sprintfW(lpszCookies, szCookie);
2027         InternetGetCookieW(lpszUrl, NULL, lpszCookies + cnt, &nCookieSize);
2028         strcatW(lpszCookies, szcrlf);
2029
2030         HTTP_HttpAddRequestHeadersW(lpwhr, lpszCookies, strlenW(lpszCookies),
2031                                HTTP_ADDREQ_FLAG_ADD);
2032         HeapFree(GetProcessHeap(), 0, lpszCookies);
2033     }
2034     HeapFree(GetProcessHeap(), 0, lpszUrl);
2035
2036
2037     INTERNET_SendCallback(&lpwhs->hdr, dwContext,
2038                           INTERNET_STATUS_HANDLE_CREATED, &handle,
2039                           sizeof(handle));
2040
2041 lend:
2042     HeapFree(GetProcessHeap(), 0, lpszHostName);
2043     if( lpwhr )
2044         WININET_Release( &lpwhr->hdr );
2045
2046     TRACE("<-- %p (%p)\n", handle, lpwhr);
2047     return handle;
2048 }
2049
2050 /* read any content returned by the server so that the connection can be
2051  * reused */
2052 static void HTTP_DrainContent(WININETHTTPREQW *req)
2053 {
2054     DWORD bytes_read;
2055
2056     if (!NETCON_connected(&req->netConnection)) return;
2057
2058     if (req->dwContentLength == -1)
2059         NETCON_close(&req->netConnection);
2060
2061     do
2062     {
2063         char buffer[2048];
2064         if (HTTP_Read(req, buffer, sizeof(buffer), &bytes_read, TRUE) != ERROR_SUCCESS)
2065             return;
2066     } while (bytes_read);
2067 }
2068
2069 static const WCHAR szAccept[] = { 'A','c','c','e','p','t',0 };
2070 static const WCHAR szAccept_Charset[] = { 'A','c','c','e','p','t','-','C','h','a','r','s','e','t', 0 };
2071 static const WCHAR szAccept_Encoding[] = { 'A','c','c','e','p','t','-','E','n','c','o','d','i','n','g',0 };
2072 static const WCHAR szAccept_Language[] = { 'A','c','c','e','p','t','-','L','a','n','g','u','a','g','e',0 };
2073 static const WCHAR szAccept_Ranges[] = { 'A','c','c','e','p','t','-','R','a','n','g','e','s',0 };
2074 static const WCHAR szAge[] = { 'A','g','e',0 };
2075 static const WCHAR szAllow[] = { 'A','l','l','o','w',0 };
2076 static const WCHAR szCache_Control[] = { 'C','a','c','h','e','-','C','o','n','t','r','o','l',0 };
2077 static const WCHAR szConnection[] = { 'C','o','n','n','e','c','t','i','o','n',0 };
2078 static const WCHAR szContent_Base[] = { 'C','o','n','t','e','n','t','-','B','a','s','e',0 };
2079 static const WCHAR szContent_Encoding[] = { 'C','o','n','t','e','n','t','-','E','n','c','o','d','i','n','g',0 };
2080 static const WCHAR szContent_ID[] = { 'C','o','n','t','e','n','t','-','I','D',0 };
2081 static const WCHAR szContent_Language[] = { 'C','o','n','t','e','n','t','-','L','a','n','g','u','a','g','e',0 };
2082 static const WCHAR szContent_Length[] = { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',0 };
2083 static const WCHAR szContent_Location[] = { 'C','o','n','t','e','n','t','-','L','o','c','a','t','i','o','n',0 };
2084 static const WCHAR szContent_MD5[] = { 'C','o','n','t','e','n','t','-','M','D','5',0 };
2085 static const WCHAR szContent_Range[] = { 'C','o','n','t','e','n','t','-','R','a','n','g','e',0 };
2086 static const WCHAR szContent_Transfer_Encoding[] = { 'C','o','n','t','e','n','t','-','T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
2087 static const WCHAR szContent_Type[] = { 'C','o','n','t','e','n','t','-','T','y','p','e',0 };
2088 static const WCHAR szCookie[] = { 'C','o','o','k','i','e',0 };
2089 static const WCHAR szDate[] = { 'D','a','t','e',0 };
2090 static const WCHAR szFrom[] = { 'F','r','o','m',0 };
2091 static const WCHAR szETag[] = { 'E','T','a','g',0 };
2092 static const WCHAR szExpect[] = { 'E','x','p','e','c','t',0 };
2093 static const WCHAR szExpires[] = { 'E','x','p','i','r','e','s',0 };
2094 static const WCHAR szIf_Match[] = { 'I','f','-','M','a','t','c','h',0 };
2095 static const WCHAR szIf_Modified_Since[] = { 'I','f','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2096 static const WCHAR szIf_None_Match[] = { 'I','f','-','N','o','n','e','-','M','a','t','c','h',0 };
2097 static const WCHAR szIf_Range[] = { 'I','f','-','R','a','n','g','e',0 };
2098 static const WCHAR szIf_Unmodified_Since[] = { 'I','f','-','U','n','m','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2099 static const WCHAR szLast_Modified[] = { 'L','a','s','t','-','M','o','d','i','f','i','e','d',0 };
2100 static const WCHAR szLocation[] = { 'L','o','c','a','t','i','o','n',0 };
2101 static const WCHAR szMax_Forwards[] = { 'M','a','x','-','F','o','r','w','a','r','d','s',0 };
2102 static const WCHAR szMime_Version[] = { 'M','i','m','e','-','V','e','r','s','i','o','n',0 };
2103 static const WCHAR szPragma[] = { 'P','r','a','g','m','a',0 };
2104 static const WCHAR szProxy_Authenticate[] = { 'P','r','o','x','y','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
2105 static const WCHAR szProxy_Connection[] = { 'P','r','o','x','y','-','C','o','n','n','e','c','t','i','o','n',0 };
2106 static const WCHAR szPublic[] = { 'P','u','b','l','i','c',0 };
2107 static const WCHAR szRange[] = { 'R','a','n','g','e',0 };
2108 static const WCHAR szReferer[] = { 'R','e','f','e','r','e','r',0 };
2109 static const WCHAR szRetry_After[] = { 'R','e','t','r','y','-','A','f','t','e','r',0 };
2110 static const WCHAR szServer[] = { 'S','e','r','v','e','r',0 };
2111 static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
2112 static const WCHAR szTransfer_Encoding[] = { 'T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
2113 static const WCHAR szUnless_Modified_Since[] = { 'U','n','l','e','s','s','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2114 static const WCHAR szUpgrade[] = { 'U','p','g','r','a','d','e',0 };
2115 static const WCHAR szURI[] = { 'U','R','I',0 };
2116 static const WCHAR szUser_Agent[] = { 'U','s','e','r','-','A','g','e','n','t',0 };
2117 static const WCHAR szVary[] = { 'V','a','r','y',0 };
2118 static const WCHAR szVia[] = { 'V','i','a',0 };
2119 static const WCHAR szWarning[] = { 'W','a','r','n','i','n','g',0 };
2120 static const WCHAR szWWW_Authenticate[] = { 'W','W','W','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
2121
2122 static const LPCWSTR header_lookup[] = {
2123     szMime_Version,             /* HTTP_QUERY_MIME_VERSION = 0 */
2124     szContent_Type,             /* HTTP_QUERY_CONTENT_TYPE = 1 */
2125     szContent_Transfer_Encoding,/* HTTP_QUERY_CONTENT_TRANSFER_ENCODING = 2 */
2126     szContent_ID,               /* HTTP_QUERY_CONTENT_ID = 3 */
2127     NULL,                       /* HTTP_QUERY_CONTENT_DESCRIPTION = 4 */
2128     szContent_Length,           /* HTTP_QUERY_CONTENT_LENGTH =  5 */
2129     szContent_Language,         /* HTTP_QUERY_CONTENT_LANGUAGE =  6 */
2130     szAllow,                    /* HTTP_QUERY_ALLOW = 7 */
2131     szPublic,                   /* HTTP_QUERY_PUBLIC = 8 */
2132     szDate,                     /* HTTP_QUERY_DATE = 9 */
2133     szExpires,                  /* HTTP_QUERY_EXPIRES = 10 */
2134     szLast_Modified,            /* HTTP_QUERY_LAST_MODIFIED = 11 */
2135     NULL,                       /* HTTP_QUERY_MESSAGE_ID = 12 */
2136     szURI,                      /* HTTP_QUERY_URI = 13 */
2137     szFrom,                     /* HTTP_QUERY_DERIVED_FROM = 14 */
2138     NULL,                       /* HTTP_QUERY_COST = 15 */
2139     NULL,                       /* HTTP_QUERY_LINK = 16 */
2140     szPragma,                   /* HTTP_QUERY_PRAGMA = 17 */
2141     NULL,                       /* HTTP_QUERY_VERSION = 18 */
2142     szStatus,                   /* HTTP_QUERY_STATUS_CODE = 19 */
2143     NULL,                       /* HTTP_QUERY_STATUS_TEXT = 20 */
2144     NULL,                       /* HTTP_QUERY_RAW_HEADERS = 21 */
2145     NULL,                       /* HTTP_QUERY_RAW_HEADERS_CRLF = 22 */
2146     szConnection,               /* HTTP_QUERY_CONNECTION = 23 */
2147     szAccept,                   /* HTTP_QUERY_ACCEPT = 24 */
2148     szAccept_Charset,           /* HTTP_QUERY_ACCEPT_CHARSET = 25 */
2149     szAccept_Encoding,          /* HTTP_QUERY_ACCEPT_ENCODING = 26 */
2150     szAccept_Language,          /* HTTP_QUERY_ACCEPT_LANGUAGE = 27 */
2151     szAuthorization,            /* HTTP_QUERY_AUTHORIZATION = 28 */
2152     szContent_Encoding,         /* HTTP_QUERY_CONTENT_ENCODING = 29 */
2153     NULL,                       /* HTTP_QUERY_FORWARDED = 30 */
2154     NULL,                       /* HTTP_QUERY_FROM = 31 */
2155     szIf_Modified_Since,        /* HTTP_QUERY_IF_MODIFIED_SINCE = 32 */
2156     szLocation,                 /* HTTP_QUERY_LOCATION = 33 */
2157     NULL,                       /* HTTP_QUERY_ORIG_URI = 34 */
2158     szReferer,                  /* HTTP_QUERY_REFERER = 35 */
2159     szRetry_After,              /* HTTP_QUERY_RETRY_AFTER = 36 */
2160     szServer,                   /* HTTP_QUERY_SERVER = 37 */
2161     NULL,                       /* HTTP_TITLE = 38 */
2162     szUser_Agent,               /* HTTP_QUERY_USER_AGENT = 39 */
2163     szWWW_Authenticate,         /* HTTP_QUERY_WWW_AUTHENTICATE = 40 */
2164     szProxy_Authenticate,       /* HTTP_QUERY_PROXY_AUTHENTICATE = 41 */
2165     szAccept_Ranges,            /* HTTP_QUERY_ACCEPT_RANGES = 42 */
2166     szSet_Cookie,               /* HTTP_QUERY_SET_COOKIE = 43 */
2167     szCookie,                   /* HTTP_QUERY_COOKIE = 44 */
2168     NULL,                       /* HTTP_QUERY_REQUEST_METHOD = 45 */
2169     NULL,                       /* HTTP_QUERY_REFRESH = 46 */
2170     NULL,                       /* HTTP_QUERY_CONTENT_DISPOSITION = 47 */
2171     szAge,                      /* HTTP_QUERY_AGE = 48 */
2172     szCache_Control,            /* HTTP_QUERY_CACHE_CONTROL = 49 */
2173     szContent_Base,             /* HTTP_QUERY_CONTENT_BASE = 50 */
2174     szContent_Location,         /* HTTP_QUERY_CONTENT_LOCATION = 51 */
2175     szContent_MD5,              /* HTTP_QUERY_CONTENT_MD5 = 52 */
2176     szContent_Range,            /* HTTP_QUERY_CONTENT_RANGE = 53 */
