wininet: Use ~0u instead of ~0ul for DWORD values.
[wine] / dlls / wininet / http.c
1 /*
2  * Wininet - Http Implementation
3  *
4  * Copyright 1999 Corel Corporation
5  * Copyright 2002 CodeWeavers Inc.
6  * Copyright 2002 TransGaming Technologies Inc.
7  * Copyright 2004 Mike McCormack for CodeWeavers
8  * Copyright 2005 Aric Stewart for CodeWeavers
9  * Copyright 2006 Robert Shearman for CodeWeavers
10  *
11  * Ulrich Czekalla
12  * David Hammerton
13  *
14  * This library is free software; you can redistribute it and/or
15  * modify it under the terms of the GNU Lesser General Public
16  * License as published by the Free Software Foundation; either
17  * version 2.1 of the License, or (at your option) any later version.
18  *
19  * This library is distributed in the hope that it will be useful,
20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22  * Lesser General Public License for more details.
23  *
24  * You should have received a copy of the GNU Lesser General Public
25  * License along with this library; if not, write to the Free Software
26  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
27  */
28
29 #include "config.h"
30 #include "wine/port.h"
31
32 #if defined(__MINGW32__) || defined (_MSC_VER)
33 #include <ws2tcpip.h>
34 #endif
35
36 #include <sys/types.h>
37 #ifdef HAVE_SYS_SOCKET_H
38 # include <sys/socket.h>
39 #endif
40 #ifdef HAVE_ARPA_INET_H
41 # include <arpa/inet.h>
42 #endif
43 #include <stdarg.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #ifdef HAVE_UNISTD_H
47 # include <unistd.h>
48 #endif
49 #include <time.h>
50 #include <assert.h>
51
52 #include "windef.h"
53 #include "winbase.h"
54 #include "wininet.h"
55 #include "winerror.h"
56 #define NO_SHLWAPI_STREAM
57 #define NO_SHLWAPI_REG
58 #define NO_SHLWAPI_STRFCNS
59 #define NO_SHLWAPI_GDI
60 #include "shlwapi.h"
61 #include "sspi.h"
62 #include "wincrypt.h"
63
64 #include "internet.h"
65 #include "wine/debug.h"
66 #include "wine/exception.h"
67 #include "wine/unicode.h"
68
69 WINE_DEFAULT_DEBUG_CHANNEL(wininet);
70
71 static const WCHAR g_szHttp1_0[] = {'H','T','T','P','/','1','.','0',0};
72 static const WCHAR g_szHttp1_1[] = {'H','T','T','P','/','1','.','1',0};
73 static const WCHAR g_szReferer[] = {'R','e','f','e','r','e','r',0};
74 static const WCHAR g_szAccept[] = {'A','c','c','e','p','t',0};
75 static const WCHAR g_szUserAgent[] = {'U','s','e','r','-','A','g','e','n','t',0};
76 static const WCHAR szHost[] = { 'H','o','s','t',0 };
77 static const WCHAR szAuthorization[] = { 'A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
78 static const WCHAR szProxy_Authorization[] = { 'P','r','o','x','y','-','A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
79 static const WCHAR szStatus[] = { 'S','t','a','t','u','s',0 };
80 static const WCHAR szKeepAlive[] = {'K','e','e','p','-','A','l','i','v','e',0};
81 static const WCHAR szGET[] = { 'G','E','T', 0 };
82 static const WCHAR szCrLf[] = {'\r','\n', 0};
83
84 #define MAXHOSTNAME 100
85 #define MAX_FIELD_VALUE_LEN 256
86 #define MAX_FIELD_LEN 256
87
88 #define HTTP_REFERER    g_szReferer
89 #define HTTP_ACCEPT     g_szAccept
90 #define HTTP_USERAGENT  g_szUserAgent
91
92 #define HTTP_ADDHDR_FLAG_ADD                            0x20000000
93 #define HTTP_ADDHDR_FLAG_ADD_IF_NEW                     0x10000000
94 #define HTTP_ADDHDR_FLAG_COALESCE                       0x40000000
95 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA            0x40000000
96 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON        0x01000000
97 #define HTTP_ADDHDR_FLAG_REPLACE                        0x80000000
98 #define HTTP_ADDHDR_FLAG_REQ                            0x02000000
99
100 #define ARRAYSIZE(array) (sizeof(array)/sizeof((array)[0]))
101
102 struct HttpAuthInfo
103 {
104     LPWSTR scheme;
105     CredHandle cred;
106     CtxtHandle ctx;
107     TimeStamp exp;
108     ULONG attr;
109     ULONG max_token;
110     void *auth_data;
111     unsigned int auth_data_len;
112     BOOL finished; /* finished authenticating */
113 };
114
115 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr);
116 static BOOL HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr, BOOL clear);
117 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier);
118 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer);
119 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr);
120 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField, INT index, BOOL Request);
121 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index);
122 static LPWSTR HTTP_build_req( LPCWSTR *list, int len );
123 static BOOL HTTP_HttpQueryInfoW(LPWININETHTTPREQW, DWORD, LPVOID, LPDWORD, LPDWORD);
124 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl);
125 static UINT HTTP_DecodeBase64(LPCWSTR base64, LPSTR bin);
126 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field);
127 static void HTTP_DrainContent(WININETHTTPREQW *req);
128
129 LPHTTPHEADERW HTTP_GetHeader(LPWININETHTTPREQW req, LPCWSTR head)
130 {
131     int HeaderIndex = 0;
132     HeaderIndex = HTTP_GetCustomHeaderIndex(req, head, 0, TRUE);
133     if (HeaderIndex == -1)
134         return NULL;
135     else
136         return &req->pCustHeaders[HeaderIndex];
137 }
138
139 /***********************************************************************
140  *           HTTP_Tokenize (internal)
141  *
142  *  Tokenize a string, allocating memory for the tokens.
143  */
144 static LPWSTR * HTTP_Tokenize(LPCWSTR string, LPCWSTR token_string)
145 {
146     LPWSTR * token_array;
147     int tokens = 0;
148     int i;
149     LPCWSTR next_token;
150
151     if (string)
152     {
153         /* empty string has no tokens */
154         if (*string)
155             tokens++;
156         /* count tokens */
157         for (i = 0; string[i]; i++)
158         {
159             if (!strncmpW(string+i, token_string, strlenW(token_string)))
160             {
161                 DWORD j;
162                 tokens++;
163                 /* we want to skip over separators, but not the null terminator */
164                 for (j = 0; j < strlenW(token_string) - 1; j++)
165                     if (!string[i+j])
166                         break;
167                 i += j;
168             }
169         }
170     }
171
172     /* add 1 for terminating NULL */
173     token_array = HeapAlloc(GetProcessHeap(), 0, (tokens+1) * sizeof(*token_array));
174     token_array[tokens] = NULL;
175     if (!tokens)
176         return token_array;
177     for (i = 0; i < tokens; i++)
178     {
179         int len;
180         next_token = strstrW(string, token_string);
181         if (!next_token) next_token = string+strlenW(string);
182         len = next_token - string;
183         token_array[i] = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
184         memcpy(token_array[i], string, len*sizeof(WCHAR));
185         token_array[i][len] = '\0';
186         string = next_token+strlenW(token_string);
187     }
188     return token_array;
189 }
190
191 /***********************************************************************
192  *           HTTP_FreeTokens (internal)
193  *
194  *  Frees memory returned from HTTP_Tokenize.
195  */
196 static void HTTP_FreeTokens(LPWSTR * token_array)
197 {
198     int i;
199     for (i = 0; token_array[i]; i++)
200         HeapFree(GetProcessHeap(), 0, token_array[i]);
201     HeapFree(GetProcessHeap(), 0, token_array);
202 }
203
204 /* **********************************************************************
205  * 
206  * Helper functions for the HttpSendRequest(Ex) functions
207  * 
208  */
209 static void AsyncHttpSendRequestProc(WORKREQUEST *workRequest)
210 {
211     struct WORKREQ_HTTPSENDREQUESTW const *req = &workRequest->u.HttpSendRequestW;
212     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) workRequest->hdr;
213
214     TRACE("%p\n", lpwhr);
215
216     HTTP_HttpSendRequestW(lpwhr, req->lpszHeader,
217             req->dwHeaderLength, req->lpOptional, req->dwOptionalLength,
218             req->dwContentLength, req->bEndRequest);
219
220     HeapFree(GetProcessHeap(), 0, req->lpszHeader);
221 }
222
223 static void HTTP_FixURL( LPWININETHTTPREQW lpwhr)
224 {
225     static const WCHAR szSlash[] = { '/',0 };
226     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/', 0 };
227
228     /* If we don't have a path we set it to root */
229     if (NULL == lpwhr->lpszPath)
230         lpwhr->lpszPath = WININET_strdupW(szSlash);
231     else /* remove \r and \n*/
232     {
233         int nLen = strlenW(lpwhr->lpszPath);
234         while ((nLen >0 ) && ((lpwhr->lpszPath[nLen-1] == '\r')||(lpwhr->lpszPath[nLen-1] == '\n')))
235         {
236             nLen--;
237             lpwhr->lpszPath[nLen]='\0';
238         }
239         /* Replace '\' with '/' */
240         while (nLen>0) {
241             nLen--;
242             if (lpwhr->lpszPath[nLen] == '\\') lpwhr->lpszPath[nLen]='/';
243         }
244     }
245
246     if(CSTR_EQUAL != CompareStringW( LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
247                        lpwhr->lpszPath, strlenW(lpwhr->lpszPath), szHttp, strlenW(szHttp) )
248        && lpwhr->lpszPath[0] != '/') /* not an absolute path ?? --> fix it !! */
249     {
250         WCHAR *fixurl = HeapAlloc(GetProcessHeap(), 0, 
251                              (strlenW(lpwhr->lpszPath) + 2)*sizeof(WCHAR));
252         *fixurl = '/';
253         strcpyW(fixurl + 1, lpwhr->lpszPath);
254         HeapFree( GetProcessHeap(), 0, lpwhr->lpszPath );
255         lpwhr->lpszPath = fixurl;
256     }
257 }
258
259 static LPWSTR HTTP_BuildHeaderRequestString( LPWININETHTTPREQW lpwhr, LPCWSTR verb, LPCWSTR path, LPCWSTR version )
260 {
261     LPWSTR requestString;
262     DWORD len, n;
263     LPCWSTR *req;
264     UINT i;
265     LPWSTR p;
266
267     static const WCHAR szSpace[] = { ' ',0 };
268     static const WCHAR szColon[] = { ':',' ',0 };
269     static const WCHAR sztwocrlf[] = {'\r','\n','\r','\n', 0};
270
271     /* allocate space for an array of all the string pointers to be added */
272     len = (lpwhr->nCustHeaders)*4 + 10;
273     req = HeapAlloc( GetProcessHeap(), 0, len*sizeof(LPCWSTR) );
274
275     /* add the verb, path and HTTP version string */
276     n = 0;
277     req[n++] = verb;
278     req[n++] = szSpace;
279     req[n++] = path;
280     req[n++] = szSpace;
281     req[n++] = version;
282
283     /* Append custom request headers */
284     for (i = 0; i < lpwhr->nCustHeaders; i++)
285     {
286         if (lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST)
287         {
288             req[n++] = szCrLf;
289             req[n++] = lpwhr->pCustHeaders[i].lpszField;
290             req[n++] = szColon;
291             req[n++] = lpwhr->pCustHeaders[i].lpszValue;
292
293             TRACE("Adding custom header %s (%s)\n",
294                    debugstr_w(lpwhr->pCustHeaders[i].lpszField),
295                    debugstr_w(lpwhr->pCustHeaders[i].lpszValue));
296         }
297     }
298
299     if( n >= len )
300         ERR("oops. buffer overrun\n");
301
302     req[n] = NULL;
303     requestString = HTTP_build_req( req, 4 );
304     HeapFree( GetProcessHeap(), 0, req );
305
306     /*
307      * Set (header) termination string for request
308      * Make sure there's exactly two new lines at the end of the request
309      */
310     p = &requestString[strlenW(requestString)-1];
311     while ( (*p == '\n') || (*p == '\r') )
312        p--;
313     strcpyW( p+1, sztwocrlf );
314     
315     return requestString;
316 }
317
318 static void HTTP_ProcessCookies( LPWININETHTTPREQW lpwhr )
319 {
320     static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
321     int HeaderIndex;
322     int numCookies = 0;
323     LPHTTPHEADERW setCookieHeader;
324
325     while((HeaderIndex = HTTP_GetCustomHeaderIndex(lpwhr, szSet_Cookie, numCookies, FALSE)) != -1)
326     {
327         setCookieHeader = &lpwhr->pCustHeaders[HeaderIndex];
328
329         if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES) && setCookieHeader->lpszValue)
330         {
331             int nPosStart = 0, nPosEnd = 0, len;
332             static const WCHAR szFmt[] = { 'h','t','t','p',':','/','/','%','s','/',0};
333
334             while (setCookieHeader->lpszValue[nPosEnd] != '\0')
335             {
336                 LPWSTR buf_cookie, cookie_name, cookie_data;
337                 LPWSTR buf_url;
338                 LPWSTR domain = NULL;
339                 LPHTTPHEADERW Host;
340
341                 int nEqualPos = 0;
342                 while (setCookieHeader->lpszValue[nPosEnd] != ';' && setCookieHeader->lpszValue[nPosEnd] != ',' &&
343                        setCookieHeader->lpszValue[nPosEnd] != '\0')
344                 {
345                     nPosEnd++;
346                 }
347                 if (setCookieHeader->lpszValue[nPosEnd] == ';')
348                 {
349                     /* fixme: not case sensitive, strcasestr is gnu only */
350                     int nDomainPosEnd = 0;
351                     int nDomainPosStart = 0, nDomainLength = 0;
352                     static const WCHAR szDomain[] = {'d','o','m','a','i','n','=',0};
353                     LPWSTR lpszDomain = strstrW(&setCookieHeader->lpszValue[nPosEnd], szDomain);
354                     if (lpszDomain)
355                     { /* they have specified their own domain, lets use it */
356                         while (lpszDomain[nDomainPosEnd] != ';' && lpszDomain[nDomainPosEnd] != ',' &&
357                                lpszDomain[nDomainPosEnd] != '\0')
358                         {
359                             nDomainPosEnd++;
360                         }
361                         nDomainPosStart = strlenW(szDomain);
362                         nDomainLength = (nDomainPosEnd - nDomainPosStart) + 1;
363                         domain = HeapAlloc(GetProcessHeap(), 0, (nDomainLength + 1)*sizeof(WCHAR));
364                         lstrcpynW(domain, &lpszDomain[nDomainPosStart], nDomainLength + 1);
365                     }
366                 }
367                 if (setCookieHeader->lpszValue[nPosEnd] == '\0') break;
368                 buf_cookie = HeapAlloc(GetProcessHeap(), 0, ((nPosEnd - nPosStart) + 1)*sizeof(WCHAR));
369                 lstrcpynW(buf_cookie, &setCookieHeader->lpszValue[nPosStart], (nPosEnd - nPosStart) + 1);
370                 TRACE("%s\n", debugstr_w(buf_cookie));
371                 while (buf_cookie[nEqualPos] != '=' && buf_cookie[nEqualPos] != '\0')
372                 {
373                     nEqualPos++;
374                 }
375                 if (buf_cookie[nEqualPos] == '\0' || buf_cookie[nEqualPos + 1] == '\0')
376                 {
377                     HeapFree(GetProcessHeap(), 0, buf_cookie);
378                     break;
379                 }
380
381                 cookie_name = HeapAlloc(GetProcessHeap(), 0, (nEqualPos + 1)*sizeof(WCHAR));
382                 lstrcpynW(cookie_name, buf_cookie, nEqualPos + 1);
383                 cookie_data = &buf_cookie[nEqualPos + 1];
384
385                 Host = HTTP_GetHeader(lpwhr,szHost);
386                 len = lstrlenW((domain ? domain : (Host?Host->lpszValue:NULL))) +
387                     strlenW(lpwhr->lpszPath) + 9;
388                 buf_url = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
389                 sprintfW(buf_url, szFmt, (domain ? domain : (Host?Host->lpszValue:NULL))); /* FIXME PATH!!! */
390                 InternetSetCookieW(buf_url, cookie_name, cookie_data);
391
392                 HeapFree(GetProcessHeap(), 0, buf_url);
393                 HeapFree(GetProcessHeap(), 0, buf_cookie);
394                 HeapFree(GetProcessHeap(), 0, cookie_name);
395                 HeapFree(GetProcessHeap(), 0, domain);
396                 nPosStart = nPosEnd;
397             }
398         }
399         numCookies++;
400     }
401 }
402
403 static inline BOOL is_basic_auth_value( LPCWSTR pszAuthValue )
404 {
405     static const WCHAR szBasic[] = {'B','a','s','i','c'}; /* Note: not nul-terminated */
406     return !strncmpiW(pszAuthValue, szBasic, ARRAYSIZE(szBasic)) &&
407         ((pszAuthValue[ARRAYSIZE(szBasic)] == ' ') || !pszAuthValue[ARRAYSIZE(szBasic)]);
408 }
409
410 static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue,
411                                   struct HttpAuthInfo **ppAuthInfo,
412                                   LPWSTR domain_and_username, LPWSTR password )
413 {
414     SECURITY_STATUS sec_status;
415     struct HttpAuthInfo *pAuthInfo = *ppAuthInfo;
416     BOOL first = FALSE;
417
418     TRACE("%s\n", debugstr_w(pszAuthValue));
419
420     if (!pAuthInfo)
421     {
422         TimeStamp exp;
423
424         first = TRUE;
425         pAuthInfo = HeapAlloc(GetProcessHeap(), 0, sizeof(*pAuthInfo));
426         if (!pAuthInfo)
427             return FALSE;
428
429         SecInvalidateHandle(&pAuthInfo->cred);
430         SecInvalidateHandle(&pAuthInfo->ctx);
431         memset(&pAuthInfo->exp, 0, sizeof(pAuthInfo->exp));
432         pAuthInfo->attr = 0;
433         pAuthInfo->auth_data = NULL;
434         pAuthInfo->auth_data_len = 0;
435         pAuthInfo->finished = FALSE;
436
437         if (is_basic_auth_value(pszAuthValue))
438         {
439             static const WCHAR szBasic[] = {'B','a','s','i','c',0};
440             pAuthInfo->scheme = WININET_strdupW(szBasic);
441             if (!pAuthInfo->scheme)
442             {
443                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
444                 return FALSE;
445             }
446         }
447         else
448         {
449             PVOID pAuthData;
450             SEC_WINNT_AUTH_IDENTITY_W nt_auth_identity;
451
452             pAuthInfo->scheme = WININET_strdupW(pszAuthValue);
453             if (!pAuthInfo->scheme)
454             {
455                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
456                 return FALSE;
457             }
458
459             if (domain_and_username)
460             {
461                 WCHAR *user = strchrW(domain_and_username, '\\');
462                 WCHAR *domain = domain_and_username;
463
464                 /* FIXME: make sure scheme accepts SEC_WINNT_AUTH_IDENTITY before calling AcquireCredentialsHandle */
465
466                 pAuthData = &nt_auth_identity;
467
468                 if (user) user++;
469                 else
470                 {
471                     user = domain_and_username;
472                     domain = NULL;
473                 }
474
475                 nt_auth_identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
476                 nt_auth_identity.User = user;
477                 nt_auth_identity.UserLength = strlenW(nt_auth_identity.User);
478                 nt_auth_identity.Domain = domain;
479                 nt_auth_identity.DomainLength = domain ? user - domain - 1 : 0;
480                 nt_auth_identity.Password = password;
481                 nt_auth_identity.PasswordLength = strlenW(nt_auth_identity.Password);
482             }
483             else
484                 /* use default credentials */
485                 pAuthData = NULL;
486
487             sec_status = AcquireCredentialsHandleW(NULL, pAuthInfo->scheme,
488                                                    SECPKG_CRED_OUTBOUND, NULL,
489                                                    pAuthData, NULL,
490                                                    NULL, &pAuthInfo->cred,
491                                                    &exp);
492             if (sec_status == SEC_E_OK)
493             {
494                 PSecPkgInfoW sec_pkg_info;
495                 sec_status = QuerySecurityPackageInfoW(pAuthInfo->scheme, &sec_pkg_info);
496                 if (sec_status == SEC_E_OK)
497                 {
498                     pAuthInfo->max_token = sec_pkg_info->cbMaxToken;
499                     FreeContextBuffer(sec_pkg_info);
500                 }
501             }
502             if (sec_status != SEC_E_OK)
503             {
504                 WARN("AcquireCredentialsHandleW for scheme %s failed with error 0x%08x\n",
505                      debugstr_w(pAuthInfo->scheme), sec_status);
506                 HeapFree(GetProcessHeap(), 0, pAuthInfo->scheme);
507                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
508                 return FALSE;
509             }
510         }
511         *ppAuthInfo = pAuthInfo;
512     }
513     else if (pAuthInfo->finished)
514         return FALSE;
515
516     if ((strlenW(pszAuthValue) < strlenW(pAuthInfo->scheme)) ||
517         strncmpiW(pszAuthValue, pAuthInfo->scheme, strlenW(pAuthInfo->scheme)))
518     {
519         ERR("authentication scheme changed from %s to %s\n",
520             debugstr_w(pAuthInfo->scheme), debugstr_w(pszAuthValue));
521         return FALSE;
522     }
523
524     if (is_basic_auth_value(pszAuthValue))
525     {
526         int userlen;
527         int passlen;
528         char *auth_data;
529
530         TRACE("basic authentication\n");
531
532         /* we don't cache credentials for basic authentication, so we can't
533          * retrieve them if the application didn't pass us any credentials */
534         if (!domain_and_username) return FALSE;
535
536         userlen = WideCharToMultiByte(CP_UTF8, 0, domain_and_username, lstrlenW(domain_and_username), NULL, 0, NULL, NULL);
537         passlen = WideCharToMultiByte(CP_UTF8, 0, password, lstrlenW(password), NULL, 0, NULL, NULL);
538
539         /* length includes a nul terminator, which will be re-used for the ':' */
540         auth_data = HeapAlloc(GetProcessHeap(), 0, userlen + 1 + passlen);
541         if (!auth_data)
542             return FALSE;
543
544         WideCharToMultiByte(CP_UTF8, 0, domain_and_username, -1, auth_data, userlen, NULL, NULL);
545         auth_data[userlen] = ':';
546         WideCharToMultiByte(CP_UTF8, 0, password, -1, &auth_data[userlen+1], passlen, NULL, NULL);
547
548         pAuthInfo->auth_data = auth_data;
549         pAuthInfo->auth_data_len = userlen + 1 + passlen;
550         pAuthInfo->finished = TRUE;
551
552         return TRUE;
553     }
554     else
555     {
556         LPCWSTR pszAuthData;
557         SecBufferDesc out_desc, in_desc;
558         SecBuffer out, in;
559         unsigned char *buffer;
560         ULONG context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE |
561             ISC_REQ_MUTUAL_AUTH | ISC_REQ_DELEGATE;
562
563         in.BufferType = SECBUFFER_TOKEN;
564         in.cbBuffer = 0;
565         in.pvBuffer = NULL;
566
567         in_desc.ulVersion = 0;
568         in_desc.cBuffers = 1;
569         in_desc.pBuffers = &in;
570
571         pszAuthData = pszAuthValue + strlenW(pAuthInfo->scheme);
572         if (*pszAuthData == ' ')
573         {
574             pszAuthData++;
575             in.cbBuffer = HTTP_DecodeBase64(pszAuthData, NULL);
576             in.pvBuffer = HeapAlloc(GetProcessHeap(), 0, in.cbBuffer);
577             HTTP_DecodeBase64(pszAuthData, in.pvBuffer);
578         }
579
580         buffer = HeapAlloc(GetProcessHeap(), 0, pAuthInfo->max_token);
581
582         out.BufferType = SECBUFFER_TOKEN;
583         out.cbBuffer = pAuthInfo->max_token;
584         out.pvBuffer = buffer;
585
586         out_desc.ulVersion = 0;
587         out_desc.cBuffers = 1;
588         out_desc.pBuffers = &out;
589
590         sec_status = InitializeSecurityContextW(first ? &pAuthInfo->cred : NULL,
591                                                 first ? NULL : &pAuthInfo->ctx,
592                                                 first ? lpwhr->lpHttpSession->lpszServerName : NULL,
593                                                 context_req, 0, SECURITY_NETWORK_DREP,
594                                                 in.pvBuffer ? &in_desc : NULL,
595                                                 0, &pAuthInfo->ctx, &out_desc,
596                                                 &pAuthInfo->attr, &pAuthInfo->exp);
597         if (sec_status == SEC_E_OK)
598         {
599             pAuthInfo->finished = TRUE;
600             pAuthInfo->auth_data = out.pvBuffer;
601             pAuthInfo->auth_data_len = out.cbBuffer;
602             TRACE("sending last auth packet\n");
603         }
604         else if (sec_status == SEC_I_CONTINUE_NEEDED)
605         {
606             pAuthInfo->auth_data = out.pvBuffer;
607             pAuthInfo->auth_data_len = out.cbBuffer;
608             TRACE("sending next auth packet\n");
609         }
610         else
611         {
612             ERR("InitializeSecurityContextW returned error 0x%08x\n", sec_status);
613             pAuthInfo->finished = TRUE;
614             HeapFree(GetProcessHeap(), 0, out.pvBuffer);
615             return FALSE;
616         }
617     }
618
619     return TRUE;
620 }
621
622 /***********************************************************************
623  *           HTTP_HttpAddRequestHeadersW (internal)
624  */
625 static BOOL HTTP_HttpAddRequestHeadersW(LPWININETHTTPREQW lpwhr,
626         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
627 {
628     LPWSTR lpszStart;
629     LPWSTR lpszEnd;
630     LPWSTR buffer;
631     BOOL bSuccess = FALSE;
632     DWORD len;
633
634     TRACE("copying header: %s\n", debugstr_wn(lpszHeader, dwHeaderLength));
635
636     if( dwHeaderLength == ~0U )
637         len = strlenW(lpszHeader);
638     else
639         len = dwHeaderLength;
640     buffer = HeapAlloc( GetProcessHeap(), 0, sizeof(WCHAR)*(len+1) );
641     lstrcpynW( buffer, lpszHeader, len + 1);
642
643     lpszStart = buffer;
644
645     do
646     {
647         LPWSTR * pFieldAndValue;
648
649         lpszEnd = lpszStart;
650
651         while (*lpszEnd != '\0')
652         {
653             if (*lpszEnd == '\r' && *(lpszEnd + 1) == '\n')
654                  break;
655             lpszEnd++;
656         }
657
658         if (*lpszStart == '\0')
659             break;
660
661         if (*lpszEnd == '\r')
662         {
663             *lpszEnd = '\0';
664             lpszEnd += 2; /* Jump over \r\n */
665         }
666         TRACE("interpreting header %s\n", debugstr_w(lpszStart));
667         pFieldAndValue = HTTP_InterpretHttpHeader(lpszStart);
668         if (pFieldAndValue)
669         {
670             bSuccess = HTTP_VerifyValidHeader(lpwhr, pFieldAndValue[0]);
671             if (bSuccess)
672                 bSuccess = HTTP_ProcessHeader(lpwhr, pFieldAndValue[0],
673                     pFieldAndValue[1], dwModifier | HTTP_ADDHDR_FLAG_REQ);
674             HTTP_FreeTokens(pFieldAndValue);
675         }
676
677         lpszStart = lpszEnd;
678     } while (bSuccess);
679
680     HeapFree(GetProcessHeap(), 0, buffer);
681
682     return bSuccess;
683 }
684
685 /***********************************************************************
686  *           HttpAddRequestHeadersW (WININET.@)
687  *
688  * Adds one or more HTTP header to the request handler
689  *
690  * NOTE
691  * On Windows if dwHeaderLength includes the trailing '\0', then
692  * HttpAddRequestHeadersW() adds it too. However this results in an
693  * invalid Http header which is rejected by some servers so we probably
694  * don't need to match Windows on that point.
