wininet: Fix another typo.
[wine] / dlls / wininet / http.c
1 /*
2  * Wininet - Http Implementation
3  *
4  * Copyright 1999 Corel Corporation
5  * Copyright 2002 CodeWeavers Inc.
6  * Copyright 2002 TransGaming Technologies Inc.
7  * Copyright 2004 Mike McCormack for CodeWeavers
8  * Copyright 2005 Aric Stewart for CodeWeavers
9  * Copyright 2006 Robert Shearman for CodeWeavers
10  *
11  * Ulrich Czekalla
12  * David Hammerton
13  *
14  * This library is free software; you can redistribute it and/or
15  * modify it under the terms of the GNU Lesser General Public
16  * License as published by the Free Software Foundation; either
17  * version 2.1 of the License, or (at your option) any later version.
18  *
19  * This library is distributed in the hope that it will be useful,
20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
22  * Lesser General Public License for more details.
23  *
24  * You should have received a copy of the GNU Lesser General Public
25  * License along with this library; if not, write to the Free Software
26  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
27  */
28
29 #include "config.h"
30 #include "wine/port.h"
31
32 #include <sys/types.h>
33 #ifdef HAVE_SYS_SOCKET_H
34 # include <sys/socket.h>
35 #endif
36 #ifdef HAVE_ARPA_INET_H
37 # include <arpa/inet.h>
38 #endif
39 #include <stdarg.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42 #ifdef HAVE_UNISTD_H
43 # include <unistd.h>
44 #endif
45 #include <time.h>
46 #include <assert.h>
47
48 #include "windef.h"
49 #include "winbase.h"
50 #include "wininet.h"
51 #include "winerror.h"
52 #define NO_SHLWAPI_STREAM
53 #define NO_SHLWAPI_REG
54 #define NO_SHLWAPI_STRFCNS
55 #define NO_SHLWAPI_GDI
56 #include "shlwapi.h"
57 #include "sspi.h"
58
59 #include "internet.h"
60 #include "wine/debug.h"
61 #include "wine/unicode.h"
62
63 WINE_DEFAULT_DEBUG_CHANNEL(wininet);
64
65 static const WCHAR g_szHttp1_0[] = {' ','H','T','T','P','/','1','.','0',0 };
66 static const WCHAR g_szHttp1_1[] = {' ','H','T','T','P','/','1','.','1',0 };
67 static const WCHAR g_szReferer[] = {'R','e','f','e','r','e','r',0};
68 static const WCHAR g_szAccept[] = {'A','c','c','e','p','t',0};
69 static const WCHAR g_szUserAgent[] = {'U','s','e','r','-','A','g','e','n','t',0};
70 static const WCHAR szHost[] = { 'H','o','s','t',0 };
71 static const WCHAR szAuthorization[] = { 'A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
72 static const WCHAR szProxy_Authorization[] = { 'P','r','o','x','y','-','A','u','t','h','o','r','i','z','a','t','i','o','n',0 };
73 static const WCHAR szStatus[] = { 'S','t','a','t','u','s',0 };
74 static const WCHAR szKeepAlive[] = {'K','e','e','p','-','A','l','i','v','e',0};
75
76 #define MAXHOSTNAME 100
77 #define MAX_FIELD_VALUE_LEN 256
78 #define MAX_FIELD_LEN 256
79
80 #define HTTP_REFERER    g_szReferer
81 #define HTTP_ACCEPT     g_szAccept
82 #define HTTP_USERAGENT  g_szUserAgent
83
84 #define HTTP_ADDHDR_FLAG_ADD                            0x20000000
85 #define HTTP_ADDHDR_FLAG_ADD_IF_NEW                     0x10000000
86 #define HTTP_ADDHDR_FLAG_COALESCE                       0x40000000
87 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA            0x40000000
88 #define HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON        0x01000000
89 #define HTTP_ADDHDR_FLAG_REPLACE                        0x80000000
90 #define HTTP_ADDHDR_FLAG_REQ                            0x02000000
91
92 #define ARRAYSIZE(array) (sizeof(array)/sizeof((array)[0]))
93
94 struct HttpAuthInfo
95 {
96     LPWSTR scheme;
97     CredHandle cred;
98     CtxtHandle ctx;
99     TimeStamp exp;
100     ULONG attr;
101     void *auth_data;
102     unsigned int auth_data_len;
103     BOOL finished; /* finished authenticating */
104 };
105
106 static void HTTP_CloseConnection(LPWININETHANDLEHEADER hdr);
107 static void HTTP_CloseHTTPRequestHandle(LPWININETHANDLEHEADER hdr);
108 static void HTTP_CloseHTTPSessionHandle(LPWININETHANDLEHEADER hdr);
109 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr);
110 static BOOL HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr);
111 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier);
112 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer);
113 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr);
114 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField, INT index, BOOL Request);
115 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index);
116 static LPWSTR HTTP_build_req( LPCWSTR *list, int len );
117 static BOOL WINAPI HTTP_HttpQueryInfoW( LPWININETHTTPREQW lpwhr, DWORD
118         dwInfoLevel, LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD
119         lpdwIndex);
120 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl);
121 static UINT HTTP_DecodeBase64(LPCWSTR base64, LPSTR bin);
122 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field);
123
124
125 LPHTTPHEADERW HTTP_GetHeader(LPWININETHTTPREQW req, LPCWSTR head)
126 {
127     int HeaderIndex = 0;
128     HeaderIndex = HTTP_GetCustomHeaderIndex(req, head, 0, TRUE);
129     if (HeaderIndex == -1)
130         return NULL;
131     else
132         return &req->pCustHeaders[HeaderIndex];
133 }
134
135 /***********************************************************************
136  *           HTTP_Tokenize (internal)
137  *
138  *  Tokenize a string, allocating memory for the tokens.
139  */
140 static LPWSTR * HTTP_Tokenize(LPCWSTR string, LPCWSTR token_string)
141 {
142     LPWSTR * token_array;
143     int tokens = 0;
144     int i;
145     LPCWSTR next_token;
146
147     /* empty string has no tokens */
148     if (*string)
149         tokens++;
150     /* count tokens */
151     for (i = 0; string[i]; i++)
152         if (!strncmpW(string+i, token_string, strlenW(token_string)))
153         {
154             DWORD j;
155             tokens++;
156             /* we want to skip over separators, but not the null terminator */
157             for (j = 0; j < strlenW(token_string) - 1; j++)
158                 if (!string[i+j])
159                     break;
160             i += j;
161         }
162
163     /* add 1 for terminating NULL */
164     token_array = HeapAlloc(GetProcessHeap(), 0, (tokens+1) * sizeof(*token_array));
165     token_array[tokens] = NULL;
166     if (!tokens)
167         return token_array;
168     for (i = 0; i < tokens; i++)
169     {
170         int len;
171         next_token = strstrW(string, token_string);
172         if (!next_token) next_token = string+strlenW(string);
173         len = next_token - string;
174         token_array[i] = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
175         memcpy(token_array[i], string, len*sizeof(WCHAR));
176         token_array[i][len] = '\0';
177         string = next_token+strlenW(token_string);
178     }
179     return token_array;
180 }
181
182 /***********************************************************************
183  *           HTTP_FreeTokens (internal)
184  *
185  *  Frees memory returned from HTTP_Tokenize.
186  */
187 static void HTTP_FreeTokens(LPWSTR * token_array)
188 {
189     int i;
190     for (i = 0; token_array[i]; i++)
191         HeapFree(GetProcessHeap(), 0, token_array[i]);
192     HeapFree(GetProcessHeap(), 0, token_array);
193 }
194
195 /* **********************************************************************
196  * 
197  * Helper functions for the HttpSendRequest(Ex) functions
198  * 
199  */
200 static void AsyncHttpSendRequestProc(WORKREQUEST *workRequest)
201 {
202     struct WORKREQ_HTTPSENDREQUESTW const *req = &workRequest->u.HttpSendRequestW;
203     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) workRequest->hdr;
204
205     TRACE("%p\n", lpwhr);
206
207     HTTP_HttpSendRequestW(lpwhr, req->lpszHeader,
208             req->dwHeaderLength, req->lpOptional, req->dwOptionalLength,
209             req->dwContentLength, req->bEndRequest);
210
211     HeapFree(GetProcessHeap(), 0, req->lpszHeader);
212 }
213
214 static void HTTP_FixVerb( LPWININETHTTPREQW lpwhr )
215 {
216     /* if the verb is NULL default to GET */
217     if (NULL == lpwhr->lpszVerb)
218     {
219             static const WCHAR szGET[] = { 'G','E','T', 0 };
220             lpwhr->lpszVerb = WININET_strdupW(szGET);
221     }
222 }
223
224 static void HTTP_FixURL( LPWININETHTTPREQW lpwhr)
225 {
226     static const WCHAR szSlash[] = { '/',0 };
227     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/', 0 };
228
229     /* If we don't have a path we set it to root */
230     if (NULL == lpwhr->lpszPath)
231         lpwhr->lpszPath = WININET_strdupW(szSlash);
232     else /* remove \r and \n*/
233     {
234         int nLen = strlenW(lpwhr->lpszPath);
235         while ((nLen >0 ) && ((lpwhr->lpszPath[nLen-1] == '\r')||(lpwhr->lpszPath[nLen-1] == '\n')))
236         {
237             nLen--;
238             lpwhr->lpszPath[nLen]='\0';
239         }
240         /* Replace '\' with '/' */
241         while (nLen>0) {
242             nLen--;
243             if (lpwhr->lpszPath[nLen] == '\\') lpwhr->lpszPath[nLen]='/';
244         }
245     }
246
247     if(CSTR_EQUAL != CompareStringW( LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
248                        lpwhr->lpszPath, strlenW(lpwhr->lpszPath), szHttp, strlenW(szHttp) )
249        && lpwhr->lpszPath[0] != '/') /* not an absolute path ?? --> fix it !! */
250     {
251         WCHAR *fixurl = HeapAlloc(GetProcessHeap(), 0, 
252                              (strlenW(lpwhr->lpszPath) + 2)*sizeof(WCHAR));
253         *fixurl = '/';
254         strcpyW(fixurl + 1, lpwhr->lpszPath);
255         HeapFree( GetProcessHeap(), 0, lpwhr->lpszPath );
256         lpwhr->lpszPath = fixurl;
257     }
258 }
259
260 static LPWSTR HTTP_BuildHeaderRequestString( LPWININETHTTPREQW lpwhr, LPCWSTR verb, LPCWSTR path, BOOL http1_1 )
261 {
262     LPWSTR requestString;
263     DWORD len, n;
264     LPCWSTR *req;
265     INT i;
266     LPWSTR p;
267
268     static const WCHAR szSpace[] = { ' ',0 };
269     static const WCHAR szcrlf[] = {'\r','\n', 0};
270     static const WCHAR szColon[] = { ':',' ',0 };
271     static const WCHAR sztwocrlf[] = {'\r','\n','\r','\n', 0};
272
273     /* allocate space for an array of all the string pointers to be added */
274     len = (lpwhr->nCustHeaders)*4 + 9;
275     req = HeapAlloc( GetProcessHeap(), 0, len*sizeof(LPCWSTR) );
276
277     /* add the verb, path and HTTP version string */
278     n = 0;
279     req[n++] = verb;
280     req[n++] = szSpace;
281     req[n++] = path;
282     req[n++] = http1_1 ? g_szHttp1_1 : g_szHttp1_0;
283
284     /* Append custom request heades */
285     for (i = 0; i < lpwhr->nCustHeaders; i++)
286     {
287         if (lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST)
288         {
289             req[n++] = szcrlf;
290             req[n++] = lpwhr->pCustHeaders[i].lpszField;
291             req[n++] = szColon;
292             req[n++] = lpwhr->pCustHeaders[i].lpszValue;
293
294             TRACE("Adding custom header %s (%s)\n",
295                    debugstr_w(lpwhr->pCustHeaders[i].lpszField),
296                    debugstr_w(lpwhr->pCustHeaders[i].lpszValue));
297         }
298     }
299
300     if( n >= len )
301         ERR("oops. buffer overrun\n");
302
303     req[n] = NULL;
304     requestString = HTTP_build_req( req, 4 );
305     HeapFree( GetProcessHeap(), 0, req );
306
307     /*
308      * Set (header) termination string for request
309      * Make sure there's exactly two new lines at the end of the request
310      */
311     p = &requestString[strlenW(requestString)-1];
312     while ( (*p == '\n') || (*p == '\r') )
313        p--;
314     strcpyW( p+1, sztwocrlf );
315     
316     return requestString;
317 }
318
319 static void HTTP_ProcessHeaders( LPWININETHTTPREQW lpwhr )
320 {
321     static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
322     int HeaderIndex;
323     LPHTTPHEADERW setCookieHeader;
324
325     HeaderIndex = HTTP_GetCustomHeaderIndex(lpwhr, szSet_Cookie, 0, FALSE);
326     if (HeaderIndex == -1)
327             return;
328     setCookieHeader = &lpwhr->pCustHeaders[HeaderIndex];
329
330     if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES) && setCookieHeader->lpszValue)
331     {
332         int nPosStart = 0, nPosEnd = 0, len;
333         static const WCHAR szFmt[] = { 'h','t','t','p',':','/','/','%','s','/',0};
334
335         while (setCookieHeader->lpszValue[nPosEnd] != '\0')
336         {
337             LPWSTR buf_cookie, cookie_name, cookie_data;
338             LPWSTR buf_url;
339             LPWSTR domain = NULL;
340             LPHTTPHEADERW Host;
341
342             int nEqualPos = 0;
343             while (setCookieHeader->lpszValue[nPosEnd] != ';' && setCookieHeader->lpszValue[nPosEnd] != ',' &&
344                    setCookieHeader->lpszValue[nPosEnd] != '\0')
345             {
346                 nPosEnd++;
347             }
348             if (setCookieHeader->lpszValue[nPosEnd] == ';')
349             {
350                 /* fixme: not case sensitive, strcasestr is gnu only */
351                 int nDomainPosEnd = 0;
352                 int nDomainPosStart = 0, nDomainLength = 0;
353                 static const WCHAR szDomain[] = {'d','o','m','a','i','n','=',0};
354                 LPWSTR lpszDomain = strstrW(&setCookieHeader->lpszValue[nPosEnd], szDomain);
355                 if (lpszDomain)
356                 { /* they have specified their own domain, lets use it */
357                     while (lpszDomain[nDomainPosEnd] != ';' && lpszDomain[nDomainPosEnd] != ',' &&
358                            lpszDomain[nDomainPosEnd] != '\0')
359                     {
360                         nDomainPosEnd++;
361                     }
362                     nDomainPosStart = strlenW(szDomain);
363                     nDomainLength = (nDomainPosEnd - nDomainPosStart) + 1;
364                     domain = HeapAlloc(GetProcessHeap(), 0, (nDomainLength + 1)*sizeof(WCHAR));
365                     lstrcpynW(domain, &lpszDomain[nDomainPosStart], nDomainLength + 1);
366                 }
367             }
368             if (setCookieHeader->lpszValue[nPosEnd] == '\0') break;
369             buf_cookie = HeapAlloc(GetProcessHeap(), 0, ((nPosEnd - nPosStart) + 1)*sizeof(WCHAR));
370             lstrcpynW(buf_cookie, &setCookieHeader->lpszValue[nPosStart], (nPosEnd - nPosStart) + 1);
371             TRACE("%s\n", debugstr_w(buf_cookie));
372             while (buf_cookie[nEqualPos] != '=' && buf_cookie[nEqualPos] != '\0')
373             {
374                 nEqualPos++;
375             }
376             if (buf_cookie[nEqualPos] == '\0' || buf_cookie[nEqualPos + 1] == '\0')
377             {
378                 HeapFree(GetProcessHeap(), 0, buf_cookie);
379                 break;
380             }
381
382             cookie_name = HeapAlloc(GetProcessHeap(), 0, (nEqualPos + 1)*sizeof(WCHAR));
383             lstrcpynW(cookie_name, buf_cookie, nEqualPos + 1);
384             cookie_data = &buf_cookie[nEqualPos + 1];
385
386             Host = HTTP_GetHeader(lpwhr,szHost);
387             len = lstrlenW((domain ? domain : (Host?Host->lpszValue:NULL))) + 
388                 strlenW(lpwhr->lpszPath) + 9;
389             buf_url = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
390             sprintfW(buf_url, szFmt, (domain ? domain : (Host?Host->lpszValue:NULL))); /* FIXME PATH!!! */
391             InternetSetCookieW(buf_url, cookie_name, cookie_data);
392
393             HeapFree(GetProcessHeap(), 0, buf_url);
394             HeapFree(GetProcessHeap(), 0, buf_cookie);
395             HeapFree(GetProcessHeap(), 0, cookie_name);
396             HeapFree(GetProcessHeap(), 0, domain);
397             nPosStart = nPosEnd;
398         }
399     }
400 }
401
402 static inline BOOL is_basic_auth_value( LPCWSTR pszAuthValue )
403 {
404     static const WCHAR szBasic[] = {'B','a','s','i','c'}; /* Note: not nul-terminated */
405     return !strncmpiW(pszAuthValue, szBasic, ARRAYSIZE(szBasic)) &&
406         ((pszAuthValue[ARRAYSIZE(szBasic)] != ' ') || !pszAuthValue[ARRAYSIZE(szBasic)]);
407 }
408
409 static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue,
410                                   struct HttpAuthInfo **ppAuthInfo,
411                                   LPWSTR domain_and_username, LPWSTR password )
412 {
413     SECURITY_STATUS sec_status;
414     struct HttpAuthInfo *pAuthInfo = *ppAuthInfo;
415     BOOL first = FALSE;
416
417     TRACE("%s\n", debugstr_w(pszAuthValue));
418
419     if (!domain_and_username) return FALSE;
420
421     if (!pAuthInfo)
422     {
423         TimeStamp exp;
424
425         first = TRUE;
426         pAuthInfo = HeapAlloc(GetProcessHeap(), 0, sizeof(*pAuthInfo));
427         if (!pAuthInfo)
428             return FALSE;
429
430         SecInvalidateHandle(&pAuthInfo->cred);
431         SecInvalidateHandle(&pAuthInfo->ctx);
432         memset(&pAuthInfo->exp, 0, sizeof(pAuthInfo->exp));
433         pAuthInfo->attr = 0;
434         pAuthInfo->auth_data = NULL;
435         pAuthInfo->auth_data_len = 0;
436         pAuthInfo->finished = FALSE;
437
438         if (is_basic_auth_value(pszAuthValue))
439         {
440             static const WCHAR szBasic[] = {'B','a','s','i','c',0};
441             pAuthInfo->scheme = WININET_strdupW(szBasic);
442             if (!pAuthInfo->scheme)
443             {
444                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