2177     szETag,                     /* HTTP_QUERY_ETAG = 54 */
2178     szHost,                     /* HTTP_QUERY_HOST = 55 */
2179     szIf_Match,                 /* HTTP_QUERY_IF_MATCH = 56 */
2180     szIf_None_Match,            /* HTTP_QUERY_IF_NONE_MATCH = 57 */
2181     szIf_Range,                 /* HTTP_QUERY_IF_RANGE = 58 */
2182     szIf_Unmodified_Since,      /* HTTP_QUERY_IF_UNMODIFIED_SINCE = 59 */
2183     szMax_Forwards,             /* HTTP_QUERY_MAX_FORWARDS = 60 */
2184     szProxy_Authorization,      /* HTTP_QUERY_PROXY_AUTHORIZATION = 61 */
2185     szRange,                    /* HTTP_QUERY_RANGE = 62 */
2186     szTransfer_Encoding,        /* HTTP_QUERY_TRANSFER_ENCODING = 63 */
2187     szUpgrade,                  /* HTTP_QUERY_UPGRADE = 64 */
2188     szVary,                     /* HTTP_QUERY_VARY = 65 */
2189     szVia,                      /* HTTP_QUERY_VIA = 66 */
2190     szWarning,                  /* HTTP_QUERY_WARNING = 67 */
2191     szExpect,                   /* HTTP_QUERY_EXPECT = 68 */
2192     szProxy_Connection,         /* HTTP_QUERY_PROXY_CONNECTION = 69 */
2193     szUnless_Modified_Since,    /* HTTP_QUERY_UNLESS_MODIFIED_SINCE = 70 */
2194 };
2195
2196 #define LAST_TABLE_HEADER (sizeof(header_lookup)/sizeof(header_lookup[0]))
2197
2198 /***********************************************************************
2199  *           HTTP_HttpQueryInfoW (internal)
2200  */
2201 static BOOL WINAPI HTTP_HttpQueryInfoW( LPWININETHTTPREQW lpwhr, DWORD dwInfoLevel,
2202         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2203 {
2204     LPHTTPHEADERW lphttpHdr = NULL;
2205     BOOL bSuccess = FALSE;
2206     BOOL request_only = dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS;
2207     INT requested_index = lpdwIndex ? *lpdwIndex : 0;
2208     INT level = (dwInfoLevel & ~HTTP_QUERY_MODIFIER_FLAGS_MASK);
2209     INT index = -1;
2210
2211     /* Find requested header structure */
2212     switch (level)
2213     {
2214     case HTTP_QUERY_CUSTOM:
2215         index = HTTP_GetCustomHeaderIndex(lpwhr, lpBuffer, requested_index, request_only);
2216         break;
2217
2218     case HTTP_QUERY_RAW_HEADERS_CRLF:
2219         {
2220             LPWSTR headers;
2221             DWORD len;
2222             BOOL ret = FALSE;
2223
2224             if (request_only)
2225                 headers = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, lpwhr->lpszVersion);
2226             else
2227                 headers = lpwhr->lpszRawHeaders;
2228
2229             len = (strlenW(headers) + 1) * sizeof(WCHAR);
2230             if (len > *lpdwBufferLength)
2231             {
2232                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2233                 ret = FALSE;
2234             }
2235             else if (lpBuffer)
2236             {
2237                 memcpy(lpBuffer, headers, len);
2238                 TRACE("returning data: %s\n", debugstr_wn(lpBuffer, len / sizeof(WCHAR)));
2239                 ret = TRUE;
2240             }
2241             *lpdwBufferLength = len;
2242
2243             if (request_only)
2244                 HeapFree(GetProcessHeap(), 0, headers);
2245             return ret;
2246         }
2247     case HTTP_QUERY_RAW_HEADERS:
2248         {
2249             static const WCHAR szCrLf[] = {'\r','\n',0};
2250             LPWSTR * ppszRawHeaderLines = HTTP_Tokenize(lpwhr->lpszRawHeaders, szCrLf);
2251             DWORD i, size = 0;
2252             LPWSTR pszString = (WCHAR*)lpBuffer;
2253
2254             for (i = 0; ppszRawHeaderLines[i]; i++)
2255                 size += strlenW(ppszRawHeaderLines[i]) + 1;
2256
2257             if (size + 1 > *lpdwBufferLength/sizeof(WCHAR))
2258             {
2259                 HTTP_FreeTokens(ppszRawHeaderLines);
2260                 *lpdwBufferLength = (size + 1) * sizeof(WCHAR);
2261                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2262                 return FALSE;
2263             }
2264
2265             for (i = 0; ppszRawHeaderLines[i]; i++)
2266             {
2267                 DWORD len = strlenW(ppszRawHeaderLines[i]);
2268                 memcpy(pszString, ppszRawHeaderLines[i], (len+1)*sizeof(WCHAR));
2269                 pszString += len+1;
2270             }
2271             *pszString = '\0';
2272
2273             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, size));
2274
2275             *lpdwBufferLength = size * sizeof(WCHAR);
2276             HTTP_FreeTokens(ppszRawHeaderLines);
2277
2278             return TRUE;
2279         }
2280     case HTTP_QUERY_STATUS_TEXT:
2281         if (lpwhr->lpszStatusText)
2282         {
2283             DWORD len = strlenW(lpwhr->lpszStatusText);
2284             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
2285             {
2286                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
2287                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2288                 return FALSE;
2289             }
2290             memcpy(lpBuffer, lpwhr->lpszStatusText, (len+1)*sizeof(WCHAR));
2291             *lpdwBufferLength = len * sizeof(WCHAR);
2292
2293             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, len));
2294
2295             return TRUE;
2296         }
2297         break;
2298     case HTTP_QUERY_VERSION:
2299         if (lpwhr->lpszVersion)
2300         {
2301             DWORD len = strlenW(lpwhr->lpszVersion);
2302             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
2303             {
2304                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
2305                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2306                 return FALSE;
2307             }
2308             memcpy(lpBuffer, lpwhr->lpszVersion, (len+1)*sizeof(WCHAR));
2309             *lpdwBufferLength = len * sizeof(WCHAR);
2310
2311             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, len));
2312
2313             return TRUE;
2314         }
2315         break;
2316     default:
2317         assert (LAST_TABLE_HEADER == (HTTP_QUERY_UNLESS_MODIFIED_SINCE + 1));
2318
2319         if (level >= 0 && level < LAST_TABLE_HEADER && header_lookup[level])
2320             index = HTTP_GetCustomHeaderIndex(lpwhr, header_lookup[level],
2321                                               requested_index,request_only);
2322     }
2323
2324     if (index >= 0)
2325         lphttpHdr = &lpwhr->pCustHeaders[index];
2326
2327     /* Ensure header satisfies requested attributes */
2328     if (!lphttpHdr ||
2329         ((dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS) &&
2330          (~lphttpHdr->wFlags & HDR_ISREQUEST)))
2331     {
2332         INTERNET_SetLastError(ERROR_HTTP_HEADER_NOT_FOUND);
2333         return bSuccess;
2334     }
2335
2336     if (lpdwIndex)
2337         (*lpdwIndex)++;
2338
2339     /* coalesce value to requested type */
2340     if (dwInfoLevel & HTTP_QUERY_FLAG_NUMBER)
2341     {
2342         *(int *)lpBuffer = atoiW(lphttpHdr->lpszValue);
2343         bSuccess = TRUE;
2344
2345         TRACE(" returning number : %d\n", *(int *)lpBuffer);
2346     }
2347     else if (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME)
2348     {
2349         time_t tmpTime;
2350         struct tm tmpTM;
2351         SYSTEMTIME *STHook;
2352
2353         tmpTime = ConvertTimeString(lphttpHdr->lpszValue);
2354
2355         tmpTM = *gmtime(&tmpTime);
2356         STHook = (SYSTEMTIME *) lpBuffer;
2357         if(STHook==NULL)
2358             return bSuccess;
2359
2360         STHook->wDay = tmpTM.tm_mday;
2361         STHook->wHour = tmpTM.tm_hour;
2362         STHook->wMilliseconds = 0;
2363         STHook->wMinute = tmpTM.tm_min;
2364         STHook->wDayOfWeek = tmpTM.tm_wday;
2365         STHook->wMonth = tmpTM.tm_mon + 1;
2366         STHook->wSecond = tmpTM.tm_sec;
2367         STHook->wYear = tmpTM.tm_year;
2368         
2369         bSuccess = TRUE;
2370         
2371         TRACE(" returning time : %04d/%02d/%02d - %d - %02d:%02d:%02d.%02d\n", 
2372               STHook->wYear, STHook->wMonth, STHook->wDay, STHook->wDayOfWeek,
2373               STHook->wHour, STHook->wMinute, STHook->wSecond, STHook->wMilliseconds);
2374     }
2375     else if (lphttpHdr->lpszValue)
2376     {
2377         DWORD len = (strlenW(lphttpHdr->lpszValue) + 1) * sizeof(WCHAR);
2378
2379         if (len > *lpdwBufferLength)
2380         {
2381             *lpdwBufferLength = len;
2382             INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2383             return bSuccess;
2384         }
2385
2386         memcpy(lpBuffer, lphttpHdr->lpszValue, len);
2387         *lpdwBufferLength = len - sizeof(WCHAR);
2388         bSuccess = TRUE;
2389
2390         TRACE(" returning string : %s\n", debugstr_w(lpBuffer));
2391     }
2392     return bSuccess;
2393 }
2394
2395 /***********************************************************************
2396  *           HttpQueryInfoW (WININET.@)
2397  *
2398  * Queries for information about an HTTP request
2399  *
2400  * RETURNS
2401  *    TRUE  on success
2402  *    FALSE on failure
2403  *
2404  */
2405 BOOL WINAPI HttpQueryInfoW(HINTERNET hHttpRequest, DWORD dwInfoLevel,
2406         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2407 {
2408     BOOL bSuccess = FALSE;
2409     LPWININETHTTPREQW lpwhr;
2410
2411     if (TRACE_ON(wininet)) {
2412 #define FE(x) { x, #x }
2413         static const wininet_flag_info query_flags[] = {
2414             FE(HTTP_QUERY_MIME_VERSION),
2415             FE(HTTP_QUERY_CONTENT_TYPE),
2416             FE(HTTP_QUERY_CONTENT_TRANSFER_ENCODING),
2417             FE(HTTP_QUERY_CONTENT_ID),
2418             FE(HTTP_QUERY_CONTENT_DESCRIPTION),
2419             FE(HTTP_QUERY_CONTENT_LENGTH),
2420             FE(HTTP_QUERY_CONTENT_LANGUAGE),