695  *
696  * RETURNS
697  *    TRUE  on success
698  *    FALSE on failure
699  *
700  */
701 BOOL WINAPI HttpAddRequestHeadersW(HINTERNET hHttpRequest,
702         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
703 {
704     BOOL bSuccess = FALSE;
705     LPWININETHTTPREQW lpwhr;
706
707     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_wn(lpszHeader, dwHeaderLength), dwHeaderLength, dwModifier);
708
709     if (!lpszHeader) 
710       return TRUE;
711
712     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
713     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
714     {
715         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
716         goto lend;
717     }
718     bSuccess = HTTP_HttpAddRequestHeadersW( lpwhr, lpszHeader, dwHeaderLength, dwModifier );
719 lend:
720     if( lpwhr )
721         WININET_Release( &lpwhr->hdr );
722
723     return bSuccess;
724 }
725
726 /***********************************************************************
727  *           HttpAddRequestHeadersA (WININET.@)
728  *
729  * Adds one or more HTTP header to the request handler
730  *
731  * RETURNS
732  *    TRUE  on success
733  *    FALSE on failure
734  *
735  */
736 BOOL WINAPI HttpAddRequestHeadersA(HINTERNET hHttpRequest,
737         LPCSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
738 {
739     DWORD len;
740     LPWSTR hdr;
741     BOOL r;
742
743     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_an(lpszHeader, dwHeaderLength), dwHeaderLength, dwModifier);
744
745     len = MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, NULL, 0 );
746     hdr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
747     MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, hdr, len );
748     if( dwHeaderLength != ~0U )
749         dwHeaderLength = len;
750
751     r = HttpAddRequestHeadersW( hHttpRequest, hdr, dwHeaderLength, dwModifier );
752
753     HeapFree( GetProcessHeap(), 0, hdr );
754
755     return r;
756 }
757
758 /***********************************************************************
759  *           HttpEndRequestA (WININET.@)
760  *
761  * Ends an HTTP request that was started by HttpSendRequestEx
762  *
763  * RETURNS
764  *    TRUE      if successful
765  *    FALSE     on failure
766  *
767  */
768 BOOL WINAPI HttpEndRequestA(HINTERNET hRequest, 
769         LPINTERNET_BUFFERSA lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
770 {
771     LPINTERNET_BUFFERSA ptr;
772     LPINTERNET_BUFFERSW lpBuffersOutW,ptrW;
773     BOOL rc = FALSE;
774
775     TRACE("(%p, %p, %08x, %08lx): stub\n", hRequest, lpBuffersOut, dwFlags,
776             dwContext);
777
778     ptr = lpBuffersOut;
779     if (ptr)
780         lpBuffersOutW = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,
781                 sizeof(INTERNET_BUFFERSW));
782     else
783         lpBuffersOutW = NULL;
784
785     ptrW = lpBuffersOutW;
786     while (ptr)
787     {
788         if (ptr->lpvBuffer && ptr->dwBufferLength)
789             ptrW->lpvBuffer = HeapAlloc(GetProcessHeap(),0,ptr->dwBufferLength);
790         ptrW->dwBufferLength = ptr->dwBufferLength;
791         ptrW->dwBufferTotal= ptr->dwBufferTotal;
792
793         if (ptr->Next)
794             ptrW->Next = HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,
795                     sizeof(INTERNET_BUFFERSW));
796
797         ptr = ptr->Next;
798         ptrW = ptrW->Next;
799     }
800
801     rc = HttpEndRequestW(hRequest, lpBuffersOutW, dwFlags, dwContext);
802
803     if (lpBuffersOutW)
804     {
805         ptrW = lpBuffersOutW;
806         while (ptrW)
807         {
808             LPINTERNET_BUFFERSW ptrW2;
809
810             FIXME("Do we need to translate info out of these buffer?\n");
811
812             HeapFree(GetProcessHeap(),0,ptrW->lpvBuffer);
813             ptrW2 = ptrW->Next;
814             HeapFree(GetProcessHeap(),0,ptrW);
815             ptrW = ptrW2;
816         }
817     }
818
819     return rc;
820 }
821
822 /***********************************************************************
823  *           HttpEndRequestW (WININET.@)
824  *
825  * Ends an HTTP request that was started by HttpSendRequestEx
826  *
827  * RETURNS
828  *    TRUE      if successful
829  *    FALSE     on failure
830  *
831  */
832 BOOL WINAPI HttpEndRequestW(HINTERNET hRequest, 
833         LPINTERNET_BUFFERSW lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
834 {
835     BOOL rc = FALSE;
836     LPWININETHTTPREQW lpwhr;
837     INT responseLen;
838     DWORD dwBufferSize;
839
840     TRACE("-->\n");
841     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
842
843     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
844     {
845         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
846         if (lpwhr)
847             WININET_Release( &lpwhr->hdr );
848         return FALSE;
849     }
850
851     lpwhr->hdr.dwFlags |= dwFlags;
852     lpwhr->hdr.dwContext = dwContext;
853
854     /* We appear to do nothing with lpBuffersOut.. is that correct? */
855
856     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
857             INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
858
859     responseLen = HTTP_GetResponseHeaders(lpwhr, TRUE);
860     if (responseLen)
861             rc = TRUE;
862
863     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
864             INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen, sizeof(DWORD));
865
866     /* process cookies here. Is this right? */
867     HTTP_ProcessCookies(lpwhr);
868
869     dwBufferSize = sizeof(lpwhr->dwContentLength);
870     if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
871                              &lpwhr->dwContentLength,&dwBufferSize,NULL))
872         lpwhr->dwContentLength = -1;
873
874     if (lpwhr->dwContentLength == 0)
875         HTTP_FinishedReading(lpwhr);
876
877     if(!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT))
878     {
879         DWORD dwCode,dwCodeLength=sizeof(DWORD);
880         if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,&dwCode,&dwCodeLength,NULL) &&
881             (dwCode==302 || dwCode==301 || dwCode==303))
882         {
883             WCHAR szNewLocation[INTERNET_MAX_URL_LENGTH];
884             dwBufferSize=sizeof(szNewLocation);
885             if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
886             {
887                 /* redirects are always GETs */
888                 HeapFree(GetProcessHeap(),0,lpwhr->lpszVerb);
889                 lpwhr->lpszVerb = WININET_strdupW(szGET);
890                 HTTP_DrainContent(lpwhr);
891                 INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
892                                       INTERNET_STATUS_REDIRECT, szNewLocation,
893                                       dwBufferSize);
894                 rc = HTTP_HandleRedirect(lpwhr, szNewLocation);
895                 if (rc)
896                     rc = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, TRUE);
897             }
898         }
899     }
900
901     WININET_Release( &lpwhr->hdr );
902     TRACE("%i <--\n",rc);
903     return rc;
904 }
905
906 /***********************************************************************
907  *           HttpOpenRequestW (WININET.@)
908  *
909  * Open a HTTP request handle
910  *
911  * RETURNS
912  *    HINTERNET  a HTTP request handle on success
913  *    NULL       on failure
914  *
915  */
916 HINTERNET WINAPI HttpOpenRequestW(HINTERNET hHttpSession,
917         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
918         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
919         DWORD dwFlags, DWORD_PTR dwContext)
920 {
921     LPWININETHTTPSESSIONW lpwhs;
922     HINTERNET handle = NULL;
923
924     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
925           debugstr_w(lpszVerb), debugstr_w(lpszObjectName),
926           debugstr_w(lpszVersion), debugstr_w(lpszReferrer), lpszAcceptTypes,
927           dwFlags, dwContext);
928     if(lpszAcceptTypes!=NULL)
929     {
930         int i;
931         for(i=0;lpszAcceptTypes[i]!=NULL;i++)
932             TRACE("\taccept type: %s\n",debugstr_w(lpszAcceptTypes[i]));
933     }    
934
935     lpwhs = (LPWININETHTTPSESSIONW) WININET_GetObject( hHttpSession );
936     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
937     {
938         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
939         goto lend;
940     }
941
942     /*
943      * My tests seem to show that the windows version does not
944      * become asynchronous until after this point. And anyhow
945      * if this call was asynchronous then how would you get the
946      * necessary HINTERNET pointer returned by this function.
947      *
948      */
949     handle = HTTP_HttpOpenRequestW(lpwhs, lpszVerb, lpszObjectName,
950                                    lpszVersion, lpszReferrer, lpszAcceptTypes,
951                                    dwFlags, dwContext);
952 lend:
953     if( lpwhs )
954         WININET_Release( &lpwhs->hdr );
955     TRACE("returning %p\n", handle);
956     return handle;
957 }
958
959
960 /***********************************************************************
961  *           HttpOpenRequestA (WININET.@)
962  *
963  * Open a HTTP request handle
964  *
965  * RETURNS
966  *    HINTERNET  a HTTP request handle on success
967  *    NULL       on failure
968  *
969  */
970 HINTERNET WINAPI HttpOpenRequestA(HINTERNET hHttpSession,
971         LPCSTR lpszVerb, LPCSTR lpszObjectName, LPCSTR lpszVersion,
972         LPCSTR lpszReferrer , LPCSTR *lpszAcceptTypes,
973         DWORD dwFlags, DWORD_PTR dwContext)
974 {
975     LPWSTR szVerb = NULL, szObjectName = NULL;
976     LPWSTR szVersion = NULL, szReferrer = NULL, *szAcceptTypes = NULL;
977     INT len, acceptTypesCount;
978     HINTERNET rc = FALSE;
979     LPCSTR *types;
980
981     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
982           debugstr_a(lpszVerb), debugstr_a(lpszObjectName),
983           debugstr_a(lpszVersion), debugstr_a(lpszReferrer), lpszAcceptTypes,
984           dwFlags, dwContext);
985
986     if (lpszVerb)
987     {
988         len = MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, NULL, 0 );
989         szVerb = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
990         if ( !szVerb )
991             goto end;
992         MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, szVerb, len);
993     }
994
995     if (lpszObjectName)
996     {
997         len = MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, NULL, 0 );
998         szObjectName = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
999         if ( !szObjectName )
1000             goto end;
1001         MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, szObjectName, len );
1002     }
1003
1004     if (lpszVersion)
1005     {
1006         len = MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, NULL, 0 );
1007         szVersion = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1008         if ( !szVersion )
1009             goto end;
1010         MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, szVersion, len );
1011     }
1012
1013     if (lpszReferrer)
1014     {
1015         len = MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, NULL, 0 );
1016         szReferrer = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1017         if ( !szReferrer )
1018             goto end;
1019         MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, szReferrer, len );
1020     }
1021
1022     if (lpszAcceptTypes)
1023     {
1024         acceptTypesCount = 0;
1025         types = lpszAcceptTypes;
1026         while (*types)
1027         {
1028             __TRY
1029             {
1030                 /* find out how many there are */
1031                 if (*types && **types)
1032                 {
1033                     TRACE("accept type: %s\n", debugstr_a(*types));
1034                     acceptTypesCount++;
1035                 }
1036             }
1037             __EXCEPT_PAGE_FAULT
1038             {
1039                 WARN("invalid accept type pointer\n");
1040             }
1041             __ENDTRY;
1042             types++;
1043         }
1044         szAcceptTypes = HeapAlloc(GetProcessHeap(), 0, sizeof(WCHAR *) * (acceptTypesCount+1));
1045         if (!szAcceptTypes) goto end;
1046
1047         acceptTypesCount = 0;
1048         types = lpszAcceptTypes;
1049         while (*types)
1050         {
1051             __TRY
1052             {
1053                 if (*types && **types)
1054                 {
1055                     len = MultiByteToWideChar(CP_ACP, 0, *types, -1, NULL, 0 );
1056                     szAcceptTypes[acceptTypesCount] = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1057
1058                     MultiByteToWideChar(CP_ACP, 0, *types, -1, szAcceptTypes[acceptTypesCount], len);
1059                     acceptTypesCount++;
1060                 }
1061             }
1062             __EXCEPT_PAGE_FAULT
1063             {
1064                 /* ignore invalid pointer */
1065             }
1066             __ENDTRY;
1067             types++;
1068         }
1069         szAcceptTypes[acceptTypesCount] = NULL;
1070     }
1071
1072     rc = HttpOpenRequestW(hHttpSession, szVerb, szObjectName,
1073                           szVersion, szReferrer,
1074                           (LPCWSTR*)szAcceptTypes, dwFlags, dwContext);
1075
1076 end:
1077     if (szAcceptTypes)
1078     {
1079         acceptTypesCount = 0;
1080         while (szAcceptTypes[acceptTypesCount])
1081         {
1082             HeapFree(GetProcessHeap(), 0, szAcceptTypes[acceptTypesCount]);
1083             acceptTypesCount++;
1084         }
1085         HeapFree(GetProcessHeap(), 0, szAcceptTypes);
1086     }
1087     HeapFree(GetProcessHeap(), 0, szReferrer);
1088     HeapFree(GetProcessHeap(), 0, szVersion);
1089     HeapFree(GetProcessHeap(), 0, szObjectName);
1090     HeapFree(GetProcessHeap(), 0, szVerb);
1091
1092     return rc;
1093 }
1094
1095 /***********************************************************************
1096  *  HTTP_EncodeBase64
1097  */
1098 static UINT HTTP_EncodeBase64( LPCSTR bin, unsigned int len, LPWSTR base64 )
1099 {
1100     UINT n = 0, x;
1101     static const CHAR HTTP_Base64Enc[] =
1102         "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
1103
1104     while( len > 0 )
1105     {
1106         /* first 6 bits, all from bin[0] */
1107         base64[n++] = HTTP_Base64Enc[(bin[0] & 0xfc) >> 2];
1108         x = (bin[0] & 3) << 4;
1109
1110         /* next 6 bits, 2 from bin[0] and 4 from bin[1] */
1111         if( len == 1 )
1112         {
1113             base64[n++] = HTTP_Base64Enc[x];
1114             base64[n++] = '=';
1115             base64[n++] = '=';
1116             break;
1117         }
1118         base64[n++] = HTTP_Base64Enc[ x | ( (bin[1]&0xf0) >> 4 ) ];
1119         x = ( bin[1] & 0x0f ) << 2;
1120
1121         /* next 6 bits 4 from bin[1] and 2 from bin[2] */
1122         if( len == 2 )
1123         {
1124             base64[n++] = HTTP_Base64Enc[x];
1125             base64[n++] = '=';
1126             break;
1127         }
1128         base64[n++] = HTTP_Base64Enc[ x | ( (bin[2]&0xc0 ) >> 6 ) ];
1129
1130         /* last 6 bits, all from bin [2] */
1131         base64[n++] = HTTP_Base64Enc[ bin[2] & 0x3f ];
1132         bin += 3;
1133         len -= 3;
1134     }
1135     base64[n] = 0;
1136     return n;
1137 }
1138
1139 #define CH(x) (((x) >= 'A' && (x) <= 'Z') ? (x) - 'A' : \
1140                ((x) >= 'a' && (x) <= 'z') ? (x) - 'a' + 26 : \
1141                ((x) >= '0' && (x) <= '9') ? (x) - '0' + 52 : \
1142                ((x) == '+') ? 62 : ((x) == '/') ? 63 : -1)
1143 static const signed char HTTP_Base64Dec[256] =
1144 {
1145     CH( 0),CH( 1),CH( 2),CH( 3),CH( 4),CH( 5),CH( 6),CH( 7),CH( 8),CH( 9),
1146     CH(10),CH(11),CH(12),CH(13),CH(14),CH(15),CH(16),CH(17),CH(18),CH(19),
1147     CH(20),CH(21),CH(22),CH(23),CH(24),CH(25),CH(26),CH(27),CH(28),CH(29),
1148     CH(30),CH(31),CH(32),CH(33),CH(34),CH(35),CH(36),CH(37),CH(38),CH(39),
1149     CH(40),CH(41),CH(42),CH(43),CH(44),CH(45),CH(46),CH(47),CH(48),CH(49),
1150     CH(50),CH(51),CH(52),CH(53),CH(54),CH(55),CH(56),CH(57),CH(58),CH(59),
1151     CH(60),CH(61),CH(62),CH(63),CH(64),CH(65),CH(66),CH(67),CH(68),CH(69),
1152     CH(70),CH(71),CH(72),CH(73),CH(74),CH(75),CH(76),CH(77),CH(78),CH(79),
1153     CH(80),CH(81),CH(82),CH(83),CH(84),CH(85),CH(86),CH(87),CH(88),CH(89),
1154     CH(90),CH(91),CH(92),CH(93),CH(94),CH(95),CH(96),CH(97),CH(98),CH(99),
1155     CH(100),CH(101),CH(102),CH(103),CH(104),CH(105),CH(106),CH(107),CH(108),CH(109),
1156     CH(110),CH(111),CH(112),CH(113),CH(114),CH(115),CH(116),CH(117),CH(118),CH(119),
1157     CH(120),CH(121),CH(122),CH(123),CH(124),CH(125),CH(126),CH(127),CH(128),CH(129),
1158     CH(130),CH(131),CH(132),CH(133),CH(134),CH(135),CH(136),CH(137),CH(138),CH(139),
1159     CH(140),CH(141),CH(142),CH(143),CH(144),CH(145),CH(146),CH(147),CH(148),CH(149),
1160     CH(150),CH(151),CH(152),CH(153),CH(154),CH(155),CH(156),CH(157),CH(158),CH(159),
1161     CH(160),CH(161),CH(162),CH(163),CH(164),CH(165),CH(166),CH(167),CH(168),CH(169),
1162     CH(170),CH(171),CH(172),CH(173),CH(174),CH(175),CH(176),CH(177),CH(178),CH(179),
1163     CH(180),CH(181),CH(182),CH(183),CH(184),CH(185),CH(186),CH(187),CH(188),CH(189),
1164     CH(190),CH(191),CH(192),CH(193),CH(194),CH(195),CH(196),CH(197),CH(198),CH(199),
1165     CH(200),CH(201),CH(202),CH(203),CH(204),CH(205),CH(206),CH(207),CH(208),CH(209),
1166     CH(210),CH(211),CH(212),CH(213),CH(214),CH(215),CH(216),CH(217),CH(218),CH(219),
1167     CH(220),CH(221),CH(222),CH(223),CH(224),CH(225),CH(226),CH(227),CH(228),CH(229),
1168     CH(230),CH(231),CH(232),CH(233),CH(234),CH(235),CH(236),CH(237),CH(238),CH(239),
1169     CH(240),CH(241),CH(242),CH(243),CH(244),CH(245),CH(246),CH(247),CH(248), CH(249),
1170     CH(250),CH(251),CH(252),CH(253),CH(254),CH(255),
1171 };
1172 #undef CH
1173
1174 /***********************************************************************
1175  *  HTTP_DecodeBase64
1176  */
1177 static UINT HTTP_DecodeBase64( LPCWSTR base64, LPSTR bin )
1178 {
1179     unsigned int n = 0;
1180
1181     while(*base64)
1182     {
1183         signed char in[4];
1184
1185         if (base64[0] >= ARRAYSIZE(HTTP_Base64Dec) ||
1186             ((in[0] = HTTP_Base64Dec[base64[0]]) == -1) ||
1187             base64[1] >= ARRAYSIZE(HTTP_Base64Dec) ||
1188             ((in[1] = HTTP_Base64Dec[base64[1]]) == -1))
1189         {
1190             WARN("invalid base64: %s\n", debugstr_w(base64));
1191             return 0;
1192         }
1193         if (bin)
1194             bin[n] = (unsigned char) (in[0] << 2 | in[1] >> 4);
1195         n++;
1196
1197         if ((base64[2] == '=') && (base64[3] == '='))
1198             break;
1199         if (base64[2] > ARRAYSIZE(HTTP_Base64Dec) ||
1200             ((in[2] = HTTP_Base64Dec[base64[2]]) == -1))
1201         {
1202             WARN("invalid base64: %s\n", debugstr_w(&base64[2]));
1203             return 0;
1204         }
1205         if (bin)
1206             bin[n] = (unsigned char) (in[1] << 4 | in[2] >> 2);
1207         n++;
1208
1209         if (base64[3] == '=')
1210             break;
1211         if (base64[3] > ARRAYSIZE(HTTP_Base64Dec) ||
1212             ((in[3] = HTTP_Base64Dec[base64[3]]) == -1))
1213         {
1214             WARN("invalid base64: %s\n", debugstr_w(&base64[3]));
1215             return 0;
1216         }
1217         if (bin)
1218             bin[n] = (unsigned char) (((in[2] << 6) & 0xc0) | in[3]);
1219         n++;
1220
1221         base64 += 4;
1222     }
1223
1224     return n;
1225 }
1226
1227 /***********************************************************************
1228  *  HTTP_InsertAuthorization
1229  *
1230  *   Insert or delete the authorization field in the request header.