445                 return FALSE;
446             }
447         }
448         else
449         {
450             SEC_WINNT_AUTH_IDENTITY_W nt_auth_identity;
451             WCHAR *user = strchrW(domain_and_username, '\\');
452             WCHAR *domain = domain_and_username;
453
454             pAuthInfo->scheme = WININET_strdupW(pszAuthValue);
455             if (!pAuthInfo->scheme)
456             {
457                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
458                 return FALSE;
459             }
460
461             if (user) user++;
462             else
463             {
464                 user = domain_and_username;
465                 domain = NULL;
466             }
467             nt_auth_identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
468             nt_auth_identity.User = user;
469             nt_auth_identity.UserLength = strlenW(nt_auth_identity.User);
470             nt_auth_identity.Domain = domain;
471             nt_auth_identity.DomainLength = domain ? user - domain - 1 : 0;
472             nt_auth_identity.Password = password;
473             nt_auth_identity.PasswordLength = strlenW(nt_auth_identity.Password);
474
475             /* FIXME: make sure scheme accepts SEC_WINNT_AUTH_IDENTITY before calling AcquireCredentialsHandle */
476
477             sec_status = AcquireCredentialsHandleW(NULL, pAuthInfo->scheme,
478                                                    SECPKG_CRED_OUTBOUND, NULL,
479                                                    &nt_auth_identity, NULL,
480                                                    NULL, &pAuthInfo->cred,
481                                                    &exp);
482             if (sec_status != SEC_E_OK)
483             {
484                 WARN("AcquireCredentialsHandleW for scheme %s failed with error 0x%08x\n",
485                      debugstr_w(pAuthInfo->scheme), sec_status);
486                 HeapFree(GetProcessHeap(), 0, pAuthInfo->scheme);
487                 HeapFree(GetProcessHeap(), 0, pAuthInfo);
488                 return FALSE;
489             }
490         }
491         *ppAuthInfo = pAuthInfo;
492     }
493     else if (pAuthInfo->finished)
494         return FALSE;
495
496     if ((strlenW(pszAuthValue) < strlenW(pAuthInfo->scheme)) ||
497         strncmpiW(pszAuthValue, pAuthInfo->scheme, strlenW(pAuthInfo->scheme)))
498     {
499         ERR("authentication scheme changed from %s to %s\n",
500             debugstr_w(pAuthInfo->scheme), debugstr_w(pszAuthValue));
501         return FALSE;
502     }
503
504     if (is_basic_auth_value(pszAuthValue))
505     {
506         int userlen = WideCharToMultiByte(CP_UTF8, 0, domain_and_username, lstrlenW(domain_and_username), NULL, 0, NULL, NULL);
507         int passlen = WideCharToMultiByte(CP_UTF8, 0, password, lstrlenW(password), NULL, 0, NULL, NULL);
508         char *auth_data;
509
510         TRACE("basic authentication\n");
511
512         /* length includes a nul terminator, which will be re-used for the ':' */
513         auth_data = HeapAlloc(GetProcessHeap(), 0, userlen + 1 + passlen);
514         if (!auth_data)
515             return FALSE;
516
517         WideCharToMultiByte(CP_UTF8, 0, domain_and_username, -1, auth_data, userlen, NULL, NULL);
518         auth_data[userlen] = ':';
519         WideCharToMultiByte(CP_UTF8, 0, password, -1, &auth_data[userlen+1], passlen, NULL, NULL);
520
521         pAuthInfo->auth_data = auth_data;
522         pAuthInfo->auth_data_len = userlen + 1 + passlen;
523         pAuthInfo->finished = TRUE;
524
525         return TRUE;
526     }
527     else
528     {
529         LPCWSTR pszAuthData;
530         SecBufferDesc out_desc, in_desc;
531         SecBuffer out, in;
532         unsigned char *buffer;
533         ULONG context_req = ISC_REQ_CONNECTION | ISC_REQ_USE_DCE_STYLE |
534             ISC_REQ_MUTUAL_AUTH | ISC_REQ_DELEGATE;
535
536         in.BufferType = SECBUFFER_TOKEN;
537         in.cbBuffer = 0;
538         in.pvBuffer = NULL;
539
540         in_desc.ulVersion = 0;
541         in_desc.cBuffers = 1;
542         in_desc.pBuffers = &in;
543
544         pszAuthData = pszAuthValue + strlenW(pAuthInfo->scheme);
545         if (*pszAuthData == ' ')
546         {
547             pszAuthData++;
548             in.cbBuffer = HTTP_DecodeBase64(pszAuthData, NULL);
549             in.pvBuffer = HeapAlloc(GetProcessHeap(), 0, in.cbBuffer);
550             HTTP_DecodeBase64(pszAuthData, in.pvBuffer);
551         }
552
553         buffer = HeapAlloc(GetProcessHeap(), 0, 0x100);
554
555         out.BufferType = SECBUFFER_TOKEN;
556         out.cbBuffer = 0x100;
557         out.pvBuffer = buffer;
558
559         out_desc.ulVersion = 0;
560         out_desc.cBuffers = 1;
561         out_desc.pBuffers = &out;
562
563         sec_status = InitializeSecurityContextW(first ? &pAuthInfo->cred : NULL,
564                                                 first ? NULL : &pAuthInfo->ctx, NULL,
565                                                 context_req, 0, SECURITY_NETWORK_DREP,
566                                                 in.pvBuffer ? &in_desc : NULL,
567                                                 0, &pAuthInfo->ctx, &out_desc,
568                                                 &pAuthInfo->attr, &pAuthInfo->exp);
569         if (sec_status == SEC_E_OK)
570         {
571             pAuthInfo->finished = TRUE;
572             pAuthInfo->auth_data = out.pvBuffer;
573             pAuthInfo->auth_data_len = out.cbBuffer;
574             TRACE("sending last auth packet\n");
575         }
576         else if (sec_status == SEC_I_CONTINUE_NEEDED)
577         {
578             pAuthInfo->auth_data = out.pvBuffer;
579             pAuthInfo->auth_data_len = out.cbBuffer;
580             TRACE("sending next auth packet\n");
581         }
582         else
583         {
584             ERR("InitializeSecurityContextW returned error 0x%08x\n", sec_status);
585             HeapFree(GetProcessHeap(), 0, out.pvBuffer);
586             return FALSE;
587         }
588     }
589
590     return TRUE;
591 }
592
593 /***********************************************************************
594  *           HTTP_HttpAddRequestHeadersW (internal)
595  */
596 static BOOL WINAPI HTTP_HttpAddRequestHeadersW(LPWININETHTTPREQW lpwhr,
597         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
598 {
599     LPWSTR lpszStart;
600     LPWSTR lpszEnd;
601     LPWSTR buffer;
602     BOOL bSuccess = FALSE;
603     DWORD len;
604
605     TRACE("copying header: %s\n", debugstr_w(lpszHeader));
606
607     if( dwHeaderLength == ~0U )
608         len = strlenW(lpszHeader);
609     else
610         len = dwHeaderLength;
611     buffer = HeapAlloc( GetProcessHeap(), 0, sizeof(WCHAR)*(len+1) );
612     lstrcpynW( buffer, lpszHeader, len + 1);
613
614     lpszStart = buffer;
615
616     do
617     {
618         LPWSTR * pFieldAndValue;
619
620         lpszEnd = lpszStart;
621
622         while (*lpszEnd != '\0')
623         {
624             if (*lpszEnd == '\r' && *(lpszEnd + 1) == '\n')
625                  break;
626             lpszEnd++;
627         }
628
629         if (*lpszStart == '\0')
630             break;
631
632         if (*lpszEnd == '\r')
633         {
634             *lpszEnd = '\0';
635             lpszEnd += 2; /* Jump over \r\n */
636         }
637         TRACE("interpreting header %s\n", debugstr_w(lpszStart));
638         pFieldAndValue = HTTP_InterpretHttpHeader(lpszStart);
639         if (pFieldAndValue)
640         {
641             bSuccess = HTTP_VerifyValidHeader(lpwhr, pFieldAndValue[0]);
642             if (bSuccess)
643                 bSuccess = HTTP_ProcessHeader(lpwhr, pFieldAndValue[0],
644                     pFieldAndValue[1], dwModifier | HTTP_ADDHDR_FLAG_REQ);
645             HTTP_FreeTokens(pFieldAndValue);
646         }
647
648         lpszStart = lpszEnd;
649     } while (bSuccess);
650
651     HeapFree(GetProcessHeap(), 0, buffer);
652
653     return bSuccess;
654 }
655
656 /***********************************************************************
657  *           HttpAddRequestHeadersW (WININET.@)
658  *
659  * Adds one or more HTTP header to the request handler
660  *
661  * RETURNS
662  *    TRUE  on success
663  *    FALSE on failure
664  *
665  */
666 BOOL WINAPI HttpAddRequestHeadersW(HINTERNET hHttpRequest,
667         LPCWSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
668 {
669     BOOL bSuccess = FALSE;
670     LPWININETHTTPREQW lpwhr;
671
672     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_w(lpszHeader), dwHeaderLength,
673           dwModifier);
674
675     if (!lpszHeader) 
676       return TRUE;
677
678     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
679     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
680     {
681         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
682         goto lend;
683     }
684     bSuccess = HTTP_HttpAddRequestHeadersW( lpwhr, lpszHeader, dwHeaderLength, dwModifier );
685 lend:
686     if( lpwhr )
687         WININET_Release( &lpwhr->hdr );
688
689     return bSuccess;
690 }
691
692 /***********************************************************************
693  *           HttpAddRequestHeadersA (WININET.@)
694  *
695  * Adds one or more HTTP header to the request handler
696  *
697  * RETURNS
698  *    TRUE  on success
699  *    FALSE on failure
700  *
701  */
702 BOOL WINAPI HttpAddRequestHeadersA(HINTERNET hHttpRequest,
703         LPCSTR lpszHeader, DWORD dwHeaderLength, DWORD dwModifier)
704 {
705     DWORD len;
706     LPWSTR hdr;
707     BOOL r;
708
709     TRACE("%p, %s, %i, %i\n", hHttpRequest, debugstr_a(lpszHeader), dwHeaderLength,
710           dwModifier);
711
712     len = MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, NULL, 0 );
713     hdr = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
714     MultiByteToWideChar( CP_ACP, 0, lpszHeader, dwHeaderLength, hdr, len );
715     if( dwHeaderLength != ~0U )
716         dwHeaderLength = len;
717
718     r = HttpAddRequestHeadersW( hHttpRequest, hdr, dwHeaderLength, dwModifier );
719
720     HeapFree( GetProcessHeap(), 0, hdr );
721
722     return r;
723 }
724
725 /* read any content returned by the server so that the connection can be
726  * resued */
727 static void HTTP_DrainContent(LPWININETHTTPREQW lpwhr)
728 {
729     DWORD bytes_read;
730
731     if (!NETCON_connected(&lpwhr->netConnection)) return;
732
733     if (lpwhr->dwContentLength == -1)
734         NETCON_close(&lpwhr->netConnection);
735
736     do
737     {
738         char buffer[2048];
739         if (!INTERNET_ReadFile(&lpwhr->hdr, buffer, sizeof(buffer), &bytes_read,
740                                TRUE, FALSE))
741             return;
742     } while (bytes_read);
743 }
744
745 /***********************************************************************
746  *           HttpEndRequestA (WININET.@)
747  *
748  * Ends an HTTP request that was started by HttpSendRequestEx
749  *
750  * RETURNS
751  *    TRUE      if successful
752  *    FALSE     on failure
753  *
754  */
755 BOOL WINAPI HttpEndRequestA(HINTERNET hRequest, 
756         LPINTERNET_BUFFERSA lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
757 {
758     LPINTERNET_BUFFERSA ptr;
759     LPINTERNET_BUFFERSW lpBuffersOutW,ptrW;
760     BOOL rc = FALSE;
761
762     TRACE("(%p, %p, %08x, %08lx): stub\n", hRequest, lpBuffersOut, dwFlags,
763             dwContext);
764
765     ptr = lpBuffersOut;
766     if (ptr)
767         lpBuffersOutW = (LPINTERNET_BUFFERSW)HeapAlloc(GetProcessHeap(),
768                 HEAP_ZERO_MEMORY, sizeof(INTERNET_BUFFERSW));
769     else
770         lpBuffersOutW = NULL;
771
772     ptrW = lpBuffersOutW;
773     while (ptr)
774     {
775         if (ptr->lpvBuffer && ptr->dwBufferLength)
776             ptrW->lpvBuffer = HeapAlloc(GetProcessHeap(),0,ptr->dwBufferLength);
777         ptrW->dwBufferLength = ptr->dwBufferLength;
778         ptrW->dwBufferTotal= ptr->dwBufferTotal;
779
780         if (ptr->Next)
781             ptrW->Next = HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,
782                     sizeof(INTERNET_BUFFERSW));
783
784         ptr = ptr->Next;
785         ptrW = ptrW->Next;
786     }
787
788     rc = HttpEndRequestW(hRequest, lpBuffersOutW, dwFlags, dwContext);
789
790     if (lpBuffersOutW)
791     {
792         ptrW = lpBuffersOutW;
793         while (ptrW)
794         {
795             LPINTERNET_BUFFERSW ptrW2;
796
797             FIXME("Do we need to translate info out of these buffer?\n");
798
799             HeapFree(GetProcessHeap(),0,(LPVOID)ptrW->lpvBuffer);
800             ptrW2 = ptrW->Next;
801             HeapFree(GetProcessHeap(),0,ptrW);
802             ptrW = ptrW2;
803         }
804     }
805
806     return rc;
807 }
808
809 /***********************************************************************
810  *           HttpEndRequestW (WININET.@)
811  *
812  * Ends an HTTP request that was started by HttpSendRequestEx
813  *
814  * RETURNS
815  *    TRUE      if successful
816  *    FALSE     on failure
817  *
818  */
819 BOOL WINAPI HttpEndRequestW(HINTERNET hRequest, 
820         LPINTERNET_BUFFERSW lpBuffersOut, DWORD dwFlags, DWORD_PTR dwContext)
821 {
822     BOOL rc = FALSE;
823     LPWININETHTTPREQW lpwhr;
824     INT responseLen;
825     DWORD dwBufferSize;
826
827     TRACE("-->\n");
828     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
829
830     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
831     {
832         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
833         if (lpwhr)
834             WININET_Release( &lpwhr->hdr );
835         return FALSE;
836     }
837
838     lpwhr->hdr.dwFlags |= dwFlags;
839     lpwhr->hdr.dwContext = dwContext;
840
841     /* We appear to do nothing with lpBuffersOut.. is that correct? */
842
843     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
844             INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
845
846     responseLen = HTTP_GetResponseHeaders(lpwhr);
847     if (responseLen)
848             rc = TRUE;
849
850     SendAsyncCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
851             INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen, sizeof(DWORD));
852
853     /* process headers here. Is this right? */
854     HTTP_ProcessHeaders(lpwhr);
855
856     dwBufferSize = sizeof(lpwhr->dwContentLength);
857     if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
858                              &lpwhr->dwContentLength,&dwBufferSize,NULL))
859         lpwhr->dwContentLength = -1;
860
861     if (lpwhr->dwContentLength == 0)
862         HTTP_FinishedReading(lpwhr);
863
864     if(!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT))
865     {
866         DWORD dwCode,dwCodeLength=sizeof(DWORD);
867         if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,&dwCode,&dwCodeLength,NULL) &&
868             (dwCode==302 || dwCode==301))
869         {
870             WCHAR szNewLocation[2048];
871             dwBufferSize=sizeof(szNewLocation);
872             if(HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
873             {
874                     static const WCHAR szGET[] = { 'G','E','T', 0 };
875                 /* redirects are always GETs */
876                 HeapFree(GetProcessHeap(),0,lpwhr->lpszVerb);
877                     lpwhr->lpszVerb = WININET_strdupW(szGET);
878                 HTTP_DrainContent(lpwhr);
879                 rc = HTTP_HandleRedirect(lpwhr, szNewLocation);
880                 if (rc)
881                     rc = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, TRUE);
882             }
883         }
884     }
885
886     WININET_Release( &lpwhr->hdr );
887     TRACE("%i <--\n",rc);
888     return rc;
889 }
890
891 /***********************************************************************
892  *           HttpOpenRequestW (WININET.@)
893  *
894  * Open a HTTP request handle
895  *
896  * RETURNS
897  *    HINTERNET  a HTTP request handle on success
898  *    NULL       on failure
899  *
900  */
901 HINTERNET WINAPI HttpOpenRequestW(HINTERNET hHttpSession,
902         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
903         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
904         DWORD dwFlags, DWORD_PTR dwContext)
905 {
906     LPWININETHTTPSESSIONW lpwhs;
907     HINTERNET handle = NULL;
908
909     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
910           debugstr_w(lpszVerb), debugstr_w(lpszObjectName),
911           debugstr_w(lpszVersion), debugstr_w(lpszReferrer), lpszAcceptTypes,
912           dwFlags, dwContext);
913     if(lpszAcceptTypes!=NULL)
914     {
915         int i;
916         for(i=0;lpszAcceptTypes[i]!=NULL;i++)
917             TRACE("\taccept type: %s\n",debugstr_w(lpszAcceptTypes[i]));
918     }    
919
920     lpwhs = (LPWININETHTTPSESSIONW) WININET_GetObject( hHttpSession );
921     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
922     {
923         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
924         goto lend;
925     }
926
927     /*
928      * My tests seem to show that the windows version does not
929      * become asynchronous until after this point. And anyhow
930      * if this call was asynchronous then how would you get the
931      * necessary HINTERNET pointer returned by this function.