2421             FE(HTTP_QUERY_ALLOW),
2422             FE(HTTP_QUERY_PUBLIC),
2423             FE(HTTP_QUERY_DATE),
2424             FE(HTTP_QUERY_EXPIRES),
2425             FE(HTTP_QUERY_LAST_MODIFIED),
2426             FE(HTTP_QUERY_MESSAGE_ID),
2427             FE(HTTP_QUERY_URI),
2428             FE(HTTP_QUERY_DERIVED_FROM),
2429             FE(HTTP_QUERY_COST),
2430             FE(HTTP_QUERY_LINK),
2431             FE(HTTP_QUERY_PRAGMA),
2432             FE(HTTP_QUERY_VERSION),
2433             FE(HTTP_QUERY_STATUS_CODE),
2434             FE(HTTP_QUERY_STATUS_TEXT),
2435             FE(HTTP_QUERY_RAW_HEADERS),
2436             FE(HTTP_QUERY_RAW_HEADERS_CRLF),
2437             FE(HTTP_QUERY_CONNECTION),
2438             FE(HTTP_QUERY_ACCEPT),
2439             FE(HTTP_QUERY_ACCEPT_CHARSET),
2440             FE(HTTP_QUERY_ACCEPT_ENCODING),
2441             FE(HTTP_QUERY_ACCEPT_LANGUAGE),
2442             FE(HTTP_QUERY_AUTHORIZATION),
2443             FE(HTTP_QUERY_CONTENT_ENCODING),
2444             FE(HTTP_QUERY_FORWARDED),
2445             FE(HTTP_QUERY_FROM),
2446             FE(HTTP_QUERY_IF_MODIFIED_SINCE),
2447             FE(HTTP_QUERY_LOCATION),
2448             FE(HTTP_QUERY_ORIG_URI),
2449             FE(HTTP_QUERY_REFERER),
2450             FE(HTTP_QUERY_RETRY_AFTER),
2451             FE(HTTP_QUERY_SERVER),
2452             FE(HTTP_QUERY_TITLE),
2453             FE(HTTP_QUERY_USER_AGENT),
2454             FE(HTTP_QUERY_WWW_AUTHENTICATE),
2455             FE(HTTP_QUERY_PROXY_AUTHENTICATE),
2456             FE(HTTP_QUERY_ACCEPT_RANGES),
2457         FE(HTTP_QUERY_SET_COOKIE),
2458         FE(HTTP_QUERY_COOKIE),
2459             FE(HTTP_QUERY_REQUEST_METHOD),
2460             FE(HTTP_QUERY_REFRESH),
2461             FE(HTTP_QUERY_CONTENT_DISPOSITION),
2462             FE(HTTP_QUERY_AGE),
2463             FE(HTTP_QUERY_CACHE_CONTROL),
2464             FE(HTTP_QUERY_CONTENT_BASE),
2465             FE(HTTP_QUERY_CONTENT_LOCATION),
2466             FE(HTTP_QUERY_CONTENT_MD5),
2467             FE(HTTP_QUERY_CONTENT_RANGE),
2468             FE(HTTP_QUERY_ETAG),
2469             FE(HTTP_QUERY_HOST),
2470             FE(HTTP_QUERY_IF_MATCH),
2471             FE(HTTP_QUERY_IF_NONE_MATCH),
2472             FE(HTTP_QUERY_IF_RANGE),
2473             FE(HTTP_QUERY_IF_UNMODIFIED_SINCE),
2474             FE(HTTP_QUERY_MAX_FORWARDS),
2475             FE(HTTP_QUERY_PROXY_AUTHORIZATION),
2476             FE(HTTP_QUERY_RANGE),
2477             FE(HTTP_QUERY_TRANSFER_ENCODING),
2478             FE(HTTP_QUERY_UPGRADE),
2479             FE(HTTP_QUERY_VARY),
2480             FE(HTTP_QUERY_VIA),
2481             FE(HTTP_QUERY_WARNING),
2482             FE(HTTP_QUERY_CUSTOM)
2483         };
2484         static const wininet_flag_info modifier_flags[] = {
2485             FE(HTTP_QUERY_FLAG_REQUEST_HEADERS),
2486             FE(HTTP_QUERY_FLAG_SYSTEMTIME),
2487             FE(HTTP_QUERY_FLAG_NUMBER),
2488             FE(HTTP_QUERY_FLAG_COALESCE)
2489         };
2490 #undef FE
2491         DWORD info_mod = dwInfoLevel & HTTP_QUERY_MODIFIER_FLAGS_MASK;
2492         DWORD info = dwInfoLevel & HTTP_QUERY_HEADER_MASK;
2493         DWORD i;
2494
2495         TRACE("(%p, 0x%08x)--> %d\n", hHttpRequest, dwInfoLevel, dwInfoLevel);
2496         TRACE("  Attribute:");
2497         for (i = 0; i < (sizeof(query_flags) / sizeof(query_flags[0])); i++) {
2498             if (query_flags[i].val == info) {
2499                 TRACE(" %s", query_flags[i].name);
2500                 break;
2501             }
2502         }
2503         if (i == (sizeof(query_flags) / sizeof(query_flags[0]))) {
2504             TRACE(" Unknown (%08x)", info);
2505         }
2506
2507         TRACE(" Modifier:");
2508         for (i = 0; i < (sizeof(modifier_flags) / sizeof(modifier_flags[0])); i++) {
2509             if (modifier_flags[i].val & info_mod) {
2510                 TRACE(" %s", modifier_flags[i].name);
2511                 info_mod &= ~ modifier_flags[i].val;
2512             }
2513         }
2514         
2515         if (info_mod) {
2516             TRACE(" Unknown (%08x)", info_mod);
2517         }
2518         TRACE("\n");
2519     }
2520     
2521     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
2522     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
2523     {
2524         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2525         goto lend;
2526     }
2527
2528     if (lpBuffer == NULL)
2529         *lpdwBufferLength = 0;
2530     bSuccess = HTTP_HttpQueryInfoW( lpwhr, dwInfoLevel,
2531                                     lpBuffer, lpdwBufferLength, lpdwIndex);
2532
2533 lend:
2534     if( lpwhr )
2535          WININET_Release( &lpwhr->hdr );
2536
2537     TRACE("%d <--\n", bSuccess);
2538     return bSuccess;
2539 }
2540
2541 /***********************************************************************
2542  *           HttpQueryInfoA (WININET.@)
2543  *
2544  * Queries for information about an HTTP request
2545  *
2546  * RETURNS
2547  *    TRUE  on success
2548  *    FALSE on failure
2549  *
2550  */
2551 BOOL WINAPI HttpQueryInfoA(HINTERNET hHttpRequest, DWORD dwInfoLevel,
2552         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2553 {
2554     BOOL result;
2555     DWORD len;
2556     WCHAR* bufferW;
2557
2558     if((dwInfoLevel & HTTP_QUERY_FLAG_NUMBER) ||
2559        (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME))
2560     {
2561         return HttpQueryInfoW( hHttpRequest, dwInfoLevel, lpBuffer,
2562                                lpdwBufferLength, lpdwIndex );
2563     }
2564
2565     if (lpBuffer)
2566     {
2567         DWORD alloclen;
2568         len = (*lpdwBufferLength)*sizeof(WCHAR);
2569         if ((dwInfoLevel & HTTP_QUERY_HEADER_MASK) == HTTP_QUERY_CUSTOM)
2570         {
2571             alloclen = MultiByteToWideChar( CP_ACP, 0, lpBuffer, -1, NULL, 0 ) * sizeof(WCHAR);
2572             if (alloclen < len)
2573                 alloclen = len;
2574         }
2575         else
2576             alloclen = len;
2577         bufferW = HeapAlloc( GetProcessHeap(), 0, alloclen );
2578         /* buffer is in/out because of HTTP_QUERY_CUSTOM */
2579         if ((dwInfoLevel & HTTP_QUERY_HEADER_MASK) == HTTP_QUERY_CUSTOM)
2580             MultiByteToWideChar( CP_ACP, 0, lpBuffer, -1, bufferW, alloclen / sizeof(WCHAR) );
2581     } else
2582     {
2583         bufferW = NULL;
2584         len = 0;
2585     }
2586
2587     result = HttpQueryInfoW( hHttpRequest, dwInfoLevel, bufferW,
2588                            &len, lpdwIndex );
2589     if( result )
2590     {
2591         len = WideCharToMultiByte( CP_ACP,0, bufferW, len / sizeof(WCHAR) + 1,
2592                                      lpBuffer, *lpdwBufferLength, NULL, NULL );
2593         *lpdwBufferLength = len - 1;
2594
2595         TRACE("lpBuffer: %s\n", debugstr_a(lpBuffer));
2596     }
2597     else
2598         /* since the strings being returned from HttpQueryInfoW should be
2599          * only ASCII characters, it is reasonable to assume that all of
2600          * the Unicode characters can be reduced to a single byte */
2601         *lpdwBufferLength = len / sizeof(WCHAR);
2602
2603     HeapFree(GetProcessHeap(), 0, bufferW );
2604
2605     return result;
2606 }
2607
2608 /***********************************************************************
2609  *           HttpSendRequestExA (WININET.@)
2610  *
2611  * Sends the specified request to the HTTP server and allows chunked
2612  * transfers.
2613  *
2614  * RETURNS
2615  *  Success: TRUE
2616  *  Failure: FALSE, call GetLastError() for more information.
2617  */
2618 BOOL WINAPI HttpSendRequestExA(HINTERNET hRequest,
2619                                LPINTERNET_BUFFERSA lpBuffersIn,
2620                                LPINTERNET_BUFFERSA lpBuffersOut,
2621                                DWORD dwFlags, DWORD_PTR dwContext)
2622 {
2623     INTERNET_BUFFERSW BuffersInW;
2624     BOOL rc = FALSE;
2625     DWORD headerlen;
2626     LPWSTR header = NULL;
2627
2628     TRACE("(%p, %p, %p, %08x, %08lx)\n", hRequest, lpBuffersIn,
2629             lpBuffersOut, dwFlags, dwContext);
2630
2631     if (lpBuffersIn)
2632     {
2633         BuffersInW.dwStructSize = sizeof(LPINTERNET_BUFFERSW);
2634         if (lpBuffersIn->lpcszHeader)
2635         {
2636             headerlen = MultiByteToWideChar(CP_ACP,0,lpBuffersIn->lpcszHeader,
2637                     lpBuffersIn->dwHeadersLength,0,0);
2638             header = HeapAlloc(GetProcessHeap(),0,headerlen*sizeof(WCHAR));
2639             if (!(BuffersInW.lpcszHeader = header))
2640             {
2641                 INTERNET_SetLastError(ERROR_OUTOFMEMORY);
2642                 return FALSE;
2643             }
2644             BuffersInW.dwHeadersLength = MultiByteToWideChar(CP_ACP, 0,
2645                     lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2646                     header, headerlen);
2647         }
2648         else
2649             BuffersInW.lpcszHeader = NULL;
2650         BuffersInW.dwHeadersTotal = lpBuffersIn->dwHeadersTotal;
2651         BuffersInW.lpvBuffer = lpBuffersIn->lpvBuffer;
2652         BuffersInW.dwBufferLength = lpBuffersIn->dwBufferLength;
2653         BuffersInW.dwBufferTotal = lpBuffersIn->dwBufferTotal;
2654         BuffersInW.Next = NULL;
2655     }
2656
2657     rc = HttpSendRequestExW(hRequest, lpBuffersIn ? &BuffersInW : NULL, NULL, dwFlags, dwContext);
2658
2659     HeapFree(GetProcessHeap(),0,header);
2660
2661     return rc;
2662 }
2663
2664 /***********************************************************************
2665  *           HttpSendRequestExW (WININET.@)
2666  *
2667  * Sends the specified request to the HTTP server and allows chunked
2668  * transfers
2669  *
2670  * RETURNS
2671  *  Success: TRUE
2672  *  Failure: FALSE, call GetLastError() for more information.