1231  */
1232 static BOOL HTTP_InsertAuthorization( LPWININETHTTPREQW lpwhr, struct HttpAuthInfo *pAuthInfo, LPCWSTR header )
1233 {
1234     if (pAuthInfo)
1235     {
1236         static const WCHAR wszSpace[] = {' ',0};
1237         static const WCHAR wszBasic[] = {'B','a','s','i','c',0};
1238         unsigned int len;
1239         WCHAR *authorization = NULL;
1240
1241         if (pAuthInfo->auth_data_len)
1242         {
1243             /* scheme + space + base64 encoded data (3/2/1 bytes data -> 4 bytes of characters) */
1244             len = strlenW(pAuthInfo->scheme)+1+((pAuthInfo->auth_data_len+2)*4)/3;
1245             authorization = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
1246             if (!authorization)
1247                 return FALSE;
1248
1249             strcpyW(authorization, pAuthInfo->scheme);
1250             strcatW(authorization, wszSpace);
1251             HTTP_EncodeBase64(pAuthInfo->auth_data,
1252                               pAuthInfo->auth_data_len,
1253                               authorization+strlenW(authorization));
1254
1255             /* clear the data as it isn't valid now that it has been sent to the
1256              * server, unless it's Basic authentication which doesn't do
1257              * connection tracking */
1258             if (strcmpiW(pAuthInfo->scheme, wszBasic))
1259             {
1260                 HeapFree(GetProcessHeap(), 0, pAuthInfo->auth_data);
1261                 pAuthInfo->auth_data = NULL;
1262                 pAuthInfo->auth_data_len = 0;
1263             }
1264         }
1265
1266         TRACE("Inserting authorization: %s\n", debugstr_w(authorization));
1267
1268         HTTP_ProcessHeader(lpwhr, header, authorization, HTTP_ADDHDR_FLAG_REQ | HTTP_ADDHDR_FLAG_REPLACE);
1269
1270         HeapFree(GetProcessHeap(), 0, authorization);
1271     }
1272     return TRUE;
1273 }
1274
1275 static WCHAR *HTTP_BuildProxyRequestUrl(WININETHTTPREQW *req)
1276 {
1277     WCHAR new_location[INTERNET_MAX_URL_LENGTH], *url;
1278     DWORD size;
1279
1280     size = sizeof(new_location);
1281     if (HTTP_HttpQueryInfoW(req, HTTP_QUERY_LOCATION, new_location, &size, NULL))
1282     {
1283         if (!(url = HeapAlloc( GetProcessHeap(), 0, size + sizeof(WCHAR) ))) return NULL;
1284         strcpyW( url, new_location );
1285     }
1286     else
1287     {
1288         static const WCHAR slash[] = { '/',0 };
1289         static const WCHAR format[] = { 'h','t','t','p',':','/','/','%','s',':','%','d',0 };
1290         static const WCHAR formatSSL[] = { 'h','t','t','p','s',':','/','/','%','s',':','%','d',0 };
1291         WININETHTTPSESSIONW *session = req->lpHttpSession;
1292
1293         size = 16; /* "https://" + sizeof(port#) + ":/\0" */
1294         size += strlenW( session->lpszHostName ) + strlenW( req->lpszPath );
1295
1296         if (!(url = HeapAlloc( GetProcessHeap(), 0, size * sizeof(WCHAR) ))) return NULL;
1297
1298         if (req->hdr.dwFlags & INTERNET_FLAG_SECURE)
1299             sprintfW( url, formatSSL, session->lpszHostName, session->nHostPort );
1300         else
1301             sprintfW( url, format, session->lpszHostName, session->nHostPort );
1302         if (req->lpszPath[0] != '/') strcatW( url, slash );
1303         strcatW( url, req->lpszPath );
1304     }
1305     TRACE("url=%s\n", debugstr_w(url));
1306     return url;
1307 }
1308
1309 /***********************************************************************
1310  *           HTTP_DealWithProxy
1311  */
1312 static BOOL HTTP_DealWithProxy( LPWININETAPPINFOW hIC,
1313     LPWININETHTTPSESSIONW lpwhs, LPWININETHTTPREQW lpwhr)
1314 {
1315     WCHAR buf[MAXHOSTNAME];
1316     WCHAR proxy[MAXHOSTNAME + 15]; /* 15 == "http://" + sizeof(port#) + ":/\0" */
1317     static WCHAR szNul[] = { 0 };
1318     URL_COMPONENTSW UrlComponents;
1319     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/',0 };
1320     static const WCHAR szFormat[] = { 'h','t','t','p',':','/','/','%','s',0 };
1321
1322     memset( &UrlComponents, 0, sizeof UrlComponents );
1323     UrlComponents.dwStructSize = sizeof UrlComponents;
1324     UrlComponents.lpszHostName = buf;
1325     UrlComponents.dwHostNameLength = MAXHOSTNAME;
1326
1327     if( CSTR_EQUAL != CompareStringW(LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
1328                                  hIC->lpszProxy,strlenW(szHttp),szHttp,strlenW(szHttp)) )
1329         sprintfW(proxy, szFormat, hIC->lpszProxy);
1330     else
1331         strcpyW(proxy, hIC->lpszProxy);
1332     if( !InternetCrackUrlW(proxy, 0, 0, &UrlComponents) )
1333         return FALSE;
1334     if( UrlComponents.dwHostNameLength == 0 )
1335         return FALSE;
1336
1337     if( !lpwhr->lpszPath )
1338         lpwhr->lpszPath = szNul;
1339
1340     if(UrlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
1341         UrlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
1342
1343     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
1344     lpwhs->lpszServerName = WININET_strdupW(UrlComponents.lpszHostName);
1345     lpwhs->nServerPort = UrlComponents.nPort;
1346
1347     TRACE("proxy server=%s port=%d\n", debugstr_w(lpwhs->lpszServerName), lpwhs->nServerPort);
1348     return TRUE;
1349 }
1350
1351 static BOOL HTTP_ResolveName(LPWININETHTTPREQW lpwhr)
1352 {
1353     char szaddr[32];
1354     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
1355
1356     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1357                           INTERNET_STATUS_RESOLVING_NAME,
1358                           lpwhs->lpszServerName,
1359                           strlenW(lpwhs->lpszServerName)+1);
1360
1361     if (!GetAddress(lpwhs->lpszServerName, lpwhs->nServerPort,
1362                     &lpwhs->socketAddress))
1363     {
1364         INTERNET_SetLastError(ERROR_INTERNET_NAME_NOT_RESOLVED);
1365         return FALSE;
1366     }
1367
1368     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
1369               szaddr, sizeof(szaddr));
1370     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1371                           INTERNET_STATUS_NAME_RESOLVED,
1372                           szaddr, strlen(szaddr)+1);
1373
1374     TRACE("resolved %s to %s\n", debugstr_w(lpwhs->lpszServerName), szaddr);
1375     return TRUE;
1376 }
1377
1378
1379 /***********************************************************************
1380  *           HTTPREQ_Destroy (internal)
1381  *
1382  * Deallocate request handle
1383  *
1384  */
1385 static void HTTPREQ_Destroy(WININETHANDLEHEADER *hdr)
1386 {
1387     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
1388     DWORD i;
1389
1390     TRACE("\n");
1391
1392     if(lpwhr->hCacheFile)
1393         CloseHandle(lpwhr->hCacheFile);
1394
1395     if(lpwhr->lpszCacheFile) {
1396         DeleteFileW(lpwhr->lpszCacheFile); /* FIXME */
1397         HeapFree(GetProcessHeap(), 0, lpwhr->lpszCacheFile);
1398     }
1399
1400     WININET_Release(&lpwhr->lpHttpSession->hdr);
1401
1402     if (lpwhr->pAuthInfo)
1403     {
1404         if (SecIsValidHandle(&lpwhr->pAuthInfo->ctx))
1405             DeleteSecurityContext(&lpwhr->pAuthInfo->ctx);
1406         if (SecIsValidHandle(&lpwhr->pAuthInfo->cred))
1407             FreeCredentialsHandle(&lpwhr->pAuthInfo->cred);
1408
1409         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->auth_data);
1410         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->scheme);
1411         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo);
1412         lpwhr->pAuthInfo = NULL;
1413     }
1414
1415     if (lpwhr->pProxyAuthInfo)
1416     {
1417         if (SecIsValidHandle(&lpwhr->pProxyAuthInfo->ctx))
1418             DeleteSecurityContext(&lpwhr->pProxyAuthInfo->ctx);
1419         if (SecIsValidHandle(&lpwhr->pProxyAuthInfo->cred))
1420             FreeCredentialsHandle(&lpwhr->pProxyAuthInfo->cred);
1421
1422         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->auth_data);
1423         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->scheme);
1424         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo);
1425         lpwhr->pProxyAuthInfo = NULL;
1426     }
1427
1428     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
1429     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVerb);
1430     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
1431     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVersion);
1432     HeapFree(GetProcessHeap(), 0, lpwhr->lpszStatusText);
1433
1434     for (i = 0; i < lpwhr->nCustHeaders; i++)
1435     {
1436         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszField);
1437         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszValue);
1438     }
1439
1440     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders);
1441     HeapFree(GetProcessHeap(), 0, lpwhr);
1442 }
1443
1444 static void HTTPREQ_CloseConnection(WININETHANDLEHEADER *hdr)
1445 {
1446     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
1447
1448     TRACE("%p\n",lpwhr);
1449
1450     if (!NETCON_connected(&lpwhr->netConnection))
1451         return;
1452
1453     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1454                           INTERNET_STATUS_CLOSING_CONNECTION, 0, 0);
1455
1456     NETCON_close(&lpwhr->netConnection);
1457
1458     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1459                           INTERNET_STATUS_CONNECTION_CLOSED, 0, 0);
1460 }
1461
1462 static DWORD HTTPREQ_QueryOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD *size, BOOL unicode)
1463 {
1464     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1465
1466     switch(option) {
1467     case INTERNET_OPTION_HANDLE_TYPE:
1468         TRACE("INTERNET_OPTION_HANDLE_TYPE\n");
1469
1470         if (*size < sizeof(ULONG))
1471             return ERROR_INSUFFICIENT_BUFFER;
1472
1473         *size = sizeof(DWORD);
1474         *(DWORD*)buffer = INTERNET_HANDLE_TYPE_HTTP_REQUEST;
1475         return ERROR_SUCCESS;
1476
1477     case INTERNET_OPTION_URL: {
1478         WCHAR url[INTERNET_MAX_URL_LENGTH];
1479         HTTPHEADERW *host;
1480         DWORD len;
1481         WCHAR *pch;
1482
1483         static const WCHAR httpW[] = {'h','t','t','p',':','/','/',0};
1484         static const WCHAR hostW[] = {'H','o','s','t',0};
1485
1486         TRACE("INTERNET_OPTION_URL\n");
1487
1488         host = HTTP_GetHeader(req, hostW);
1489         strcpyW(url, httpW);
1490         strcatW(url, host->lpszValue);
1491         if (NULL != (pch = strchrW(url + strlenW(httpW), ':')))
1492             *pch = 0;
1493         strcatW(url, req->lpszPath);
1494
1495         TRACE("INTERNET_OPTION_URL: %s\n",debugstr_w(url));
1496
1497         if(unicode) {
1498             len = (strlenW(url)+1) * sizeof(WCHAR);
1499             if(*size < len)
1500                 return ERROR_INSUFFICIENT_BUFFER;
1501
1502             *size = len;
1503             strcpyW(buffer, url);
1504             return ERROR_SUCCESS;
1505         }else {
1506             len = WideCharToMultiByte(CP_ACP, 0, url, -1, buffer, *size, NULL, NULL);
1507             if(len > *size)
1508                 return ERROR_INSUFFICIENT_BUFFER;
1509
1510             *size = len;
1511             return ERROR_SUCCESS;
1512         }
1513     }
1514
1515     case INTERNET_OPTION_DATAFILE_NAME: {
1516         DWORD req_size;
1517
1518         TRACE("INTERNET_OPTION_DATAFILE_NAME\n");
1519
1520         if(!req->lpszCacheFile) {
1521             *size = 0;
1522             return ERROR_INTERNET_ITEM_NOT_FOUND;
1523         }
1524
1525         if(unicode) {
1526             req_size = (lstrlenW(req->lpszCacheFile)+1) * sizeof(WCHAR);
1527             if(*size < req_size)
1528                 return ERROR_INSUFFICIENT_BUFFER;
1529
1530             *size = req_size;
1531             memcpy(buffer, req->lpszCacheFile, *size);
1532             return ERROR_SUCCESS;
1533         }else {
1534             req_size = WideCharToMultiByte(CP_ACP, 0, req->lpszCacheFile, -1, NULL, 0, NULL, NULL);
1535             if (req_size > *size)
1536                 return ERROR_INSUFFICIENT_BUFFER;
1537
1538             *size = WideCharToMultiByte(CP_ACP, 0, req->lpszCacheFile,
1539                     -1, buffer, *size, NULL, NULL);
1540             return ERROR_SUCCESS;
1541         }
1542     }
1543
1544     case INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT: {
1545         PCCERT_CONTEXT context;
1546
1547         if(*size < sizeof(INTERNET_CERTIFICATE_INFOW)) {
1548             *size = sizeof(INTERNET_CERTIFICATE_INFOW);
1549             return ERROR_INSUFFICIENT_BUFFER;
1550         }
1551
1552         context = (PCCERT_CONTEXT)NETCON_GetCert(&(req->netConnection));
1553         if(context) {
1554             INTERNET_CERTIFICATE_INFOW *info = (INTERNET_CERTIFICATE_INFOW*)buffer;
1555             DWORD len;
1556
1557             memset(info, 0, sizeof(INTERNET_CERTIFICATE_INFOW));
1558             info->ftExpiry = context->pCertInfo->NotAfter;
1559             info->ftStart = context->pCertInfo->NotBefore;
1560             if(unicode) {
1561                 len = CertNameToStrW(context->dwCertEncodingType,
1562                         &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR, NULL, 0);
1563                 info->lpszSubjectInfo = LocalAlloc(0, len*sizeof(WCHAR));
1564                 if(info->lpszSubjectInfo)
1565                     CertNameToStrW(context->dwCertEncodingType,
1566                              &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR,
1567                              info->lpszSubjectInfo, len);
1568                 len = CertNameToStrW(context->dwCertEncodingType,
1569                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR, NULL, 0);
1570                 info->lpszIssuerInfo = LocalAlloc(0, len*sizeof(WCHAR));
1571                 if (info->lpszIssuerInfo)
1572                     CertNameToStrW(context->dwCertEncodingType,
1573                              &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
1574                              info->lpszIssuerInfo, len);
1575             }else {
1576                 INTERNET_CERTIFICATE_INFOA *infoA = (INTERNET_CERTIFICATE_INFOA*)info;
1577
1578                 len = CertNameToStrA(context->dwCertEncodingType,
1579                          &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR, NULL, 0);
1580                 infoA->lpszSubjectInfo = LocalAlloc(0, len);
1581                 if(infoA->lpszSubjectInfo)
1582                     CertNameToStrA(context->dwCertEncodingType,
1583                              &context->pCertInfo->Subject, CERT_SIMPLE_NAME_STR,
1584                              infoA->lpszSubjectInfo, len);
1585                 len = CertNameToStrA(context->dwCertEncodingType,
1586                          &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR, NULL, 0);
1587                 infoA->lpszIssuerInfo = LocalAlloc(0, len);
1588                 if(infoA->lpszIssuerInfo)
1589                     CertNameToStrA(context->dwCertEncodingType,
1590                              &context->pCertInfo->Issuer, CERT_SIMPLE_NAME_STR,
1591                              infoA->lpszIssuerInfo, len);
1592             }
1593
1594             /*
1595              * Contrary to MSDN, these do not appear to be set.