932      *
933      */
934     handle = HTTP_HttpOpenRequestW(lpwhs, lpszVerb, lpszObjectName,
935                                    lpszVersion, lpszReferrer, lpszAcceptTypes,
936                                    dwFlags, dwContext);
937 lend:
938     if( lpwhs )
939         WININET_Release( &lpwhs->hdr );
940     TRACE("returning %p\n", handle);
941     return handle;
942 }
943
944
945 /***********************************************************************
946  *           HttpOpenRequestA (WININET.@)
947  *
948  * Open a HTTP request handle
949  *
950  * RETURNS
951  *    HINTERNET  a HTTP request handle on success
952  *    NULL       on failure
953  *
954  */
955 HINTERNET WINAPI HttpOpenRequestA(HINTERNET hHttpSession,
956         LPCSTR lpszVerb, LPCSTR lpszObjectName, LPCSTR lpszVersion,
957         LPCSTR lpszReferrer , LPCSTR *lpszAcceptTypes,
958         DWORD dwFlags, DWORD_PTR dwContext)
959 {
960     LPWSTR szVerb = NULL, szObjectName = NULL;
961     LPWSTR szVersion = NULL, szReferrer = NULL, *szAcceptTypes = NULL;
962     INT len;
963     INT acceptTypesCount;
964     HINTERNET rc = FALSE;
965     TRACE("(%p, %s, %s, %s, %s, %p, %08x, %08lx)\n", hHttpSession,
966           debugstr_a(lpszVerb), debugstr_a(lpszObjectName),
967           debugstr_a(lpszVersion), debugstr_a(lpszReferrer), lpszAcceptTypes,
968           dwFlags, dwContext);
969
970     if (lpszVerb)
971     {
972         len = MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, NULL, 0 );
973         szVerb = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
974         if ( !szVerb )
975             goto end;
976         MultiByteToWideChar(CP_ACP, 0, lpszVerb, -1, szVerb, len);
977     }
978
979     if (lpszObjectName)
980     {
981         len = MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, NULL, 0 );
982         szObjectName = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR) );
983         if ( !szObjectName )
984             goto end;
985         MultiByteToWideChar(CP_ACP, 0, lpszObjectName, -1, szObjectName, len );
986     }
987
988     if (lpszVersion)
989     {
990         len = MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, NULL, 0 );
991         szVersion = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
992         if ( !szVersion )
993             goto end;
994         MultiByteToWideChar(CP_ACP, 0, lpszVersion, -1, szVersion, len );
995     }
996
997     if (lpszReferrer)
998     {
999         len = MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, NULL, 0 );
1000         szReferrer = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1001         if ( !szReferrer )
1002             goto end;
1003         MultiByteToWideChar(CP_ACP, 0, lpszReferrer, -1, szReferrer, len );
1004     }
1005
1006     acceptTypesCount = 0;
1007     if (lpszAcceptTypes)
1008     {
1009         /* find out how many there are */
1010         while (lpszAcceptTypes[acceptTypesCount] && *lpszAcceptTypes[acceptTypesCount])
1011             acceptTypesCount++;
1012         szAcceptTypes = HeapAlloc(GetProcessHeap(), 0, sizeof(WCHAR *) * (acceptTypesCount+1));
1013         acceptTypesCount = 0;
1014         while (lpszAcceptTypes[acceptTypesCount] && *lpszAcceptTypes[acceptTypesCount])
1015         {
1016             len = MultiByteToWideChar(CP_ACP, 0, lpszAcceptTypes[acceptTypesCount],
1017                                 -1, NULL, 0 );
1018             szAcceptTypes[acceptTypesCount] = HeapAlloc(GetProcessHeap(), 0, len * sizeof(WCHAR));
1019             if (!szAcceptTypes[acceptTypesCount] )
1020                 goto end;
1021             MultiByteToWideChar(CP_ACP, 0, lpszAcceptTypes[acceptTypesCount],
1022                                 -1, szAcceptTypes[acceptTypesCount], len );
1023             acceptTypesCount++;
1024         }
1025         szAcceptTypes[acceptTypesCount] = NULL;
1026     }
1027     else szAcceptTypes = 0;
1028
1029     rc = HttpOpenRequestW(hHttpSession, szVerb, szObjectName,
1030                           szVersion, szReferrer,
1031                           (LPCWSTR*)szAcceptTypes, dwFlags, dwContext);
1032
1033 end:
1034     if (szAcceptTypes)
1035     {
1036         acceptTypesCount = 0;
1037         while (szAcceptTypes[acceptTypesCount])
1038         {
1039             HeapFree(GetProcessHeap(), 0, szAcceptTypes[acceptTypesCount]);
1040             acceptTypesCount++;
1041         }
1042         HeapFree(GetProcessHeap(), 0, szAcceptTypes);
1043     }
1044     HeapFree(GetProcessHeap(), 0, szReferrer);
1045     HeapFree(GetProcessHeap(), 0, szVersion);
1046     HeapFree(GetProcessHeap(), 0, szObjectName);
1047     HeapFree(GetProcessHeap(), 0, szVerb);
1048
1049     return rc;
1050 }
1051
1052 /***********************************************************************
1053  *  HTTP_EncodeBase64
1054  */
1055 static UINT HTTP_EncodeBase64( LPCSTR bin, unsigned int len, LPWSTR base64 )
1056 {
1057     UINT n = 0, x;
1058     static const CHAR HTTP_Base64Enc[] =
1059         "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
1060
1061     while( len > 0 )
1062     {
1063         /* first 6 bits, all from bin[0] */
1064         base64[n++] = HTTP_Base64Enc[(bin[0] & 0xfc) >> 2];
1065         x = (bin[0] & 3) << 4;
1066
1067         /* next 6 bits, 2 from bin[0] and 4 from bin[1] */
1068         if( len == 1 )
1069         {
1070             base64[n++] = HTTP_Base64Enc[x];
1071             base64[n++] = '=';
1072             base64[n++] = '=';
1073             break;
1074         }
1075         base64[n++] = HTTP_Base64Enc[ x | ( (bin[1]&0xf0) >> 4 ) ];
1076         x = ( bin[1] & 0x0f ) << 2;
1077
1078         /* next 6 bits 4 from bin[1] and 2 from bin[2] */
1079         if( len == 2 )
1080         {
1081             base64[n++] = HTTP_Base64Enc[x];
1082             base64[n++] = '=';
1083             break;
1084         }
1085         base64[n++] = HTTP_Base64Enc[ x | ( (bin[2]&0xc0 ) >> 6 ) ];
1086
1087         /* last 6 bits, all from bin [2] */
1088         base64[n++] = HTTP_Base64Enc[ bin[2] & 0x3f ];
1089         bin += 3;
1090         len -= 3;
1091     }
1092     base64[n] = 0;
1093     return n;
1094 }
1095
1096 #define CH(x) (((x) >= 'A' && (x) <= 'Z') ? (x) - 'A' : \
1097                ((x) >= 'a' && (x) <= 'z') ? (x) - 'a' + 26 : \
1098                ((x) >= '0' && (x) <= '9') ? (x) - '0' + 52 : \
1099                ((x) == '+') ? 62 : ((x) == '/') ? 63 : -1)
1100 static const signed char HTTP_Base64Dec[256] =
1101 {
1102     CH( 0),CH( 1),CH( 2),CH( 3),CH( 4),CH( 5),CH( 6),CH( 7),CH( 8),CH( 9),
1103     CH(10),CH(11),CH(12),CH(13),CH(14),CH(15),CH(16),CH(17),CH(18),CH(19),
1104     CH(20),CH(21),CH(22),CH(23),CH(24),CH(25),CH(26),CH(27),CH(28),CH(29),
1105     CH(30),CH(31),CH(32),CH(33),CH(34),CH(35),CH(36),CH(37),CH(38),CH(39),
1106     CH(40),CH(41),CH(42),CH(43),CH(44),CH(45),CH(46),CH(47),CH(48),CH(49),
1107     CH(50),CH(51),CH(52),CH(53),CH(54),CH(55),CH(56),CH(57),CH(58),CH(59),
1108     CH(60),CH(61),CH(62),CH(63),CH(64),CH(65),CH(66),CH(67),CH(68),CH(69),
1109     CH(70),CH(71),CH(72),CH(73),CH(74),CH(75),CH(76),CH(77),CH(78),CH(79),
1110     CH(80),CH(81),CH(82),CH(83),CH(84),CH(85),CH(86),CH(87),CH(88),CH(89),
1111     CH(90),CH(91),CH(92),CH(93),CH(94),CH(95),CH(96),CH(97),CH(98),CH(99),
1112     CH(100),CH(101),CH(102),CH(103),CH(104),CH(105),CH(106),CH(107),CH(108),CH(109),
1113     CH(110),CH(111),CH(112),CH(113),CH(114),CH(115),CH(116),CH(117),CH(118),CH(119),
1114     CH(120),CH(121),CH(122),CH(123),CH(124),CH(125),CH(126),CH(127),CH(128),CH(129),
1115     CH(130),CH(131),CH(132),CH(133),CH(134),CH(135),CH(136),CH(137),CH(138),CH(139),
1116     CH(140),CH(141),CH(142),CH(143),CH(144),CH(145),CH(146),CH(147),CH(148),CH(149),
1117     CH(150),CH(151),CH(152),CH(153),CH(154),CH(155),CH(156),CH(157),CH(158),CH(159),
1118     CH(160),CH(161),CH(162),CH(163),CH(164),CH(165),CH(166),CH(167),CH(168),CH(169),
1119     CH(170),CH(171),CH(172),CH(173),CH(174),CH(175),CH(176),CH(177),CH(178),CH(179),
1120     CH(180),CH(181),CH(182),CH(183),CH(184),CH(185),CH(186),CH(187),CH(188),CH(189),
1121     CH(190),CH(191),CH(192),CH(193),CH(194),CH(195),CH(196),CH(197),CH(198),CH(199),
1122     CH(200),CH(201),CH(202),CH(203),CH(204),CH(205),CH(206),CH(207),CH(208),CH(209),
1123     CH(210),CH(211),CH(212),CH(213),CH(214),CH(215),CH(216),CH(217),CH(218),CH(219),
1124     CH(220),CH(221),CH(222),CH(223),CH(224),CH(225),CH(226),CH(227),CH(228),CH(229),
1125     CH(230),CH(231),CH(232),CH(233),CH(234),CH(235),CH(236),CH(237),CH(238),CH(239),
1126     CH(240),CH(241),CH(242),CH(243),CH(244),CH(245),CH(246),CH(247),CH(248), CH(249),
1127     CH(250),CH(251),CH(252),CH(253),CH(254),CH(255),
1128 };
1129 #undef CH
1130
1131 /***********************************************************************
1132  *  HTTP_DecodeBase64
1133  */
1134 static UINT HTTP_DecodeBase64( LPCWSTR base64, LPSTR bin )
1135 {
1136     unsigned int n = 0;
1137
1138     while(*base64)
1139     {
1140         signed char in[4];
1141
1142         if (base64[0] > ARRAYSIZE(HTTP_Base64Dec) ||
1143             ((in[0] = HTTP_Base64Dec[base64[0]]) == -1) ||
1144             base64[1] > ARRAYSIZE(HTTP_Base64Dec) ||
1145             ((in[1] = HTTP_Base64Dec[base64[1]]) == -1))
1146         {
1147             WARN("invalid base64: %s\n", debugstr_w(base64));
1148             return 0;
1149         }
1150         if (bin)
1151             bin[n] = (unsigned char) (in[0] << 2 | in[1] >> 4);
1152         n++;
1153
1154         if ((base64[2] == '=') && (base64[3] == '='))
1155             break;
1156         if (base64[2] > ARRAYSIZE(HTTP_Base64Dec) ||
1157             ((in[2] = HTTP_Base64Dec[base64[2]]) == -1))
1158         {
1159             WARN("invalid base64: %s\n", debugstr_w(&base64[2]));
1160             return 0;
1161         }
1162         if (bin)
1163             bin[n] = (unsigned char) (in[1] << 4 | in[2] >> 2);
1164         n++;
1165
1166         if (base64[3] == '=')
1167             break;
1168         if (base64[3] > ARRAYSIZE(HTTP_Base64Dec) ||
1169             ((in[3] = HTTP_Base64Dec[base64[3]]) == -1))
1170         {
1171             WARN("invalid base64: %s\n", debugstr_w(&base64[3]));
1172             return 0;
1173         }
1174         if (bin)
1175             bin[n] = (unsigned char) (((in[2] << 6) & 0xc0) | in[3]);
1176         n++;
1177
1178         base64 += 4;
1179     }
1180
1181     return n;
1182 }
1183
1184 /***********************************************************************
1185  *  HTTP_InsertAuthorizationForHeader
1186  *
1187  *   Insert or delete the authorization field in the request header.
1188  */
1189 static BOOL HTTP_InsertAuthorizationForHeader( LPWININETHTTPREQW lpwhr, struct HttpAuthInfo *pAuthInfo, LPCWSTR header )
1190 {
1191     WCHAR *authorization = NULL;
1192
1193     if (pAuthInfo && pAuthInfo->auth_data_len)
1194     {
1195         static const WCHAR wszSpace[] = {' ',0};
1196         unsigned int len;
1197
1198         /* scheme + space + base64 encoded data (3/2/1 bytes data -> 4 bytes of characters) */
1199         len = strlenW(pAuthInfo->scheme)+1+((pAuthInfo->auth_data_len+2)*4)/3;
1200         authorization = HeapAlloc(GetProcessHeap(), 0, (len+1)*sizeof(WCHAR));
1201         if (!authorization)
1202             return FALSE;
1203
1204         strcpyW(authorization, pAuthInfo->scheme);
1205         strcatW(authorization, wszSpace);
1206         HTTP_EncodeBase64(pAuthInfo->auth_data,
1207                           pAuthInfo->auth_data_len,
1208                           authorization+strlenW(authorization));
1209
1210         /* clear the data as it isn't valid now that it has been sent to the
1211          * server */
1212         HeapFree(GetProcessHeap(), 0, pAuthInfo->auth_data);
1213         pAuthInfo->auth_data = NULL;
1214         pAuthInfo->auth_data_len = 0;
1215     }
1216
1217     TRACE("Inserting authorization: %s\n", debugstr_w(authorization));
1218
1219     HTTP_ProcessHeader(lpwhr, header, authorization,
1220                        HTTP_ADDHDR_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
1221
1222     HeapFree(GetProcessHeap(), 0, authorization);
1223
1224     return TRUE;
1225 }
1226
1227 /***********************************************************************
1228  *  HTTP_InsertAuthorization
1229  *
1230  *   Insert the authorization field in the request header
1231  */
1232 static BOOL HTTP_InsertAuthorization( LPWININETHTTPREQW lpwhr )
1233 {
1234     return HTTP_InsertAuthorizationForHeader(lpwhr, lpwhr->pAuthInfo, szAuthorization);
1235 }
1236
1237 /***********************************************************************
1238  *  HTTP_InsertProxyAuthorization
1239  *
1240  *   Insert the proxy authorization field in the request header
1241  */
1242 static BOOL HTTP_InsertProxyAuthorization( LPWININETHTTPREQW lpwhr )
1243 {
1244     return HTTP_InsertAuthorizationForHeader(lpwhr, lpwhr->pProxyAuthInfo, szProxy_Authorization);
1245 }
1246
1247 /***********************************************************************
1248  *           HTTP_DealWithProxy
1249  */
1250 static BOOL HTTP_DealWithProxy( LPWININETAPPINFOW hIC,
1251     LPWININETHTTPSESSIONW lpwhs, LPWININETHTTPREQW lpwhr)
1252 {
1253     WCHAR buf[MAXHOSTNAME];
1254     WCHAR proxy[MAXHOSTNAME + 15]; /* 15 == "http://" + sizeof(port#) + ":/\0" */
1255     WCHAR* url;
1256     static WCHAR szNul[] = { 0 };
1257     URL_COMPONENTSW UrlComponents;
1258     static const WCHAR szHttp[] = { 'h','t','t','p',':','/','/',0 }, szSlash[] = { '/',0 } ;
1259     static const WCHAR szFormat1[] = { 'h','t','t','p',':','/','/','%','s',0 };
1260     static const WCHAR szFormat2[] = { 'h','t','t','p',':','/','/','%','s',':','%','d',0 };
1261     int len;
1262
1263     memset( &UrlComponents, 0, sizeof UrlComponents );
1264     UrlComponents.dwStructSize = sizeof UrlComponents;
1265     UrlComponents.lpszHostName = buf;
1266     UrlComponents.dwHostNameLength = MAXHOSTNAME;
1267
1268     if( CSTR_EQUAL != CompareStringW(LOCALE_SYSTEM_DEFAULT, NORM_IGNORECASE,
1269                                  hIC->lpszProxy,strlenW(szHttp),szHttp,strlenW(szHttp)) )
1270         sprintfW(proxy, szFormat1, hIC->lpszProxy);
1271     else
1272         strcpyW(proxy, hIC->lpszProxy);
1273     if( !InternetCrackUrlW(proxy, 0, 0, &UrlComponents) )
1274         return FALSE;
1275     if( UrlComponents.dwHostNameLength == 0 )
1276         return FALSE;
1277
1278     if( !lpwhr->lpszPath )
1279         lpwhr->lpszPath = szNul;
1280     TRACE("server=%s path=%s\n",
1281           debugstr_w(lpwhs->lpszHostName), debugstr_w(lpwhr->lpszPath));
1282     /* for constant 15 see above */
1283     len = strlenW(lpwhs->lpszHostName) + strlenW(lpwhr->lpszPath) + 15;
1284     url = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
1285
1286     if(UrlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
1287         UrlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
1288
1289     sprintfW(url, szFormat2, lpwhs->lpszHostName, lpwhs->nHostPort);
1290
1291     if( lpwhr->lpszPath[0] != '/' )
1292         strcatW( url, szSlash );
1293     strcatW(url, lpwhr->lpszPath);
1294     if(lpwhr->lpszPath != szNul)
1295         HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
1296     lpwhr->lpszPath = url;
1297
1298     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
1299     lpwhs->lpszServerName = WININET_strdupW(UrlComponents.lpszHostName);
1300     lpwhs->nServerPort = UrlComponents.nPort;
1301
1302     return TRUE;
1303 }
1304
1305 static BOOL HTTP_ResolveName(LPWININETHTTPREQW lpwhr)
1306 {
1307     char szaddr[32];
1308     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
1309
1310     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1311                           INTERNET_STATUS_RESOLVING_NAME,
1312                           lpwhs->lpszServerName,
1313                           strlenW(lpwhs->lpszServerName)+1);
1314
1315     if (!GetAddress(lpwhs->lpszServerName, lpwhs->nServerPort,
1316                     &lpwhs->socketAddress))
1317     {
1318         INTERNET_SetLastError(ERROR_INTERNET_NAME_NOT_RESOLVED);
1319         return FALSE;
1320     }
1321
1322     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
1323               szaddr, sizeof(szaddr));
1324     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
1325                           INTERNET_STATUS_NAME_RESOLVED,
1326                           szaddr, strlen(szaddr)+1);