2673  */
2674 BOOL WINAPI HttpSendRequestExW(HINTERNET hRequest,
2675                    LPINTERNET_BUFFERSW lpBuffersIn,
2676                    LPINTERNET_BUFFERSW lpBuffersOut,
2677                    DWORD dwFlags, DWORD_PTR dwContext)
2678 {
2679     BOOL ret = FALSE;
2680     LPWININETHTTPREQW lpwhr;
2681     LPWININETHTTPSESSIONW lpwhs;
2682     LPWININETAPPINFOW hIC;
2683
2684     TRACE("(%p, %p, %p, %08x, %08lx)\n", hRequest, lpBuffersIn,
2685             lpBuffersOut, dwFlags, dwContext);
2686
2687     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
2688
2689     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2690     {
2691         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2692         goto lend;
2693     }
2694
2695     lpwhs = lpwhr->lpHttpSession;
2696     assert(lpwhs->hdr.htype == WH_HHTTPSESSION);
2697     hIC = lpwhs->lpAppInfo;
2698     assert(hIC->hdr.htype == WH_HINIT);
2699
2700     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2701     {
2702         WORKREQUEST workRequest;
2703         struct WORKREQ_HTTPSENDREQUESTW *req;
2704
2705         workRequest.asyncproc = AsyncHttpSendRequestProc;
2706         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2707         req = &workRequest.u.HttpSendRequestW;
2708         if (lpBuffersIn)
2709         {
2710             if (lpBuffersIn->lpcszHeader)
2711                 /* FIXME: this should use dwHeadersLength or may not be necessary at all */
2712                 req->lpszHeader = WININET_strdupW(lpBuffersIn->lpcszHeader);
2713             else
2714                 req->lpszHeader = NULL;
2715             req->dwHeaderLength = lpBuffersIn->dwHeadersLength;
2716             req->lpOptional = lpBuffersIn->lpvBuffer;
2717             req->dwOptionalLength = lpBuffersIn->dwBufferLength;
2718             req->dwContentLength = lpBuffersIn->dwBufferTotal;
2719         }
2720         else
2721         {
2722             req->lpszHeader = NULL;
2723             req->dwHeaderLength = 0;
2724             req->lpOptional = NULL;
2725             req->dwOptionalLength = 0;
2726             req->dwContentLength = 0;
2727         }
2728
2729         req->bEndRequest = FALSE;
2730
2731         INTERNET_AsyncCall(&workRequest);
2732         /*
2733          * This is from windows.
2734          */
2735         INTERNET_SetLastError(ERROR_IO_PENDING);
2736     }
2737     else
2738     {
2739         if (lpBuffersIn)
2740             ret = HTTP_HttpSendRequestW(lpwhr, lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2741                                         lpBuffersIn->lpvBuffer, lpBuffersIn->dwBufferLength,
2742                                         lpBuffersIn->dwBufferTotal, FALSE);
2743         else
2744             ret = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, FALSE);
2745     }
2746
2747 lend:
2748     if ( lpwhr )
2749         WININET_Release( &lpwhr->hdr );
2750
2751     TRACE("<---\n");
2752     return ret;
2753 }
2754
2755 /***********************************************************************
2756  *           HttpSendRequestW (WININET.@)
2757  *
2758  * Sends the specified request to the HTTP server
2759  *
2760  * RETURNS
2761  *    TRUE  on success
2762  *    FALSE on failure
2763  *
2764  */
2765 BOOL WINAPI HttpSendRequestW(HINTERNET hHttpRequest, LPCWSTR lpszHeaders,
2766         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2767 {
2768     LPWININETHTTPREQW lpwhr;
2769     LPWININETHTTPSESSIONW lpwhs = NULL;
2770     LPWININETAPPINFOW hIC = NULL;
2771     BOOL r;
2772
2773     TRACE("%p, %s, %i, %p, %i)\n", hHttpRequest,
2774             debugstr_wn(lpszHeaders, dwHeaderLength), dwHeaderLength, lpOptional, dwOptionalLength);
2775
2776     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
2777     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2778     {
2779         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2780         r = FALSE;
2781         goto lend;
2782     }
2783
2784     lpwhs = lpwhr->lpHttpSession;
2785     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
2786     {
2787         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2788         r = FALSE;
2789         goto lend;
2790     }
2791
2792     hIC = lpwhs->lpAppInfo;
2793     if (NULL == hIC ||  hIC->hdr.htype != WH_HINIT)
2794     {
2795         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2796         r = FALSE;
2797         goto lend;
2798     }
2799
2800     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2801     {
2802         WORKREQUEST workRequest;
2803         struct WORKREQ_HTTPSENDREQUESTW *req;
2804
2805         workRequest.asyncproc = AsyncHttpSendRequestProc;
2806         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2807         req = &workRequest.u.HttpSendRequestW;
2808         if (lpszHeaders)
2809         {
2810             req->lpszHeader = HeapAlloc(GetProcessHeap(), 0, dwHeaderLength * sizeof(WCHAR));
2811             memcpy(req->lpszHeader, lpszHeaders, dwHeaderLength * sizeof(WCHAR));
2812         }
2813         else
2814             req->lpszHeader = 0;
2815         req->dwHeaderLength = dwHeaderLength;
2816         req->lpOptional = lpOptional;
2817         req->dwOptionalLength = dwOptionalLength;
2818         req->dwContentLength = dwOptionalLength;
2819         req->bEndRequest = TRUE;
2820
2821         INTERNET_AsyncCall(&workRequest);
2822         /*
2823          * This is from windows.
2824          */
2825         INTERNET_SetLastError(ERROR_IO_PENDING);
2826         r = FALSE;
2827     }
2828     else
2829     {
2830         r = HTTP_HttpSendRequestW(lpwhr, lpszHeaders,
2831                 dwHeaderLength, lpOptional, dwOptionalLength,
2832                 dwOptionalLength, TRUE);
2833     }
2834 lend:
2835     if( lpwhr )
2836         WININET_Release( &lpwhr->hdr );
2837     return r;
2838 }
2839
2840 /***********************************************************************
2841  *           HttpSendRequestA (WININET.@)
2842  *
2843  * Sends the specified request to the HTTP server
2844  *
2845  * RETURNS
2846  *    TRUE  on success
2847  *    FALSE on failure
2848  *
2849  */
2850 BOOL WINAPI HttpSendRequestA(HINTERNET hHttpRequest, LPCSTR lpszHeaders,
2851         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2852 {
2853     BOOL result;
2854     LPWSTR szHeaders=NULL;
2855     DWORD nLen=dwHeaderLength;
2856     if(lpszHeaders!=NULL)
2857     {
2858         nLen=MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,NULL,0);
2859         szHeaders=HeapAlloc(GetProcessHeap(),0,nLen*sizeof(WCHAR));
2860         MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,szHeaders,nLen);
2861     }
2862     result=HttpSendRequestW(hHttpRequest, szHeaders, nLen, lpOptional, dwOptionalLength);
2863     HeapFree(GetProcessHeap(),0,szHeaders);
2864     return result;
2865 }
2866
2867 static BOOL HTTP_GetRequestURL(WININETHTTPREQW *req, LPWSTR buf)
2868 {
2869     LPHTTPHEADERW host_header;
2870
2871     static const WCHAR formatW[] = {'h','t','t','p',':','/','/','%','s','%','s',0};
2872
2873     host_header = HTTP_GetHeader(req, szHost);
2874     if(!host_header)
2875         return FALSE;
2876
2877     sprintfW(buf, formatW, host_header->lpszValue, req->lpszPath); /* FIXME */
2878     return TRUE;
2879 }
2880
2881 /***********************************************************************
2882  *           HTTP_HandleRedirect (internal)
2883  */
2884 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl)
2885 {
2886     static const WCHAR szContentType[] = {'C','o','n','t','e','n','t','-','T','y','p','e',0};
2887     static const WCHAR szContentLength[] = {'C','o','n','t','e','n','t','-','L','e','n','g','t','h',0};
2888     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
2889     LPWININETAPPINFOW hIC = lpwhs->lpAppInfo;
2890     BOOL using_proxy = hIC->lpszProxy && hIC->lpszProxy[0];
2891     WCHAR path[INTERNET_MAX_URL_LENGTH];
2892     int index;
2893
2894     if(lpszUrl[0]=='/')
2895     {
2896         /* if it's an absolute path, keep the same session info */
2897         lstrcpynW(path, lpszUrl, INTERNET_MAX_URL_LENGTH);
2898     }
2899     else
2900     {
2901         URL_COMPONENTSW urlComponents;
2902         WCHAR protocol[32], hostName[MAXHOSTNAME], userName[1024];
2903         static WCHAR szHttp[] = {'h','t','t','p',0};
2904         static WCHAR szHttps[] = {'h','t','t','p','s',0};
2905         DWORD url_length = 0;
2906         LPWSTR orig_url;
2907         LPWSTR combined_url;
2908
2909         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2910         urlComponents.lpszScheme = (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE) ? szHttps : szHttp;
2911         urlComponents.dwSchemeLength = 0;
2912         urlComponents.lpszHostName = lpwhs->lpszHostName;
2913         urlComponents.dwHostNameLength = 0;
2914         urlComponents.nPort = lpwhs->nHostPort;
2915         urlComponents.lpszUserName = lpwhs->lpszUserName;
2916         urlComponents.dwUserNameLength = 0;
2917         urlComponents.lpszPassword = NULL;
2918         urlComponents.dwPasswordLength = 0;
2919         urlComponents.lpszUrlPath = lpwhr->lpszPath;
2920         urlComponents.dwUrlPathLength = 0;
2921         urlComponents.lpszExtraInfo = NULL;
2922         urlComponents.dwExtraInfoLength = 0;
2923
2924         if (!InternetCreateUrlW(&urlComponents, 0, NULL, &url_length) &&
2925             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2926             return FALSE;
2927
2928         orig_url = HeapAlloc(GetProcessHeap(), 0, url_length);
2929
2930         /* convert from bytes to characters */
2931         url_length = url_length / sizeof(WCHAR) - 1;
2932         if (!InternetCreateUrlW(&urlComponents, 0, orig_url, &url_length))
2933         {
2934             HeapFree(GetProcessHeap(), 0, orig_url);
2935             return FALSE;
2936         }
2937
2938         url_length = 0;
2939         if (!InternetCombineUrlW(orig_url, lpszUrl, NULL, &url_length, ICU_ENCODE_SPACES_ONLY) &&
2940             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2941         {
2942             HeapFree(GetProcessHeap(), 0, orig_url);
2943             return FALSE;
2944         }
2945         combined_url = HeapAlloc(GetProcessHeap(), 0, url_length * sizeof(WCHAR));
2946
2947         if (!InternetCombineUrlW(orig_url, lpszUrl, combined_url, &url_length, ICU_ENCODE_SPACES_ONLY))
2948         {
2949             HeapFree(GetProcessHeap(), 0, orig_url);
2950             HeapFree(GetProcessHeap(), 0, combined_url);
2951             return FALSE;
2952         }
2953         HeapFree(GetProcessHeap(), 0, orig_url);
2954
2955         userName[0] = 0;
2956         hostName[0] = 0;
2957         protocol[0] = 0;
2958
2959         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2960         urlComponents.lpszScheme = protocol;
2961         urlComponents.dwSchemeLength = 32;
2962         urlComponents.lpszHostName = hostName;
2963         urlComponents.dwHostNameLength = MAXHOSTNAME;
2964         urlComponents.lpszUserName = userName;
2965         urlComponents.dwUserNameLength = 1024;
2966         urlComponents.lpszPassword = NULL;
2967         urlComponents.dwPasswordLength = 0;
2968         urlComponents.lpszUrlPath = path;
2969         urlComponents.dwUrlPathLength = 2048;
2970         urlComponents.lpszExtraInfo = NULL;
2971         urlComponents.dwExtraInfoLength = 0;
2972         if(!InternetCrackUrlW(combined_url, strlenW(combined_url), 0, &urlComponents))
2973         {
2974             HeapFree(GetProcessHeap(), 0, combined_url);
2975             return FALSE;
2976         }
2977
2978         HeapFree(GetProcessHeap(), 0, combined_url);
2979
2980         if (!strncmpW(szHttp, urlComponents.lpszScheme, strlenW(szHttp)) &&
2981             (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2982         {
2983             TRACE("redirect from secure page to non-secure page\n");
2984             /* FIXME: warn about from secure redirect to non-secure page */
2985             lpwhr->hdr.dwFlags &= ~INTERNET_FLAG_SECURE;
2986         }
2987         if (!strncmpW(szHttps, urlComponents.lpszScheme, strlenW(szHttps)) &&
2988             !(lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2989         {
2990             TRACE("redirect from non-secure page to secure page\n");
2991             /* FIXME: notify about redirect to secure page */
2992             lpwhr->hdr.dwFlags |= INTERNET_FLAG_SECURE;
2993         }
2994
2995         if (urlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
2996         {
2997             if (lstrlenW(protocol)>4) /*https*/
2998                 urlComponents.nPort = INTERNET_DEFAULT_HTTPS_PORT;
2999             else /*http*/
3000                 urlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
3001         }
3002
3003 #if 0
3004         /*
3005          * This upsets redirects to binary files on sourceforge.net 
3006          * and gives an html page instead of the target file
3007          * Examination of the HTTP request sent by native wininet.dll
3008          * reveals that it doesn't send a referrer in that case.