1596              * lpszProtocolName
1597              * lpszSignatureAlgName
1598              * lpszEncryptionAlgName
1599              * dwKeySize
1600              */
1601             CertFreeCertificateContext(context);
1602             return ERROR_SUCCESS;
1603         }
1604     }
1605     }
1606
1607     return INET_QueryOption(option, buffer, size, unicode);
1608 }
1609
1610 static DWORD HTTPREQ_SetOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD size)
1611 {
1612     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1613
1614     switch(option) {
1615     case INTERNET_OPTION_SEND_TIMEOUT:
1616     case INTERNET_OPTION_RECEIVE_TIMEOUT:
1617         TRACE("INTERNET_OPTION_SEND/RECEIVE_TIMEOUT\n");
1618
1619         if (size != sizeof(DWORD))
1620             return ERROR_INVALID_PARAMETER;
1621
1622         return NETCON_set_timeout(&req->netConnection, option == INTERNET_OPTION_SEND_TIMEOUT,
1623                     *(DWORD*)buffer);
1624
1625     case INTERNET_OPTION_USERNAME:
1626         HeapFree(GetProcessHeap(), 0, req->lpHttpSession->lpszUserName);
1627         if (!(req->lpHttpSession->lpszUserName = WININET_strdupW(buffer))) return ERROR_OUTOFMEMORY;
1628         return ERROR_SUCCESS;
1629
1630     case INTERNET_OPTION_PASSWORD:
1631         HeapFree(GetProcessHeap(), 0, req->lpHttpSession->lpszPassword);
1632         if (!(req->lpHttpSession->lpszPassword = WININET_strdupW(buffer))) return ERROR_OUTOFMEMORY;
1633         return ERROR_SUCCESS;
1634     }
1635
1636     return ERROR_INTERNET_INVALID_OPTION;
1637 }
1638
1639 static DWORD HTTP_Read(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1640 {
1641     int bytes_read;
1642
1643     if(!NETCON_recv(&req->netConnection, buffer, min(size, req->dwContentLength - req->dwContentRead),
1644                      sync ? MSG_WAITALL : 0, &bytes_read)) {
1645         if(req->dwContentLength != -1 && req->dwContentRead != req->dwContentLength)
1646             ERR("not all data received %d/%d\n", req->dwContentRead, req->dwContentLength);
1647
1648         /* always return success, even if the network layer returns an error */
1649         *read = 0;
1650         HTTP_FinishedReading(req);
1651         return ERROR_SUCCESS;
1652     }
1653
1654     req->dwContentRead += bytes_read;
1655     *read = bytes_read;
1656
1657     if(req->lpszCacheFile) {
1658         BOOL res;
1659         DWORD dwBytesWritten;
1660
1661         res = WriteFile(req->hCacheFile, buffer, bytes_read, &dwBytesWritten, NULL);
1662         if(!res)
1663             WARN("WriteFile failed: %u\n", GetLastError());
1664     }
1665
1666     if(!bytes_read && (req->dwContentRead == req->dwContentLength))
1667         HTTP_FinishedReading(req);
1668
1669     return ERROR_SUCCESS;
1670 }
1671
1672 static DWORD get_chunk_size(const char *buffer)
1673 {
1674     const char *p;
1675     DWORD size = 0;
1676
1677     for (p = buffer; *p; p++)
1678     {
1679         if (*p >= '0' && *p <= '9') size = size * 16 + *p - '0';
1680         else if (*p >= 'a' && *p <= 'f') size = size * 16 + *p - 'a' + 10;
1681         else if (*p >= 'A' && *p <= 'F') size = size * 16 + *p - 'A' + 10;
1682         else if (*p == ';') break;
1683     }
1684     return size;
1685 }
1686
1687 static DWORD HTTP_ReadChunked(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1688 {
1689     char reply[MAX_REPLY_LEN], *p = buffer;
1690     DWORD buflen, to_read, to_write = size;
1691     int bytes_read;
1692
1693     *read = 0;
1694     for (;;)
1695     {
1696         if (*read == size) break;
1697
1698         if (req->dwContentLength == ~0u) /* new chunk */
1699         {
1700             buflen = sizeof(reply);
1701             if (!NETCON_getNextLine(&req->netConnection, reply, &buflen)) break;
1702
1703             if (!(req->dwContentLength = get_chunk_size(reply)))
1704             {
1705                 /* zero sized chunk marks end of transfer; read any trailing headers and return */
1706                 HTTP_GetResponseHeaders(req, FALSE);
1707                 break;
1708             }
1709         }
1710         to_read = min(to_write, req->dwContentLength - req->dwContentRead);
1711
1712         if (!NETCON_recv(&req->netConnection, p, to_read, sync ? MSG_WAITALL : 0, &bytes_read))
1713         {
1714             if (bytes_read != to_read)
1715                 ERR("Not all data received %d/%d\n", bytes_read, to_read);
1716
1717             /* always return success, even if the network layer returns an error */
1718             *read = 0;
1719             break;
1720         }
1721         if (!bytes_read) break;
1722
1723         req->dwContentRead += bytes_read;
1724         to_write -= bytes_read;
1725         *read += bytes_read;
1726
1727         if (req->lpszCacheFile)
1728         {
1729             DWORD dwBytesWritten;
1730
1731             if (!WriteFile(req->hCacheFile, p, bytes_read, &dwBytesWritten, NULL))
1732                 WARN("WriteFile failed: %u\n", GetLastError());
1733         }
1734         p += bytes_read;
1735
1736         if (req->dwContentRead == req->dwContentLength) /* chunk complete */
1737         {
1738             req->dwContentRead = 0;
1739             req->dwContentLength = ~0u;
1740
1741             buflen = sizeof(reply);
1742             if (!NETCON_getNextLine(&req->netConnection, reply, &buflen))
1743             {
1744                 ERR("Malformed chunk\n");
1745                 *read = 0;
1746                 break;
1747             }
1748         }
1749     }
1750     if (!*read) HTTP_FinishedReading(req);
1751     return ERROR_SUCCESS;
1752 }
1753
1754 static DWORD HTTPREQ_Read(WININETHTTPREQW *req, void *buffer, DWORD size, DWORD *read, BOOL sync)
1755 {
1756     WCHAR encoding[20];
1757     DWORD buflen = sizeof(encoding);
1758     static const WCHAR szChunked[] = {'c','h','u','n','k','e','d',0};
1759
1760     if (HTTP_HttpQueryInfoW(req, HTTP_QUERY_TRANSFER_ENCODING, encoding, &buflen, NULL) &&
1761         !strcmpiW(encoding, szChunked))
1762     {
1763         return HTTP_ReadChunked(req, buffer, size, read, sync);
1764     }
1765     else
1766         return HTTP_Read(req, buffer, size, read, sync);
1767 }
1768
1769 static DWORD HTTPREQ_ReadFile(WININETHANDLEHEADER *hdr, void *buffer, DWORD size, DWORD *read)
1770 {
1771     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1772     return HTTPREQ_Read(req, buffer, size, read, TRUE);
1773 }
1774
1775 static void HTTPREQ_AsyncReadFileExProc(WORKREQUEST *workRequest)
1776 {
1777     struct WORKREQ_INTERNETREADFILEEXA const *data = &workRequest->u.InternetReadFileExA;
1778     WININETHTTPREQW *req = (WININETHTTPREQW*)workRequest->hdr;
1779     INTERNET_ASYNC_RESULT iar;
1780     DWORD res;
1781
1782     TRACE("INTERNETREADFILEEXA %p\n", workRequest->hdr);
1783
1784     res = HTTPREQ_Read(req, data->lpBuffersOut->lpvBuffer,
1785             data->lpBuffersOut->dwBufferLength, &data->lpBuffersOut->dwBufferLength, TRUE);
1786
1787     iar.dwResult = res == ERROR_SUCCESS;
1788     iar.dwError = res;
1789
1790     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext,
1791                           INTERNET_STATUS_REQUEST_COMPLETE, &iar,
1792                           sizeof(INTERNET_ASYNC_RESULT));
1793 }
1794
1795 static DWORD HTTPREQ_ReadFileExA(WININETHANDLEHEADER *hdr, INTERNET_BUFFERSA *buffers,
1796         DWORD flags, DWORD_PTR context)
1797 {
1798
1799     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1800     DWORD res;
1801
1802     if (flags & ~(IRF_ASYNC|IRF_NO_WAIT))
1803         FIXME("these dwFlags aren't implemented: 0x%x\n", flags & ~(IRF_ASYNC|IRF_NO_WAIT));
1804
1805     if (buffers->dwStructSize != sizeof(*buffers))
1806         return ERROR_INVALID_PARAMETER;
1807
1808     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
1809
1810     if (hdr->dwFlags & INTERNET_FLAG_ASYNC) {
1811         DWORD available = 0;
1812
1813         NETCON_query_data_available(&req->netConnection, &available);
1814         if (!available)
1815         {
1816             WORKREQUEST workRequest;
1817
1818             workRequest.asyncproc = HTTPREQ_AsyncReadFileExProc;
1819             workRequest.hdr = WININET_AddRef(&req->hdr);
1820             workRequest.u.InternetReadFileExA.lpBuffersOut = buffers;
1821
1822             INTERNET_AsyncCall(&workRequest);
1823
1824             return ERROR_IO_PENDING;
1825         }
1826     }
1827
1828     res = HTTPREQ_Read(req, buffers->lpvBuffer, buffers->dwBufferLength, &buffers->dwBufferLength,
1829             !(flags & IRF_NO_WAIT));
1830
1831     if (res == ERROR_SUCCESS) {
1832         DWORD size = buffers->dwBufferLength;
1833         INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_RESPONSE_RECEIVED,
1834                 &size, sizeof(size));
1835     }
1836
1837     return res;
1838 }
1839
1840 static BOOL HTTPREQ_WriteFile(WININETHANDLEHEADER *hdr, const void *buffer, DWORD size, DWORD *written)
1841 {
1842     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW)hdr;
1843
1844     return NETCON_send(&lpwhr->netConnection, buffer, size, 0, (LPINT)written);
1845 }
1846
1847 static void HTTPREQ_AsyncQueryDataAvailableProc(WORKREQUEST *workRequest)
1848 {
1849     WININETHTTPREQW *req = (WININETHTTPREQW*)workRequest->hdr;
1850     INTERNET_ASYNC_RESULT iar;
1851     char buffer[4048];
1852
1853     TRACE("%p\n", workRequest->hdr);
1854
1855     iar.dwResult = NETCON_recv(&req->netConnection, buffer,
1856                                min(sizeof(buffer), req->dwContentLength - req->dwContentRead),
1857                                MSG_PEEK, (int *)&iar.dwError);
1858
1859     INTERNET_SendCallback(&req->hdr, req->hdr.dwContext, INTERNET_STATUS_REQUEST_COMPLETE, &iar,
1860                           sizeof(INTERNET_ASYNC_RESULT));
1861 }
1862
1863 static DWORD HTTPREQ_QueryDataAvailable(WININETHANDLEHEADER *hdr, DWORD *available, DWORD flags, DWORD_PTR ctx)
1864 {
1865     WININETHTTPREQW *req = (WININETHTTPREQW*)hdr;
1866     BYTE buffer[4048];
1867     BOOL async;
1868
1869     TRACE("(%p %p %x %lx)\n", req, available, flags, ctx);
1870
1871     if(!NETCON_query_data_available(&req->netConnection, available) || *available)
1872         return ERROR_SUCCESS;
1873
1874     /* Even if we are in async mode, we need to determine whether
1875      * there is actually more data available. We do this by trying
1876      * to peek only a single byte in async mode. */
1877     async = (req->lpHttpSession->lpAppInfo->hdr.dwFlags & INTERNET_FLAG_ASYNC) != 0;
1878
1879     if (NETCON_recv(&req->netConnection, buffer,
1880                     min(async ? 1 : sizeof(buffer), req->dwContentLength - req->dwContentRead),
1881                     MSG_PEEK, (int *)available) && async && *available)
1882     {
1883         WORKREQUEST workRequest;
1884
1885         *available = 0;
1886         workRequest.asyncproc = HTTPREQ_AsyncQueryDataAvailableProc;
1887         workRequest.hdr = WININET_AddRef( &req->hdr );
1888
1889         INTERNET_AsyncCall(&workRequest);
1890
1891         return ERROR_IO_PENDING;
1892     }
1893
1894     return ERROR_SUCCESS;
1895 }
1896
1897 static const HANDLEHEADERVtbl HTTPREQVtbl = {
1898     HTTPREQ_Destroy,
1899     HTTPREQ_CloseConnection,
1900     HTTPREQ_QueryOption,
1901     HTTPREQ_SetOption,
1902     HTTPREQ_ReadFile,
1903     HTTPREQ_ReadFileExA,
1904     HTTPREQ_WriteFile,
1905     HTTPREQ_QueryDataAvailable,
1906     NULL
1907 };
1908
1909 /***********************************************************************
1910  *           HTTP_HttpOpenRequestW (internal)
1911  *
1912  * Open a HTTP request handle
1913  *
1914  * RETURNS
1915  *    HINTERNET  a HTTP request handle on success
1916  *    NULL       on failure
1917  *
1918  */
1919 HINTERNET WINAPI HTTP_HttpOpenRequestW(LPWININETHTTPSESSIONW lpwhs,
1920         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
1921         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
1922         DWORD dwFlags, DWORD_PTR dwContext)
1923 {
1924     LPWININETAPPINFOW hIC = NULL;
1925     LPWININETHTTPREQW lpwhr;
1926     LPWSTR lpszHostName = NULL;
1927     HINTERNET handle = NULL;
1928     static const WCHAR szHostForm[] = {'%','s',':','%','u',0};
1929     DWORD len;
1930
1931     TRACE("-->\n");
1932
1933     assert( lpwhs->hdr.htype == WH_HHTTPSESSION );
1934     hIC = lpwhs->lpAppInfo;
1935
1936     lpwhr = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPREQW));
1937     if (NULL == lpwhr)
1938     {
1939         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1940         goto lend;
1941     }
1942     lpwhr->hdr.htype = WH_HHTTPREQ;
1943     lpwhr->hdr.vtbl = &HTTPREQVtbl;
1944     lpwhr->hdr.dwFlags = dwFlags;
1945     lpwhr->hdr.dwContext = dwContext;
1946     lpwhr->hdr.refs = 1;
1947     lpwhr->hdr.lpfnStatusCB = lpwhs->hdr.lpfnStatusCB;
1948     lpwhr->hdr.dwInternalFlags = lpwhs->hdr.dwInternalFlags & INET_CALLBACKW;
1949
1950     WININET_AddRef( &lpwhs->hdr );
1951     lpwhr->lpHttpSession = lpwhs;
1952     list_add_head( &lpwhs->hdr.children, &lpwhr->hdr.entry );
1953
1954     lpszHostName = HeapAlloc(GetProcessHeap(), 0, sizeof(WCHAR) *
1955             (strlenW(lpwhs->lpszHostName) + 7 /* length of ":65535" + 1 */));
1956     if (NULL == lpszHostName)
1957     {
1958         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1959         goto lend;
1960     }
1961
1962     handle = WININET_AllocHandle( &lpwhr->hdr );
1963     if (NULL == handle)
1964     {
1965         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1966         goto lend;
1967     }
1968
1969     if (!NETCON_init(&lpwhr->netConnection, dwFlags & INTERNET_FLAG_SECURE))
1970     {
1971         InternetCloseHandle( handle );
1972         handle = NULL;
1973         goto lend;
1974     }
1975
1976     if (lpszObjectName && *lpszObjectName) {
1977         HRESULT rc;
1978
1979         len = 0;
1980         rc = UrlEscapeW(lpszObjectName, NULL, &len, URL_ESCAPE_SPACES_ONLY);
1981         if (rc != E_POINTER)
1982             len = strlenW(lpszObjectName)+1;
1983         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
1984         rc = UrlEscapeW(lpszObjectName, lpwhr->lpszPath, &len,
1985                    URL_ESCAPE_SPACES_ONLY);
1986         if (rc != S_OK)
1987         {
1988             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(lpszObjectName),rc);
1989             strcpyW(lpwhr->lpszPath,lpszObjectName);
1990         }
1991     }
1992
1993     if (lpszReferrer && *lpszReferrer)
1994         HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpszReferrer, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
1995
1996     if (lpszAcceptTypes)
1997     {
1998         int i;
1999         for (i = 0; lpszAcceptTypes[i]; i++)
2000         {
2001             if (!*lpszAcceptTypes[i]) continue;
2002             HTTP_ProcessHeader(lpwhr, HTTP_ACCEPT, lpszAcceptTypes[i],
2003                                HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA |
2004                                HTTP_ADDHDR_FLAG_REQ |
2005                                (i == 0 ? HTTP_ADDHDR_FLAG_REPLACE : 0));
2006         }
2007     }
2008
2009     lpwhr->lpszVerb = WININET_strdupW(lpszVerb && *lpszVerb ? lpszVerb : szGET);
2010
2011     if (lpszVersion)
2012         lpwhr->lpszVersion = WININET_strdupW(lpszVersion);
2013     else
2014         lpwhr->lpszVersion = WININET_strdupW(g_szHttp1_1);
2015
2016     if (lpwhs->nHostPort != INTERNET_INVALID_PORT_NUMBER &&
2017         lpwhs->nHostPort != INTERNET_DEFAULT_HTTP_PORT &&
2018         lpwhs->nHostPort != INTERNET_DEFAULT_HTTPS_PORT)
2019     {
2020         sprintfW(lpszHostName, szHostForm, lpwhs->lpszHostName, lpwhs->nHostPort);
2021         HTTP_ProcessHeader(lpwhr, szHost, lpszHostName,
2022                 HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
2023     }
2024     else
2025         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName,
2026                 HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REQ);
2027
2028     if (lpwhs->nServerPort == INTERNET_INVALID_PORT_NUMBER)
2029         lpwhs->nServerPort = (dwFlags & INTERNET_FLAG_SECURE ?
2030                         INTERNET_DEFAULT_HTTPS_PORT :
2031                         INTERNET_DEFAULT_HTTP_PORT);
2032
2033     if (lpwhs->nHostPort == INTERNET_INVALID_PORT_NUMBER)
2034         lpwhs->nHostPort = (dwFlags & INTERNET_FLAG_SECURE ?