1327     return TRUE;
1328 }
1329
1330 /***********************************************************************
1331  *           HTTP_HttpOpenRequestW (internal)
1332  *
1333  * Open a HTTP request handle
1334  *
1335  * RETURNS
1336  *    HINTERNET  a HTTP request handle on success
1337  *    NULL       on failure
1338  *
1339  */
1340 HINTERNET WINAPI HTTP_HttpOpenRequestW(LPWININETHTTPSESSIONW lpwhs,
1341         LPCWSTR lpszVerb, LPCWSTR lpszObjectName, LPCWSTR lpszVersion,
1342         LPCWSTR lpszReferrer , LPCWSTR *lpszAcceptTypes,
1343         DWORD dwFlags, DWORD_PTR dwContext)
1344 {
1345     LPWININETAPPINFOW hIC = NULL;
1346     LPWININETHTTPREQW lpwhr;
1347     LPWSTR lpszCookies;
1348     LPWSTR lpszUrl = NULL;
1349     DWORD nCookieSize;
1350     HINTERNET handle = NULL;
1351     static const WCHAR szUrlForm[] = {'h','t','t','p',':','/','/','%','s',0};
1352     DWORD len;
1353     LPHTTPHEADERW Host;
1354
1355     TRACE("-->\n");
1356
1357     assert( lpwhs->hdr.htype == WH_HHTTPSESSION );
1358     hIC = lpwhs->lpAppInfo;
1359
1360     lpwhr = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPREQW));
1361     if (NULL == lpwhr)
1362     {
1363         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1364         goto lend;
1365     }
1366     lpwhr->hdr.htype = WH_HHTTPREQ;
1367     lpwhr->hdr.dwFlags = dwFlags;
1368     lpwhr->hdr.dwContext = dwContext;
1369     lpwhr->hdr.dwRefCount = 1;
1370     lpwhr->hdr.close_connection = HTTP_CloseConnection;
1371     lpwhr->hdr.destroy = HTTP_CloseHTTPRequestHandle;
1372     lpwhr->hdr.lpfnStatusCB = lpwhs->hdr.lpfnStatusCB;
1373     lpwhr->hdr.dwInternalFlags = lpwhs->hdr.dwInternalFlags & INET_CALLBACKW;
1374
1375     WININET_AddRef( &lpwhs->hdr );
1376     lpwhr->lpHttpSession = lpwhs;
1377     list_add_head( &lpwhs->hdr.children, &lpwhr->hdr.entry );
1378
1379     handle = WININET_AllocHandle( &lpwhr->hdr );
1380     if (NULL == handle)
1381     {
1382         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
1383         goto lend;
1384     }
1385
1386     if (!NETCON_init(&lpwhr->netConnection, dwFlags & INTERNET_FLAG_SECURE))
1387     {
1388         InternetCloseHandle( handle );
1389         handle = NULL;
1390         goto lend;
1391     }
1392
1393     if (NULL != lpszObjectName && strlenW(lpszObjectName)) {
1394         HRESULT rc;
1395
1396         len = 0;
1397         rc = UrlEscapeW(lpszObjectName, NULL, &len, URL_ESCAPE_SPACES_ONLY);
1398         if (rc != E_POINTER)
1399             len = strlenW(lpszObjectName)+1;
1400         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
1401         rc = UrlEscapeW(lpszObjectName, lpwhr->lpszPath, &len,
1402                    URL_ESCAPE_SPACES_ONLY);
1403         if (rc)
1404         {
1405             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(lpszObjectName),rc);
1406             strcpyW(lpwhr->lpszPath,lpszObjectName);
1407         }
1408     }
1409
1410     if (NULL != lpszReferrer && strlenW(lpszReferrer))
1411         HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpszReferrer, HTTP_ADDHDR_FLAG_COALESCE);
1412
1413     if (lpszAcceptTypes)
1414     {
1415         int i;
1416         for (i = 0; lpszAcceptTypes[i]; i++)
1417         {
1418             if (!*lpszAcceptTypes[i]) continue;
1419             HTTP_ProcessHeader(lpwhr, HTTP_ACCEPT, lpszAcceptTypes[i],
1420                                HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA |
1421                                HTTP_ADDHDR_FLAG_REQ |
1422                                (i == 0 ? HTTP_ADDHDR_FLAG_REPLACE : 0));
1423         }
1424     }
1425
1426     if (NULL == lpszVerb)
1427     {
1428         static const WCHAR szGet[] = {'G','E','T',0};
1429         lpwhr->lpszVerb = WININET_strdupW(szGet);
1430     }
1431     else if (strlenW(lpszVerb))
1432         lpwhr->lpszVerb = WININET_strdupW(lpszVerb);
1433
1434     if (NULL != lpszReferrer && strlenW(lpszReferrer))
1435     {
1436         WCHAR buf[MAXHOSTNAME];
1437         URL_COMPONENTSW UrlComponents;
1438
1439         memset( &UrlComponents, 0, sizeof UrlComponents );
1440         UrlComponents.dwStructSize = sizeof UrlComponents;
1441         UrlComponents.lpszHostName = buf;
1442         UrlComponents.dwHostNameLength = MAXHOSTNAME;
1443
1444         InternetCrackUrlW(lpszReferrer, 0, 0, &UrlComponents);
1445         if (strlenW(UrlComponents.lpszHostName))
1446             HTTP_ProcessHeader(lpwhr, szHost, UrlComponents.lpszHostName, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
1447     }
1448     else
1449         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
1450
1451     if (lpwhs->nServerPort == INTERNET_INVALID_PORT_NUMBER)
1452         lpwhs->nServerPort = (dwFlags & INTERNET_FLAG_SECURE ?
1453                         INTERNET_DEFAULT_HTTPS_PORT :
1454                         INTERNET_DEFAULT_HTTP_PORT);
1455     lpwhs->nHostPort = lpwhs->nServerPort;
1456
1457     if (NULL != hIC->lpszProxy && hIC->lpszProxy[0] != 0)
1458         HTTP_DealWithProxy( hIC, lpwhs, lpwhr );
1459
1460     if (hIC->lpszAgent)
1461     {
1462         WCHAR *agent_header;
1463         static const WCHAR user_agent[] = {'U','s','e','r','-','A','g','e','n','t',':',' ','%','s','\r','\n',0 };
1464
1465         len = strlenW(hIC->lpszAgent) + strlenW(user_agent);
1466         agent_header = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
1467         sprintfW(agent_header, user_agent, hIC->lpszAgent );
1468
1469         HTTP_HttpAddRequestHeadersW(lpwhr, agent_header, strlenW(agent_header),
1470                                HTTP_ADDREQ_FLAG_ADD);
1471         HeapFree(GetProcessHeap(), 0, agent_header);
1472     }
1473
1474     Host = HTTP_GetHeader(lpwhr,szHost);
1475
1476     len = lstrlenW(Host->lpszValue) + strlenW(szUrlForm);
1477     lpszUrl = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
1478     sprintfW( lpszUrl, szUrlForm, Host->lpszValue );
1479
1480     if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_COOKIES) &&
1481         InternetGetCookieW(lpszUrl, NULL, NULL, &nCookieSize))
1482     {
1483         int cnt = 0;
1484         static const WCHAR szCookie[] = {'C','o','o','k','i','e',':',' ',0};
1485         static const WCHAR szcrlf[] = {'\r','\n',0};
1486
1487         lpszCookies = HeapAlloc(GetProcessHeap(), 0, (nCookieSize + 1 + 8)*sizeof(WCHAR));
1488
1489         cnt += sprintfW(lpszCookies, szCookie);
1490         InternetGetCookieW(lpszUrl, NULL, lpszCookies + cnt, &nCookieSize);
1491         strcatW(lpszCookies, szcrlf);
1492
1493         HTTP_HttpAddRequestHeadersW(lpwhr, lpszCookies, strlenW(lpszCookies),
1494                                HTTP_ADDREQ_FLAG_ADD);
1495         HeapFree(GetProcessHeap(), 0, lpszCookies);
1496     }
1497     HeapFree(GetProcessHeap(), 0, lpszUrl);
1498
1499
1500     INTERNET_SendCallback(&lpwhs->hdr, dwContext,
1501                           INTERNET_STATUS_HANDLE_CREATED, &handle,
1502                           sizeof(handle));
1503
1504     /*
1505      * A STATUS_REQUEST_COMPLETE is NOT sent here as per my tests on windows
1506      */
1507
1508     if (!HTTP_ResolveName(lpwhr))
1509     {
1510         InternetCloseHandle( handle );
1511         handle = NULL;
1512     }
1513
1514 lend:
1515     if( lpwhr )
1516         WININET_Release( &lpwhr->hdr );
1517
1518     TRACE("<-- %p (%p)\n", handle, lpwhr);
1519     return handle;
1520 }
1521
1522 static const WCHAR szAccept[] = { 'A','c','c','e','p','t',0 };
1523 static const WCHAR szAccept_Charset[] = { 'A','c','c','e','p','t','-','C','h','a','r','s','e','t', 0 };
1524 static const WCHAR szAccept_Encoding[] = { 'A','c','c','e','p','t','-','E','n','c','o','d','i','n','g',0 };
1525 static const WCHAR szAccept_Language[] = { 'A','c','c','e','p','t','-','L','a','n','g','u','a','g','e',0 };
1526 static const WCHAR szAccept_Ranges[] = { 'A','c','c','e','p','t','-','R','a','n','g','e','s',0 };
1527 static const WCHAR szAge[] = { 'A','g','e',0 };
1528 static const WCHAR szAllow[] = { 'A','l','l','o','w',0 };
1529 static const WCHAR szCache_Control[] = { 'C','a','c','h','e','-','C','o','n','t','r','o','l',0 };
1530 static const WCHAR szConnection[] = { 'C','o','n','n','e','c','t','i','o','n',0 };
1531 static const WCHAR szContent_Base[] = { 'C','o','n','t','e','n','t','-','B','a','s','e',0 };
1532 static const WCHAR szContent_Encoding[] = { 'C','o','n','t','e','n','t','-','E','n','c','o','d','i','n','g',0 };
1533 static const WCHAR szContent_ID[] = { 'C','o','n','t','e','n','t','-','I','D',0 };
1534 static const WCHAR szContent_Language[] = { 'C','o','n','t','e','n','t','-','L','a','n','g','u','a','g','e',0 };
1535 static const WCHAR szContent_Length[] = { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',0 };
1536 static const WCHAR szContent_Location[] = { 'C','o','n','t','e','n','t','-','L','o','c','a','t','i','o','n',0 };
1537 static const WCHAR szContent_MD5[] = { 'C','o','n','t','e','n','t','-','M','D','5',0 };
1538 static const WCHAR szContent_Range[] = { 'C','o','n','t','e','n','t','-','R','a','n','g','e',0 };
1539 static const WCHAR szContent_Transfer_Encoding[] = { 'C','o','n','t','e','n','t','-','T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
1540 static const WCHAR szContent_Type[] = { 'C','o','n','t','e','n','t','-','T','y','p','e',0 };
1541 static const WCHAR szCookie[] = { 'C','o','o','k','i','e',0 };
1542 static const WCHAR szDate[] = { 'D','a','t','e',0 };
1543 static const WCHAR szFrom[] = { 'F','r','o','m',0 };
1544 static const WCHAR szETag[] = { 'E','T','a','g',0 };
1545 static const WCHAR szExpect[] = { 'E','x','p','e','c','t',0 };
1546 static const WCHAR szExpires[] = { 'E','x','p','i','r','e','s',0 };
1547 static const WCHAR szIf_Match[] = { 'I','f','-','M','a','t','c','h',0 };
1548 static const WCHAR szIf_Modified_Since[] = { 'I','f','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
1549 static const WCHAR szIf_None_Match[] = { 'I','f','-','N','o','n','e','-','M','a','t','c','h',0 };
1550 static const WCHAR szIf_Range[] = { 'I','f','-','R','a','n','g','e',0 };
1551 static const WCHAR szIf_Unmodified_Since[] = { 'I','f','-','U','n','m','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
1552 static const WCHAR szLast_Modified[] = { 'L','a','s','t','-','M','o','d','i','f','i','e','d',0 };
1553 static const WCHAR szLocation[] = { 'L','o','c','a','t','i','o','n',0 };
1554 static const WCHAR szMax_Forwards[] = { 'M','a','x','-','F','o','r','w','a','r','d','s',0 };
1555 static const WCHAR szMime_Version[] = { 'M','i','m','e','-','V','e','r','s','i','o','n',0 };
1556 static const WCHAR szPragma[] = { 'P','r','a','g','m','a',0 };
1557 static const WCHAR szProxy_Authenticate[] = { 'P','r','o','x','y','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
1558 static const WCHAR szProxy_Connection[] = { 'P','r','o','x','y','-','C','o','n','n','e','c','t','i','o','n',0 };
1559 static const WCHAR szPublic[] = { 'P','u','b','l','i','c',0 };
1560 static const WCHAR szRange[] = { 'R','a','n','g','e',0 };
1561 static const WCHAR szReferer[] = { 'R','e','f','e','r','e','r',0 };
1562 static const WCHAR szRetry_After[] = { 'R','e','t','r','y','-','A','f','t','e','r',0 };
1563 static const WCHAR szServer[] = { 'S','e','r','v','e','r',0 };
1564 static const WCHAR szSet_Cookie[] = { 'S','e','t','-','C','o','o','k','i','e',0 };
1565 static const WCHAR szTransfer_Encoding[] = { 'T','r','a','n','s','f','e','r','-','E','n','c','o','d','i','n','g',0 };
1566 static const WCHAR szUnless_Modified_Since[] = { 'U','n','l','e','s','s','-','M','o','d','i','f','i','e','d','-','S','i','n','c','e',0 };
1567 static const WCHAR szUpgrade[] = { 'U','p','g','r','a','d','e',0 };
1568 static const WCHAR szURI[] = { 'U','R','I',0 };
1569 static const WCHAR szUser_Agent[] = { 'U','s','e','r','-','A','g','e','n','t',0 };
1570 static const WCHAR szVary[] = { 'V','a','r','y',0 };
1571 static const WCHAR szVia[] = { 'V','i','a',0 };
1572 static const WCHAR szWarning[] = { 'W','a','r','n','i','n','g',0 };
1573 static const WCHAR szWWW_Authenticate[] = { 'W','W','W','-','A','u','t','h','e','n','t','i','c','a','t','e',0 };
1574
1575 static const LPCWSTR header_lookup[] = {
1576     szMime_Version,             /* HTTP_QUERY_MIME_VERSION = 0 */
1577     szContent_Type,             /* HTTP_QUERY_CONTENT_TYPE = 1 */
1578     szContent_Transfer_Encoding,/* HTTP_QUERY_CONTENT_TRANSFER_ENCODING = 2 */
1579     szContent_ID,               /* HTTP_QUERY_CONTENT_ID = 3 */
1580     NULL,                       /* HTTP_QUERY_CONTENT_DESCRIPTION = 4 */
1581     szContent_Length,           /* HTTP_QUERY_CONTENT_LENGTH =  5 */
1582     szContent_Language,         /* HTTP_QUERY_CONTENT_LANGUAGE =  6 */
1583     szAllow,                    /* HTTP_QUERY_ALLOW = 7 */
1584     szPublic,                   /* HTTP_QUERY_PUBLIC = 8 */
1585     szDate,                     /* HTTP_QUERY_DATE = 9 */
1586     szExpires,                  /* HTTP_QUERY_EXPIRES = 10 */
1587     szLast_Modified,            /* HTTP_QUERY_LAST_MODIFIED = 11 */
1588     NULL,                       /* HTTP_QUERY_MESSAGE_ID = 12 */
1589     szURI,                      /* HTTP_QUERY_URI = 13 */
1590     szFrom,                     /* HTTP_QUERY_DERIVED_FROM = 14 */
1591     NULL,                       /* HTTP_QUERY_COST = 15 */
1592     NULL,                       /* HTTP_QUERY_LINK = 16 */
1593     szPragma,                   /* HTTP_QUERY_PRAGMA = 17 */
1594     NULL,                       /* HTTP_QUERY_VERSION = 18 */
1595     szStatus,                   /* HTTP_QUERY_STATUS_CODE = 19 */
1596     NULL,                       /* HTTP_QUERY_STATUS_TEXT = 20 */
1597     NULL,                       /* HTTP_QUERY_RAW_HEADERS = 21 */
1598     NULL,                       /* HTTP_QUERY_RAW_HEADERS_CRLF = 22 */
1599     szConnection,               /* HTTP_QUERY_CONNECTION = 23 */
1600     szAccept,                   /* HTTP_QUERY_ACCEPT = 24 */
1601     szAccept_Charset,           /* HTTP_QUERY_ACCEPT_CHARSET = 25 */
1602     szAccept_Encoding,          /* HTTP_QUERY_ACCEPT_ENCODING = 26 */
1603     szAccept_Language,          /* HTTP_QUERY_ACCEPT_LANGUAGE = 27 */
1604     szAuthorization,            /* HTTP_QUERY_AUTHORIZATION = 28 */
1605     szContent_Encoding,         /* HTTP_QUERY_CONTENT_ENCODING = 29 */
1606     NULL,                       /* HTTP_QUERY_FORWARDED = 30 */
1607     NULL,                       /* HTTP_QUERY_FROM = 31 */
1608     szIf_Modified_Since,        /* HTTP_QUERY_IF_MODIFIED_SINCE = 32 */
1609     szLocation,                 /* HTTP_QUERY_LOCATION = 33 */
1610     NULL,                       /* HTTP_QUERY_ORIG_URI = 34 */
1611     szReferer,                  /* HTTP_QUERY_REFERER = 35 */
1612     szRetry_After,              /* HTTP_QUERY_RETRY_AFTER = 36 */
1613     szServer,                   /* HTTP_QUERY_SERVER = 37 */
1614     NULL,                       /* HTTP_TITLE = 38 */
1615     szUser_Agent,               /* HTTP_QUERY_USER_AGENT = 39 */
1616     szWWW_Authenticate,         /* HTTP_QUERY_WWW_AUTHENTICATE = 40 */
1617     szProxy_Authenticate,       /* HTTP_QUERY_PROXY_AUTHENTICATE = 41 */
1618     szAccept_Ranges,            /* HTTP_QUERY_ACCEPT_RANGES = 42 */
1619     szSet_Cookie,               /* HTTP_QUERY_SET_COOKIE = 43 */
1620     szCookie,                   /* HTTP_QUERY_COOKIE = 44 */
1621     NULL,                       /* HTTP_QUERY_REQUEST_METHOD = 45 */
1622     NULL,                       /* HTTP_QUERY_REFRESH = 46 */
1623     NULL,                       /* HTTP_QUERY_CONTENT_DISPOSITION = 47 */
1624     szAge,                      /* HTTP_QUERY_AGE = 48 */
1625     szCache_Control,            /* HTTP_QUERY_CACHE_CONTROL = 49 */
1626     szContent_Base,             /* HTTP_QUERY_CONTENT_BASE = 50 */
1627     szContent_Location,         /* HTTP_QUERY_CONTENT_LOCATION = 51 */
1628     szContent_MD5,              /* HTTP_QUERY_CONTENT_MD5 = 52 */
1629     szContent_Range,            /* HTTP_QUERY_CONTENT_RANGE = 53 */
1630     szETag,                     /* HTTP_QUERY_ETAG = 54 */
1631     szHost,                     /* HTTP_QUERY_HOST = 55 */
1632     szIf_Match,                 /* HTTP_QUERY_IF_MATCH = 56 */
1633     szIf_None_Match,            /* HTTP_QUERY_IF_NONE_MATCH = 57 */
1634     szIf_Range,                 /* HTTP_QUERY_IF_RANGE = 58 */
1635     szIf_Unmodified_Since,      /* HTTP_QUERY_IF_UNMODIFIED_SINCE = 59 */
1636     szMax_Forwards,             /* HTTP_QUERY_MAX_FORWARDS = 60 */