3009          * Maybe there's a flag that enables this, or maybe a referrer
3010          * shouldn't be added in case of a redirect.
3011          */
3012
3013         /* consider the current host as the referrer */
3014         if (lpwhs->lpszServerName && *lpwhs->lpszServerName)
3015             HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpwhs->lpszServerName,
3016                            HTTP_ADDHDR_FLAG_REQ|HTTP_ADDREQ_FLAG_REPLACE|
3017                            HTTP_ADDHDR_FLAG_ADD_IF_NEW);
3018 #endif
3019         
3020         HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
3021         if (urlComponents.nPort != INTERNET_DEFAULT_HTTP_PORT &&
3022             urlComponents.nPort != INTERNET_DEFAULT_HTTPS_PORT)
3023         {
3024             int len;
3025             static const WCHAR fmt[] = {'%','s',':','%','i',0};
3026             len = lstrlenW(hostName);
3027             len += 7; /* 5 for strlen("65535") + 1 for ":" + 1 for '\0' */
3028             lpwhs->lpszHostName = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
3029             sprintfW(lpwhs->lpszHostName, fmt, hostName, urlComponents.nPort);
3030         }
3031         else
3032             lpwhs->lpszHostName = WININET_strdupW(hostName);
3033
3034         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
3035
3036         HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
3037         lpwhs->lpszUserName = NULL;
3038         if (userName[0])
3039             lpwhs->lpszUserName = WININET_strdupW(userName);
3040
3041         if (!using_proxy)
3042         {
3043             if (strcmpiW(lpwhs->lpszServerName, hostName) || lpwhs->nServerPort != urlComponents.nPort)
3044             {
3045                 HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
3046                 lpwhs->lpszServerName = WININET_strdupW(hostName);
3047                 lpwhs->nServerPort = urlComponents.nPort;
3048
3049                 NETCON_close(&lpwhr->netConnection);
3050                 if (!HTTP_ResolveName(lpwhr)) return FALSE;
3051                 if (!NETCON_init(&lpwhr->netConnection, lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE)) return FALSE;
3052             }
3053         }
3054         else
3055             TRACE("Redirect through proxy\n");
3056     }
3057
3058     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
3059     lpwhr->lpszPath=NULL;
3060     if (*path)
3061     {
3062         DWORD needed = 0;
3063         HRESULT rc;
3064
3065         rc = UrlEscapeW(path, NULL, &needed, URL_ESCAPE_SPACES_ONLY);
3066         if (rc != E_POINTER)
3067             needed = strlenW(path)+1;
3068         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, needed*sizeof(WCHAR));
3069         rc = UrlEscapeW(path, lpwhr->lpszPath, &needed,
3070                         URL_ESCAPE_SPACES_ONLY);
3071         if (rc)
3072         {
3073             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(path),rc);
3074             strcpyW(lpwhr->lpszPath,path);
3075         }
3076     }
3077
3078     /* Remove custom content-type/length headers on redirects.  */
3079     index = HTTP_GetCustomHeaderIndex(lpwhr, szContentType, 0, TRUE);
3080     if (0 <= index)
3081         HTTP_DeleteCustomHeader(lpwhr, index);
3082     index = HTTP_GetCustomHeaderIndex(lpwhr, szContentLength, 0, TRUE);
3083     if (0 <= index)
3084         HTTP_DeleteCustomHeader(lpwhr, index);
3085
3086     return TRUE;
3087 }
3088
3089 /***********************************************************************
3090  *           HTTP_build_req (internal)
3091  *
3092  *  concatenate all the strings in the request together
3093  */
3094 static LPWSTR HTTP_build_req( LPCWSTR *list, int len )
3095 {
3096     LPCWSTR *t;
3097     LPWSTR str;
3098
3099     for( t = list; *t ; t++  )
3100         len += strlenW( *t );
3101     len++;
3102
3103     str = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
3104     *str = 0;
3105
3106     for( t = list; *t ; t++ )
3107         strcatW( str, *t );
3108
3109     return str;
3110 }
3111
3112 static BOOL HTTP_SecureProxyConnect(LPWININETHTTPREQW lpwhr)
3113 {
3114     LPWSTR lpszPath;
3115     LPWSTR requestString;
3116     INT len;
3117     INT cnt;
3118     INT responseLen;
3119     char *ascii_req;
3120     BOOL ret;
3121     static const WCHAR szConnect[] = {'C','O','N','N','E','C','T',0};
3122     static const WCHAR szFormat[] = {'%','s',':','%','d',0};
3123     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
3124
3125     TRACE("\n");
3126
3127     lpszPath = HeapAlloc( GetProcessHeap(), 0, (lstrlenW( lpwhs->lpszHostName ) + 13)*sizeof(WCHAR) );
3128     sprintfW( lpszPath, szFormat, lpwhs->lpszHostName, lpwhs->nHostPort );
3129     requestString = HTTP_BuildHeaderRequestString( lpwhr, szConnect, lpszPath, g_szHttp1_1 );
3130     HeapFree( GetProcessHeap(), 0, lpszPath );
3131
3132     len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3133                                 NULL, 0, NULL, NULL );
3134     len--; /* the nul terminator isn't needed */
3135     ascii_req = HeapAlloc( GetProcessHeap(), 0, len );
3136     WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3137                             ascii_req, len, NULL, NULL );
3138     HeapFree( GetProcessHeap(), 0, requestString );
3139
3140     TRACE("full request -> %s\n", debugstr_an( ascii_req, len ) );
3141
3142     ret = NETCON_send( &lpwhr->netConnection, ascii_req, len, 0, &cnt );
3143     HeapFree( GetProcessHeap(), 0, ascii_req );
3144     if (!ret || cnt < 0)
3145         return FALSE;
3146
3147     responseLen = HTTP_GetResponseHeaders( lpwhr, TRUE );
3148     if (!responseLen)
3149         return FALSE;
3150
3151     return TRUE;
3152 }
3153
3154 /***********************************************************************
3155  *           HTTP_HttpSendRequestW (internal)
3156  *
3157  * Sends the specified request to the HTTP server
3158  *
3159  * RETURNS
3160  *    TRUE  on success
3161  *    FALSE on failure
3162  *
3163  */
3164 BOOL WINAPI HTTP_HttpSendRequestW(LPWININETHTTPREQW lpwhr, LPCWSTR lpszHeaders,
3165         DWORD dwHeaderLength, LPVOID lpOptional, DWORD dwOptionalLength,
3166         DWORD dwContentLength, BOOL bEndRequest)
3167 {
3168     INT cnt;
3169     BOOL bSuccess = FALSE;
3170     LPWSTR requestString = NULL;
3171     INT responseLen;
3172     BOOL loop_next;
3173     INTERNET_ASYNC_RESULT iar;
3174     static const WCHAR szPost[] = { 'P','O','S','T',0 };
3175     static const WCHAR szContentLength[] =
3176         { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',':',' ','%','l','i','\r','\n',0 };
3177     WCHAR contentLengthStr[sizeof szContentLength/2 /* includes \r\n */ + 20 /* int */ ];
3178
3179     TRACE("--> %p\n", lpwhr);
3180
3181     assert(lpwhr->hdr.htype == WH_HHTTPREQ);
3182
3183     /* if the verb is NULL default to GET */
3184     if (!lpwhr->lpszVerb)
3185         lpwhr->lpszVerb = WININET_strdupW(szGET);
3186
3187     if (dwContentLength || !strcmpW(lpwhr->lpszVerb, szPost))
3188     {
3189         sprintfW(contentLengthStr, szContentLength, dwContentLength);
3190         HTTP_HttpAddRequestHeadersW(lpwhr, contentLengthStr, -1L, HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3191     }
3192     if (lpwhr->lpHttpSession->lpAppInfo->lpszAgent)
3193     {
3194         WCHAR *agent_header;
3195         static const WCHAR user_agent[] = {'U','s','e','r','-','A','g','e','n','t',':',' ','%','s','\r','\n',0};
3196         int len;
3197
3198         len = strlenW(lpwhr->lpHttpSession->lpAppInfo->lpszAgent) + strlenW(user_agent);
3199         agent_header = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
3200         sprintfW(agent_header, user_agent, lpwhr->lpHttpSession->lpAppInfo->lpszAgent);
3201
3202         HTTP_HttpAddRequestHeadersW(lpwhr, agent_header, strlenW(agent_header), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3203         HeapFree(GetProcessHeap(), 0, agent_header);
3204     }
3205     if (lpwhr->hdr.dwFlags & INTERNET_FLAG_PRAGMA_NOCACHE)
3206     {
3207         static const WCHAR pragma_nocache[] = {'P','r','a','g','m','a',':',' ','n','o','-','c','a','c','h','e','\r','\n',0};
3208         HTTP_HttpAddRequestHeadersW(lpwhr, pragma_nocache, strlenW(pragma_nocache), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3209     }
3210     if ((lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_CACHE_WRITE) && !strcmpW(lpwhr->lpszVerb, szPost))
3211     {
3212         static const WCHAR cache_control[] = {'C','a','c','h','e','-','C','o','n','t','r','o','l',':',
3213                                               ' ','n','o','-','c','a','c','h','e','\r','\n',0};
3214         HTTP_HttpAddRequestHeadersW(lpwhr, cache_control, strlenW(cache_control), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3215     }
3216
3217     do
3218     {
3219         DWORD len;
3220         char *ascii_req;
3221
3222         loop_next = FALSE;
3223
3224         /* like native, just in case the caller forgot to call InternetReadFile
3225          * for all the data */
3226         HTTP_DrainContent(lpwhr);
3227         lpwhr->dwContentRead = 0;
3228
3229         if (TRACE_ON(wininet))
3230         {
3231             LPHTTPHEADERW Host = HTTP_GetHeader(lpwhr,szHost);
3232             TRACE("Going to url %s %s\n", debugstr_w(Host->lpszValue), debugstr_w(lpwhr->lpszPath));
3233         }
3234
3235         HTTP_FixURL(lpwhr);
3236         if (lpwhr->hdr.dwFlags & INTERNET_FLAG_KEEP_CONNECTION)
3237         {
3238             HTTP_ProcessHeader(lpwhr, szConnection, szKeepAlive, HTTP_ADDHDR_FLAG_REQ | HTTP_ADDHDR_FLAG_REPLACE);
3239         }
3240         HTTP_InsertAuthorization(lpwhr, lpwhr->pAuthInfo, szAuthorization);
3241         HTTP_InsertAuthorization(lpwhr, lpwhr->pProxyAuthInfo, szProxy_Authorization);
3242
3243         /* add the headers the caller supplied */
3244         if( lpszHeaders && dwHeaderLength )
3245         {
3246             HTTP_HttpAddRequestHeadersW(lpwhr, lpszHeaders, dwHeaderLength,
3247                         HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REPLACE);
3248         }
3249
3250         if (lpwhr->lpHttpSession->lpAppInfo->lpszProxy && lpwhr->lpHttpSession->lpAppInfo->lpszProxy[0])
3251         {
3252             WCHAR *url = HTTP_BuildProxyRequestUrl(lpwhr);
3253             requestString = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, url, lpwhr->lpszVersion);
3254             HeapFree(GetProcessHeap(), 0, url);
3255         }
3256         else
3257             requestString = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, lpwhr->lpszVersion);
3258
3259  
3260         TRACE("Request header -> %s\n", debugstr_w(requestString) );
3261
3262         /* Send the request and store the results */
3263         if (!HTTP_OpenConnection(lpwhr))
3264             goto lend;
3265
3266         /* send the request as ASCII, tack on the optional data */
3267         if( !lpOptional )
3268             dwOptionalLength = 0;
3269         len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3270                                    NULL, 0, NULL, NULL );