2035                         INTERNET_DEFAULT_HTTPS_PORT :
2036                         INTERNET_DEFAULT_HTTP_PORT);
2037
2038     if (NULL != hIC->lpszProxy && hIC->lpszProxy[0] != 0)
2039         HTTP_DealWithProxy( hIC, lpwhs, lpwhr );
2040
2041     INTERNET_SendCallback(&lpwhs->hdr, dwContext,
2042                           INTERNET_STATUS_HANDLE_CREATED, &handle,
2043                           sizeof(handle));
2044
2045 lend:
2046     HeapFree(GetProcessHeap(), 0, lpszHostName);
2047     if( lpwhr )
2048         WININET_Release( &lpwhr->hdr );
2049
2050     TRACE("<-- %p (%p)\n", handle, lpwhr);
2051     return handle;
2052 }
2053
2054 /* read any content returned by the server so that the connection can be
2055  * reused */
2056 static void HTTP_DrainContent(WININETHTTPREQW *req)
2057 {
2058     DWORD bytes_read;
2059
2060     if (!NETCON_connected(&req->netConnection)) return;
2061
2062     if (req->dwContentLength == -1)
2063         NETCON_close(&req->netConnection);
2064
2065     do
2066     {
2067         char buffer[2048];
2068         if (HTTP_Read(req, buffer, sizeof(buffer), &bytes_read, TRUE) != ERROR_SUCCESS)
2069             return;
2070     } while (bytes_read);
2071 }
2072
2073 static const WCHAR szAccept[] = { 'A','c','c','e','p','t',0 };
2074 static const WCHAR szAccept_Charset[] = { 'A','c','c','e','p','t','-','C','h','a','r','s','e','t', 0 };
2075 static const WCHAR szAccept_Encoding[] = { 'A','c','c','e','p','t','-','E','n','c','o','d','i','n','g',0 };
2076 static const WCHAR szAccept_Language[] = { 'A','c','c','e','p','t','-','L','a','n','g','u','a','g','e',0 };
2077 static const WCHAR szAccept_Ranges[] = { 'A','c','c','e','p','t','-','R','a','n','g','e','s',0 };
2078 static const WCHAR szAge[] = { 'A','g','e',0 };
2079 static const WCHAR szAllow[] = { 'A','l','l','o','w',0 };
2080 static const WCHAR szCache_Control[] = { 'C','a','c','h','e','-','C','o','n','t','r','o','l',0 };
2081 static const WCHAR szConnection[] = { 'C','o','n','n','e','c','t','i','o','n',0 };
2082 static const WCHAR szContent_Base[] = { 'C','o','n','t','e','n','t','-','B','a','s','e',0 };
2083 static const WCHAR szContent_Encoding[] = { 'C','o','n','t','e','n','t','-','E','n','c','o','d','i','n','g',0 };
2084 static const WCHAR szContent_ID[] = { 'C','o','n','t','e','n','t','-','I','D',0 };
2085 static const WCHAR szContent_Language[] = { 'C','o','n','t','e','n','t','-','L','a','n','g','u','a','g','e',0 };
2086 static const WCHAR szContent_Length[] = { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',0 };
2087 static const WCHAR szContent_Location[] = { 'C','o','n','t','e','n','t','-','L','o','c','a','t','i','o','n',0 };
2088 static const WCHAR szContent_MD5[] = { 'C','o','n','t','e','n','t','-','M','D','5',0 };
2089 static const WCHAR szContent_Range[] = { 'C','o','n','t','e','n','t','-','R','a','n','g','e',0 };
2090 static const WCHAR szContent_Transfer_Encoding[] = { 'C','o','n','t','e','n','t','-','T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
2091 static const WCHAR szContent_Type[] = { 'C','o','n','t','e','n','t','-','T','y','p','e',0 };
2092 static const WCHAR szCookie[] = { 'C','o','o','k','i','e',0 };
2093 static const WCHAR szDate[] = { 'D','a','t','e',0 };
2094 static const WCHAR szFrom[] = { 'F','r','o','m',0 };
2095 static const WCHAR szETag[] = { 'E','T','a','g',0 };
2096 static const WCHAR szExpect[] = { 'E','x','p','e','c','t',0 };
2097 static const WCHAR szExpires[] = { 'E','x','p','i','r','e','s',0 };
2098 static const WCHAR szIf_Match[] = { 'I','f','-','M','a','t','c','h',0 };
2099 static const WCHAR szIf_Modified_Since[] = { 'I','f','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2100 static const WCHAR szIf_None_Match[] = { 'I','f','-','N','o','n','e','-','M','a','t','c','h',0 };
2101 static const WCHAR szIf_Range[] = { 'I','f','-','R','a','n','g','e',0 };
2102 static const WCHAR szIf_Unmodified_Since[] = { 'I','f','-','U','n','m','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2103 static const WCHAR szLast_Modified[] = { 'L','a','s','t','-','M','o','d','i','f','i','e','d',0 };
2104 static const WCHAR szLocation[] = { 'L','o','c','a','t','i','o','n',0 };
2105 static const WCHAR szMax_Forwards[] = { 'M','a','x','-','F','o','r','w','a','r','d','s',0 };
2106 static const WCHAR szMime_Version[] = { 'M','i','m','e','-','V','e','r','s','i','o','n',0 };
2107 static const WCHAR szPragma[] = { 'P','r','a','g','m','a',0 };
2108 static const WCHAR szProxy_Authenticate[] = { 'P','r','o','x','y','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
2109 static const WCHAR szProxy_Connection[] = { 'P','r','o','x','y','-','C','o','n','n','e','c','t','i','o','n',0 };
2110 static const WCHAR szPublic[] = { 'P','u','b','l','i','c',0 };
2111 static const WCHAR szRange[] = { 'R','a','n','g','e',0 };
2112 static const WCHAR szReferer[] = { 'R','e','f','e','r','e','r',0 };
2113 static const WCHAR szRetry_After[] = { 'R','e','t','r','y','-','A','f','t','e','r',0 };
2114 static const WCHAR szServer[] = { 'S','e','r','v','e','r',0 };
2115 static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
2116 static const WCHAR szTransfer_Encoding[] = { 'T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
2117 static const WCHAR szUnless_Modified_Since[] = { 'U','n','l','e','s','s','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
2118 static const WCHAR szUpgrade[] = { 'U','p','g','r','a','d','e',0 };
2119 static const WCHAR szURI[] = { 'U','R','I',0 };
2120 static const WCHAR szUser_Agent[] = { 'U','s','e','r','-','A','g','e','n','t',0 };
2121 static const WCHAR szVary[] = { 'V','a','r','y',0 };
2122 static const WCHAR szVia[] = { 'V','i','a',0 };
2123 static const WCHAR szWarning[] = { 'W','a','r','n','i','n','g',0 };
2124 static const WCHAR szWWW_Authenticate[] = { 'W','W','W','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
2125
2126 static const LPCWSTR header_lookup[] = {
2127     szMime_Version,             /* HTTP_QUERY_MIME_VERSION = 0 */
2128     szContent_Type,             /* HTTP_QUERY_CONTENT_TYPE = 1 */
2129     szContent_Transfer_Encoding,/* HTTP_QUERY_CONTENT_TRANSFER_ENCODING = 2 */
2130     szContent_ID,               /* HTTP_QUERY_CONTENT_ID = 3 */
2131     NULL,                       /* HTTP_QUERY_CONTENT_DESCRIPTION = 4 */
2132     szContent_Length,           /* HTTP_QUERY_CONTENT_LENGTH =  5 */
2133     szContent_Language,         /* HTTP_QUERY_CONTENT_LANGUAGE =  6 */
2134     szAllow,                    /* HTTP_QUERY_ALLOW = 7 */
2135     szPublic,                   /* HTTP_QUERY_PUBLIC = 8 */
2136     szDate,                     /* HTTP_QUERY_DATE = 9 */
2137     szExpires,                  /* HTTP_QUERY_EXPIRES = 10 */
2138     szLast_Modified,            /* HTTP_QUERY_LAST_MODIFIED = 11 */
2139     NULL,                       /* HTTP_QUERY_MESSAGE_ID = 12 */
2140     szURI,                      /* HTTP_QUERY_URI = 13 */
2141     szFrom,                     /* HTTP_QUERY_DERIVED_FROM = 14 */
2142     NULL,                       /* HTTP_QUERY_COST = 15 */
2143     NULL,                       /* HTTP_QUERY_LINK = 16 */
2144     szPragma,                   /* HTTP_QUERY_PRAGMA = 17 */
2145     NULL,                       /* HTTP_QUERY_VERSION = 18 */
2146     szStatus,                   /* HTTP_QUERY_STATUS_CODE = 19 */
2147     NULL,                       /* HTTP_QUERY_STATUS_TEXT = 20 */
2148     NULL,                       /* HTTP_QUERY_RAW_HEADERS = 21 */
2149     NULL,                       /* HTTP_QUERY_RAW_HEADERS_CRLF = 22 */
2150     szConnection,               /* HTTP_QUERY_CONNECTION = 23 */
2151     szAccept,                   /* HTTP_QUERY_ACCEPT = 24 */
2152     szAccept_Charset,           /* HTTP_QUERY_ACCEPT_CHARSET = 25 */
2153     szAccept_Encoding,          /* HTTP_QUERY_ACCEPT_ENCODING = 26 */
2154     szAccept_Language,          /* HTTP_QUERY_ACCEPT_LANGUAGE = 27 */
2155     szAuthorization,            /* HTTP_QUERY_AUTHORIZATION = 28 */
2156     szContent_Encoding,         /* HTTP_QUERY_CONTENT_ENCODING = 29 */
2157     NULL,                       /* HTTP_QUERY_FORWARDED = 30 */
2158     NULL,                       /* HTTP_QUERY_FROM = 31 */
2159     szIf_Modified_Since,        /* HTTP_QUERY_IF_MODIFIED_SINCE = 32 */
2160     szLocation,                 /* HTTP_QUERY_LOCATION = 33 */
2161     NULL,                       /* HTTP_QUERY_ORIG_URI = 34 */
2162     szReferer,                  /* HTTP_QUERY_REFERER = 35 */
2163     szRetry_After,              /* HTTP_QUERY_RETRY_AFTER = 36 */
2164     szServer,                   /* HTTP_QUERY_SERVER = 37 */
2165     NULL,                       /* HTTP_TITLE = 38 */
2166     szUser_Agent,               /* HTTP_QUERY_USER_AGENT = 39 */
2167     szWWW_Authenticate,         /* HTTP_QUERY_WWW_AUTHENTICATE = 40 */
2168     szProxy_Authenticate,       /* HTTP_QUERY_PROXY_AUTHENTICATE = 41 */
2169     szAccept_Ranges,            /* HTTP_QUERY_ACCEPT_RANGES = 42 */
2170     szSet_Cookie,               /* HTTP_QUERY_SET_COOKIE = 43 */
2171     szCookie,                   /* HTTP_QUERY_COOKIE = 44 */
2172     NULL,                       /* HTTP_QUERY_REQUEST_METHOD = 45 */
2173     NULL,                       /* HTTP_QUERY_REFRESH = 46 */
2174     NULL,                       /* HTTP_QUERY_CONTENT_DISPOSITION = 47 */
2175     szAge,                      /* HTTP_QUERY_AGE = 48 */
2176     szCache_Control,            /* HTTP_QUERY_CACHE_CONTROL = 49 */
2177     szContent_Base,             /* HTTP_QUERY_CONTENT_BASE = 50 */
2178     szContent_Location,         /* HTTP_QUERY_CONTENT_LOCATION = 51 */
2179     szContent_MD5,              /* HTTP_QUERY_CONTENT_MD5 = 52 */
2180     szContent_Range,            /* HTTP_QUERY_CONTENT_RANGE = 53 */
2181     szETag,                     /* HTTP_QUERY_ETAG = 54 */
2182     szHost,                     /* HTTP_QUERY_HOST = 55 */
2183     szIf_Match,                 /* HTTP_QUERY_IF_MATCH = 56 */
2184     szIf_None_Match,            /* HTTP_QUERY_IF_NONE_MATCH = 57 */
2185     szIf_Range,                 /* HTTP_QUERY_IF_RANGE = 58 */
2186     szIf_Unmodified_Since,      /* HTTP_QUERY_IF_UNMODIFIED_SINCE = 59 */
2187     szMax_Forwards,             /* HTTP_QUERY_MAX_FORWARDS = 60 */
2188     szProxy_Authorization,      /* HTTP_QUERY_PROXY_AUTHORIZATION = 61 */
2189     szRange,                    /* HTTP_QUERY_RANGE = 62 */
2190     szTransfer_Encoding,        /* HTTP_QUERY_TRANSFER_ENCODING = 63 */
2191     szUpgrade,                  /* HTTP_QUERY_UPGRADE = 64 */
2192     szVary,                     /* HTTP_QUERY_VARY = 65 */
2193     szVia,                      /* HTTP_QUERY_VIA = 66 */
2194     szWarning,                  /* HTTP_QUERY_WARNING = 67 */
2195     szExpect,                   /* HTTP_QUERY_EXPECT = 68 */
2196     szProxy_Connection,         /* HTTP_QUERY_PROXY_CONNECTION = 69 */
2197     szUnless_Modified_Since,    /* HTTP_QUERY_UNLESS_MODIFIED_SINCE = 70 */
2198 };
2199
2200 #define LAST_TABLE_HEADER (sizeof(header_lookup)/sizeof(header_lookup[0]))
2201
2202 /***********************************************************************
2203  *           HTTP_HttpQueryInfoW (internal)
2204  */
2205 static BOOL HTTP_HttpQueryInfoW( LPWININETHTTPREQW lpwhr, DWORD dwInfoLevel,
2206         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2207 {
2208     LPHTTPHEADERW lphttpHdr = NULL;
2209     BOOL bSuccess = FALSE;
2210     BOOL request_only = dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS;
2211     INT requested_index = lpdwIndex ? *lpdwIndex : 0;
2212     DWORD level = (dwInfoLevel & ~HTTP_QUERY_MODIFIER_FLAGS_MASK);
2213     INT index = -1;
2214
2215     /* Find requested header structure */
2216     switch (level)
2217     {
2218     case HTTP_QUERY_CUSTOM:
2219         if (!lpBuffer) return FALSE;
2220         index = HTTP_GetCustomHeaderIndex(lpwhr, lpBuffer, requested_index, request_only);
2221         break;
2222
2223     case HTTP_QUERY_RAW_HEADERS_CRLF:
2224         {
2225             LPWSTR headers;
2226             DWORD len = 0;
2227             BOOL ret = FALSE;
2228
2229             if (request_only)
2230                 headers = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, lpwhr->lpszVersion);
2231             else
2232                 headers = lpwhr->lpszRawHeaders;
2233
2234             if (headers)
2235                 len = strlenW(headers) * sizeof(WCHAR);
2236
2237             if (len + sizeof(WCHAR) > *lpdwBufferLength)
2238             {
2239                 len += sizeof(WCHAR);
2240                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2241                 ret = FALSE;
2242             }
2243             else if (lpBuffer)
2244             {
2245                 if (headers)
2246                     memcpy(lpBuffer, headers, len + sizeof(WCHAR));
2247                 else
2248                 {
2249                     len = strlenW(szCrLf) * sizeof(WCHAR);
2250                     memcpy(lpBuffer, szCrLf, sizeof(szCrLf));
2251                 }
2252                 TRACE("returning data: %s\n", debugstr_wn(lpBuffer, len / sizeof(WCHAR)));
2253                 ret = TRUE;
2254             }
2255             *lpdwBufferLength = len;
2256
2257             if (request_only)
2258                 HeapFree(GetProcessHeap(), 0, headers);
2259             return ret;
2260         }
2261     case HTTP_QUERY_RAW_HEADERS:
2262         {
2263             LPWSTR * ppszRawHeaderLines = HTTP_Tokenize(lpwhr->lpszRawHeaders, szCrLf);
2264             DWORD i, size = 0;
2265             LPWSTR pszString = lpBuffer;
2266
2267             for (i = 0; ppszRawHeaderLines[i]; i++)
2268                 size += strlenW(ppszRawHeaderLines[i]) + 1;
2269
2270             if (size + 1 > *lpdwBufferLength/sizeof(WCHAR))
2271             {
2272                 HTTP_FreeTokens(ppszRawHeaderLines);
2273                 *lpdwBufferLength = (size + 1) * sizeof(WCHAR);
2274                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2275                 return FALSE;
2276             }
2277             if (pszString)
2278             {
2279                 for (i = 0; ppszRawHeaderLines[i]; i++)
2280                 {
2281                     DWORD len = strlenW(ppszRawHeaderLines[i]);
2282                     memcpy(pszString, ppszRawHeaderLines[i], (len+1)*sizeof(WCHAR));
2283                     pszString += len+1;
2284                 }
2285                 *pszString = '\0';
2286                 TRACE("returning data: %s\n", debugstr_wn(lpBuffer, size));
2287             }
2288             *lpdwBufferLength = size * sizeof(WCHAR);
2289             HTTP_FreeTokens(ppszRawHeaderLines);
2290
2291             return TRUE;
2292         }
2293     case HTTP_QUERY_STATUS_TEXT:
2294         if (lpwhr->lpszStatusText)
2295         {
2296             DWORD len = strlenW(lpwhr->lpszStatusText);
2297             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
2298             {
2299                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
2300                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2301                 return FALSE;
2302             }
2303             if (lpBuffer)
2304             {
2305                 memcpy(lpBuffer, lpwhr->lpszStatusText, (len + 1) * sizeof(WCHAR));
2306                 TRACE("returning data: %s\n", debugstr_wn(lpBuffer, len));
2307             }
2308             *lpdwBufferLength = len * sizeof(WCHAR);
2309             return TRUE;
2310         }
2311         break;
2312     case HTTP_QUERY_VERSION:
2313         if (lpwhr->lpszVersion)
2314         {
2315             DWORD len = strlenW(lpwhr->lpszVersion);
2316             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
2317             {
2318                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
2319                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2320                 return FALSE;
2321             }
2322             if (lpBuffer)
2323             {
2324                 memcpy(lpBuffer, lpwhr->lpszVersion, (len + 1) * sizeof(WCHAR));
2325                 TRACE("returning data: %s\n", debugstr_wn(lpBuffer, len));
2326             }
2327             *lpdwBufferLength = len * sizeof(WCHAR);
2328             return TRUE;
2329         }
2330         break;
2331     default:
2332         assert (LAST_TABLE_HEADER == (HTTP_QUERY_UNLESS_MODIFIED_SINCE + 1));
2333
2334         if (level < LAST_TABLE_HEADER && header_lookup[level])
2335             index = HTTP_GetCustomHeaderIndex(lpwhr, header_lookup[level],
2336                                               requested_index,request_only);
2337     }
2338
2339     if (index >= 0)
2340         lphttpHdr = &lpwhr->pCustHeaders[index];
2341
2342     /* Ensure header satisfies requested attributes */
2343     if (!lphttpHdr ||
2344         ((dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS) &&
2345          (~lphttpHdr->wFlags & HDR_ISREQUEST)))
2346     {
2347         INTERNET_SetLastError(ERROR_HTTP_HEADER_NOT_FOUND);
2348         return bSuccess;
2349     }
2350
2351     if (lpdwIndex && level != HTTP_QUERY_STATUS_CODE) (*lpdwIndex)++;
2352
2353     /* coalesce value to requested type */
2354     if (dwInfoLevel & HTTP_QUERY_FLAG_NUMBER && lpBuffer)
2355     {
2356         *(int *)lpBuffer = atoiW(lphttpHdr->lpszValue);
2357         TRACE(" returning number: %d\n", *(int *)lpBuffer);
2358         bSuccess = TRUE;
2359     }
2360     else if (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME && lpBuffer)
2361     {
2362         time_t tmpTime;
2363         struct tm tmpTM;
2364         SYSTEMTIME *STHook;
2365
2366         tmpTime = ConvertTimeString(lphttpHdr->lpszValue);
2367
2368         tmpTM = *gmtime(&tmpTime);
2369         STHook = (SYSTEMTIME *)lpBuffer;
2370         STHook->wDay = tmpTM.tm_mday;
2371         STHook->wHour = tmpTM.tm_hour;
2372         STHook->wMilliseconds = 0;
2373         STHook->wMinute = tmpTM.tm_min;
2374         STHook->wDayOfWeek = tmpTM.tm_wday;
2375         STHook->wMonth = tmpTM.tm_mon + 1;
2376         STHook->wSecond = tmpTM.tm_sec;
2377         STHook->wYear = tmpTM.tm_year;
2378         bSuccess = TRUE;
2379         
2380         TRACE(" returning time: %04d/%02d/%02d - %d - %02d:%02d:%02d.%02d\n",
2381               STHook->wYear, STHook->wMonth, STHook->wDay, STHook->wDayOfWeek,
2382               STHook->wHour, STHook->wMinute, STHook->wSecond, STHook->wMilliseconds);
2383     }
2384     else if (lphttpHdr->lpszValue)
2385     {
2386         DWORD len = (strlenW(lphttpHdr->lpszValue) + 1) * sizeof(WCHAR);
2387
2388         if (len > *lpdwBufferLength)
2389         {
2390             *lpdwBufferLength = len;
2391             INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
2392             return bSuccess;
2393         }
2394         if (lpBuffer)
2395         {
2396             memcpy(lpBuffer, lphttpHdr->lpszValue, len);
2397             TRACE(" returning string: %s\n", debugstr_w(lpBuffer));
2398         }
2399         *lpdwBufferLength = len - sizeof(WCHAR);
2400         bSuccess = TRUE;
2401     }
2402     return bSuccess;
2403 }
2404
2405 /***********************************************************************
2406  *           HttpQueryInfoW (WININET.@)
2407  *
2408  * Queries for information about an HTTP request
2409  *
2410  * RETURNS
2411  *    TRUE  on success
2412  *    FALSE on failure
2413  *
2414  */
2415 BOOL WINAPI HttpQueryInfoW(HINTERNET hHttpRequest, DWORD dwInfoLevel,
2416         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2417 {
2418     BOOL bSuccess = FALSE;
2419     LPWININETHTTPREQW lpwhr;
2420
2421     if (TRACE_ON(wininet)) {
2422 #define FE(x) { x, #x }
2423         static const wininet_flag_info query_flags[] = {
2424             FE(HTTP_QUERY_MIME_VERSION),
2425             FE(HTTP_QUERY_CONTENT_TYPE),
2426             FE(HTTP_QUERY_CONTENT_TRANSFER_ENCODING),
2427             FE(HTTP_QUERY_CONTENT_ID),
2428             FE(HTTP_QUERY_CONTENT_DESCRIPTION),
2429             FE(HTTP_QUERY_CONTENT_LENGTH),
2430             FE(HTTP_QUERY_CONTENT_LANGUAGE),
2431             FE(HTTP_QUERY_ALLOW),
2432             FE(HTTP_QUERY_PUBLIC),
2433             FE(HTTP_QUERY_DATE),
2434             FE(HTTP_QUERY_EXPIRES),
2435             FE(HTTP_QUERY_LAST_MODIFIED),
2436             FE(HTTP_QUERY_MESSAGE_ID),
2437             FE(HTTP_QUERY_URI),
2438             FE(HTTP_QUERY_DERIVED_FROM),
2439             FE(HTTP_QUERY_COST),
2440             FE(HTTP_QUERY_LINK),
2441             FE(HTTP_QUERY_PRAGMA),
2442             FE(HTTP_QUERY_VERSION),
2443             FE(HTTP_QUERY_STATUS_CODE),
2444             FE(HTTP_QUERY_STATUS_TEXT),
2445             FE(HTTP_QUERY_RAW_HEADERS),
2446             FE(HTTP_QUERY_RAW_HEADERS_CRLF),
2447             FE(HTTP_QUERY_CONNECTION),
2448             FE(HTTP_QUERY_ACCEPT),
2449             FE(HTTP_QUERY_ACCEPT_CHARSET),
2450             FE(HTTP_QUERY_ACCEPT_ENCODING),
2451             FE(HTTP_QUERY_ACCEPT_LANGUAGE),
2452             FE(HTTP_QUERY_AUTHORIZATION),
2453             FE(HTTP_QUERY_CONTENT_ENCODING),
2454             FE(HTTP_QUERY_FORWARDED),
2455             FE(HTTP_QUERY_FROM),
2456             FE(HTTP_QUERY_IF_MODIFIED_SINCE),
2457             FE(HTTP_QUERY_LOCATION),
2458             FE(HTTP_QUERY_ORIG_URI),
2459             FE(HTTP_QUERY_REFERER),
2460             FE(HTTP_QUERY_RETRY_AFTER),
2461             FE(HTTP_QUERY_SERVER),
2462             FE(HTTP_QUERY_TITLE),
2463             FE(HTTP_QUERY_USER_AGENT),
2464             FE(HTTP_QUERY_WWW_AUTHENTICATE),
2465             FE(HTTP_QUERY_PROXY_AUTHENTICATE),
2466             FE(HTTP_QUERY_ACCEPT_RANGES),
2467         FE(HTTP_QUERY_SET_COOKIE),
2468         FE(HTTP_QUERY_COOKIE),
2469             FE(HTTP_QUERY_REQUEST_METHOD),
2470             FE(HTTP_QUERY_REFRESH),
2471             FE(HTTP_QUERY_CONTENT_DISPOSITION),
2472             FE(HTTP_QUERY_AGE),
2473             FE(HTTP_QUERY_CACHE_CONTROL),
2474             FE(HTTP_QUERY_CONTENT_BASE),
2475             FE(HTTP_QUERY_CONTENT_LOCATION),
2476             FE(HTTP_QUERY_CONTENT_MD5),
2477             FE(HTTP_QUERY_CONTENT_RANGE),
2478             FE(HTTP_QUERY_ETAG),
2479             FE(HTTP_QUERY_HOST),
2480             FE(HTTP_QUERY_IF_MATCH),
2481             FE(HTTP_QUERY_IF_NONE_MATCH),
2482             FE(HTTP_QUERY_IF_RANGE),
2483             FE(HTTP_QUERY_IF_UNMODIFIED_SINCE),
2484             FE(HTTP_QUERY_MAX_FORWARDS),
2485             FE(HTTP_QUERY_PROXY_AUTHORIZATION),
2486             FE(HTTP_QUERY_RANGE),
2487             FE(HTTP_QUERY_TRANSFER_ENCODING),
2488             FE(HTTP_QUERY_UPGRADE),
2489             FE(HTTP_QUERY_VARY),
2490             FE(HTTP_QUERY_VIA),
2491             FE(HTTP_QUERY_WARNING),
2492             FE(HTTP_QUERY_CUSTOM)
2493         };
2494         static const wininet_flag_info modifier_flags[] = {
2495             FE(HTTP_QUERY_FLAG_REQUEST_HEADERS),
2496             FE(HTTP_QUERY_FLAG_SYSTEMTIME),
2497             FE(HTTP_QUERY_FLAG_NUMBER),
2498             FE(HTTP_QUERY_FLAG_COALESCE)
2499         };
2500 #undef FE
2501         DWORD info_mod = dwInfoLevel & HTTP_QUERY_MODIFIER_FLAGS_MASK;
2502         DWORD info = dwInfoLevel & HTTP_QUERY_HEADER_MASK;
2503         DWORD i;
2504
2505         TRACE("(%p, 0x%08x)--> %d\n", hHttpRequest, dwInfoLevel, dwInfoLevel);
2506         TRACE("  Attribute:");
2507         for (i = 0; i < (sizeof(query_flags) / sizeof(query_flags[0])); i++) {
2508             if (query_flags[i].val == info) {
2509                 TRACE(" %s", query_flags[i].name);
2510                 break;
2511             }
2512         }
2513         if (i == (sizeof(query_flags) / sizeof(query_flags[0]))) {
2514             TRACE(" Unknown (%08x)", info);
2515         }
2516
2517         TRACE(" Modifier:");
2518         for (i = 0; i < (sizeof(modifier_flags) / sizeof(modifier_flags[0])); i++) {
2519             if (modifier_flags[i].val & info_mod) {
2520                 TRACE(" %s", modifier_flags[i].name);
2521                 info_mod &= ~ modifier_flags[i].val;
2522             }
2523         }
2524         
2525         if (info_mod) {
2526             TRACE(" Unknown (%08x)", info_mod);
2527         }
2528         TRACE("\n");
2529     }
2530     
2531     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
2532     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
2533     {
2534         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2535         goto lend;
2536     }
2537
2538     if (lpBuffer == NULL)
2539         *lpdwBufferLength = 0;
2540     bSuccess = HTTP_HttpQueryInfoW( lpwhr, dwInfoLevel,
2541                                     lpBuffer, lpdwBufferLength, lpdwIndex);
2542
2543 lend:
2544     if( lpwhr )
2545          WININET_Release( &lpwhr->hdr );
2546
2547     TRACE("%d <--\n", bSuccess);
2548     return bSuccess;
2549 }
2550
2551 /***********************************************************************
2552  *           HttpQueryInfoA (WININET.@)
2553  *
2554  * Queries for information about an HTTP request
2555  *
2556  * RETURNS
2557  *    TRUE  on success
2558  *    FALSE on failure
2559  *
2560  */
2561 BOOL WINAPI HttpQueryInfoA(HINTERNET hHttpRequest, DWORD dwInfoLevel,
2562         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2563 {
2564     BOOL result;
2565     DWORD len;
2566     WCHAR* bufferW;
2567
2568     if((dwInfoLevel & HTTP_QUERY_FLAG_NUMBER) ||
2569        (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME))
2570     {
2571         return HttpQueryInfoW( hHttpRequest, dwInfoLevel, lpBuffer,
2572                                lpdwBufferLength, lpdwIndex );
2573     }
2574
2575     if (lpBuffer)
2576     {
2577         DWORD alloclen;
2578         len = (*lpdwBufferLength)*sizeof(WCHAR);
2579         if ((dwInfoLevel & HTTP_QUERY_HEADER_MASK) == HTTP_QUERY_CUSTOM)
2580         {
2581             alloclen = MultiByteToWideChar( CP_ACP, 0, lpBuffer, -1, NULL, 0 ) * sizeof(WCHAR);
2582             if (alloclen < len)
2583                 alloclen = len;
2584         }
2585         else
2586             alloclen = len;
2587         bufferW = HeapAlloc( GetProcessHeap(), 0, alloclen );
2588         /* buffer is in/out because of HTTP_QUERY_CUSTOM */
2589         if ((dwInfoLevel & HTTP_QUERY_HEADER_MASK) == HTTP_QUERY_CUSTOM)
2590             MultiByteToWideChar( CP_ACP, 0, lpBuffer, -1, bufferW, alloclen / sizeof(WCHAR) );
2591     } else
2592     {
2593         bufferW = NULL;
2594         len = 0;
2595     }
2596
2597     result = HttpQueryInfoW( hHttpRequest, dwInfoLevel, bufferW,
2598                            &len, lpdwIndex );
2599     if( result )
2600     {
2601         len = WideCharToMultiByte( CP_ACP,0, bufferW, len / sizeof(WCHAR) + 1,
2602                                      lpBuffer, *lpdwBufferLength, NULL, NULL );
2603         *lpdwBufferLength = len - 1;
2604
2605         TRACE("lpBuffer: %s\n", debugstr_a(lpBuffer));
2606     }
2607     else
2608         /* since the strings being returned from HttpQueryInfoW should be
2609          * only ASCII characters, it is reasonable to assume that all of
2610          * the Unicode characters can be reduced to a single byte */
2611         *lpdwBufferLength = len / sizeof(WCHAR);
2612
2613     HeapFree(GetProcessHeap(), 0, bufferW );
2614
2615     return result;
2616 }
2617
2618 /***********************************************************************
2619  *           HttpSendRequestExA (WININET.@)
2620  *
2621  * Sends the specified request to the HTTP server and allows chunked
2622  * transfers.