1637     szProxy_Authorization,      /* HTTP_QUERY_PROXY_AUTHORIZATION = 61 */
1638     szRange,                    /* HTTP_QUERY_RANGE = 62 */
1639     szTransfer_Encoding,        /* HTTP_QUERY_TRANSFER_ENCODING = 63 */
1640     szUpgrade,                  /* HTTP_QUERY_UPGRADE = 64 */
1641     szVary,                     /* HTTP_QUERY_VARY = 65 */
1642     szVia,                      /* HTTP_QUERY_VIA = 66 */
1643     szWarning,                  /* HTTP_QUERY_WARNING = 67 */
1644     szExpect,                   /* HTTP_QUERY_EXPECT = 68 */
1645     szProxy_Connection,         /* HTTP_QUERY_PROXY_CONNECTION = 69 */
1646     szUnless_Modified_Since,    /* HTTP_QUERY_UNLESS_MODIFIED_SINCE = 70 */
1647 };
1648
1649 #define LAST_TABLE_HEADER (sizeof(header_lookup)/sizeof(header_lookup[0]))
1650
1651 /***********************************************************************
1652  *           HTTP_HttpQueryInfoW (internal)
1653  */
1654 static BOOL WINAPI HTTP_HttpQueryInfoW( LPWININETHTTPREQW lpwhr, DWORD dwInfoLevel,
1655         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
1656 {
1657     LPHTTPHEADERW lphttpHdr = NULL;
1658     BOOL bSuccess = FALSE;
1659     BOOL request_only = dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS;
1660     INT requested_index = lpdwIndex ? *lpdwIndex : 0;
1661     INT level = (dwInfoLevel & ~HTTP_QUERY_MODIFIER_FLAGS_MASK);
1662     INT index = -1;
1663
1664     /* Find requested header structure */
1665     switch (level)
1666     {
1667     case HTTP_QUERY_CUSTOM:
1668         index = HTTP_GetCustomHeaderIndex(lpwhr, lpBuffer, requested_index, request_only);
1669         break;
1670
1671     case HTTP_QUERY_RAW_HEADERS_CRLF:
1672         {
1673             LPWSTR headers;
1674             DWORD len;
1675             BOOL ret;
1676
1677             if (request_only)
1678                 headers = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, FALSE);
1679             else
1680                 headers = lpwhr->lpszRawHeaders;
1681
1682             len = strlenW(headers);
1683             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
1684             {
1685                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
1686                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
1687                 ret = FALSE;
1688             } else
1689             {
1690                 memcpy(lpBuffer, headers, (len+1)*sizeof(WCHAR));
1691                 *lpdwBufferLength = len * sizeof(WCHAR);
1692
1693                 TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, len));
1694                 ret = TRUE;
1695             }
1696
1697             if (request_only)
1698                 HeapFree(GetProcessHeap(), 0, headers);
1699             return ret;
1700         }
1701     case HTTP_QUERY_RAW_HEADERS:
1702         {
1703             static const WCHAR szCrLf[] = {'\r','\n',0};
1704             LPWSTR * ppszRawHeaderLines = HTTP_Tokenize(lpwhr->lpszRawHeaders, szCrLf);
1705             DWORD i, size = 0;
1706             LPWSTR pszString = (WCHAR*)lpBuffer;
1707
1708             for (i = 0; ppszRawHeaderLines[i]; i++)
1709                 size += strlenW(ppszRawHeaderLines[i]) + 1;
1710
1711             if (size + 1 > *lpdwBufferLength/sizeof(WCHAR))
1712             {
1713                 HTTP_FreeTokens(ppszRawHeaderLines);
1714                 *lpdwBufferLength = (size + 1) * sizeof(WCHAR);
1715                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
1716                 return FALSE;
1717             }
1718
1719             for (i = 0; ppszRawHeaderLines[i]; i++)
1720             {
1721                 DWORD len = strlenW(ppszRawHeaderLines[i]);
1722                 memcpy(pszString, ppszRawHeaderLines[i], (len+1)*sizeof(WCHAR));
1723                 pszString += len+1;
1724             }
1725             *pszString = '\0';
1726
1727             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, size));
1728
1729             *lpdwBufferLength = size * sizeof(WCHAR);
1730             HTTP_FreeTokens(ppszRawHeaderLines);
1731
1732             return TRUE;
1733         }
1734     case HTTP_QUERY_STATUS_TEXT:
1735         if (lpwhr->lpszStatusText)
1736         {
1737             DWORD len = strlenW(lpwhr->lpszStatusText);
1738             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
1739             {
1740                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
1741                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
1742                 return FALSE;
1743             }
1744             memcpy(lpBuffer, lpwhr->lpszStatusText, (len+1)*sizeof(WCHAR));
1745             *lpdwBufferLength = len * sizeof(WCHAR);
1746
1747             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, len));
1748
1749             return TRUE;
1750         }
1751         break;
1752     case HTTP_QUERY_VERSION:
1753         if (lpwhr->lpszVersion)
1754         {
1755             DWORD len = strlenW(lpwhr->lpszVersion);
1756             if (len + 1 > *lpdwBufferLength/sizeof(WCHAR))
1757             {
1758                 *lpdwBufferLength = (len + 1) * sizeof(WCHAR);
1759                 INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
1760                 return FALSE;
1761             }
1762             memcpy(lpBuffer, lpwhr->lpszVersion, (len+1)*sizeof(WCHAR));
1763             *lpdwBufferLength = len * sizeof(WCHAR);
1764
1765             TRACE("returning data: %s\n", debugstr_wn((WCHAR*)lpBuffer, len));
1766
1767             return TRUE;
1768         }
1769         break;
1770     default:
1771         assert (LAST_TABLE_HEADER == (HTTP_QUERY_UNLESS_MODIFIED_SINCE + 1));
1772
1773         if (level >= 0 && level < LAST_TABLE_HEADER && header_lookup[level])
1774             index = HTTP_GetCustomHeaderIndex(lpwhr, header_lookup[level],
1775                                               requested_index,request_only);
1776     }
1777
1778     if (index >= 0)
1779         lphttpHdr = &lpwhr->pCustHeaders[index];
1780
1781     /* Ensure header satisifies requested attributes */
1782     if (!lphttpHdr ||
1783         ((dwInfoLevel & HTTP_QUERY_FLAG_REQUEST_HEADERS) &&
1784          (~lphttpHdr->wFlags & HDR_ISREQUEST)))
1785     {
1786         INTERNET_SetLastError(ERROR_HTTP_HEADER_NOT_FOUND);
1787         return bSuccess;
1788     }
1789
1790     if (lpdwIndex)
1791         (*lpdwIndex)++;
1792
1793     /* coalesce value to reuqested type */
1794     if (dwInfoLevel & HTTP_QUERY_FLAG_NUMBER)
1795     {
1796         *(int *)lpBuffer = atoiW(lphttpHdr->lpszValue);
1797         bSuccess = TRUE;
1798
1799         TRACE(" returning number : %d\n", *(int *)lpBuffer);
1800     }
1801     else if (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME)
1802     {
1803         time_t tmpTime;
1804         struct tm tmpTM;
1805         SYSTEMTIME *STHook;
1806
1807         tmpTime = ConvertTimeString(lphttpHdr->lpszValue);
1808
1809         tmpTM = *gmtime(&tmpTime);
1810         STHook = (SYSTEMTIME *) lpBuffer;
1811         if(STHook==NULL)
1812             return bSuccess;
1813
1814         STHook->wDay = tmpTM.tm_mday;
1815         STHook->wHour = tmpTM.tm_hour;
1816         STHook->wMilliseconds = 0;
1817         STHook->wMinute = tmpTM.tm_min;
1818         STHook->wDayOfWeek = tmpTM.tm_wday;
1819         STHook->wMonth = tmpTM.tm_mon + 1;
1820         STHook->wSecond = tmpTM.tm_sec;
1821         STHook->wYear = tmpTM.tm_year;
1822         
1823         bSuccess = TRUE;
1824         
1825         TRACE(" returning time : %04d/%02d/%02d - %d - %02d:%02d:%02d.%02d\n", 
1826               STHook->wYear, STHook->wMonth, STHook->wDay, STHook->wDayOfWeek,
1827               STHook->wHour, STHook->wMinute, STHook->wSecond, STHook->wMilliseconds);
1828     }
1829     else if (lphttpHdr->lpszValue)
1830     {
1831         DWORD len = (strlenW(lphttpHdr->lpszValue) + 1) * sizeof(WCHAR);
1832
1833         if (len > *lpdwBufferLength)
1834         {
1835             *lpdwBufferLength = len;
1836             INTERNET_SetLastError(ERROR_INSUFFICIENT_BUFFER);
1837             return bSuccess;
1838         }
1839
1840         memcpy(lpBuffer, lphttpHdr->lpszValue, len);
1841         *lpdwBufferLength = len - sizeof(WCHAR);
1842         bSuccess = TRUE;
1843
1844         TRACE(" returning string : %s\n", debugstr_w(lpBuffer));
1845     }
1846     return bSuccess;
1847 }
1848
1849 /***********************************************************************
1850  *           HttpQueryInfoW (WININET.@)
1851  *
1852  * Queries for information about an HTTP request
1853  *
1854  * RETURNS
1855  *    TRUE  on success
1856  *    FALSE on failure
1857  *
1858  */
1859 BOOL WINAPI HttpQueryInfoW(HINTERNET hHttpRequest, DWORD dwInfoLevel,
1860         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
1861 {
1862     BOOL bSuccess = FALSE;
1863     LPWININETHTTPREQW lpwhr;
1864
1865     if (TRACE_ON(wininet)) {
1866 #define FE(x) { x, #x }
1867         static const wininet_flag_info query_flags[] = {
1868             FE(HTTP_QUERY_MIME_VERSION),
1869             FE(HTTP_QUERY_CONTENT_TYPE),
1870             FE(HTTP_QUERY_CONTENT_TRANSFER_ENCODING),
1871             FE(HTTP_QUERY_CONTENT_ID),
1872             FE(HTTP_QUERY_CONTENT_DESCRIPTION),
1873             FE(HTTP_QUERY_CONTENT_LENGTH),
1874             FE(HTTP_QUERY_CONTENT_LANGUAGE),
1875             FE(HTTP_QUERY_ALLOW),
1876             FE(HTTP_QUERY_PUBLIC),
1877             FE(HTTP_QUERY_DATE),
1878             FE(HTTP_QUERY_EXPIRES),
1879             FE(HTTP_QUERY_LAST_MODIFIED),
1880             FE(HTTP_QUERY_MESSAGE_ID),
1881             FE(HTTP_QUERY_URI),
1882             FE(HTTP_QUERY_DERIVED_FROM),
1883             FE(HTTP_QUERY_COST),
1884             FE(HTTP_QUERY_LINK),
1885             FE(HTTP_QUERY_PRAGMA),
1886             FE(HTTP_QUERY_VERSION),
1887             FE(HTTP_QUERY_STATUS_CODE),
1888             FE(HTTP_QUERY_STATUS_TEXT),
1889             FE(HTTP_QUERY_RAW_HEADERS),
1890             FE(HTTP_QUERY_RAW_HEADERS_CRLF),
1891             FE(HTTP_QUERY_CONNECTION),
1892             FE(HTTP_QUERY_ACCEPT),
1893             FE(HTTP_QUERY_ACCEPT_CHARSET),
1894             FE(HTTP_QUERY_ACCEPT_ENCODING),
1895             FE(HTTP_QUERY_ACCEPT_LANGUAGE),
1896             FE(HTTP_QUERY_AUTHORIZATION),
1897             FE(HTTP_QUERY_CONTENT_ENCODING),
1898             FE(HTTP_QUERY_FORWARDED),
1899             FE(HTTP_QUERY_FROM),
1900             FE(HTTP_QUERY_IF_MODIFIED_SINCE),
1901             FE(HTTP_QUERY_LOCATION),
1902             FE(HTTP_QUERY_ORIG_URI),
1903             FE(HTTP_QUERY_REFERER),
1904             FE(HTTP_QUERY_RETRY_AFTER),
1905             FE(HTTP_QUERY_SERVER),
1906             FE(HTTP_QUERY_TITLE),
1907             FE(HTTP_QUERY_USER_AGENT),
1908             FE(HTTP_QUERY_WWW_AUTHENTICATE),
1909             FE(HTTP_QUERY_PROXY_AUTHENTICATE),
1910             FE(HTTP_QUERY_ACCEPT_RANGES),
1911         FE(HTTP_QUERY_SET_COOKIE),
1912         FE(HTTP_QUERY_COOKIE),
1913             FE(HTTP_QUERY_REQUEST_METHOD),
1914             FE(HTTP_QUERY_REFRESH),
1915             FE(HTTP_QUERY_CONTENT_DISPOSITION),
1916             FE(HTTP_QUERY_AGE),
1917             FE(HTTP_QUERY_CACHE_CONTROL),
1918             FE(HTTP_QUERY_CONTENT_BASE),
1919             FE(HTTP_QUERY_CONTENT_LOCATION),
1920             FE(HTTP_QUERY_CONTENT_MD5),
1921             FE(HTTP_QUERY_CONTENT_RANGE),
1922             FE(HTTP_QUERY_ETAG),
1923             FE(HTTP_QUERY_HOST),
1924             FE(HTTP_QUERY_IF_MATCH),
1925             FE(HTTP_QUERY_IF_NONE_MATCH),
1926             FE(HTTP_QUERY_IF_RANGE),
1927             FE(HTTP_QUERY_IF_UNMODIFIED_SINCE),
1928             FE(HTTP_QUERY_MAX_FORWARDS),
1929             FE(HTTP_QUERY_PROXY_AUTHORIZATION),
1930             FE(HTTP_QUERY_RANGE),
1931             FE(HTTP_QUERY_TRANSFER_ENCODING),
1932             FE(HTTP_QUERY_UPGRADE),
1933             FE(HTTP_QUERY_VARY),
1934             FE(HTTP_QUERY_VIA),
1935             FE(HTTP_QUERY_WARNING),
1936             FE(HTTP_QUERY_CUSTOM)
1937         };
1938         static const wininet_flag_info modifier_flags[] = {
1939             FE(HTTP_QUERY_FLAG_REQUEST_HEADERS),
1940             FE(HTTP_QUERY_FLAG_SYSTEMTIME),
1941             FE(HTTP_QUERY_FLAG_NUMBER),
1942             FE(HTTP_QUERY_FLAG_COALESCE)
1943         };
1944 #undef FE
1945         DWORD info_mod = dwInfoLevel & HTTP_QUERY_MODIFIER_FLAGS_MASK;
1946         DWORD info = dwInfoLevel & HTTP_QUERY_HEADER_MASK;
1947         DWORD i;
1948
1949         TRACE("(%p, 0x%08x)--> %d\n", hHttpRequest, dwInfoLevel, dwInfoLevel);
1950         TRACE("  Attribute:");
1951         for (i = 0; i < (sizeof(query_flags) / sizeof(query_flags[0])); i++) {
1952             if (query_flags[i].val == info) {
1953                 TRACE(" %s", query_flags[i].name);
1954                 break;
1955             }
1956         }
1957         if (i == (sizeof(query_flags) / sizeof(query_flags[0]))) {
1958             TRACE(" Unknown (%08x)", info);
1959         }
1960
1961         TRACE(" Modifier:");
1962         for (i = 0; i < (sizeof(modifier_flags) / sizeof(modifier_flags[0])); i++) {
1963             if (modifier_flags[i].val & info_mod) {
1964                 TRACE(" %s", modifier_flags[i].name);
1965                 info_mod &= ~ modifier_flags[i].val;
1966             }
1967         }
1968         
1969         if (info_mod) {
1970             TRACE(" Unknown (%08x)", info_mod);
1971         }
1972         TRACE("\n");
1973     }
1974     
1975     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
1976     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
1977     {
1978         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
1979         goto lend;
1980     }
1981
1982     if (lpBuffer == NULL)
1983         *lpdwBufferLength = 0;
1984     bSuccess = HTTP_HttpQueryInfoW( lpwhr, dwInfoLevel,
1985                                     lpBuffer, lpdwBufferLength, lpdwIndex);
1986
1987 lend:
1988     if( lpwhr )
1989          WININET_Release( &lpwhr->hdr );
1990
1991     TRACE("%d <--\n", bSuccess);
1992     return bSuccess;
1993 }
1994
1995 /***********************************************************************
1996  *           HttpQueryInfoA (WININET.@)
1997  *
1998  * Queries for information about an HTTP request
1999  *
2000  * RETURNS
2001  *    TRUE  on success
2002  *    FALSE on failure
2003  *
2004  */
2005 BOOL WINAPI HttpQueryInfoA(HINTERNET hHttpRequest, DWORD dwInfoLevel,
2006         LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex)
2007 {
2008     BOOL result;
2009     DWORD len;
2010     WCHAR* bufferW;
2011
2012     if((dwInfoLevel & HTTP_QUERY_FLAG_NUMBER) ||
2013        (dwInfoLevel & HTTP_QUERY_FLAG_SYSTEMTIME))
2014     {
2015         return HttpQueryInfoW( hHttpRequest, dwInfoLevel, lpBuffer,
2016                                lpdwBufferLength, lpdwIndex );
2017     }
2018
2019     if (lpBuffer)
2020     {
2021         len = (*lpdwBufferLength)*sizeof(WCHAR);
2022         bufferW = HeapAlloc( GetProcessHeap(), 0, len );
2023         /* buffer is in/out because of HTTP_QUERY_CUSTOM */
2024         if ((dwInfoLevel & HTTP_QUERY_HEADER_MASK) == HTTP_QUERY_CUSTOM)
2025             MultiByteToWideChar(CP_ACP,0,lpBuffer,-1,bufferW,len);
2026     } else
2027     {
2028         bufferW = NULL;
2029         len = 0;
2030     }
2031
2032     result = HttpQueryInfoW( hHttpRequest, dwInfoLevel, bufferW,
2033                            &len, lpdwIndex );
2034     if( result )
2035     {
2036         len = WideCharToMultiByte( CP_ACP,0, bufferW, len / sizeof(WCHAR) + 1,
2037                                      lpBuffer, *lpdwBufferLength, NULL, NULL );
2038         *lpdwBufferLength = len - 1;
2039
2040         TRACE("lpBuffer: %s\n", debugstr_a(lpBuffer));
2041     }
2042     else
2043         /* since the strings being returned from HttpQueryInfoW should be
2044          * only ASCII characters, it is reasonable to assume that all of
2045          * the Unicode characters can be reduced to a single byte */
2046         *lpdwBufferLength = len / sizeof(WCHAR);
2047
2048     HeapFree(GetProcessHeap(), 0, bufferW );
2049
2050     return result;
2051 }
2052
2053 /***********************************************************************
2054  *           HttpSendRequestExA (WININET.@)
2055  *
2056  * Sends the specified request to the HTTP server and allows chunked
2057  * transfers.