3271         ascii_req = HeapAlloc( GetProcessHeap(), 0, len + dwOptionalLength );
3272         WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3273                              ascii_req, len, NULL, NULL );
3274         if( lpOptional )
3275             memcpy( &ascii_req[len-1], lpOptional, dwOptionalLength );
3276         len = (len + dwOptionalLength - 1);
3277         ascii_req[len] = 0;
3278         TRACE("full request -> %s\n", debugstr_a(ascii_req) );
3279
3280         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3281                               INTERNET_STATUS_SENDING_REQUEST, NULL, 0);
3282
3283         NETCON_send(&lpwhr->netConnection, ascii_req, len, 0, &cnt);
3284         HeapFree( GetProcessHeap(), 0, ascii_req );
3285
3286         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3287                               INTERNET_STATUS_REQUEST_SENT,
3288                               &len, sizeof(DWORD));
3289
3290         if (bEndRequest)
3291         {
3292             DWORD dwBufferSize;
3293             DWORD dwStatusCode;
3294             WCHAR encoding[20];
3295             static const WCHAR szChunked[] = {'c','h','u','n','k','e','d',0};
3296
3297             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3298                                 INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
3299     
3300             if (cnt < 0)
3301                 goto lend;
3302     
3303             responseLen = HTTP_GetResponseHeaders(lpwhr, TRUE);
3304             if (responseLen)
3305                 bSuccess = TRUE;
3306     
3307             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3308                                 INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen,
3309                                 sizeof(DWORD));
3310
3311             HTTP_ProcessCookies(lpwhr);
3312
3313             dwBufferSize = sizeof(lpwhr->dwContentLength);
3314             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
3315                                      &lpwhr->dwContentLength,&dwBufferSize,NULL))
3316                 lpwhr->dwContentLength = -1;
3317
3318             if (lpwhr->dwContentLength == 0)
3319                 HTTP_FinishedReading(lpwhr);
3320
3321             /* Correct the case where both a Content-Length and Transfer-encoding = chunked are set */
3322
3323             dwBufferSize = sizeof(encoding);
3324             if (HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_TRANSFER_ENCODING, encoding, &dwBufferSize, NULL) &&
3325                 !strcmpiW(encoding, szChunked))
3326             {
3327                 lpwhr->dwContentLength = -1;
3328             }
3329
3330             dwBufferSize = sizeof(dwStatusCode);
3331             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,
3332                                      &dwStatusCode,&dwBufferSize,NULL))
3333                 dwStatusCode = 0;
3334
3335             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT) && bSuccess)
3336             {
3337                 WCHAR szNewLocation[INTERNET_MAX_URL_LENGTH];
3338                 dwBufferSize=sizeof(szNewLocation);
3339                 if ((dwStatusCode==HTTP_STATUS_REDIRECT || dwStatusCode==HTTP_STATUS_MOVED) &&
3340                     HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
3341                 {
3342                     HTTP_DrainContent(lpwhr);
3343                     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3344                                           INTERNET_STATUS_REDIRECT, szNewLocation,
3345                                           dwBufferSize);
3346                     bSuccess = HTTP_HandleRedirect(lpwhr, szNewLocation);
3347                     if (bSuccess)
3348                     {
3349                         HeapFree(GetProcessHeap(), 0, requestString);
3350                         loop_next = TRUE;
3351                     }
3352                 }
3353             }
3354             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTH) && bSuccess)
3355             {
3356                 WCHAR szAuthValue[2048];
3357                 dwBufferSize=2048;
3358                 if (dwStatusCode == HTTP_STATUS_DENIED)
3359                 {
3360                     DWORD dwIndex = 0;
3361                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_WWW_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
3362                     {
3363                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
3364                                                  &lpwhr->pAuthInfo,
3365                                                  lpwhr->lpHttpSession->lpszUserName,
3366                                                  lpwhr->lpHttpSession->lpszPassword))
3367                         {
3368                             loop_next = TRUE;
3369                             break;
3370                         }
3371                     }
3372                 }
3373                 if (dwStatusCode == HTTP_STATUS_PROXY_AUTH_REQ)
3374                 {
3375                     DWORD dwIndex = 0;
3376                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_PROXY_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
3377                     {
3378                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
3379                                                  &lpwhr->pProxyAuthInfo,
3380                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyUsername,
3381                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyPassword))
3382                         {
3383                             loop_next = TRUE;
3384                             break;
3385                         }
3386                     }
3387                 }
3388             }
3389         }
3390         else
3391             bSuccess = TRUE;
3392     }
3393     while (loop_next);
3394
3395     /* FIXME: Better check, when we have to create the cache file */
3396     if(bSuccess && (lpwhr->hdr.dwFlags & INTERNET_FLAG_NEED_FILE)) {
3397         WCHAR url[INTERNET_MAX_URL_LENGTH];
3398         WCHAR cacheFileName[MAX_PATH+1];
3399         BOOL b;
3400
3401         b = HTTP_GetRequestURL(lpwhr, url);
3402         if(!b) {
3403             WARN("Could not get URL\n");
3404             goto lend;
3405         }
3406
3407         b = CreateUrlCacheEntryW(url, lpwhr->dwContentLength > 0 ? lpwhr->dwContentLength : 0, NULL, cacheFileName, 0);
3408         if(b) {
3409             lpwhr->lpszCacheFile = WININET_strdupW(cacheFileName);
3410             lpwhr->hCacheFile = CreateFileW(lpwhr->lpszCacheFile, GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE,
3411                       NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
3412             if(lpwhr->hCacheFile == INVALID_HANDLE_VALUE) {
3413                 WARN("Could not create file: %u\n", GetLastError());
3414                 lpwhr->hCacheFile = NULL;
3415             }
3416         }else {
3417             WARN("Could not create cache entry: %08x\n", GetLastError());
3418         }
3419     }
3420
3421 lend:
3422
3423     HeapFree(GetProcessHeap(), 0, requestString);
3424
3425     /* TODO: send notification for P3P header */
3426
3427     iar.dwResult = (DWORD_PTR)lpwhr->hdr.hInternet;
3428     iar.dwError = bSuccess ? ERROR_SUCCESS : INTERNET_GetLastError();
3429
3430     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3431                           INTERNET_STATUS_REQUEST_COMPLETE, &iar,
3432                           sizeof(INTERNET_ASYNC_RESULT));
3433
3434     TRACE("<--\n");
3435     if (bSuccess) INTERNET_SetLastError(ERROR_SUCCESS);
3436     return bSuccess;
3437 }
3438
3439 /***********************************************************************
3440  *           HTTPSESSION_Destroy (internal)
3441  *
3442  * Deallocate session handle
3443  *
3444  */
3445 static void HTTPSESSION_Destroy(WININETHANDLEHEADER *hdr)
3446 {
3447     LPWININETHTTPSESSIONW lpwhs = (LPWININETHTTPSESSIONW) hdr;
3448
3449     TRACE("%p\n", lpwhs);
3450
3451     WININET_Release(&lpwhs->lpAppInfo->hdr);
3452
3453     HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
3454     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
3455     HeapFree(GetProcessHeap(), 0, lpwhs->lpszPassword);
3456     HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
3457     HeapFree(GetProcessHeap(), 0, lpwhs);
3458 }
3459
3460 static DWORD HTTPSESSION_QueryOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD *size, BOOL unicode)
3461 {
3462     switch(option) {
3463     case INTERNET_OPTION_HANDLE_TYPE:
3464         TRACE("INTERNET_OPTION_HANDLE_TYPE\n");
3465
3466         if (*size < sizeof(ULONG))
3467             return ERROR_INSUFFICIENT_BUFFER;
3468
3469         *size = sizeof(DWORD);
3470         *(DWORD*)buffer = INTERNET_HANDLE_TYPE_CONNECT_HTTP;
3471         return ERROR_SUCCESS;
3472     }
3473
3474     return INET_QueryOption(option, buffer, size, unicode);
3475 }
3476
3477 static const HANDLEHEADERVtbl HTTPSESSIONVtbl = {
3478     HTTPSESSION_Destroy,
3479     NULL,
3480     HTTPSESSION_QueryOption,
3481     NULL,
3482     NULL,
3483     NULL,
3484     NULL,
3485     NULL,
3486     NULL
3487 };
3488
3489
3490 /***********************************************************************
3491  *           HTTP_Connect  (internal)
3492  *
3493  * Create http session handle
3494  *
3495  * RETURNS
3496  *   HINTERNET a session handle on success
3497  *   NULL on failure
3498  *
3499  */
3500 HINTERNET HTTP_Connect(LPWININETAPPINFOW hIC, LPCWSTR lpszServerName,
3501         INTERNET_PORT nServerPort, LPCWSTR lpszUserName,
3502         LPCWSTR lpszPassword, DWORD dwFlags, DWORD_PTR dwContext,
3503         DWORD dwInternalFlags)
3504 {
3505     LPWININETHTTPSESSIONW lpwhs = NULL;
3506     HINTERNET handle = NULL;
3507
3508     TRACE("-->\n");
3509
3510     if (!lpszServerName || !lpszServerName[0])
3511     {
3512         INTERNET_SetLastError(ERROR_INVALID_PARAMETER);
3513         goto lerror;
3514     }
3515
3516     assert( hIC->hdr.htype == WH_HINIT );
3517
3518     lpwhs = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPSESSIONW));
3519     if (NULL == lpwhs)
3520     {
3521         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3522         goto lerror;
3523     }
3524
3525    /*
3526     * According to my tests. The name is not resolved until a request is sent
3527     */
3528
3529     lpwhs->hdr.htype = WH_HHTTPSESSION;
3530     lpwhs->hdr.vtbl = &HTTPSESSIONVtbl;
3531     lpwhs->hdr.dwFlags = dwFlags;
3532     lpwhs->hdr.dwContext = dwContext;
3533     lpwhs->hdr.dwInternalFlags = dwInternalFlags | (hIC->hdr.dwInternalFlags & INET_CALLBACKW);
3534     lpwhs->hdr.refs = 1;
3535     lpwhs->hdr.lpfnStatusCB = hIC->hdr.lpfnStatusCB;
3536
3537     WININET_AddRef( &hIC->hdr );
3538     lpwhs->lpAppInfo = hIC;
3539     list_add_head( &hIC->hdr.children, &lpwhs->hdr.entry );
3540
3541     handle = WININET_AllocHandle( &lpwhs->hdr );
3542     if (NULL == handle)
3543     {
3544         ERR("Failed to alloc handle\n");