2623  *
2624  * RETURNS
2625  *  Success: TRUE
2626  *  Failure: FALSE, call GetLastError() for more information.
2627  */
2628 BOOL WINAPI HttpSendRequestExA(HINTERNET hRequest,
2629                                LPINTERNET_BUFFERSA lpBuffersIn,
2630                                LPINTERNET_BUFFERSA lpBuffersOut,
2631                                DWORD dwFlags, DWORD_PTR dwContext)
2632 {
2633     INTERNET_BUFFERSW BuffersInW;
2634     BOOL rc = FALSE;
2635     DWORD headerlen;
2636     LPWSTR header = NULL;
2637
2638     TRACE("(%p, %p, %p, %08x, %08lx)\n", hRequest, lpBuffersIn,
2639             lpBuffersOut, dwFlags, dwContext);
2640
2641     if (lpBuffersIn)
2642     {
2643         BuffersInW.dwStructSize = sizeof(LPINTERNET_BUFFERSW);
2644         if (lpBuffersIn->lpcszHeader)
2645         {
2646             headerlen = MultiByteToWideChar(CP_ACP,0,lpBuffersIn->lpcszHeader,
2647                     lpBuffersIn->dwHeadersLength,0,0);
2648             header = HeapAlloc(GetProcessHeap(),0,headerlen*sizeof(WCHAR));
2649             if (!(BuffersInW.lpcszHeader = header))
2650             {
2651                 INTERNET_SetLastError(ERROR_OUTOFMEMORY);
2652                 return FALSE;
2653             }
2654             BuffersInW.dwHeadersLength = MultiByteToWideChar(CP_ACP, 0,
2655                     lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2656                     header, headerlen);
2657         }
2658         else
2659             BuffersInW.lpcszHeader = NULL;
2660         BuffersInW.dwHeadersTotal = lpBuffersIn->dwHeadersTotal;
2661         BuffersInW.lpvBuffer = lpBuffersIn->lpvBuffer;
2662         BuffersInW.dwBufferLength = lpBuffersIn->dwBufferLength;
2663         BuffersInW.dwBufferTotal = lpBuffersIn->dwBufferTotal;
2664         BuffersInW.Next = NULL;
2665     }
2666
2667     rc = HttpSendRequestExW(hRequest, lpBuffersIn ? &BuffersInW : NULL, NULL, dwFlags, dwContext);
2668
2669     HeapFree(GetProcessHeap(),0,header);
2670
2671     return rc;
2672 }
2673
2674 /***********************************************************************
2675  *           HttpSendRequestExW (WININET.@)
2676  *
2677  * Sends the specified request to the HTTP server and allows chunked
2678  * transfers
2679  *
2680  * RETURNS
2681  *  Success: TRUE
2682  *  Failure: FALSE, call GetLastError() for more information.
2683  */
2684 BOOL WINAPI HttpSendRequestExW(HINTERNET hRequest,
2685                    LPINTERNET_BUFFERSW lpBuffersIn,
2686                    LPINTERNET_BUFFERSW lpBuffersOut,
2687                    DWORD dwFlags, DWORD_PTR dwContext)
2688 {
2689     BOOL ret = FALSE;
2690     LPWININETHTTPREQW lpwhr;
2691     LPWININETHTTPSESSIONW lpwhs;
2692     LPWININETAPPINFOW hIC;
2693
2694     TRACE("(%p, %p, %p, %08x, %08lx)\n", hRequest, lpBuffersIn,
2695             lpBuffersOut, dwFlags, dwContext);
2696
2697     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
2698
2699     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2700     {
2701         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2702         goto lend;
2703     }
2704
2705     lpwhs = lpwhr->lpHttpSession;
2706     assert(lpwhs->hdr.htype == WH_HHTTPSESSION);
2707     hIC = lpwhs->lpAppInfo;
2708     assert(hIC->hdr.htype == WH_HINIT);
2709
2710     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2711     {
2712         WORKREQUEST workRequest;
2713         struct WORKREQ_HTTPSENDREQUESTW *req;
2714
2715         workRequest.asyncproc = AsyncHttpSendRequestProc;
2716         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2717         req = &workRequest.u.HttpSendRequestW;
2718         if (lpBuffersIn)
2719         {
2720             if (lpBuffersIn->lpcszHeader)
2721                 /* FIXME: this should use dwHeadersLength or may not be necessary at all */
2722                 req->lpszHeader = WININET_strdupW(lpBuffersIn->lpcszHeader);
2723             else
2724                 req->lpszHeader = NULL;
2725             req->dwHeaderLength = lpBuffersIn->dwHeadersLength;
2726             req->lpOptional = lpBuffersIn->lpvBuffer;
2727             req->dwOptionalLength = lpBuffersIn->dwBufferLength;
2728             req->dwContentLength = lpBuffersIn->dwBufferTotal;
2729         }
2730         else
2731         {
2732             req->lpszHeader = NULL;
2733             req->dwHeaderLength = 0;
2734             req->lpOptional = NULL;
2735             req->dwOptionalLength = 0;
2736             req->dwContentLength = 0;
2737         }
2738
2739         req->bEndRequest = FALSE;
2740
2741         INTERNET_AsyncCall(&workRequest);
2742         /*
2743          * This is from windows.
2744          */
2745         INTERNET_SetLastError(ERROR_IO_PENDING);
2746     }
2747     else
2748     {
2749         if (lpBuffersIn)
2750             ret = HTTP_HttpSendRequestW(lpwhr, lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2751                                         lpBuffersIn->lpvBuffer, lpBuffersIn->dwBufferLength,
2752                                         lpBuffersIn->dwBufferTotal, FALSE);
2753         else
2754             ret = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, FALSE);
2755     }
2756
2757 lend:
2758     if ( lpwhr )
2759         WININET_Release( &lpwhr->hdr );
2760
2761     TRACE("<---\n");
2762     return ret;
2763 }
2764
2765 /***********************************************************************
2766  *           HttpSendRequestW (WININET.@)
2767  *
2768  * Sends the specified request to the HTTP server
2769  *
2770  * RETURNS
2771  *    TRUE  on success
2772  *    FALSE on failure
2773  *
2774  */
2775 BOOL WINAPI HttpSendRequestW(HINTERNET hHttpRequest, LPCWSTR lpszHeaders,
2776         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2777 {
2778     LPWININETHTTPREQW lpwhr;
2779     LPWININETHTTPSESSIONW lpwhs = NULL;
2780     LPWININETAPPINFOW hIC = NULL;
2781     BOOL r;
2782
2783     TRACE("%p, %s, %i, %p, %i)\n", hHttpRequest,
2784             debugstr_wn(lpszHeaders, dwHeaderLength), dwHeaderLength, lpOptional, dwOptionalLength);
2785
2786     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
2787     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2788     {
2789         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2790         r = FALSE;
2791         goto lend;
2792     }
2793
2794     lpwhs = lpwhr->lpHttpSession;
2795     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
2796     {
2797         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2798         r = FALSE;
2799         goto lend;
2800     }
2801
2802     hIC = lpwhs->lpAppInfo;
2803     if (NULL == hIC ||  hIC->hdr.htype != WH_HINIT)
2804     {
2805         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2806         r = FALSE;
2807         goto lend;
2808     }
2809
2810     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2811     {
2812         WORKREQUEST workRequest;
2813         struct WORKREQ_HTTPSENDREQUESTW *req;
2814
2815         workRequest.asyncproc = AsyncHttpSendRequestProc;
2816         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2817         req = &workRequest.u.HttpSendRequestW;
2818         if (lpszHeaders)
2819         {
2820             req->lpszHeader = HeapAlloc(GetProcessHeap(), 0, dwHeaderLength * sizeof(WCHAR));
2821             memcpy(req->lpszHeader, lpszHeaders, dwHeaderLength * sizeof(WCHAR));
2822         }
2823         else
2824             req->lpszHeader = 0;
2825         req->dwHeaderLength = dwHeaderLength;
2826         req->lpOptional = lpOptional;
2827         req->dwOptionalLength = dwOptionalLength;
2828         req->dwContentLength = dwOptionalLength;
2829         req->bEndRequest = TRUE;
2830
2831         INTERNET_AsyncCall(&workRequest);
2832         /*
2833          * This is from windows.
2834          */
2835         INTERNET_SetLastError(ERROR_IO_PENDING);
2836         r = FALSE;
2837     }
2838     else
2839     {
2840         r = HTTP_HttpSendRequestW(lpwhr, lpszHeaders,
2841                 dwHeaderLength, lpOptional, dwOptionalLength,
2842                 dwOptionalLength, TRUE);
2843     }
2844 lend:
2845     if( lpwhr )
2846         WININET_Release( &lpwhr->hdr );
2847     return r;
2848 }
2849
2850 /***********************************************************************
2851  *           HttpSendRequestA (WININET.@)
2852  *
2853  * Sends the specified request to the HTTP server
2854  *
2855  * RETURNS
2856  *    TRUE  on success
2857  *    FALSE on failure
2858  *
2859  */
2860 BOOL WINAPI HttpSendRequestA(HINTERNET hHttpRequest, LPCSTR lpszHeaders,
2861         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2862 {
2863     BOOL result;
2864     LPWSTR szHeaders=NULL;
2865     DWORD nLen=dwHeaderLength;
2866     if(lpszHeaders!=NULL)
2867     {
2868         nLen=MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,NULL,0);
2869         szHeaders=HeapAlloc(GetProcessHeap(),0,nLen*sizeof(WCHAR));
2870         MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,szHeaders,nLen);
2871     }
2872     result=HttpSendRequestW(hHttpRequest, szHeaders, nLen, lpOptional, dwOptionalLength);
2873     HeapFree(GetProcessHeap(),0,szHeaders);
2874     return result;
2875 }
2876
2877 static BOOL HTTP_GetRequestURL(WININETHTTPREQW *req, LPWSTR buf)
2878 {
2879     LPHTTPHEADERW host_header;
2880
2881     static const WCHAR formatW[] = {'h','t','t','p',':','/','/','%','s','%','s',0};
2882
2883     host_header = HTTP_GetHeader(req, szHost);
2884     if(!host_header)
2885         return FALSE;
2886
2887     sprintfW(buf, formatW, host_header->lpszValue, req->lpszPath); /* FIXME */
2888     return TRUE;
2889 }
2890
2891 /***********************************************************************
2892  *           HTTP_HandleRedirect (internal)
2893  */
2894 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl)
2895 {
2896     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
2897     LPWININETAPPINFOW hIC = lpwhs->lpAppInfo;
2898     BOOL using_proxy = hIC->lpszProxy && hIC->lpszProxy[0];
2899     WCHAR path[INTERNET_MAX_URL_LENGTH];
2900     int index;
2901
2902     if(lpszUrl[0]=='/')
2903     {
2904         /* if it's an absolute path, keep the same session info */
2905         lstrcpynW(path, lpszUrl, INTERNET_MAX_URL_LENGTH);
2906     }
2907     else
2908     {
2909         URL_COMPONENTSW urlComponents;
2910         WCHAR protocol[32], hostName[MAXHOSTNAME], userName[1024];
2911         static WCHAR szHttp[] = {'h','t','t','p',0};
2912         static WCHAR szHttps[] = {'h','t','t','p','s',0};
2913         DWORD url_length = 0;
2914         LPWSTR orig_url;
2915         LPWSTR combined_url;
2916
2917         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2918         urlComponents.lpszScheme = (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE) ? szHttps : szHttp;
2919         urlComponents.dwSchemeLength = 0;
2920         urlComponents.lpszHostName = lpwhs->lpszHostName;
2921         urlComponents.dwHostNameLength = 0;
2922         urlComponents.nPort = lpwhs->nHostPort;
2923         urlComponents.lpszUserName = lpwhs->lpszUserName;
2924         urlComponents.dwUserNameLength = 0;
2925         urlComponents.lpszPassword = NULL;
2926         urlComponents.dwPasswordLength = 0;
2927         urlComponents.lpszUrlPath = lpwhr->lpszPath;
2928         urlComponents.dwUrlPathLength = 0;
2929         urlComponents.lpszExtraInfo = NULL;
2930         urlComponents.dwExtraInfoLength = 0;
2931
2932         if (!InternetCreateUrlW(&urlComponents, 0, NULL, &url_length) &&
2933             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2934             return FALSE;
2935
2936         orig_url = HeapAlloc(GetProcessHeap(), 0, url_length);
2937
2938         /* convert from bytes to characters */
2939         url_length = url_length / sizeof(WCHAR) - 1;
2940         if (!InternetCreateUrlW(&urlComponents, 0, orig_url, &url_length))
2941         {
2942             HeapFree(GetProcessHeap(), 0, orig_url);
2943             return FALSE;
2944         }
2945
2946         url_length = 0;
2947         if (!InternetCombineUrlW(orig_url, lpszUrl, NULL, &url_length, ICU_ENCODE_SPACES_ONLY) &&
2948             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2949         {
2950             HeapFree(GetProcessHeap(), 0, orig_url);
2951             return FALSE;
2952         }
2953         combined_url = HeapAlloc(GetProcessHeap(), 0, url_length * sizeof(WCHAR));
2954
2955         if (!InternetCombineUrlW(orig_url, lpszUrl, combined_url, &url_length, ICU_ENCODE_SPACES_ONLY))
2956         {
2957             HeapFree(GetProcessHeap(), 0, orig_url);
2958             HeapFree(GetProcessHeap(), 0, combined_url);
2959             return FALSE;
2960         }
2961         HeapFree(GetProcessHeap(), 0, orig_url);
2962
2963         userName[0] = 0;
2964         hostName[0] = 0;
2965         protocol[0] = 0;
2966
2967         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2968         urlComponents.lpszScheme = protocol;
2969         urlComponents.dwSchemeLength = 32;
2970         urlComponents.lpszHostName = hostName;
2971         urlComponents.dwHostNameLength = MAXHOSTNAME;
2972         urlComponents.lpszUserName = userName;
2973         urlComponents.dwUserNameLength = 1024;
2974         urlComponents.lpszPassword = NULL;
2975         urlComponents.dwPasswordLength = 0;
2976         urlComponents.lpszUrlPath = path;
2977         urlComponents.dwUrlPathLength = 2048;
2978         urlComponents.lpszExtraInfo = NULL;
2979         urlComponents.dwExtraInfoLength = 0;
2980         if(!InternetCrackUrlW(combined_url, strlenW(combined_url), 0, &urlComponents))
2981         {
2982             HeapFree(GetProcessHeap(), 0, combined_url);
2983             return FALSE;
2984         }
2985
2986         HeapFree(GetProcessHeap(), 0, combined_url);
2987
2988         if (!strncmpW(szHttp, urlComponents.lpszScheme, strlenW(szHttp)) &&
2989             (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2990         {
2991             TRACE("redirect from secure page to non-secure page\n");
2992             /* FIXME: warn about from secure redirect to non-secure page */
2993             lpwhr->hdr.dwFlags &= ~INTERNET_FLAG_SECURE;
2994         }
2995         if (!strncmpW(szHttps, urlComponents.lpszScheme, strlenW(szHttps)) &&
2996             !(lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2997         {
2998             TRACE("redirect from non-secure page to secure page\n");
2999             /* FIXME: notify about redirect to secure page */
3000             lpwhr->hdr.dwFlags |= INTERNET_FLAG_SECURE;
3001         }
3002
3003         if (urlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
3004         {
3005             if (lstrlenW(protocol)>4) /*https*/
3006                 urlComponents.nPort = INTERNET_DEFAULT_HTTPS_PORT;
3007             else /*http*/
3008                 urlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
3009         }
3010
3011 #if 0
3012         /*
3013          * This upsets redirects to binary files on sourceforge.net 
3014          * and gives an html page instead of the target file
3015          * Examination of the HTTP request sent by native wininet.dll
3016          * reveals that it doesn't send a referrer in that case.
3017          * Maybe there's a flag that enables this, or maybe a referrer
3018          * shouldn't be added in case of a redirect.