2058  *
2059  * RETURNS
2060  *  Success: TRUE
2061  *  Failure: FALSE, call GetLastError() for more information.
2062  */
2063 BOOL WINAPI HttpSendRequestExA(HINTERNET hRequest,
2064                                LPINTERNET_BUFFERSA lpBuffersIn,
2065                                LPINTERNET_BUFFERSA lpBuffersOut,
2066                                DWORD dwFlags, DWORD_PTR dwContext)
2067 {
2068     INTERNET_BUFFERSW BuffersInW;
2069     BOOL rc = FALSE;
2070     DWORD headerlen;
2071     LPWSTR header = NULL;
2072
2073     TRACE("(%p, %p, %p, %08x, %08lx): stub\n", hRequest, lpBuffersIn,
2074             lpBuffersOut, dwFlags, dwContext);
2075
2076     if (lpBuffersIn)
2077     {
2078         BuffersInW.dwStructSize = sizeof(LPINTERNET_BUFFERSW);
2079         if (lpBuffersIn->lpcszHeader)
2080         {
2081             headerlen = MultiByteToWideChar(CP_ACP,0,lpBuffersIn->lpcszHeader,
2082                     lpBuffersIn->dwHeadersLength,0,0);
2083             header = HeapAlloc(GetProcessHeap(),0,headerlen*sizeof(WCHAR));
2084             if (!(BuffersInW.lpcszHeader = header))
2085             {
2086                 INTERNET_SetLastError(ERROR_OUTOFMEMORY);
2087                 return FALSE;
2088             }
2089             BuffersInW.dwHeadersLength = MultiByteToWideChar(CP_ACP, 0,
2090                     lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2091                     header, headerlen);
2092         }
2093         else
2094             BuffersInW.lpcszHeader = NULL;
2095         BuffersInW.dwHeadersTotal = lpBuffersIn->dwHeadersTotal;
2096         BuffersInW.lpvBuffer = lpBuffersIn->lpvBuffer;
2097         BuffersInW.dwBufferLength = lpBuffersIn->dwBufferLength;
2098         BuffersInW.dwBufferTotal = lpBuffersIn->dwBufferTotal;
2099         BuffersInW.Next = NULL;
2100     }
2101
2102     rc = HttpSendRequestExW(hRequest, lpBuffersIn ? &BuffersInW : NULL, NULL, dwFlags, dwContext);
2103
2104     HeapFree(GetProcessHeap(),0,header);
2105
2106     return rc;
2107 }
2108
2109 /***********************************************************************
2110  *           HttpSendRequestExW (WININET.@)
2111  *
2112  * Sends the specified request to the HTTP server and allows chunked
2113  * transfers
2114  *
2115  * RETURNS
2116  *  Success: TRUE
2117  *  Failure: FALSE, call GetLastError() for more information.
2118  */
2119 BOOL WINAPI HttpSendRequestExW(HINTERNET hRequest,
2120                    LPINTERNET_BUFFERSW lpBuffersIn,
2121                    LPINTERNET_BUFFERSW lpBuffersOut,
2122                    DWORD dwFlags, DWORD_PTR dwContext)
2123 {
2124     BOOL ret = FALSE;
2125     LPWININETHTTPREQW lpwhr;
2126     LPWININETHTTPSESSIONW lpwhs;
2127     LPWININETAPPINFOW hIC;
2128
2129     TRACE("(%p, %p, %p, %08x, %08lx)\n", hRequest, lpBuffersIn,
2130             lpBuffersOut, dwFlags, dwContext);
2131
2132     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hRequest );
2133
2134     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2135     {
2136         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2137         goto lend;
2138     }
2139
2140     lpwhs = lpwhr->lpHttpSession;
2141     assert(lpwhs->hdr.htype == WH_HHTTPSESSION);
2142     hIC = lpwhs->lpAppInfo;
2143     assert(hIC->hdr.htype == WH_HINIT);
2144
2145     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2146     {
2147         WORKREQUEST workRequest;
2148         struct WORKREQ_HTTPSENDREQUESTW *req;
2149
2150         workRequest.asyncproc = AsyncHttpSendRequestProc;
2151         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2152         req = &workRequest.u.HttpSendRequestW;
2153         if (lpBuffersIn)
2154         {
2155             if (lpBuffersIn->lpcszHeader)
2156                 /* FIXME: this should use dwHeadersLength or may not be necessary at all */
2157                 req->lpszHeader = WININET_strdupW(lpBuffersIn->lpcszHeader);
2158             else
2159                 req->lpszHeader = NULL;
2160             req->dwHeaderLength = lpBuffersIn->dwHeadersLength;
2161             req->lpOptional = lpBuffersIn->lpvBuffer;
2162             req->dwOptionalLength = lpBuffersIn->dwBufferLength;
2163             req->dwContentLength = lpBuffersIn->dwBufferTotal;
2164         }
2165         else
2166         {
2167             req->lpszHeader = NULL;
2168             req->dwHeaderLength = 0;
2169             req->lpOptional = NULL;
2170             req->dwOptionalLength = 0;
2171             req->dwContentLength = 0;
2172         }
2173
2174         req->bEndRequest = FALSE;
2175
2176         INTERNET_AsyncCall(&workRequest);
2177         /*
2178          * This is from windows.
2179          */
2180         INTERNET_SetLastError(ERROR_IO_PENDING);
2181     }
2182     else
2183     {
2184         if (lpBuffersIn)
2185             ret = HTTP_HttpSendRequestW(lpwhr, lpBuffersIn->lpcszHeader, lpBuffersIn->dwHeadersLength,
2186                                         lpBuffersIn->lpvBuffer, lpBuffersIn->dwBufferLength,
2187                                         lpBuffersIn->dwBufferTotal, FALSE);
2188         else
2189             ret = HTTP_HttpSendRequestW(lpwhr, NULL, 0, NULL, 0, 0, FALSE);
2190     }
2191
2192 lend:
2193     if ( lpwhr )
2194         WININET_Release( &lpwhr->hdr );
2195
2196     TRACE("<---\n");
2197     return ret;
2198 }
2199
2200 /***********************************************************************
2201  *           HttpSendRequestW (WININET.@)
2202  *
2203  * Sends the specified request to the HTTP server
2204  *
2205  * RETURNS
2206  *    TRUE  on success
2207  *    FALSE on failure
2208  *
2209  */
2210 BOOL WINAPI HttpSendRequestW(HINTERNET hHttpRequest, LPCWSTR lpszHeaders,
2211         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2212 {
2213     LPWININETHTTPREQW lpwhr;
2214     LPWININETHTTPSESSIONW lpwhs = NULL;
2215     LPWININETAPPINFOW hIC = NULL;
2216     BOOL r;
2217
2218     TRACE("%p, %s, %i, %p, %i)\n", hHttpRequest,
2219             debugstr_wn(lpszHeaders, dwHeaderLength), dwHeaderLength, lpOptional, dwOptionalLength);
2220
2221     lpwhr = (LPWININETHTTPREQW) WININET_GetObject( hHttpRequest );
2222     if (NULL == lpwhr || lpwhr->hdr.htype != WH_HHTTPREQ)
2223     {
2224         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2225         r = FALSE;
2226         goto lend;
2227     }
2228
2229     lpwhs = lpwhr->lpHttpSession;
2230     if (NULL == lpwhs ||  lpwhs->hdr.htype != WH_HHTTPSESSION)
2231     {
2232         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2233         r = FALSE;
2234         goto lend;
2235     }
2236
2237     hIC = lpwhs->lpAppInfo;
2238     if (NULL == hIC ||  hIC->hdr.htype != WH_HINIT)
2239     {
2240         INTERNET_SetLastError(ERROR_INTERNET_INCORRECT_HANDLE_TYPE);
2241         r = FALSE;
2242         goto lend;
2243     }
2244
2245     if (hIC->hdr.dwFlags & INTERNET_FLAG_ASYNC)
2246     {
2247         WORKREQUEST workRequest;
2248         struct WORKREQ_HTTPSENDREQUESTW *req;
2249
2250         workRequest.asyncproc = AsyncHttpSendRequestProc;
2251         workRequest.hdr = WININET_AddRef( &lpwhr->hdr );
2252         req = &workRequest.u.HttpSendRequestW;
2253         if (lpszHeaders)
2254         {
2255             req->lpszHeader = HeapAlloc(GetProcessHeap(), 0, dwHeaderLength * sizeof(WCHAR));
2256             memcpy(req->lpszHeader, lpszHeaders, dwHeaderLength * sizeof(WCHAR));
2257         }
2258         else
2259             req->lpszHeader = 0;
2260         req->dwHeaderLength = dwHeaderLength;
2261         req->lpOptional = lpOptional;
2262         req->dwOptionalLength = dwOptionalLength;
2263         req->dwContentLength = dwOptionalLength;
2264         req->bEndRequest = TRUE;
2265
2266         INTERNET_AsyncCall(&workRequest);
2267         /*
2268          * This is from windows.
2269          */
2270         INTERNET_SetLastError(ERROR_IO_PENDING);
2271         r = FALSE;
2272     }
2273     else
2274     {
2275         r = HTTP_HttpSendRequestW(lpwhr, lpszHeaders,
2276                 dwHeaderLength, lpOptional, dwOptionalLength,
2277                 dwOptionalLength, TRUE);
2278     }
2279 lend:
2280     if( lpwhr )
2281         WININET_Release( &lpwhr->hdr );
2282     return r;
2283 }
2284
2285 /***********************************************************************
2286  *           HttpSendRequestA (WININET.@)
2287  *
2288  * Sends the specified request to the HTTP server
2289  *
2290  * RETURNS
2291  *    TRUE  on success
2292  *    FALSE on failure
2293  *
2294  */
2295 BOOL WINAPI HttpSendRequestA(HINTERNET hHttpRequest, LPCSTR lpszHeaders,
2296         DWORD dwHeaderLength, LPVOID lpOptional ,DWORD dwOptionalLength)
2297 {
2298     BOOL result;
2299     LPWSTR szHeaders=NULL;
2300     DWORD nLen=dwHeaderLength;
2301     if(lpszHeaders!=NULL)
2302     {
2303         nLen=MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,NULL,0);
2304         szHeaders=HeapAlloc(GetProcessHeap(),0,nLen*sizeof(WCHAR));
2305         MultiByteToWideChar(CP_ACP,0,lpszHeaders,dwHeaderLength,szHeaders,nLen);
2306     }
2307     result=HttpSendRequestW(hHttpRequest, szHeaders, nLen, lpOptional, dwOptionalLength);
2308     HeapFree(GetProcessHeap(),0,szHeaders);
2309     return result;
2310 }
2311
2312 /***********************************************************************
2313  *           HTTP_HandleRedirect (internal)
2314  */
2315 static BOOL HTTP_HandleRedirect(LPWININETHTTPREQW lpwhr, LPCWSTR lpszUrl)
2316 {
2317     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
2318     LPWININETAPPINFOW hIC = lpwhs->lpAppInfo;
2319     WCHAR path[2048];
2320
2321     if(lpszUrl[0]=='/')
2322     {
2323         /* if it's an absolute path, keep the same session info */
2324         lstrcpynW(path, lpszUrl, 2048);
2325     }
2326     else if (NULL != hIC->lpszProxy && hIC->lpszProxy[0] != 0)
2327     {
2328         TRACE("Redirect through proxy\n");
2329         lstrcpynW(path, lpszUrl, 2048);
2330     }
2331     else
2332     {
2333         URL_COMPONENTSW urlComponents;
2334         WCHAR protocol[32], hostName[MAXHOSTNAME], userName[1024];
2335         static WCHAR szHttp[] = {'h','t','t','p',0};
2336         static WCHAR szHttps[] = {'h','t','t','p','s',0};
2337         DWORD url_length = 0;
2338         LPWSTR orig_url;
2339         LPWSTR combined_url;
2340
2341         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2342         urlComponents.lpszScheme = (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE) ? szHttps : szHttp;
2343         urlComponents.dwSchemeLength = 0;
2344         urlComponents.lpszHostName = lpwhs->lpszHostName;
2345         urlComponents.dwHostNameLength = 0;
2346         urlComponents.nPort = lpwhs->nHostPort;
2347         urlComponents.lpszUserName = lpwhs->lpszUserName;
2348         urlComponents.dwUserNameLength = 0;
2349         urlComponents.lpszPassword = NULL;
2350         urlComponents.dwPasswordLength = 0;
2351         urlComponents.lpszUrlPath = lpwhr->lpszPath;
2352         urlComponents.dwUrlPathLength = 0;
2353         urlComponents.lpszExtraInfo = NULL;
2354         urlComponents.dwExtraInfoLength = 0;
2355
2356         if (!InternetCreateUrlW(&urlComponents, 0, NULL, &url_length) &&
2357             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2358             return FALSE;
2359
2360         orig_url = HeapAlloc(GetProcessHeap(), 0, url_length);
2361
2362         /* convert from bytes to characters */
2363         url_length = url_length / sizeof(WCHAR) - 1;
2364         if (!InternetCreateUrlW(&urlComponents, 0, orig_url, &url_length))
2365         {
2366             HeapFree(GetProcessHeap(), 0, orig_url);
2367             return FALSE;
2368         }
2369
2370         url_length = 0;
2371         if (!InternetCombineUrlW(orig_url, lpszUrl, NULL, &url_length, ICU_ENCODE_SPACES_ONLY) &&
2372             (GetLastError() != ERROR_INSUFFICIENT_BUFFER))
2373         {
2374             HeapFree(GetProcessHeap(), 0, orig_url);
2375             return FALSE;
2376         }
2377         combined_url = HeapAlloc(GetProcessHeap(), 0, url_length * sizeof(WCHAR));
2378
2379         if (!InternetCombineUrlW(orig_url, lpszUrl, combined_url, &url_length, ICU_ENCODE_SPACES_ONLY))
2380         {
2381             HeapFree(GetProcessHeap(), 0, orig_url);
2382             HeapFree(GetProcessHeap(), 0, combined_url);
2383             return FALSE;
2384         }
2385         HeapFree(GetProcessHeap(), 0, orig_url);
2386
2387         userName[0] = 0;
2388         hostName[0] = 0;
2389         protocol[0] = 0;
2390
2391         urlComponents.dwStructSize = sizeof(URL_COMPONENTSW);
2392         urlComponents.lpszScheme = protocol;
2393         urlComponents.dwSchemeLength = 32;
2394         urlComponents.lpszHostName = hostName;
2395         urlComponents.dwHostNameLength = MAXHOSTNAME;
2396         urlComponents.lpszUserName = userName;
2397         urlComponents.dwUserNameLength = 1024;
2398         urlComponents.lpszPassword = NULL;
2399         urlComponents.dwPasswordLength = 0;
2400         urlComponents.lpszUrlPath = path;
2401         urlComponents.dwUrlPathLength = 2048;
2402         urlComponents.lpszExtraInfo = NULL;
2403         urlComponents.dwExtraInfoLength = 0;
2404         if(!InternetCrackUrlW(combined_url, strlenW(combined_url), 0, &urlComponents))
2405         {
2406             HeapFree(GetProcessHeap(), 0, combined_url);
2407             return FALSE;
2408         }
2409         HeapFree(GetProcessHeap(), 0, combined_url);
2410
2411         if (!strncmpW(szHttp, urlComponents.lpszScheme, strlenW(szHttp)) &&
2412             (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2413         {
2414             TRACE("redirect from secure page to non-secure page\n");
2415             /* FIXME: warn about from secure redirect to non-secure page */
2416             lpwhr->hdr.dwFlags &= ~INTERNET_FLAG_SECURE;
2417         }
2418         if (!strncmpW(szHttps, urlComponents.lpszScheme, strlenW(szHttps)) &&
2419             !(lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2420         {
2421             TRACE("redirect from non-secure page to secure page\n");
2422             /* FIXME: notify about redirect to secure page */
2423             lpwhr->hdr.dwFlags |= INTERNET_FLAG_SECURE;
2424         }
2425
2426         if (urlComponents.nPort == INTERNET_INVALID_PORT_NUMBER)
2427         {
2428             if (lstrlenW(protocol)>4) /*https*/
2429                 urlComponents.nPort = INTERNET_DEFAULT_HTTPS_PORT;
2430             else /*http*/
2431                 urlComponents.nPort = INTERNET_DEFAULT_HTTP_PORT;
2432         }
2433
2434 #if 0
2435         /*
2436          * This upsets redirects to binary files on sourceforge.net 
2437          * and gives an html page instead of the target file
2438          * Examination of the HTTP request sent by native wininet.dll
2439          * reveals that it doesn't send a referrer in that case.