3545         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3546         goto lerror;
3547     }
3548
3549     if(hIC->lpszProxy && hIC->dwAccessType == INTERNET_OPEN_TYPE_PROXY) {
3550         if(strchrW(hIC->lpszProxy, ' '))
3551             FIXME("Several proxies not implemented.\n");
3552         if(hIC->lpszProxyBypass)
3553             FIXME("Proxy bypass is ignored.\n");
3554     }
3555     if (lpszServerName && lpszServerName[0])
3556     {
3557         lpwhs->lpszServerName = WININET_strdupW(lpszServerName);
3558         lpwhs->lpszHostName = WININET_strdupW(lpszServerName);
3559     }
3560     if (lpszUserName && lpszUserName[0])
3561         lpwhs->lpszUserName = WININET_strdupW(lpszUserName);
3562     if (lpszPassword && lpszPassword[0])
3563         lpwhs->lpszPassword = WININET_strdupW(lpszPassword);
3564     lpwhs->nServerPort = nServerPort;
3565     lpwhs->nHostPort = nServerPort;
3566
3567     /* Don't send a handle created callback if this handle was created with InternetOpenUrl */
3568     if (!(lpwhs->hdr.dwInternalFlags & INET_OPENURL))
3569     {
3570         INTERNET_SendCallback(&hIC->hdr, dwContext,
3571                               INTERNET_STATUS_HANDLE_CREATED, &handle,
3572                               sizeof(handle));
3573     }
3574
3575 lerror:
3576     if( lpwhs )
3577         WININET_Release( &lpwhs->hdr );
3578
3579 /*
3580  * an INTERNET_STATUS_REQUEST_COMPLETE is NOT sent here as per my tests on
3581  * windows
3582  */
3583
3584     TRACE("%p --> %p (%p)\n", hIC, handle, lpwhs);
3585     return handle;
3586 }
3587
3588
3589 /***********************************************************************
3590  *           HTTP_OpenConnection (internal)
3591  *
3592  * Connect to a web server
3593  *
3594  * RETURNS
3595  *
3596  *   TRUE  on success
3597  *   FALSE on failure
3598  */
3599 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr)
3600 {
3601     BOOL bSuccess = FALSE;
3602     LPWININETHTTPSESSIONW lpwhs;
3603     LPWININETAPPINFOW hIC = NULL;
3604     char szaddr[32];
3605
3606     TRACE("-->\n");
3607
3608
3609     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
3610     {
3611         INTERNET_SetLastError(ERROR_INVALID_PARAMETER);
3612         goto lend;
3613     }
3614
3615     if (NETCON_connected(&lpwhr->netConnection))
3616     {
3617         bSuccess = TRUE;
3618         goto lend;
3619     }
3620     if (!HTTP_ResolveName(lpwhr)) goto lend;
3621
3622     lpwhs = lpwhr->lpHttpSession;
3623
3624     hIC = lpwhs->lpAppInfo;
3625     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
3626               szaddr, sizeof(szaddr));
3627     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3628                           INTERNET_STATUS_CONNECTING_TO_SERVER,
3629                           szaddr,
3630                           strlen(szaddr)+1);
3631
3632     if (!NETCON_create(&lpwhr->netConnection, lpwhs->socketAddress.sin_family,
3633                          SOCK_STREAM, 0))
3634     {
3635         WARN("Socket creation failed: %u\n", INTERNET_GetLastError());
3636         goto lend;
3637     }
3638
3639     if (!NETCON_connect(&lpwhr->netConnection, (struct sockaddr *)&lpwhs->socketAddress,
3640                       sizeof(lpwhs->socketAddress)))
3641        goto lend;
3642
3643     if (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE)
3644     {
3645         /* Note: we differ from Microsoft's WinINet here. they seem to have
3646          * a bug that causes no status callbacks to be sent when starting
3647          * a tunnel to a proxy server using the CONNECT verb. i believe our
3648          * behaviour to be more correct and to not cause any incompatibilities
3649          * because using a secure connection through a proxy server is a rare
3650          * case that would be hard for anyone to depend on */
3651         if (hIC->lpszProxy && !HTTP_SecureProxyConnect(lpwhr))
3652             goto lend;
3653
3654         if (!NETCON_secure_connect(&lpwhr->netConnection, lpwhs->lpszHostName))
3655         {
3656             WARN("Couldn't connect securely to host\n");
3657             goto lend;
3658         }
3659     }
3660
3661     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3662                           INTERNET_STATUS_CONNECTED_TO_SERVER,
3663                           szaddr, strlen(szaddr)+1);
3664
3665     bSuccess = TRUE;
3666
3667 lend:
3668     TRACE("%d <--\n", bSuccess);
3669     return bSuccess;
3670 }
3671
3672
3673 /***********************************************************************
3674  *           HTTP_clear_response_headers (internal)
3675  *
3676  * clear out any old response headers
3677  */
3678 static void HTTP_clear_response_headers( LPWININETHTTPREQW lpwhr )
3679 {
3680     DWORD i;
3681
3682     for( i=0; i<lpwhr->nCustHeaders; i++)
3683     {
3684         if( !lpwhr->pCustHeaders[i].lpszField )
3685             continue;
3686         if( !lpwhr->pCustHeaders[i].lpszValue )
3687             continue;
3688         if ( lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST )
3689             continue;
3690         HTTP_DeleteCustomHeader( lpwhr, i );
3691         i--;
3692     }
3693 }
3694
3695 /***********************************************************************
3696  *           HTTP_GetResponseHeaders (internal)
3697  *
3698  * Read server response
3699  *
3700  * RETURNS
3701  *
3702  *   TRUE  on success
3703  *   FALSE on error
3704  */
3705 static INT HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr, BOOL clear)
3706 {
3707     INT cbreaks = 0;
3708     WCHAR buffer[MAX_REPLY_LEN];
3709     DWORD buflen = MAX_REPLY_LEN;
3710     BOOL bSuccess = FALSE;
3711     INT  rc = 0;
3712     static const WCHAR szCrLf[] = {'\r','\n',0};
3713     static const WCHAR szHundred[] = {'1','0','0',0};
3714     char bufferA[MAX_REPLY_LEN];
3715     LPWSTR status_code, status_text;
3716     DWORD cchMaxRawHeaders = 1024;
3717     LPWSTR lpszRawHeaders = HeapAlloc(GetProcessHeap(), 0, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3718     DWORD cchRawHeaders = 0;
3719
3720     TRACE("-->\n");
3721
3722     /* clear old response headers (eg. from a redirect response) */
3723     if (clear) HTTP_clear_response_headers( lpwhr );
3724
3725     if (!NETCON_connected(&lpwhr->netConnection))
3726         goto lend;
3727
3728     do {
3729         /*
3730          * HACK peek at the buffer
3731          */
3732         buflen = MAX_REPLY_LEN;
3733         NETCON_recv(&lpwhr->netConnection, buffer, buflen, MSG_PEEK, &rc);
3734
3735         /*
3736          * We should first receive 'HTTP/1.x nnn OK' where nnn is the status code.
3737          */
3738         memset(buffer, 0, MAX_REPLY_LEN);
3739         if (!NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3740             goto lend;
3741         MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3742
3743         /* split the version from the status code */
3744         status_code = strchrW( buffer, ' ' );
3745         if( !status_code )
3746             goto lend;
3747         *status_code++=0;
3748
3749         /* split the status code from the status text */
3750         status_text = strchrW( status_code, ' ' );
3751         if( !status_text )
3752             goto lend;
3753         *status_text++=0;
3754
3755         TRACE("version [%s] status code [%s] status text [%s]\n",
3756            debugstr_w(buffer), debugstr_w(status_code), debugstr_w(status_text) );
3757
3758     } while (!strcmpW(status_code, szHundred)); /* ignore "100 Continue" responses */
3759
3760     /* Add status code */
3761     HTTP_ProcessHeader(lpwhr, szStatus, status_code,
3762             HTTP_ADDHDR_FLAG_REPLACE);
3763
3764     HeapFree(GetProcessHeap(),0,lpwhr->lpszVersion);
3765     HeapFree(GetProcessHeap(),0,lpwhr->lpszStatusText);
3766
3767     lpwhr->lpszVersion= WININET_strdupW(buffer);
3768     lpwhr->lpszStatusText = WININET_strdupW(status_text);
3769
3770     /* Restore the spaces */
3771     *(status_code-1) = ' ';
3772     *(status_text-1) = ' ';
3773
3774     /* regenerate raw headers */
3775     while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3776     {
3777         cchMaxRawHeaders *= 2;
3778         lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3779     }
3780     memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3781     cchRawHeaders += (buflen-1);
3782     memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3783     cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3784     lpszRawHeaders[cchRawHeaders] = '\0';
3785
3786     /* Parse each response line */
3787     do
3788     {
3789         buflen = MAX_REPLY_LEN;
3790         if (NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3791         {
3792             LPWSTR * pFieldAndValue;
3793
3794             TRACE("got line %s, now interpreting\n", debugstr_a(bufferA));
3795             MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3796
3797             while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3798             {
3799                 cchMaxRawHeaders *= 2;
3800                 lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3801             }
3802             memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3803             cchRawHeaders += (buflen-1);
3804             memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3805             cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3806             lpszRawHeaders[cchRawHeaders] = '\0';
3807
3808             pFieldAndValue = HTTP_InterpretHttpHeader(buffer);
3809             if (!pFieldAndValue)
3810                 break;
3811
3812             HTTP_ProcessHeader(lpwhr, pFieldAndValue[0], pFieldAndValue[1], 
3813                 HTTP_ADDREQ_FLAG_ADD );
3814
3815             HTTP_FreeTokens(pFieldAndValue);
3816         }
3817         else
3818         {
3819             cbreaks++;
3820             if (cbreaks >= 2)
3821                break;
3822         }
3823     }while(1);
3824
3825     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
3826     lpwhr->lpszRawHeaders = lpszRawHeaders;
3827     TRACE("raw headers: %s\n", debugstr_w(lpszRawHeaders));
3828     bSuccess = TRUE;
3829
3830 lend:
3831
3832     TRACE("<--\n");
3833     if (bSuccess)
3834         return rc;
3835     else
3836         return 0;
3837 }
3838
3839
3840 static void strip_spaces(LPWSTR start)
3841 {
3842     LPWSTR str = start;
3843     LPWSTR end;
3844
3845     while (*str == ' ' && *str != '\0')
3846         str++;
3847
3848     if (str != start)
3849         memmove(start, str, sizeof(WCHAR) * (strlenW(str) + 1));
3850
3851     end = start + strlenW(start) - 1;
3852     while (end >= start && *end == ' ')
3853     {
3854         *end = '\0';
3855         end--;
3856     }
3857 }
3858
3859
3860 /***********************************************************************
3861  *           HTTP_InterpretHttpHeader (internal)
3862  *
3863  * Parse server response
3864  *
3865  * RETURNS
3866  *
3867  *   Pointer to array of field, value, NULL on success.
3868  *   NULL on error.