3019          */
3020
3021         /* consider the current host as the referrer */
3022         if (lpwhs->lpszServerName && *lpwhs->lpszServerName)
3023             HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpwhs->lpszServerName,
3024                            HTTP_ADDHDR_FLAG_REQ|HTTP_ADDREQ_FLAG_REPLACE|
3025                            HTTP_ADDHDR_FLAG_ADD_IF_NEW);
3026 #endif
3027         
3028         HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
3029         if (urlComponents.nPort != INTERNET_DEFAULT_HTTP_PORT &&
3030             urlComponents.nPort != INTERNET_DEFAULT_HTTPS_PORT)
3031         {
3032             int len;
3033             static const WCHAR fmt[] = {'%','s',':','%','i',0};
3034             len = lstrlenW(hostName);
3035             len += 7; /* 5 for strlen("65535") + 1 for ":" + 1 for '\0' */
3036             lpwhs->lpszHostName = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
3037             sprintfW(lpwhs->lpszHostName, fmt, hostName, urlComponents.nPort);
3038         }
3039         else
3040             lpwhs->lpszHostName = WININET_strdupW(hostName);
3041
3042         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
3043
3044         HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
3045         lpwhs->lpszUserName = NULL;
3046         if (userName[0])
3047             lpwhs->lpszUserName = WININET_strdupW(userName);
3048
3049         if (!using_proxy)
3050         {
3051             if (strcmpiW(lpwhs->lpszServerName, hostName) || lpwhs->nServerPort != urlComponents.nPort)
3052             {
3053                 HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
3054                 lpwhs->lpszServerName = WININET_strdupW(hostName);
3055                 lpwhs->nServerPort = urlComponents.nPort;
3056
3057                 NETCON_close(&lpwhr->netConnection);
3058                 if (!HTTP_ResolveName(lpwhr)) return FALSE;
3059                 if (!NETCON_init(&lpwhr->netConnection, lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE)) return FALSE;
3060             }
3061         }
3062         else
3063             TRACE("Redirect through proxy\n");
3064     }
3065
3066     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
3067     lpwhr->lpszPath=NULL;
3068     if (*path)
3069     {
3070         DWORD needed = 0;
3071         HRESULT rc;
3072
3073         rc = UrlEscapeW(path, NULL, &needed, URL_ESCAPE_SPACES_ONLY);
3074         if (rc != E_POINTER)
3075             needed = strlenW(path)+1;
3076         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, needed*sizeof(WCHAR));
3077         rc = UrlEscapeW(path, lpwhr->lpszPath, &needed,
3078                         URL_ESCAPE_SPACES_ONLY);
3079         if (rc != S_OK)
3080         {
3081             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(path),rc);
3082             strcpyW(lpwhr->lpszPath,path);
3083         }
3084     }
3085
3086     /* Remove custom content-type/length headers on redirects.  */
3087     index = HTTP_GetCustomHeaderIndex(lpwhr, szContent_Type, 0, TRUE);
3088     if (0 <= index)
3089         HTTP_DeleteCustomHeader(lpwhr, index);
3090     index = HTTP_GetCustomHeaderIndex(lpwhr, szContent_Length, 0, TRUE);
3091     if (0 <= index)
3092         HTTP_DeleteCustomHeader(lpwhr, index);
3093
3094     return TRUE;
3095 }
3096
3097 /***********************************************************************
3098  *           HTTP_build_req (internal)
3099  *
3100  *  concatenate all the strings in the request together
3101  */
3102 static LPWSTR HTTP_build_req( LPCWSTR *list, int len )
3103 {
3104     LPCWSTR *t;
3105     LPWSTR str;
3106
3107     for( t = list; *t ; t++  )
3108         len += strlenW( *t );
3109     len++;
3110
3111     str = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
3112     *str = 0;
3113
3114     for( t = list; *t ; t++ )
3115         strcatW( str, *t );
3116
3117     return str;
3118 }
3119
3120 static BOOL HTTP_SecureProxyConnect(LPWININETHTTPREQW lpwhr)
3121 {
3122     LPWSTR lpszPath;
3123     LPWSTR requestString;
3124     INT len;
3125     INT cnt;
3126     INT responseLen;
3127     char *ascii_req;
3128     BOOL ret;
3129     static const WCHAR szConnect[] = {'C','O','N','N','E','C','T',0};
3130     static const WCHAR szFormat[] = {'%','s',':','%','d',0};
3131     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
3132
3133     TRACE("\n");
3134
3135     lpszPath = HeapAlloc( GetProcessHeap(), 0, (lstrlenW( lpwhs->lpszHostName ) + 13)*sizeof(WCHAR) );
3136     sprintfW( lpszPath, szFormat, lpwhs->lpszHostName, lpwhs->nHostPort );
3137     requestString = HTTP_BuildHeaderRequestString( lpwhr, szConnect, lpszPath, g_szHttp1_1 );
3138     HeapFree( GetProcessHeap(), 0, lpszPath );
3139
3140     len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3141                                 NULL, 0, NULL, NULL );
3142     len--; /* the nul terminator isn't needed */
3143     ascii_req = HeapAlloc( GetProcessHeap(), 0, len );
3144     WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3145                             ascii_req, len, NULL, NULL );
3146     HeapFree( GetProcessHeap(), 0, requestString );
3147
3148     TRACE("full request -> %s\n", debugstr_an( ascii_req, len ) );
3149
3150     ret = NETCON_send( &lpwhr->netConnection, ascii_req, len, 0, &cnt );
3151     HeapFree( GetProcessHeap(), 0, ascii_req );
3152     if (!ret || cnt < 0)
3153         return FALSE;
3154
3155     responseLen = HTTP_GetResponseHeaders( lpwhr, TRUE );
3156     if (!responseLen)
3157         return FALSE;
3158
3159     return TRUE;
3160 }
3161
3162 static void HTTP_InsertCookies(LPWININETHTTPREQW lpwhr)
3163 {
3164     static const WCHAR szUrlForm[] = {'h','t','t','p',':','/','/','%','s',0};
3165     LPWSTR lpszCookies, lpszUrl = NULL;
3166     DWORD nCookieSize, size;
3167     LPHTTPHEADERW Host = HTTP_GetHeader(lpwhr,szHost);
3168
3169     size = (strlenW(Host->lpszValue) + strlenW(szUrlForm)) * sizeof(WCHAR);
3170     if (!(lpszUrl = HeapAlloc(GetProcessHeap(), 0, size))) return;
3171     sprintfW( lpszUrl, szUrlForm, Host->lpszValue );
3172
3173     if (InternetGetCookieW(lpszUrl, NULL, NULL, &nCookieSize))
3174     {
3175         int cnt = 0;
3176         static const WCHAR szCookie[] = {'C','o','o','k','i','e',':',' ',0};
3177
3178         size = sizeof(szCookie) + nCookieSize * sizeof(WCHAR) + sizeof(szCrLf);
3179         if ((lpszCookies = HeapAlloc(GetProcessHeap(), 0, size)))
3180         {
3181             cnt += sprintfW(lpszCookies, szCookie);
3182             InternetGetCookieW(lpszUrl, NULL, lpszCookies + cnt, &nCookieSize);
3183             strcatW(lpszCookies, szCrLf);
3184
3185             HTTP_HttpAddRequestHeadersW(lpwhr, lpszCookies, strlenW(lpszCookies), HTTP_ADDREQ_FLAG_ADD);
3186             HeapFree(GetProcessHeap(), 0, lpszCookies);
3187         }
3188     }
3189     HeapFree(GetProcessHeap(), 0, lpszUrl);
3190 }
3191
3192 /***********************************************************************
3193  *           HTTP_HttpSendRequestW (internal)
3194  *
3195  * Sends the specified request to the HTTP server
3196  *
3197  * RETURNS
3198  *    TRUE  on success
3199  *    FALSE on failure
3200  *
3201  */
3202 BOOL WINAPI HTTP_HttpSendRequestW(LPWININETHTTPREQW lpwhr, LPCWSTR lpszHeaders,
3203         DWORD dwHeaderLength, LPVOID lpOptional, DWORD dwOptionalLength,
3204         DWORD dwContentLength, BOOL bEndRequest)
3205 {
3206     INT cnt;
3207     BOOL bSuccess = FALSE;
3208     LPWSTR requestString = NULL;
3209     INT responseLen;
3210     BOOL loop_next;
3211     INTERNET_ASYNC_RESULT iar;
3212     static const WCHAR szPost[] = { 'P','O','S','T',0 };
3213     static const WCHAR szContentLength[] =
3214         { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',':',' ','%','l','i','\r','\n',0 };
3215     WCHAR contentLengthStr[sizeof szContentLength/2 /* includes \r\n */ + 20 /* int */ ];
3216
3217     TRACE("--> %p\n", lpwhr);
3218
3219     assert(lpwhr->hdr.htype == WH_HHTTPREQ);
3220
3221     /* if the verb is NULL default to GET */
3222     if (!lpwhr->lpszVerb)
3223         lpwhr->lpszVerb = WININET_strdupW(szGET);
3224
3225     if (dwContentLength || !strcmpW(lpwhr->lpszVerb, szPost))
3226     {
3227         sprintfW(contentLengthStr, szContentLength, dwContentLength);
3228         HTTP_HttpAddRequestHeadersW(lpwhr, contentLengthStr, -1L, HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3229     }
3230     if (lpwhr->lpHttpSession->lpAppInfo->lpszAgent)
3231     {
3232         WCHAR *agent_header;
3233         static const WCHAR user_agent[] = {'U','s','e','r','-','A','g','e','n','t',':',' ','%','s','\r','\n',0};
3234         int len;
3235
3236         len = strlenW(lpwhr->lpHttpSession->lpAppInfo->lpszAgent) + strlenW(user_agent);
3237         agent_header = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
3238         sprintfW(agent_header, user_agent, lpwhr->lpHttpSession->lpAppInfo->lpszAgent);
3239
3240         HTTP_HttpAddRequestHeadersW(lpwhr, agent_header, strlenW(agent_header), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3241         HeapFree(GetProcessHeap(), 0, agent_header);
3242     }
3243     if (lpwhr->hdr.dwFlags & INTERNET_FLAG_PRAGMA_NOCACHE)
3244     {
3245         static const WCHAR pragma_nocache[] = {'P','r','a','g','m','a',':',' ','n','o','-','c','a','c','h','e','\r','\n',0};
3246         HTTP_HttpAddRequestHeadersW(lpwhr, pragma_nocache, strlenW(pragma_nocache), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3247     }
3248     if ((lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_CACHE_WRITE) && !strcmpW(lpwhr->lpszVerb, szPost))
3249     {
3250         static const WCHAR cache_control[] = {'C','a','c','h','e','-','C','o','n','t','r','o','l',':',
3251                                               ' ','n','o','-','c','a','c','h','e','\r','\n',0};
3252         HTTP_HttpAddRequestHeadersW(lpwhr, cache_control, strlenW(cache_control), HTTP_ADDREQ_FLAG_ADD_IF_NEW);
3253     }
3254
3255     do
3256     {
3257         DWORD len;
3258         char *ascii_req;
3259
3260         loop_next = FALSE;
3261
3262         /* like native, just in case the caller forgot to call InternetReadFile
3263          * for all the data */
3264         HTTP_DrainContent(lpwhr);
3265         lpwhr->dwContentRead = 0;
3266
3267         if (TRACE_ON(wininet))
3268         {
3269             LPHTTPHEADERW Host = HTTP_GetHeader(lpwhr,szHost);
3270             TRACE("Going to url %s %s\n", debugstr_w(Host->lpszValue), debugstr_w(lpwhr->lpszPath));
3271         }
3272
3273         HTTP_FixURL(lpwhr);
3274         if (lpwhr->hdr.dwFlags & INTERNET_FLAG_KEEP_CONNECTION)
3275         {
3276             HTTP_ProcessHeader(lpwhr, szConnection, szKeepAlive, HTTP_ADDHDR_FLAG_REQ | HTTP_ADDHDR_FLAG_REPLACE);
3277         }
3278         HTTP_InsertAuthorization(lpwhr, lpwhr->pAuthInfo, szAuthorization);
3279         HTTP_InsertAuthorization(lpwhr, lpwhr->pProxyAuthInfo, szProxy_Authorization);
3280
3281         if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES))
3282             HTTP_InsertCookies(lpwhr);
3283
3284         /* add the headers the caller supplied */
3285         if( lpszHeaders && dwHeaderLength )
3286         {
3287             HTTP_HttpAddRequestHeadersW(lpwhr, lpszHeaders, dwHeaderLength,
3288                         HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REPLACE);
3289         }
3290
3291         if (lpwhr->lpHttpSession->lpAppInfo->lpszProxy && lpwhr->lpHttpSession->lpAppInfo->lpszProxy[0])
3292         {
3293             WCHAR *url = HTTP_BuildProxyRequestUrl(lpwhr);
3294             requestString = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, url, lpwhr->lpszVersion);
3295             HeapFree(GetProcessHeap(), 0, url);
3296         }
3297         else
3298             requestString = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, lpwhr->lpszVersion);
3299
3300  
3301         TRACE("Request header -> %s\n", debugstr_w(requestString) );
3302
3303         /* Send the request and store the results */
3304         if (!HTTP_OpenConnection(lpwhr))
3305             goto lend;
3306
3307         /* send the request as ASCII, tack on the optional data */
3308         if( !lpOptional )
3309             dwOptionalLength = 0;
3310         len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3311                                    NULL, 0, NULL, NULL );
3312         ascii_req = HeapAlloc( GetProcessHeap(), 0, len + dwOptionalLength );
3313         WideCharToMultiByte( CP_ACP, 0, requestString, -1,
3314                              ascii_req, len, NULL, NULL );
3315         if( lpOptional )
3316             memcpy( &ascii_req[len-1], lpOptional, dwOptionalLength );
3317         len = (len + dwOptionalLength - 1);
3318         ascii_req[len] = 0;
3319         TRACE("full request -> %s\n", debugstr_a(ascii_req) );
3320
3321         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3322                               INTERNET_STATUS_SENDING_REQUEST, NULL, 0);
3323
3324         NETCON_send(&lpwhr->netConnection, ascii_req, len, 0, &cnt);
3325         HeapFree( GetProcessHeap(), 0, ascii_req );
3326
3327         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3328                               INTERNET_STATUS_REQUEST_SENT,
3329                               &len, sizeof(DWORD));
3330
3331         if (bEndRequest)
3332         {
3333             DWORD dwBufferSize;
3334             DWORD dwStatusCode;
3335             WCHAR encoding[20];
3336             static const WCHAR szChunked[] = {'c','h','u','n','k','e','d',0};
3337
3338             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3339                                 INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
3340     
3341             if (cnt < 0)
3342                 goto lend;
3343     
3344             responseLen = HTTP_GetResponseHeaders(lpwhr, TRUE);
3345             if (responseLen)
3346                 bSuccess = TRUE;
3347     
3348             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3349                                 INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen,
3350                                 sizeof(DWORD));
3351
3352             HTTP_ProcessCookies(lpwhr);
3353
3354             dwBufferSize = sizeof(lpwhr->dwContentLength);
3355             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
3356                                      &lpwhr->dwContentLength,&dwBufferSize,NULL))
3357                 lpwhr->dwContentLength = -1;
3358
3359             if (lpwhr->dwContentLength == 0)
3360                 HTTP_FinishedReading(lpwhr);
3361
3362             /* Correct the case where both a Content-Length and Transfer-encoding = chunked are set */
3363
3364             dwBufferSize = sizeof(encoding);
3365             if (HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_TRANSFER_ENCODING, encoding, &dwBufferSize, NULL) &&
3366                 !strcmpiW(encoding, szChunked))
3367             {
3368                 lpwhr->dwContentLength = -1;
3369             }
3370
3371             dwBufferSize = sizeof(dwStatusCode);
3372             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,
3373                                      &dwStatusCode,&dwBufferSize,NULL))
3374                 dwStatusCode = 0;
3375
3376             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT) && bSuccess)
3377             {
3378                 WCHAR szNewLocation[INTERNET_MAX_URL_LENGTH];
3379                 dwBufferSize=sizeof(szNewLocation);
3380                 if ((dwStatusCode==HTTP_STATUS_REDIRECT || dwStatusCode==HTTP_STATUS_MOVED) &&
3381                     HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
3382                 {
3383                     HTTP_DrainContent(lpwhr);
3384                     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3385                                           INTERNET_STATUS_REDIRECT, szNewLocation,
3386                                           dwBufferSize);
3387                     bSuccess = HTTP_HandleRedirect(lpwhr, szNewLocation);
3388                     if (bSuccess)
3389                     {
3390                         HeapFree(GetProcessHeap(), 0, requestString);
3391                         loop_next = TRUE;
3392                     }
3393                 }
3394             }
3395             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTH) && bSuccess)
3396             {
3397                 WCHAR szAuthValue[2048];
3398                 dwBufferSize=2048;
3399                 if (dwStatusCode == HTTP_STATUS_DENIED)
3400                 {
3401                     DWORD dwIndex = 0;
3402                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_WWW_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
3403                     {
3404                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
3405                                                  &lpwhr->pAuthInfo,
3406                                                  lpwhr->lpHttpSession->lpszUserName,
3407                                                  lpwhr->lpHttpSession->lpszPassword))
3408                         {
3409                             loop_next = TRUE;
3410                             break;
3411                         }
3412                     }
3413                 }
3414                 if (dwStatusCode == HTTP_STATUS_PROXY_AUTH_REQ)
3415                 {
3416                     DWORD dwIndex = 0;
3417                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_PROXY_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
3418                     {
3419                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
3420                                                  &lpwhr->pProxyAuthInfo,
3421                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyUsername,
3422                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyPassword))
3423                         {
3424                             loop_next = TRUE;
3425                             break;
3426                         }
3427                     }
3428                 }
3429             }
3430         }
3431         else
3432             bSuccess = TRUE;
3433     }
3434     while (loop_next);
3435
3436     /* FIXME: Better check, when we have to create the cache file */
3437     if(bSuccess && (lpwhr->hdr.dwFlags & INTERNET_FLAG_NEED_FILE)) {
3438         WCHAR url[INTERNET_MAX_URL_LENGTH];
3439         WCHAR cacheFileName[MAX_PATH+1];
3440         BOOL b;
3441
3442         b = HTTP_GetRequestURL(lpwhr, url);
3443         if(!b) {
3444             WARN("Could not get URL\n");
3445             goto lend;
3446         }
3447
3448         b = CreateUrlCacheEntryW(url, lpwhr->dwContentLength > 0 ? lpwhr->dwContentLength : 0, NULL, cacheFileName, 0);
3449         if(b) {
3450             lpwhr->lpszCacheFile = WININET_strdupW(cacheFileName);
3451             lpwhr->hCacheFile = CreateFileW(lpwhr->lpszCacheFile, GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE,
3452                       NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
3453             if(lpwhr->hCacheFile == INVALID_HANDLE_VALUE) {
3454                 WARN("Could not create file: %u\n", GetLastError());
3455                 lpwhr->hCacheFile = NULL;
3456             }
3457         }else {
3458             WARN("Could not create cache entry: %08x\n", GetLastError());
3459         }
3460     }
3461
3462 lend:
3463
3464     HeapFree(GetProcessHeap(), 0, requestString);
3465
3466     /* TODO: send notification for P3P header */
3467
3468     iar.dwResult = (DWORD_PTR)lpwhr->hdr.hInternet;
3469     iar.dwError = bSuccess ? ERROR_SUCCESS : INTERNET_GetLastError();
3470
3471     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3472                           INTERNET_STATUS_REQUEST_COMPLETE, &iar,
3473                           sizeof(INTERNET_ASYNC_RESULT));
3474
3475     TRACE("<--\n");
3476     if (bSuccess) INTERNET_SetLastError(ERROR_SUCCESS);
3477     return bSuccess;
3478 }
3479
3480 /***********************************************************************
3481  *           HTTPSESSION_Destroy (internal)
3482  *
3483  * Deallocate session handle
3484  *
3485  */
3486 static void HTTPSESSION_Destroy(WININETHANDLEHEADER *hdr)
3487 {
3488     LPWININETHTTPSESSIONW lpwhs = (LPWININETHTTPSESSIONW) hdr;
3489
3490     TRACE("%p\n", lpwhs);
3491
3492     WININET_Release(&lpwhs->lpAppInfo->hdr);
3493
3494     HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
3495     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
3496     HeapFree(GetProcessHeap(), 0, lpwhs->lpszPassword);
3497     HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
3498     HeapFree(GetProcessHeap(), 0, lpwhs);
3499 }
3500
3501 static DWORD HTTPSESSION_QueryOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD *size, BOOL unicode)
3502 {
3503     switch(option) {
3504     case INTERNET_OPTION_HANDLE_TYPE:
3505         TRACE("INTERNET_OPTION_HANDLE_TYPE\n");
3506
3507         if (*size < sizeof(ULONG))
3508             return ERROR_INSUFFICIENT_BUFFER;
3509
3510         *size = sizeof(DWORD);
3511         *(DWORD*)buffer = INTERNET_HANDLE_TYPE_CONNECT_HTTP;
3512         return ERROR_SUCCESS;
3513     }
3514
3515     return INET_QueryOption(option, buffer, size, unicode);
3516 }
3517
3518 static DWORD HTTPSESSION_SetOption(WININETHANDLEHEADER *hdr, DWORD option, void *buffer, DWORD size)
3519 {
3520     WININETHTTPSESSIONW *ses = (WININETHTTPSESSIONW*)hdr;
3521
3522     switch(option) {
3523     case INTERNET_OPTION_USERNAME:
3524     {
3525         HeapFree(GetProcessHeap(), 0, ses->lpszUserName);
3526         if (!(ses->lpszUserName = WININET_strdupW(buffer))) return ERROR_OUTOFMEMORY;
3527         return ERROR_SUCCESS;
3528     }
3529     case INTERNET_OPTION_PASSWORD:
3530     {
3531         HeapFree(GetProcessHeap(), 0, ses->lpszPassword);
3532         if (!(ses->lpszPassword = WININET_strdupW(buffer))) return ERROR_OUTOFMEMORY;
3533         return ERROR_SUCCESS;
3534     }
3535     default: break;
3536     }
3537
3538     return ERROR_INTERNET_INVALID_OPTION;
3539 }
3540
3541 static const HANDLEHEADERVtbl HTTPSESSIONVtbl = {
3542     HTTPSESSION_Destroy,
3543     NULL,
3544     HTTPSESSION_QueryOption,
3545     HTTPSESSION_SetOption,
3546     NULL,
3547     NULL,
3548     NULL,
3549     NULL,
3550     NULL
3551 };
3552
3553
3554 /***********************************************************************
3555  *           HTTP_Connect  (internal)
3556  *
3557  * Create http session handle
3558  *
3559  * RETURNS
3560  *   HINTERNET a session handle on success
3561  *   NULL on failure
3562  *
3563  */
3564 HINTERNET HTTP_Connect(LPWININETAPPINFOW hIC, LPCWSTR lpszServerName,
3565         INTERNET_PORT nServerPort, LPCWSTR lpszUserName,
3566         LPCWSTR lpszPassword, DWORD dwFlags, DWORD_PTR dwContext,
3567         DWORD dwInternalFlags)
3568 {
3569     LPWININETHTTPSESSIONW lpwhs = NULL;
3570     HINTERNET handle = NULL;
3571
3572     TRACE("-->\n");
3573
3574     if (!lpszServerName || !lpszServerName[0])
3575     {
3576         INTERNET_SetLastError(ERROR_INVALID_PARAMETER);
3577         goto lerror;
3578     }
3579
3580     assert( hIC->hdr.htype == WH_HINIT );
3581
3582     lpwhs = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPSESSIONW));
3583     if (NULL == lpwhs)
3584     {
3585         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3586         goto lerror;
3587     }
3588
3589    /*
3590     * According to my tests. The name is not resolved until a request is sent
3591     */
3592
3593     lpwhs->hdr.htype = WH_HHTTPSESSION;
3594     lpwhs->hdr.vtbl = &HTTPSESSIONVtbl;
3595     lpwhs->hdr.dwFlags = dwFlags;
3596     lpwhs->hdr.dwContext = dwContext;
3597     lpwhs->hdr.dwInternalFlags = dwInternalFlags | (hIC->hdr.dwInternalFlags & INET_CALLBACKW);
3598     lpwhs->hdr.refs = 1;
3599     lpwhs->hdr.lpfnStatusCB = hIC->hdr.lpfnStatusCB;
3600
3601     WININET_AddRef( &hIC->hdr );
3602     lpwhs->lpAppInfo = hIC;
3603     list_add_head( &hIC->hdr.children, &lpwhs->hdr.entry );
3604
3605     handle = WININET_AllocHandle( &lpwhs->hdr );
3606     if (NULL == handle)
3607     {
3608         ERR("Failed to alloc handle\n");
3609         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3610         goto lerror;
3611     }
3612
3613     if(hIC->lpszProxy && hIC->dwAccessType == INTERNET_OPEN_TYPE_PROXY) {
3614         if(strchrW(hIC->lpszProxy, ' '))
3615             FIXME("Several proxies not implemented.\n");
3616         if(hIC->lpszProxyBypass)
3617             FIXME("Proxy bypass is ignored.\n");
3618     }
3619     if (lpszServerName && lpszServerName[0])
3620     {
3621         lpwhs->lpszServerName = WININET_strdupW(lpszServerName);
3622         lpwhs->lpszHostName = WININET_strdupW(lpszServerName);
3623     }
3624     if (lpszUserName && lpszUserName[0])
3625         lpwhs->lpszUserName = WININET_strdupW(lpszUserName);
3626     if (lpszPassword && lpszPassword[0])
3627         lpwhs->lpszPassword = WININET_strdupW(lpszPassword);
3628     lpwhs->nServerPort = nServerPort;
3629     lpwhs->nHostPort = nServerPort;
3630
3631     /* Don't send a handle created callback if this handle was created with InternetOpenUrl */
3632     if (!(lpwhs->hdr.dwInternalFlags & INET_OPENURL))
3633     {
3634         INTERNET_SendCallback(&hIC->hdr, dwContext,
3635                               INTERNET_STATUS_HANDLE_CREATED, &handle,
3636                               sizeof(handle));
3637     }
3638
3639 lerror:
3640     if( lpwhs )
3641         WININET_Release( &lpwhs->hdr );
3642
3643 /*
3644  * an INTERNET_STATUS_REQUEST_COMPLETE is NOT sent here as per my tests on
3645  * windows
3646  */
3647
3648     TRACE("%p --> %p (%p)\n", hIC, handle, lpwhs);
3649     return handle;
3650 }
3651
3652
3653 /***********************************************************************
3654  *           HTTP_OpenConnection (internal)
3655  *
3656  * Connect to a web server
3657  *
3658  * RETURNS
3659  *
3660  *   TRUE  on success
3661  *   FALSE on failure
3662  */
3663 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr)
3664 {
3665     BOOL bSuccess = FALSE;
3666     LPWININETHTTPSESSIONW lpwhs;
3667     LPWININETAPPINFOW hIC = NULL;
3668     char szaddr[32];
3669
3670     TRACE("-->\n");
3671
3672
3673     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
3674     {
3675         INTERNET_SetLastError(ERROR_INVALID_PARAMETER);
3676         goto lend;
3677     }
3678
3679     if (NETCON_connected(&lpwhr->netConnection))
3680     {
3681         bSuccess = TRUE;
3682         goto lend;
3683     }
3684     if (!HTTP_ResolveName(lpwhr)) goto lend;
3685
3686     lpwhs = lpwhr->lpHttpSession;
3687
3688     hIC = lpwhs->lpAppInfo;
3689     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
3690               szaddr, sizeof(szaddr));
3691     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3692                           INTERNET_STATUS_CONNECTING_TO_SERVER,
3693                           szaddr,
3694                           strlen(szaddr)+1);
3695
3696     if (!NETCON_create(&lpwhr->netConnection, lpwhs->socketAddress.sin_family,
3697                          SOCK_STREAM, 0))
3698     {
3699         WARN("Socket creation failed: %u\n", INTERNET_GetLastError());
3700         goto lend;
3701     }
3702
3703     if (!NETCON_connect(&lpwhr->netConnection, (struct sockaddr *)&lpwhs->socketAddress,
3704                       sizeof(lpwhs->socketAddress)))
3705        goto lend;
3706
3707     if (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE)
3708     {
3709         /* Note: we differ from Microsoft's WinINet here. they seem to have
3710          * a bug that causes no status callbacks to be sent when starting
3711          * a tunnel to a proxy server using the CONNECT verb. i believe our
3712          * behaviour to be more correct and to not cause any incompatibilities
3713          * because using a secure connection through a proxy server is a rare
3714          * case that would be hard for anyone to depend on */
3715         if (hIC->lpszProxy && !HTTP_SecureProxyConnect(lpwhr))
3716             goto lend;
3717
3718         if (!NETCON_secure_connect(&lpwhr->netConnection, lpwhs->lpszHostName))
3719         {
3720             WARN("Couldn't connect securely to host\n");
3721             goto lend;
3722         }
3723     }
3724
3725     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3726                           INTERNET_STATUS_CONNECTED_TO_SERVER,
3727                           szaddr, strlen(szaddr)+1);
3728
3729     bSuccess = TRUE;
3730
3731 lend:
3732     TRACE("%d <--\n", bSuccess);
3733     return bSuccess;
3734 }
3735
3736
3737 /***********************************************************************
3738  *           HTTP_clear_response_headers (internal)
3739  *
3740  * clear out any old response headers
3741  */
3742 static void HTTP_clear_response_headers( LPWININETHTTPREQW lpwhr )
3743 {
3744     DWORD i;
3745
3746     for( i=0; i<lpwhr->nCustHeaders; i++)
3747     {
3748         if( !lpwhr->pCustHeaders[i].lpszField )
3749             continue;
3750         if( !lpwhr->pCustHeaders[i].lpszValue )
3751             continue;
3752         if ( lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST )
3753             continue;
3754         HTTP_DeleteCustomHeader( lpwhr, i );
3755         i--;
3756     }
3757 }
3758
3759 /***********************************************************************
3760  *           HTTP_GetResponseHeaders (internal)
3761  *
3762  * Read server response
3763  *
3764  * RETURNS
3765  *
3766  *   TRUE  on success
3767  *   FALSE on error
3768  */
3769 static INT HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr, BOOL clear)
3770 {
3771     INT cbreaks = 0;
3772     WCHAR buffer[MAX_REPLY_LEN];
3773     DWORD buflen = MAX_REPLY_LEN;
3774     BOOL bSuccess = FALSE;
3775     INT  rc = 0;
3776     static const WCHAR szHundred[] = {'1','0','0',0};
3777     char bufferA[MAX_REPLY_LEN];
3778     LPWSTR status_code, status_text;
3779     DWORD cchMaxRawHeaders = 1024;
3780     LPWSTR lpszRawHeaders = HeapAlloc(GetProcessHeap(), 0, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3781     DWORD cchRawHeaders = 0;
3782
3783     TRACE("-->\n");
3784
3785     /* clear old response headers (eg. from a redirect response) */
3786     if (clear) HTTP_clear_response_headers( lpwhr );
3787
3788     if (!NETCON_connected(&lpwhr->netConnection))
3789         goto lend;
3790
3791     do {
3792         /*
3793          * HACK peek at the buffer
3794          */
3795         buflen = MAX_REPLY_LEN;
3796         NETCON_recv(&lpwhr->netConnection, buffer, buflen, MSG_PEEK, &rc);
3797
3798         /*
3799          * We should first receive 'HTTP/1.x nnn OK' where nnn is the status code.