2440          * Maybe there's a flag that enables this, or maybe a referrer
2441          * shouldn't be added in case of a redirect.
2442          */
2443
2444         /* consider the current host as the referrer */
2445         if (NULL != lpwhs->lpszServerName && strlenW(lpwhs->lpszServerName))
2446             HTTP_ProcessHeader(lpwhr, HTTP_REFERER, lpwhs->lpszServerName,
2447                            HTTP_ADDHDR_FLAG_REQ|HTTP_ADDREQ_FLAG_REPLACE|
2448                            HTTP_ADDHDR_FLAG_ADD_IF_NEW);
2449 #endif
2450         
2451         HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
2452         lpwhs->lpszServerName = WININET_strdupW(hostName);
2453         HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
2454         if (urlComponents.nPort != INTERNET_DEFAULT_HTTP_PORT &&
2455                 urlComponents.nPort != INTERNET_DEFAULT_HTTPS_PORT)
2456         {
2457             int len;
2458             static const WCHAR fmt[] = {'%','s',':','%','i',0};
2459             len = lstrlenW(hostName);
2460             len += 7; /* 5 for strlen("65535") + 1 for ":" + 1 for '\0' */
2461             lpwhs->lpszHostName = HeapAlloc(GetProcessHeap(), 0, len*sizeof(WCHAR));
2462             sprintfW(lpwhs->lpszHostName, fmt, hostName, urlComponents.nPort);
2463         }
2464         else
2465             lpwhs->lpszHostName = WININET_strdupW(hostName);
2466
2467         HTTP_ProcessHeader(lpwhr, szHost, lpwhs->lpszHostName, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDREQ_FLAG_REPLACE | HTTP_ADDHDR_FLAG_REQ);
2468
2469         
2470         HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
2471         lpwhs->lpszUserName = NULL;
2472         if (userName[0])
2473             lpwhs->lpszUserName = WININET_strdupW(userName);
2474         lpwhs->nServerPort = urlComponents.nPort;
2475
2476         if (!HTTP_ResolveName(lpwhr))
2477             return FALSE;
2478
2479         NETCON_close(&lpwhr->netConnection);
2480
2481         if (!NETCON_init(&lpwhr->netConnection,lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE))
2482             return FALSE;
2483     }
2484
2485     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
2486     lpwhr->lpszPath=NULL;
2487     if (strlenW(path))
2488     {
2489         DWORD needed = 0;
2490         HRESULT rc;
2491
2492         rc = UrlEscapeW(path, NULL, &needed, URL_ESCAPE_SPACES_ONLY);
2493         if (rc != E_POINTER)
2494             needed = strlenW(path)+1;
2495         lpwhr->lpszPath = HeapAlloc(GetProcessHeap(), 0, needed*sizeof(WCHAR));
2496         rc = UrlEscapeW(path, lpwhr->lpszPath, &needed,
2497                         URL_ESCAPE_SPACES_ONLY);
2498         if (rc)
2499         {
2500             ERR("Unable to escape string!(%s) (%d)\n",debugstr_w(path),rc);
2501             strcpyW(lpwhr->lpszPath,path);
2502         }
2503     }
2504
2505     return TRUE;
2506 }
2507
2508 /***********************************************************************
2509  *           HTTP_build_req (internal)
2510  *
2511  *  concatenate all the strings in the request together
2512  */
2513 static LPWSTR HTTP_build_req( LPCWSTR *list, int len )
2514 {
2515     LPCWSTR *t;
2516     LPWSTR str;
2517
2518     for( t = list; *t ; t++  )
2519         len += strlenW( *t );
2520     len++;
2521
2522     str = HeapAlloc( GetProcessHeap(), 0, len*sizeof(WCHAR) );
2523     *str = 0;
2524
2525     for( t = list; *t ; t++ )
2526         strcatW( str, *t );
2527
2528     return str;
2529 }
2530
2531 static BOOL HTTP_SecureProxyConnect(LPWININETHTTPREQW lpwhr)
2532 {
2533     LPWSTR lpszPath;
2534     LPWSTR requestString;
2535     INT len;
2536     INT cnt;
2537     INT responseLen;
2538     char *ascii_req;
2539     BOOL ret;
2540     static const WCHAR szConnect[] = {'C','O','N','N','E','C','T',0};
2541     static const WCHAR szFormat[] = {'%','s',':','%','d',0};
2542     LPWININETHTTPSESSIONW lpwhs = lpwhr->lpHttpSession;
2543
2544     TRACE("\n");
2545
2546     lpszPath = HeapAlloc( GetProcessHeap(), 0, (lstrlenW( lpwhs->lpszHostName ) + 13)*sizeof(WCHAR) );
2547     sprintfW( lpszPath, szFormat, lpwhs->lpszHostName, lpwhs->nHostPort );
2548     requestString = HTTP_BuildHeaderRequestString( lpwhr, szConnect, lpszPath, FALSE );
2549     HeapFree( GetProcessHeap(), 0, lpszPath );
2550
2551     len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
2552                                 NULL, 0, NULL, NULL );
2553     len--; /* the nul terminator isn't needed */
2554     ascii_req = HeapAlloc( GetProcessHeap(), 0, len );
2555     WideCharToMultiByte( CP_ACP, 0, requestString, -1,
2556                             ascii_req, len, NULL, NULL );
2557     HeapFree( GetProcessHeap(), 0, requestString );
2558
2559     TRACE("full request -> %s\n", debugstr_an( ascii_req, len ) );
2560
2561     ret = NETCON_send( &lpwhr->netConnection, ascii_req, len, 0, &cnt );
2562     HeapFree( GetProcessHeap(), 0, ascii_req );
2563     if (!ret || cnt < 0)
2564         return FALSE;
2565
2566     responseLen = HTTP_GetResponseHeaders( lpwhr );
2567     if (!responseLen)
2568         return FALSE;
2569
2570     return TRUE;
2571 }
2572
2573 /***********************************************************************
2574  *           HTTP_HttpSendRequestW (internal)
2575  *
2576  * Sends the specified request to the HTTP server
2577  *
2578  * RETURNS
2579  *    TRUE  on success
2580  *    FALSE on failure
2581  *
2582  */
2583 BOOL WINAPI HTTP_HttpSendRequestW(LPWININETHTTPREQW lpwhr, LPCWSTR lpszHeaders,
2584         DWORD dwHeaderLength, LPVOID lpOptional, DWORD dwOptionalLength,
2585         DWORD dwContentLength, BOOL bEndRequest)
2586 {
2587     INT cnt;
2588     BOOL bSuccess = FALSE;
2589     LPWSTR requestString = NULL;
2590     INT responseLen;
2591     BOOL loop_next;
2592     INTERNET_ASYNC_RESULT iar;
2593     static const WCHAR szClose[] = { 'C','l','o','s','e',0 };
2594     static const WCHAR szContentLength[] =
2595         { 'C','o','n','t','e','n','t','-','L','e','n','g','t','h',':',' ','%','l','i','\r','\n',0 };
2596     WCHAR contentLengthStr[sizeof szContentLength/2 /* includes \r\n */ + 20 /* int */ ];
2597
2598     TRACE("--> %p\n", lpwhr);
2599
2600     assert(lpwhr->hdr.htype == WH_HHTTPREQ);
2601
2602     /* Clear any error information */
2603     INTERNET_SetLastError(0);
2604
2605     HTTP_FixVerb(lpwhr);
2606     
2607     sprintfW(contentLengthStr, szContentLength, dwContentLength);
2608     HTTP_HttpAddRequestHeadersW(lpwhr, contentLengthStr, -1L, HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REPLACE);
2609
2610     do
2611     {
2612         DWORD len;
2613         char *ascii_req;
2614
2615         loop_next = FALSE;
2616
2617         /* like native, just in case the caller forgot to call InternetReadFile
2618          * for all the data */
2619         HTTP_DrainContent(lpwhr);
2620         lpwhr->dwContentRead = 0;
2621
2622         if (TRACE_ON(wininet))
2623         {
2624             LPHTTPHEADERW Host = HTTP_GetHeader(lpwhr,szHost);
2625             TRACE("Going to url %s %s\n", debugstr_w(Host->lpszValue), debugstr_w(lpwhr->lpszPath));
2626         }
2627
2628         HTTP_FixURL(lpwhr);
2629         HTTP_ProcessHeader(lpwhr, szConnection,
2630                            lpwhr->hdr.dwFlags & INTERNET_FLAG_KEEP_CONNECTION ? szKeepAlive : szClose,
2631                            HTTP_ADDHDR_FLAG_REQ | HTTP_ADDHDR_FLAG_REPLACE);
2632
2633         HTTP_InsertAuthorization(lpwhr);
2634         HTTP_InsertProxyAuthorization(lpwhr);
2635
2636         /* add the headers the caller supplied */
2637         if( lpszHeaders && dwHeaderLength )
2638         {
2639             HTTP_HttpAddRequestHeadersW(lpwhr, lpszHeaders, dwHeaderLength,
2640                         HTTP_ADDREQ_FLAG_ADD | HTTP_ADDHDR_FLAG_REPLACE);
2641         }
2642
2643         requestString = HTTP_BuildHeaderRequestString(lpwhr, lpwhr->lpszVerb, lpwhr->lpszPath, FALSE);
2644  
2645         TRACE("Request header -> %s\n", debugstr_w(requestString) );
2646
2647         /* Send the request and store the results */
2648         if (!HTTP_OpenConnection(lpwhr))
2649             goto lend;
2650
2651         /* send the request as ASCII, tack on the optional data */
2652         if( !lpOptional )
2653             dwOptionalLength = 0;
2654         len = WideCharToMultiByte( CP_ACP, 0, requestString, -1,
2655                                    NULL, 0, NULL, NULL );
2656         ascii_req = HeapAlloc( GetProcessHeap(), 0, len + dwOptionalLength );
2657         WideCharToMultiByte( CP_ACP, 0, requestString, -1,
2658                              ascii_req, len, NULL, NULL );
2659         if( lpOptional )
2660             memcpy( &ascii_req[len-1], lpOptional, dwOptionalLength );
2661         len = (len + dwOptionalLength - 1);
2662         ascii_req[len] = 0;
2663         TRACE("full request -> %s\n", debugstr_a(ascii_req) );
2664
2665         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2666                               INTERNET_STATUS_SENDING_REQUEST, NULL, 0);
2667
2668         NETCON_send(&lpwhr->netConnection, ascii_req, len, 0, &cnt);
2669         HeapFree( GetProcessHeap(), 0, ascii_req );
2670
2671         INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2672                               INTERNET_STATUS_REQUEST_SENT,
2673                               &len, sizeof(DWORD));
2674
2675         if (bEndRequest)
2676         {
2677             DWORD dwBufferSize;
2678             DWORD dwStatusCode;
2679
2680             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2681                                 INTERNET_STATUS_RECEIVING_RESPONSE, NULL, 0);
2682     
2683             if (cnt < 0)
2684                 goto lend;
2685     
2686             responseLen = HTTP_GetResponseHeaders(lpwhr);
2687             if (responseLen)
2688                 bSuccess = TRUE;
2689     
2690             INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2691                                 INTERNET_STATUS_RESPONSE_RECEIVED, &responseLen,
2692                                 sizeof(DWORD));
2693
2694             HTTP_ProcessHeaders(lpwhr);
2695
2696             dwBufferSize = sizeof(lpwhr->dwContentLength);
2697             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_CONTENT_LENGTH,
2698                                      &lpwhr->dwContentLength,&dwBufferSize,NULL))
2699                 lpwhr->dwContentLength = -1;
2700
2701             if (lpwhr->dwContentLength == 0)
2702                 HTTP_FinishedReading(lpwhr);
2703
2704             dwBufferSize = sizeof(dwStatusCode);
2705             if (!HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_FLAG_NUMBER|HTTP_QUERY_STATUS_CODE,
2706                                      &dwStatusCode,&dwBufferSize,NULL))
2707                 dwStatusCode = 0;
2708
2709             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTO_REDIRECT) && bSuccess)
2710             {
2711                 WCHAR szNewLocation[2048];
2712                 dwBufferSize=sizeof(szNewLocation);
2713                 if ((dwStatusCode==HTTP_STATUS_REDIRECT || dwStatusCode==HTTP_STATUS_MOVED) &&
2714                     HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_LOCATION,szNewLocation,&dwBufferSize,NULL))
2715                 {
2716                     HTTP_DrainContent(lpwhr);
2717                     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2718                                           INTERNET_STATUS_REDIRECT, szNewLocation,
2719                                           dwBufferSize);
2720                     bSuccess = HTTP_HandleRedirect(lpwhr, szNewLocation);
2721                     if (bSuccess)
2722                     {
2723                         HeapFree(GetProcessHeap(), 0, requestString);
2724                         loop_next = TRUE;
2725                     }
2726                 }
2727             }
2728             if (!(lpwhr->hdr.dwFlags & INTERNET_FLAG_NO_AUTH) && bSuccess)
2729             {
2730                 WCHAR szAuthValue[2048];
2731                 dwBufferSize=2048;
2732                 if (dwStatusCode == HTTP_STATUS_DENIED)
2733                 {
2734                     DWORD dwIndex = 0;
2735                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_WWW_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
2736                     {
2737                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
2738                                                  &lpwhr->pAuthInfo,
2739                                                  lpwhr->lpHttpSession->lpszUserName,
2740                                                  lpwhr->lpHttpSession->lpszPassword))
2741                         {
2742                             loop_next = TRUE;
2743                             break;
2744                         }
2745                     }
2746                 }
2747                 if (dwStatusCode == HTTP_STATUS_PROXY_AUTH_REQ)
2748                 {
2749                     DWORD dwIndex = 0;
2750                     while (HTTP_HttpQueryInfoW(lpwhr,HTTP_QUERY_PROXY_AUTHENTICATE,szAuthValue,&dwBufferSize,&dwIndex))
2751                     {
2752                         if (HTTP_DoAuthorization(lpwhr, szAuthValue,
2753                                                  &lpwhr->pProxyAuthInfo,
2754                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyUsername,
2755                                                  lpwhr->lpHttpSession->lpAppInfo->lpszProxyPassword))
2756                         {
2757                             loop_next = TRUE;
2758                             break;
2759                         }
2760                     }
2761                 }
2762             }
2763         }
2764         else
2765             bSuccess = TRUE;
2766     }
2767     while (loop_next);
2768
2769 lend:
2770
2771     HeapFree(GetProcessHeap(), 0, requestString);
2772
2773     /* TODO: send notification for P3P header */
2774
2775     iar.dwResult = (DWORD)bSuccess;
2776     iar.dwError = bSuccess ? ERROR_SUCCESS : INTERNET_GetLastError();
2777
2778     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2779                           INTERNET_STATUS_REQUEST_COMPLETE, &iar,
2780                           sizeof(INTERNET_ASYNC_RESULT));
2781
2782     TRACE("<--\n");
2783     return bSuccess;
2784 }
2785
2786 /***********************************************************************
2787  *           HTTP_Connect  (internal)
2788  *
2789  * Create http session handle
2790  *
2791  * RETURNS
2792  *   HINTERNET a session handle on success
2793  *   NULL on failure
2794  *
2795  */
2796 HINTERNET HTTP_Connect(LPWININETAPPINFOW hIC, LPCWSTR lpszServerName,
2797         INTERNET_PORT nServerPort, LPCWSTR lpszUserName,
2798         LPCWSTR lpszPassword, DWORD dwFlags, DWORD_PTR dwContext,
2799         DWORD dwInternalFlags)
2800 {
2801     BOOL bSuccess = FALSE;
2802     LPWININETHTTPSESSIONW lpwhs = NULL;
2803     HINTERNET handle = NULL;
2804
2805     TRACE("-->\n");
2806
2807     assert( hIC->hdr.htype == WH_HINIT );
2808
2809     lpwhs = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(WININETHTTPSESSIONW));
2810     if (NULL == lpwhs)
2811     {
2812         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
2813         goto lerror;
2814     }
2815
2816    /*
2817     * According to my tests. The name is not resolved until a request is sent
2818     */
2819
2820     lpwhs->hdr.htype = WH_HHTTPSESSION;
2821     lpwhs->hdr.dwFlags = dwFlags;
2822     lpwhs->hdr.dwContext = dwContext;
2823     lpwhs->hdr.dwInternalFlags = dwInternalFlags | (hIC->hdr.dwInternalFlags & INET_CALLBACKW);
2824     lpwhs->hdr.dwRefCount = 1;
2825     lpwhs->hdr.close_connection = NULL;
2826     lpwhs->hdr.destroy = HTTP_CloseHTTPSessionHandle;
2827     lpwhs->hdr.lpfnStatusCB = hIC->hdr.lpfnStatusCB;
2828
2829     WININET_AddRef( &hIC->hdr );
2830     lpwhs->lpAppInfo = hIC;
2831     list_add_head( &hIC->hdr.children, &lpwhs->hdr.entry );
2832
2833     handle = WININET_AllocHandle( &lpwhs->hdr );
2834     if (NULL == handle)
2835     {
2836         ERR("Failed to alloc handle\n");
2837         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
2838         goto lerror;
2839     }
2840
2841     if(hIC->lpszProxy && hIC->dwAccessType == INTERNET_OPEN_TYPE_PROXY) {
2842         if(strchrW(hIC->lpszProxy, ' '))
2843             FIXME("Several proxies not implemented.\n");
2844         if(hIC->lpszProxyBypass)
2845             FIXME("Proxy bypass is ignored.\n");
2846     }
2847     if (lpszServerName && lpszServerName[0])
2848     {
2849         lpwhs->lpszServerName = WININET_strdupW(lpszServerName);
2850         lpwhs->lpszHostName = WININET_strdupW(lpszServerName);
2851     }
2852     if (lpszUserName && lpszUserName[0])
2853         lpwhs->lpszUserName = WININET_strdupW(lpszUserName);
2854     if (lpszPassword && lpszPassword[0])
2855         lpwhs->lpszPassword = WININET_strdupW(lpszPassword);