3869  */
3870 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer)
3871 {
3872     LPWSTR * pTokenPair;
3873     LPWSTR pszColon;
3874     INT len;
3875
3876     pTokenPair = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*pTokenPair)*3);
3877
3878     pszColon = strchrW(buffer, ':');
3879     /* must have two tokens */
3880     if (!pszColon)
3881     {
3882         HTTP_FreeTokens(pTokenPair);
3883         if (buffer[0])
3884             TRACE("No ':' in line: %s\n", debugstr_w(buffer));
3885         return NULL;
3886     }
3887
3888     pTokenPair[0] = HeapAlloc(GetProcessHeap(), 0, (pszColon - buffer + 1) * sizeof(WCHAR));
3889     if (!pTokenPair[0])
3890     {
3891         HTTP_FreeTokens(pTokenPair);
3892         return NULL;
3893     }
3894     memcpy(pTokenPair[0], buffer, (pszColon - buffer) * sizeof(WCHAR));
3895     pTokenPair[0][pszColon - buffer] = '\0';
3896
3897     /* skip colon */
3898     pszColon++;
3899     len = strlenW(pszColon);
3900     pTokenPair[1] = HeapAlloc(GetProcessHeap(), 0, (len + 1) * sizeof(WCHAR));
3901     if (!pTokenPair[1])
3902     {
3903         HTTP_FreeTokens(pTokenPair);
3904         return NULL;
3905     }
3906     memcpy(pTokenPair[1], pszColon, (len + 1) * sizeof(WCHAR));
3907
3908     strip_spaces(pTokenPair[0]);
3909     strip_spaces(pTokenPair[1]);
3910
3911     TRACE("field(%s) Value(%s)\n", debugstr_w(pTokenPair[0]), debugstr_w(pTokenPair[1]));
3912     return pTokenPair;
3913 }
3914
3915 /***********************************************************************
3916  *           HTTP_ProcessHeader (internal)
3917  *
3918  * Stuff header into header tables according to <dwModifier>
3919  *
3920  */
3921
3922 #define COALESCEFLAGS (HTTP_ADDHDR_FLAG_COALESCE|HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA|HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
3923
3924 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier)
3925 {
3926     LPHTTPHEADERW lphttpHdr = NULL;
3927     BOOL bSuccess = FALSE;
3928     INT index = -1;
3929     BOOL request_only = dwModifier & HTTP_ADDHDR_FLAG_REQ;
3930
3931     TRACE("--> %s: %s - 0x%08x\n", debugstr_w(field), debugstr_w(value), dwModifier);
3932
3933     /* REPLACE wins out over ADD */
3934     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
3935         dwModifier &= ~HTTP_ADDHDR_FLAG_ADD;
3936     
3937     if (dwModifier & HTTP_ADDHDR_FLAG_ADD)
3938         index = -1;
3939     else
3940         index = HTTP_GetCustomHeaderIndex(lpwhr, field, 0, request_only);
3941
3942     if (index >= 0)
3943     {
3944         if (dwModifier & HTTP_ADDHDR_FLAG_ADD_IF_NEW)
3945         {
3946             return FALSE;
3947         }
3948         lphttpHdr = &lpwhr->pCustHeaders[index];
3949     }
3950     else if (value)
3951     {
3952         HTTPHEADERW hdr;
3953
3954         hdr.lpszField = (LPWSTR)field;
3955         hdr.lpszValue = (LPWSTR)value;
3956         hdr.wFlags = hdr.wCount = 0;
3957
3958         if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3959             hdr.wFlags |= HDR_ISREQUEST;
3960
3961         return HTTP_InsertCustomHeader(lpwhr, &hdr);
3962     }
3963     /* no value to delete */
3964     else return TRUE;
3965
3966     if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3967             lphttpHdr->wFlags |= HDR_ISREQUEST;
3968     else
3969         lphttpHdr->wFlags &= ~HDR_ISREQUEST;
3970
3971     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
3972     {
3973         HTTP_DeleteCustomHeader( lpwhr, index );
3974
3975         if (value)
3976         {
3977             HTTPHEADERW hdr;
3978
3979             hdr.lpszField = (LPWSTR)field;
3980             hdr.lpszValue = (LPWSTR)value;
3981             hdr.wFlags = hdr.wCount = 0;
3982
3983             if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3984                 hdr.wFlags |= HDR_ISREQUEST;
3985
3986             return HTTP_InsertCustomHeader(lpwhr, &hdr);
3987         }
3988
3989         return TRUE;
3990     }
3991     else if (dwModifier & COALESCEFLAGS)
3992     {
3993         LPWSTR lpsztmp;
3994         WCHAR ch = 0;
3995         INT len = 0;
3996         INT origlen = strlenW(lphttpHdr->lpszValue);
3997         INT valuelen = strlenW(value);
3998
3999         if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA)
4000         {
4001             ch = ',';
4002             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
4003         }
4004         else if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
4005         {
4006             ch = ';';
4007             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
4008         }
4009
4010         len = origlen + valuelen + ((ch > 0) ? 2 : 0);
4011
4012         lpsztmp = HeapReAlloc(GetProcessHeap(), 0, lphttpHdr->lpszValue, (len+1)*sizeof(WCHAR));
4013         if (lpsztmp)
4014         {
4015             lphttpHdr->lpszValue = lpsztmp;
4016     /* FIXME: Increment lphttpHdr->wCount. Perhaps lpszValue should be an array */
4017             if (ch > 0)
4018             {
4019                 lphttpHdr->lpszValue[origlen] = ch;
4020                 origlen++;
4021                 lphttpHdr->lpszValue[origlen] = ' ';
4022                 origlen++;
4023             }
4024
4025             memcpy(&lphttpHdr->lpszValue[origlen], value, valuelen*sizeof(WCHAR));
4026             lphttpHdr->lpszValue[len] = '\0';
4027             bSuccess = TRUE;
4028         }
4029         else
4030         {
4031             WARN("HeapReAlloc (%d bytes) failed\n",len+1);
4032             INTERNET_SetLastError(ERROR_OUTOFMEMORY);
4033         }
4034     }
4035     TRACE("<-- %d\n",bSuccess);
4036     return bSuccess;
4037 }
4038
4039
4040 /***********************************************************************
4041  *           HTTP_FinishedReading (internal)
4042  *
4043  * Called when all content from server has been read by client.
4044  *
4045  */
4046 BOOL HTTP_FinishedReading(LPWININETHTTPREQW lpwhr)
4047 {
4048     WCHAR szVersion[10];
4049     WCHAR szConnectionResponse[20];
4050     DWORD dwBufferSize = sizeof(szVersion);
4051     BOOL keepalive = FALSE;
4052
4053     TRACE("\n");
4054
4055     /* as per RFC 2068, S8.1.2.1, if the client is HTTP/1.1 then assume that
4056      * the connection is keep-alive by default */
4057     if (!HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_VERSION, szVersion,
4058                              &dwBufferSize, NULL) ||
4059         strcmpiW(szVersion, g_szHttp1_1))
4060     {
4061         keepalive = TRUE;
4062     }
4063
4064     dwBufferSize = sizeof(szConnectionResponse);
4065     if (HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_PROXY_CONNECTION, szConnectionResponse, &dwBufferSize, NULL) ||
4066         HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_CONNECTION, szConnectionResponse, &dwBufferSize, NULL))
4067     {
4068         keepalive = !strcmpiW(szConnectionResponse, szKeepAlive);
4069     }
4070
4071     if (!keepalive)
4072     {
4073         HTTPREQ_CloseConnection(&lpwhr->hdr);
4074     }
4075
4076     /* FIXME: store data in the URL cache here */
4077
4078     return TRUE;
4079 }
4080
4081
4082 /***********************************************************************
4083  *           HTTP_GetCustomHeaderIndex (internal)
4084  *
4085  * Return index of custom header from header array
4086  *
4087  */
4088 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField,
4089                                      int requested_index, BOOL request_only)
4090 {
4091     DWORD index;
4092
4093     TRACE("%s\n", debugstr_w(lpszField));
4094
4095     for (index = 0; index < lpwhr->nCustHeaders; index++)
4096     {
4097         if (strcmpiW(lpwhr->pCustHeaders[index].lpszField, lpszField))
4098             continue;
4099
4100         if (request_only && !(lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
4101             continue;
4102
4103         if (!request_only && (lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
4104             continue;
4105
4106         if (requested_index == 0)
4107             break;
4108         requested_index --;
4109     }
4110
4111     if (index >= lpwhr->nCustHeaders)
4112         index = -1;
4113
4114     TRACE("Return: %d\n", index);
4115     return index;
4116 }
4117
4118
4119 /***********************************************************************
4120  *           HTTP_InsertCustomHeader (internal)
4121  *
4122  * Insert header into array
4123  *
4124  */
4125 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr)
4126 {
4127     INT count;
4128     LPHTTPHEADERW lph = NULL;
4129     BOOL r = FALSE;
4130
4131     TRACE("--> %s: %s\n", debugstr_w(lpHdr->lpszField), debugstr_w(lpHdr->lpszValue));
4132     count = lpwhr->nCustHeaders + 1;
4133     if (count > 1)
4134         lph = HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, lpwhr->pCustHeaders, sizeof(HTTPHEADERW) * count);
4135     else
4136         lph = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(HTTPHEADERW) * count);
4137
4138     if (NULL != lph)
4139     {
4140         lpwhr->pCustHeaders = lph;
4141         lpwhr->pCustHeaders[count-1].lpszField = WININET_strdupW(lpHdr->lpszField);
4142         lpwhr->pCustHeaders[count-1].lpszValue = WININET_strdupW(lpHdr->lpszValue);
4143         lpwhr->pCustHeaders[count-1].wFlags = lpHdr->wFlags;
4144         lpwhr->pCustHeaders[count-1].wCount= lpHdr->wCount;
4145         lpwhr->nCustHeaders++;
4146         r = TRUE;
4147     }
4148     else
4149     {
4150         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
4151     }
4152
4153     return r;
4154 }
4155
4156
4157 /***********************************************************************
4158  *           HTTP_DeleteCustomHeader (internal)
4159  *
4160  * Delete header from array
4161  *  If this function is called, the indexs may change.
4162  */
4163 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index)
4164 {
4165     if( lpwhr->nCustHeaders <= 0 )
4166         return FALSE;
4167     if( index >= lpwhr->nCustHeaders )
4168         return FALSE;
4169     lpwhr->nCustHeaders--;
4170
4171     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[index].lpszField);
4172     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[index].lpszValue);
4173
4174     memmove( &lpwhr->pCustHeaders[index], &lpwhr->pCustHeaders[index+1],
4175              (lpwhr->nCustHeaders - index)* sizeof(HTTPHEADERW) );
4176     memset( &lpwhr->pCustHeaders[lpwhr->nCustHeaders], 0, sizeof(HTTPHEADERW) );
4177
4178     return TRUE;
4179 }
4180
4181
4182 /***********************************************************************
4183  *           HTTP_VerifyValidHeader (internal)
4184  *
4185  * Verify the given header is not invalid for the given http request
4186  *
4187  */
4188 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field)
4189 {
4190     /* Accept-Encoding is stripped from HTTP/1.0 requests. It is invalid */
4191     if (!strcmpW(lpwhr->lpszVersion, g_szHttp1_0) && !strcmpiW(field, szAccept_Encoding))
4192         return FALSE;
4193
4194     return TRUE;
4195 }
4196
4197 /***********************************************************************
4198  *          IsHostInProxyBypassList (@)
4199  *
4200  * Undocumented
4201  *
4202  */
4203 BOOL WINAPI IsHostInProxyBypassList(DWORD flags, LPCSTR szHost, DWORD length)
4204 {
4205    FIXME("STUB: flags=%d host=%s length=%d\n",flags,szHost,length);
4206    return FALSE;
4207 }