3800          */
3801         memset(buffer, 0, MAX_REPLY_LEN);
3802         if (!NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3803             goto lend;
3804         MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3805
3806         /* split the version from the status code */
3807         status_code = strchrW( buffer, ' ' );
3808         if( !status_code )
3809             goto lend;
3810         *status_code++=0;
3811
3812         /* split the status code from the status text */
3813         status_text = strchrW( status_code, ' ' );
3814         if( !status_text )
3815             goto lend;
3816         *status_text++=0;
3817
3818         TRACE("version [%s] status code [%s] status text [%s]\n",
3819            debugstr_w(buffer), debugstr_w(status_code), debugstr_w(status_text) );
3820
3821     } while (!strcmpW(status_code, szHundred)); /* ignore "100 Continue" responses */
3822
3823     /* Add status code */
3824     HTTP_ProcessHeader(lpwhr, szStatus, status_code,
3825             HTTP_ADDHDR_FLAG_REPLACE);
3826
3827     HeapFree(GetProcessHeap(),0,lpwhr->lpszVersion);
3828     HeapFree(GetProcessHeap(),0,lpwhr->lpszStatusText);
3829
3830     lpwhr->lpszVersion= WININET_strdupW(buffer);
3831     lpwhr->lpszStatusText = WININET_strdupW(status_text);
3832
3833     /* Restore the spaces */
3834     *(status_code-1) = ' ';
3835     *(status_text-1) = ' ';
3836
3837     /* regenerate raw headers */
3838     while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3839     {
3840         cchMaxRawHeaders *= 2;
3841         lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3842     }
3843     memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3844     cchRawHeaders += (buflen-1);
3845     memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3846     cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3847     lpszRawHeaders[cchRawHeaders] = '\0';
3848
3849     /* Parse each response line */
3850     do
3851     {
3852         buflen = MAX_REPLY_LEN;
3853         if (NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3854         {
3855             LPWSTR * pFieldAndValue;
3856
3857             TRACE("got line %s, now interpreting\n", debugstr_a(bufferA));
3858             MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3859
3860             while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3861             {
3862                 cchMaxRawHeaders *= 2;
3863                 lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3864             }
3865             memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3866             cchRawHeaders += (buflen-1);
3867             memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3868             cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3869             lpszRawHeaders[cchRawHeaders] = '\0';
3870
3871             pFieldAndValue = HTTP_InterpretHttpHeader(buffer);
3872             if (!pFieldAndValue)
3873                 break;
3874
3875             HTTP_ProcessHeader(lpwhr, pFieldAndValue[0], pFieldAndValue[1], 
3876                 HTTP_ADDREQ_FLAG_ADD );
3877
3878             HTTP_FreeTokens(pFieldAndValue);
3879         }
3880         else
3881         {
3882             cbreaks++;
3883             if (cbreaks >= 2)
3884                break;
3885         }
3886     }while(1);
3887
3888     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
3889     lpwhr->lpszRawHeaders = lpszRawHeaders;
3890     TRACE("raw headers: %s\n", debugstr_w(lpszRawHeaders));
3891     bSuccess = TRUE;
3892
3893 lend:
3894
3895     TRACE("<--\n");
3896     if (bSuccess)
3897         return rc;
3898     else
3899     {
3900         HeapFree(GetProcessHeap(), 0, lpszRawHeaders);
3901         return 0;
3902     }
3903 }
3904
3905
3906 static void strip_spaces(LPWSTR start)
3907 {
3908     LPWSTR str = start;
3909     LPWSTR end;
3910
3911     while (*str == ' ' && *str != '\0')
3912         str++;
3913
3914     if (str != start)
3915         memmove(start, str, sizeof(WCHAR) * (strlenW(str) + 1));
3916
3917     end = start + strlenW(start) - 1;
3918     while (end >= start && *end == ' ')
3919     {
3920         *end = '\0';
3921         end--;
3922     }
3923 }
3924
3925
3926 /***********************************************************************
3927  *           HTTP_InterpretHttpHeader (internal)
3928  *
3929  * Parse server response
3930  *
3931  * RETURNS
3932  *
3933  *   Pointer to array of field, value, NULL on success.
3934  *   NULL on error.
3935  */
3936 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer)
3937 {
3938     LPWSTR * pTokenPair;
3939     LPWSTR pszColon;
3940     INT len;
3941
3942     pTokenPair = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*pTokenPair)*3);
3943
3944     pszColon = strchrW(buffer, ':');
3945     /* must have two tokens */
3946     if (!pszColon)
3947     {
3948         HTTP_FreeTokens(pTokenPair);
3949         if (buffer[0])
3950             TRACE("No ':' in line: %s\n", debugstr_w(buffer));
3951         return NULL;
3952     }
3953
3954     pTokenPair[0] = HeapAlloc(GetProcessHeap(), 0, (pszColon - buffer + 1) * sizeof(WCHAR));
3955     if (!pTokenPair[0])
3956     {
3957         HTTP_FreeTokens(pTokenPair);
3958         return NULL;
3959     }
3960     memcpy(pTokenPair[0], buffer, (pszColon - buffer) * sizeof(WCHAR));
3961     pTokenPair[0][pszColon - buffer] = '\0';
3962
3963     /* skip colon */
3964     pszColon++;
3965     len = strlenW(pszColon);
3966     pTokenPair[1] = HeapAlloc(GetProcessHeap(), 0, (len + 1) * sizeof(WCHAR));
3967     if (!pTokenPair[1])
3968     {
3969         HTTP_FreeTokens(pTokenPair);
3970         return NULL;
3971     }
3972     memcpy(pTokenPair[1], pszColon, (len + 1) * sizeof(WCHAR));
3973
3974     strip_spaces(pTokenPair[0]);
3975     strip_spaces(pTokenPair[1]);
3976
3977     TRACE("field(%s) Value(%s)\n", debugstr_w(pTokenPair[0]), debugstr_w(pTokenPair[1]));
3978     return pTokenPair;
3979 }
3980
3981 /***********************************************************************
3982  *           HTTP_ProcessHeader (internal)
3983  *
3984  * Stuff header into header tables according to <dwModifier>
3985  *
3986  */
3987
3988 #define COALESCEFLAGS (HTTP_ADDHDR_FLAG_COALESCE|HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA|HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
3989
3990 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier)
3991 {
3992     LPHTTPHEADERW lphttpHdr = NULL;
3993     BOOL bSuccess = FALSE;
3994     INT index = -1;
3995     BOOL request_only = dwModifier & HTTP_ADDHDR_FLAG_REQ;
3996
3997     TRACE("--> %s: %s - 0x%08x\n", debugstr_w(field), debugstr_w(value), dwModifier);
3998
3999     /* REPLACE wins out over ADD */
4000     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
4001         dwModifier &= ~HTTP_ADDHDR_FLAG_ADD;
4002     
4003     if (dwModifier & HTTP_ADDHDR_FLAG_ADD)
4004         index = -1;
4005     else
4006         index = HTTP_GetCustomHeaderIndex(lpwhr, field, 0, request_only);
4007
4008     if (index >= 0)
4009     {
4010         if (dwModifier & HTTP_ADDHDR_FLAG_ADD_IF_NEW)
4011         {
4012             return FALSE;
4013         }
4014         lphttpHdr = &lpwhr->pCustHeaders[index];
4015     }
4016     else if (value)
4017     {
4018         HTTPHEADERW hdr;
4019
4020         hdr.lpszField = (LPWSTR)field;
4021         hdr.lpszValue = (LPWSTR)value;
4022         hdr.wFlags = hdr.wCount = 0;
4023
4024         if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
4025             hdr.wFlags |= HDR_ISREQUEST;
4026
4027         return HTTP_InsertCustomHeader(lpwhr, &hdr);
4028     }
4029     /* no value to delete */
4030     else return TRUE;
4031
4032     if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
4033             lphttpHdr->wFlags |= HDR_ISREQUEST;
4034     else
4035         lphttpHdr->wFlags &= ~HDR_ISREQUEST;
4036
4037     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
4038     {
4039         HTTP_DeleteCustomHeader( lpwhr, index );
4040
4041         if (value)
4042         {
4043             HTTPHEADERW hdr;
4044
4045             hdr.lpszField = (LPWSTR)field;
4046             hdr.lpszValue = (LPWSTR)value;
4047             hdr.wFlags = hdr.wCount = 0;
4048
4049             if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
4050                 hdr.wFlags |= HDR_ISREQUEST;
4051
4052             return HTTP_InsertCustomHeader(lpwhr, &hdr);
4053         }
4054
4055         return TRUE;
4056     }
4057     else if (dwModifier & COALESCEFLAGS)
4058     {
4059         LPWSTR lpsztmp;
4060         WCHAR ch = 0;
4061         INT len = 0;
4062         INT origlen = strlenW(lphttpHdr->lpszValue);
4063         INT valuelen = strlenW(value);
4064
4065         if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA)
4066         {
4067             ch = ',';
4068             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
4069         }
4070         else if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
4071         {
4072             ch = ';';
4073             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
4074         }
4075
4076         len = origlen + valuelen + ((ch > 0) ? 2 : 0);
4077
4078         lpsztmp = HeapReAlloc(GetProcessHeap(), 0, lphttpHdr->lpszValue, (len+1)*sizeof(WCHAR));
4079         if (lpsztmp)
4080         {
4081             lphttpHdr->lpszValue = lpsztmp;
4082     /* FIXME: Increment lphttpHdr->wCount. Perhaps lpszValue should be an array */
4083             if (ch > 0)
4084             {
4085                 lphttpHdr->lpszValue[origlen] = ch;
4086                 origlen++;
4087                 lphttpHdr->lpszValue[origlen] = ' ';
4088                 origlen++;
4089             }
4090
4091             memcpy(&lphttpHdr->lpszValue[origlen], value, valuelen*sizeof(WCHAR));
4092             lphttpHdr->lpszValue[len] = '\0';
4093             bSuccess = TRUE;
4094         }
4095         else
4096         {
4097             WARN("HeapReAlloc (%d bytes) failed\n",len+1);
4098             INTERNET_SetLastError(ERROR_OUTOFMEMORY);
4099         }
4100     }
4101     TRACE("<-- %d\n",bSuccess);
4102     return bSuccess;
4103 }
4104
4105
4106 /***********************************************************************
4107  *           HTTP_FinishedReading (internal)
4108  *
4109  * Called when all content from server has been read by client.
4110  *
4111  */
4112 BOOL HTTP_FinishedReading(LPWININETHTTPREQW lpwhr)
4113 {
4114     WCHAR szVersion[10];
4115     WCHAR szConnectionResponse[20];
4116     DWORD dwBufferSize = sizeof(szVersion);
4117     BOOL keepalive = FALSE;
4118
4119     TRACE("\n");
4120
4121     /* as per RFC 2068, S8.1.2.1, if the client is HTTP/1.1 then assume that
4122      * the connection is keep-alive by default */
4123     if (HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_VERSION, szVersion,
4124                              &dwBufferSize, NULL) &&
4125         !strcmpiW(szVersion, g_szHttp1_1))
4126     {
4127         keepalive = TRUE;
4128     }
4129
4130     dwBufferSize = sizeof(szConnectionResponse);
4131     if (HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_PROXY_CONNECTION, szConnectionResponse, &dwBufferSize, NULL) ||
4132         HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_CONNECTION, szConnectionResponse, &dwBufferSize, NULL))
4133     {
4134         keepalive = !strcmpiW(szConnectionResponse, szKeepAlive);
4135     }
4136
4137     if (!keepalive)
4138     {
4139         HTTPREQ_CloseConnection(&lpwhr->hdr);
4140     }
4141
4142     /* FIXME: store data in the URL cache here */
4143
4144     return TRUE;
4145 }
4146
4147
4148 /***********************************************************************
4149  *           HTTP_GetCustomHeaderIndex (internal)
4150  *
4151  * Return index of custom header from header array
4152  *
4153  */
4154 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField,
4155                                      int requested_index, BOOL request_only)
4156 {
4157     DWORD index;
4158
4159     TRACE("%s\n", debugstr_w(lpszField));
4160
4161     for (index = 0; index < lpwhr->nCustHeaders; index++)
4162     {
4163         if (strcmpiW(lpwhr->pCustHeaders[index].lpszField, lpszField))
4164             continue;
4165
4166         if (request_only && !(lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
4167             continue;
4168
4169         if (!request_only && (lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
4170             continue;
4171
4172         if (requested_index == 0)
4173             break;
4174         requested_index --;
4175     }
4176
4177     if (index >= lpwhr->nCustHeaders)
4178         index = -1;
4179
4180     TRACE("Return: %d\n", index);
4181     return index;
4182 }
4183
4184
4185 /***********************************************************************
4186  *           HTTP_InsertCustomHeader (internal)
4187  *
4188  * Insert header into array
4189  *
4190  */
4191 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr)
4192 {
4193     INT count;
4194     LPHTTPHEADERW lph = NULL;
4195     BOOL r = FALSE;
4196
4197     TRACE("--> %s: %s\n", debugstr_w(lpHdr->lpszField), debugstr_w(lpHdr->lpszValue));
4198     count = lpwhr->nCustHeaders + 1;
4199     if (count > 1)
4200         lph = HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, lpwhr->pCustHeaders, sizeof(HTTPHEADERW) * count);
4201     else
4202         lph = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(HTTPHEADERW) * count);
4203
4204     if (NULL != lph)
4205     {
4206         lpwhr->pCustHeaders = lph;
4207         lpwhr->pCustHeaders[count-1].lpszField = WININET_strdupW(lpHdr->lpszField);
4208         lpwhr->pCustHeaders[count-1].lpszValue = WININET_strdupW(lpHdr->lpszValue);
4209         lpwhr->pCustHeaders[count-1].wFlags = lpHdr->wFlags;
4210         lpwhr->pCustHeaders[count-1].wCount= lpHdr->wCount;
4211         lpwhr->nCustHeaders++;
4212         r = TRUE;
4213     }
4214     else
4215     {
4216         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
4217     }
4218
4219     return r;
4220 }
4221
4222
4223 /***********************************************************************
4224  *           HTTP_DeleteCustomHeader (internal)
4225  *
4226  * Delete header from array
4227  *  If this function is called, the indexs may change.
4228  */
4229 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index)
4230 {
4231     if( lpwhr->nCustHeaders <= 0 )
4232         return FALSE;
4233     if( index >= lpwhr->nCustHeaders )
4234         return FALSE;
4235     lpwhr->nCustHeaders--;
4236
4237     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[index].lpszField);
4238     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[index].lpszValue);
4239
4240     memmove( &lpwhr->pCustHeaders[index], &lpwhr->pCustHeaders[index+1],
4241              (lpwhr->nCustHeaders - index)* sizeof(HTTPHEADERW) );
4242     memset( &lpwhr->pCustHeaders[lpwhr->nCustHeaders], 0, sizeof(HTTPHEADERW) );
4243
4244     return TRUE;
4245 }
4246
4247
4248 /***********************************************************************
4249  *           HTTP_VerifyValidHeader (internal)
4250  *
4251  * Verify the given header is not invalid for the given http request
4252  *
4253  */
4254 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field)
4255 {
4256     /* Accept-Encoding is stripped from HTTP/1.0 requests. It is invalid */
4257     if (!strcmpW(lpwhr->lpszVersion, g_szHttp1_0) && !strcmpiW(field, szAccept_Encoding))
4258         return FALSE;
4259
4260     return TRUE;
4261 }
4262
4263 /***********************************************************************
4264  *          IsHostInProxyBypassList (@)
4265  *
4266  * Undocumented
4267  *
4268  */
4269 BOOL WINAPI IsHostInProxyBypassList(DWORD flags, LPCSTR szHost, DWORD length)
4270 {
4271    FIXME("STUB: flags=%d host=%s length=%d\n",flags,szHost,length);
4272    return FALSE;
4273 }