2856     lpwhs->nServerPort = nServerPort;
2857     lpwhs->nHostPort = nServerPort;
2858
2859     /* Don't send a handle created callback if this handle was created with InternetOpenUrl */
2860     if (!(lpwhs->hdr.dwInternalFlags & INET_OPENURL))
2861     {
2862         INTERNET_SendCallback(&hIC->hdr, dwContext,
2863                               INTERNET_STATUS_HANDLE_CREATED, &handle,
2864                               sizeof(handle));
2865     }
2866
2867     bSuccess = TRUE;
2868
2869 lerror:
2870     if( lpwhs )
2871         WININET_Release( &lpwhs->hdr );
2872
2873 /*
2874  * an INTERNET_STATUS_REQUEST_COMPLETE is NOT sent here as per my tests on
2875  * windows
2876  */
2877
2878     TRACE("%p --> %p (%p)\n", hIC, handle, lpwhs);
2879     return handle;
2880 }
2881
2882
2883 /***********************************************************************
2884  *           HTTP_OpenConnection (internal)
2885  *
2886  * Connect to a web server
2887  *
2888  * RETURNS
2889  *
2890  *   TRUE  on success
2891  *   FALSE on failure
2892  */
2893 static BOOL HTTP_OpenConnection(LPWININETHTTPREQW lpwhr)
2894 {
2895     BOOL bSuccess = FALSE;
2896     LPWININETHTTPSESSIONW lpwhs;
2897     LPWININETAPPINFOW hIC = NULL;
2898     char szaddr[32];
2899
2900     TRACE("-->\n");
2901
2902
2903     if (NULL == lpwhr ||  lpwhr->hdr.htype != WH_HHTTPREQ)
2904     {
2905         INTERNET_SetLastError(ERROR_INVALID_PARAMETER);
2906         goto lend;
2907     }
2908
2909     if (NETCON_connected(&lpwhr->netConnection))
2910     {
2911         bSuccess = TRUE;
2912         goto lend;
2913     }
2914
2915     lpwhs = lpwhr->lpHttpSession;
2916
2917     hIC = lpwhs->lpAppInfo;
2918     inet_ntop(lpwhs->socketAddress.sin_family, &lpwhs->socketAddress.sin_addr,
2919               szaddr, sizeof(szaddr));
2920     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2921                           INTERNET_STATUS_CONNECTING_TO_SERVER,
2922                           szaddr,
2923                           strlen(szaddr)+1);
2924
2925     if (!NETCON_create(&lpwhr->netConnection, lpwhs->socketAddress.sin_family,
2926                          SOCK_STREAM, 0))
2927     {
2928         WARN("Socket creation failed\n");
2929         goto lend;
2930     }
2931
2932     if (!NETCON_connect(&lpwhr->netConnection, (struct sockaddr *)&lpwhs->socketAddress,
2933                       sizeof(lpwhs->socketAddress)))
2934        goto lend;
2935
2936     if (lpwhr->hdr.dwFlags & INTERNET_FLAG_SECURE)
2937     {
2938         /* Note: we differ from Microsoft's WinINet here. they seem to have
2939          * a bug that causes no status callbacks to be sent when starting
2940          * a tunnel to a proxy server using the CONNECT verb. i believe our
2941          * behaviour to be more correct and to not cause any incompatibilities
2942          * because using a secure connection through a proxy server is a rare
2943          * case that would be hard for anyone to depend on */
2944         if (hIC->lpszProxy && !HTTP_SecureProxyConnect(lpwhr))
2945             goto lend;
2946
2947         if (!NETCON_secure_connect(&lpwhr->netConnection, lpwhs->lpszHostName))
2948         {
2949             WARN("Couldn't connect securely to host\n");
2950             goto lend;
2951         }
2952     }
2953
2954     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
2955                           INTERNET_STATUS_CONNECTED_TO_SERVER,
2956                           szaddr, strlen(szaddr)+1);
2957
2958     bSuccess = TRUE;
2959
2960 lend:
2961     TRACE("%d <--\n", bSuccess);
2962     return bSuccess;
2963 }
2964
2965
2966 /***********************************************************************
2967  *           HTTP_clear_response_headers (internal)
2968  *
2969  * clear out any old response headers
2970  */
2971 static void HTTP_clear_response_headers( LPWININETHTTPREQW lpwhr )
2972 {
2973     DWORD i;
2974
2975     for( i=0; i<lpwhr->nCustHeaders; i++)
2976     {
2977         if( !lpwhr->pCustHeaders[i].lpszField )
2978             continue;
2979         if( !lpwhr->pCustHeaders[i].lpszValue )
2980             continue;
2981         if ( lpwhr->pCustHeaders[i].wFlags & HDR_ISREQUEST )
2982             continue;
2983         HTTP_DeleteCustomHeader( lpwhr, i );
2984         i--;
2985     }
2986 }
2987
2988 /***********************************************************************
2989  *           HTTP_GetResponseHeaders (internal)
2990  *
2991  * Read server response
2992  *
2993  * RETURNS
2994  *
2995  *   TRUE  on success
2996  *   FALSE on error
2997  */
2998 static INT HTTP_GetResponseHeaders(LPWININETHTTPREQW lpwhr)
2999 {
3000     INT cbreaks = 0;
3001     WCHAR buffer[MAX_REPLY_LEN];
3002     DWORD buflen = MAX_REPLY_LEN;
3003     BOOL bSuccess = FALSE;
3004     INT  rc = 0;
3005     static const WCHAR szCrLf[] = {'\r','\n',0};
3006     char bufferA[MAX_REPLY_LEN];
3007     LPWSTR status_code, status_text;
3008     DWORD cchMaxRawHeaders = 1024;
3009     LPWSTR lpszRawHeaders = HeapAlloc(GetProcessHeap(), 0, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3010     DWORD cchRawHeaders = 0;
3011
3012     TRACE("-->\n");
3013
3014     /* clear old response headers (eg. from a redirect response) */
3015     HTTP_clear_response_headers( lpwhr );
3016
3017     if (!NETCON_connected(&lpwhr->netConnection))
3018         goto lend;
3019
3020     /*
3021      * HACK peek at the buffer
3022      */
3023     NETCON_recv(&lpwhr->netConnection, buffer, buflen, MSG_PEEK, &rc);
3024
3025     /*
3026      * We should first receive 'HTTP/1.x nnn OK' where nnn is the status code.
3027      */
3028     buflen = MAX_REPLY_LEN;
3029     memset(buffer, 0, MAX_REPLY_LEN);
3030     if (!NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3031         goto lend;
3032     MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3033
3034     /* regenerate raw headers */
3035     while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3036     {
3037         cchMaxRawHeaders *= 2;
3038         lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3039     }
3040     memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3041     cchRawHeaders += (buflen-1);
3042     memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3043     cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3044     lpszRawHeaders[cchRawHeaders] = '\0';
3045
3046     /* split the version from the status code */
3047     status_code = strchrW( buffer, ' ' );
3048     if( !status_code )
3049         goto lend;
3050     *status_code++=0;
3051
3052     /* split the status code from the status text */
3053     status_text = strchrW( status_code, ' ' );
3054     if( !status_text )
3055         goto lend;
3056     *status_text++=0;
3057
3058     TRACE("version [%s] status code [%s] status text [%s]\n",
3059          debugstr_w(buffer), debugstr_w(status_code), debugstr_w(status_text) );
3060
3061     HTTP_ProcessHeader(lpwhr, szStatus, status_code,
3062             HTTP_ADDHDR_FLAG_REPLACE);
3063
3064     HeapFree(GetProcessHeap(),0,lpwhr->lpszVersion);
3065     HeapFree(GetProcessHeap(),0,lpwhr->lpszStatusText);
3066
3067     lpwhr->lpszVersion= WININET_strdupW(buffer);
3068     lpwhr->lpszStatusText = WININET_strdupW(status_text);
3069
3070     /* Parse each response line */
3071     do
3072     {
3073         buflen = MAX_REPLY_LEN;
3074         if (NETCON_getNextLine(&lpwhr->netConnection, bufferA, &buflen))
3075         {
3076             LPWSTR * pFieldAndValue;
3077
3078             TRACE("got line %s, now interpreting\n", debugstr_a(bufferA));
3079             MultiByteToWideChar( CP_ACP, 0, bufferA, buflen, buffer, MAX_REPLY_LEN );
3080
3081             while (cchRawHeaders + buflen + strlenW(szCrLf) > cchMaxRawHeaders)
3082             {
3083                 cchMaxRawHeaders *= 2;
3084                 lpszRawHeaders = HeapReAlloc(GetProcessHeap(), 0, lpszRawHeaders, (cchMaxRawHeaders+1)*sizeof(WCHAR));
3085             }
3086             memcpy(lpszRawHeaders+cchRawHeaders, buffer, (buflen-1)*sizeof(WCHAR));
3087             cchRawHeaders += (buflen-1);
3088             memcpy(lpszRawHeaders+cchRawHeaders, szCrLf, sizeof(szCrLf));
3089             cchRawHeaders += sizeof(szCrLf)/sizeof(szCrLf[0])-1;
3090             lpszRawHeaders[cchRawHeaders] = '\0';
3091
3092             pFieldAndValue = HTTP_InterpretHttpHeader(buffer);
3093             if (!pFieldAndValue)
3094                 break;
3095
3096             HTTP_ProcessHeader(lpwhr, pFieldAndValue[0], pFieldAndValue[1], 
3097                 HTTP_ADDREQ_FLAG_ADD );
3098
3099             HTTP_FreeTokens(pFieldAndValue);
3100         }
3101         else
3102         {
3103             cbreaks++;
3104             if (cbreaks >= 2)
3105                break;
3106         }
3107     }while(1);
3108
3109     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
3110     lpwhr->lpszRawHeaders = lpszRawHeaders;
3111     TRACE("raw headers: %s\n", debugstr_w(lpszRawHeaders));
3112     bSuccess = TRUE;
3113
3114 lend:
3115
3116     TRACE("<--\n");
3117     if (bSuccess)
3118         return rc;
3119     else
3120         return 0;
3121 }
3122
3123
3124 static void strip_spaces(LPWSTR start)
3125 {
3126     LPWSTR str = start;
3127     LPWSTR end;
3128
3129     while (*str == ' ' && *str != '\0')
3130         str++;
3131
3132     if (str != start)
3133         memmove(start, str, sizeof(WCHAR) * (strlenW(str) + 1));
3134
3135     end = start + strlenW(start) - 1;
3136     while (end >= start && *end == ' ')
3137     {
3138         *end = '\0';
3139         end--;
3140     }
3141 }
3142
3143
3144 /***********************************************************************
3145  *           HTTP_InterpretHttpHeader (internal)
3146  *
3147  * Parse server response
3148  *
3149  * RETURNS
3150  *
3151  *   Pointer to array of field, value, NULL on success.
3152  *   NULL on error.
3153  */
3154 static LPWSTR * HTTP_InterpretHttpHeader(LPCWSTR buffer)
3155 {
3156     LPWSTR * pTokenPair;
3157     LPWSTR pszColon;
3158     INT len;
3159
3160     pTokenPair = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(*pTokenPair)*3);
3161
3162     pszColon = strchrW(buffer, ':');
3163     /* must have two tokens */
3164     if (!pszColon)
3165     {
3166         HTTP_FreeTokens(pTokenPair);
3167         if (buffer[0])
3168             TRACE("No ':' in line: %s\n", debugstr_w(buffer));
3169         return NULL;
3170     }
3171
3172     pTokenPair[0] = HeapAlloc(GetProcessHeap(), 0, (pszColon - buffer + 1) * sizeof(WCHAR));
3173     if (!pTokenPair[0])
3174     {
3175         HTTP_FreeTokens(pTokenPair);
3176         return NULL;
3177     }
3178     memcpy(pTokenPair[0], buffer, (pszColon - buffer) * sizeof(WCHAR));
3179     pTokenPair[0][pszColon - buffer] = '\0';
3180
3181     /* skip colon */
3182     pszColon++;
3183     len = strlenW(pszColon);
3184     pTokenPair[1] = HeapAlloc(GetProcessHeap(), 0, (len + 1) * sizeof(WCHAR));
3185     if (!pTokenPair[1])
3186     {
3187         HTTP_FreeTokens(pTokenPair);
3188         return NULL;
3189     }
3190     memcpy(pTokenPair[1], pszColon, (len + 1) * sizeof(WCHAR));
3191
3192     strip_spaces(pTokenPair[0]);
3193     strip_spaces(pTokenPair[1]);
3194
3195     TRACE("field(%s) Value(%s)\n", debugstr_w(pTokenPair[0]), debugstr_w(pTokenPair[1]));
3196     return pTokenPair;
3197 }
3198
3199 /***********************************************************************
3200  *           HTTP_ProcessHeader (internal)
3201  *
3202  * Stuff header into header tables according to <dwModifier>
3203  *
3204  */
3205
3206 #define COALESCEFLAGS (HTTP_ADDHDR_FLAG_COALESCE|HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA|HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
3207
3208 static BOOL HTTP_ProcessHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field, LPCWSTR value, DWORD dwModifier)
3209 {
3210     LPHTTPHEADERW lphttpHdr = NULL;
3211     BOOL bSuccess = FALSE;
3212     INT index = -1;
3213     BOOL request_only = dwModifier & HTTP_ADDHDR_FLAG_REQ;
3214
3215     TRACE("--> %s: %s - 0x%08x\n", debugstr_w(field), debugstr_w(value), dwModifier);
3216
3217     /* REPLACE wins out over ADD */
3218     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
3219         dwModifier &= ~HTTP_ADDHDR_FLAG_ADD;
3220     
3221     if (dwModifier & HTTP_ADDHDR_FLAG_ADD)
3222         index = -1;
3223     else
3224         index = HTTP_GetCustomHeaderIndex(lpwhr, field, 0, request_only);
3225
3226     if (index >= 0)
3227     {
3228         if (dwModifier & HTTP_ADDHDR_FLAG_ADD_IF_NEW)
3229         {
3230             return FALSE;
3231         }
3232         lphttpHdr = &lpwhr->pCustHeaders[index];
3233     }
3234     else if (value)
3235     {
3236         HTTPHEADERW hdr;
3237
3238         hdr.lpszField = (LPWSTR)field;
3239         hdr.lpszValue = (LPWSTR)value;
3240         hdr.wFlags = hdr.wCount = 0;
3241
3242         if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3243             hdr.wFlags |= HDR_ISREQUEST;
3244
3245         return HTTP_InsertCustomHeader(lpwhr, &hdr);
3246     }
3247     /* no value to delete */
3248     else return TRUE;
3249
3250     if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3251             lphttpHdr->wFlags |= HDR_ISREQUEST;
3252     else
3253         lphttpHdr->wFlags &= ~HDR_ISREQUEST;
3254
3255     if (dwModifier & HTTP_ADDHDR_FLAG_REPLACE)
3256     {
3257         HTTP_DeleteCustomHeader( lpwhr, index );
3258
3259         if (value)
3260         {
3261             HTTPHEADERW hdr;
3262
3263             hdr.lpszField = (LPWSTR)field;
3264             hdr.lpszValue = (LPWSTR)value;
3265             hdr.wFlags = hdr.wCount = 0;
3266
3267             if (dwModifier & HTTP_ADDHDR_FLAG_REQ)
3268                 hdr.wFlags |= HDR_ISREQUEST;
3269
3270             return HTTP_InsertCustomHeader(lpwhr, &hdr);
3271         }
3272
3273         return TRUE;
3274     }
3275     else if (dwModifier & COALESCEFLAGS)
3276     {
3277         LPWSTR lpsztmp;
3278         WCHAR ch = 0;
3279         INT len = 0;
3280         INT origlen = strlenW(lphttpHdr->lpszValue);
3281         INT valuelen = strlenW(value);
3282
3283         if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_COMMA)
3284         {
3285             ch = ',';
3286             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
3287         }
3288         else if (dwModifier & HTTP_ADDHDR_FLAG_COALESCE_WITH_SEMICOLON)
3289         {
3290             ch = ';';
3291             lphttpHdr->wFlags |= HDR_COMMADELIMITED;
3292         }
3293
3294         len = origlen + valuelen + ((ch > 0) ? 2 : 0);
3295
3296         lpsztmp = HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY,  lphttpHdr->lpszValue, (len+1)*sizeof(WCHAR));
3297         if (lpsztmp)
3298         {
3299             lphttpHdr->lpszValue = lpsztmp;
3300     /* FIXME: Increment lphttpHdr->wCount. Perhaps lpszValue should be an array */
3301             if (ch > 0)
3302             {
3303                 lphttpHdr->lpszValue[origlen] = ch;
3304                 origlen++;
3305                 lphttpHdr->lpszValue[origlen] = ' ';
3306                 origlen++;
3307             }
3308
3309             memcpy(&lphttpHdr->lpszValue[origlen], value, valuelen*sizeof(WCHAR));
3310             lphttpHdr->lpszValue[len] = '\0';
3311             bSuccess = TRUE;
3312         }
3313         else
3314         {
3315             WARN("HeapReAlloc (%d bytes) failed\n",len+1);
3316             INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3317         }
3318     }
3319     TRACE("<-- %d\n",bSuccess);
3320     return bSuccess;
3321 }
3322
3323
3324 /***********************************************************************
3325  *           HTTP_CloseConnection (internal)
3326  *
3327  * Close socket connection
3328  *
3329  */
3330 static void HTTP_CloseConnection(LPWININETHANDLEHEADER hdr)
3331 {
3332     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
3333     LPWININETHTTPSESSIONW lpwhs = NULL;
3334     LPWININETAPPINFOW hIC = NULL;
3335
3336     TRACE("%p\n",lpwhr);
3337
3338     if (!NETCON_connected(&lpwhr->netConnection))
3339         return;
3340
3341     if (lpwhr->pAuthInfo)
3342     {
3343         DeleteSecurityContext(&lpwhr->pAuthInfo->ctx);
3344         FreeCredentialsHandle(&lpwhr->pAuthInfo->cred);
3345
3346         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->auth_data);
3347         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo->scheme);
3348         HeapFree(GetProcessHeap(), 0, lpwhr->pAuthInfo);
3349         lpwhr->pAuthInfo = NULL;
3350     }
3351     if (lpwhr->pProxyAuthInfo)
3352     {
3353         DeleteSecurityContext(&lpwhr->pProxyAuthInfo->ctx);
3354         FreeCredentialsHandle(&lpwhr->pProxyAuthInfo->cred);
3355
3356         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->auth_data);
3357         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo->scheme);
3358         HeapFree(GetProcessHeap(), 0, lpwhr->pProxyAuthInfo);
3359         lpwhr->pProxyAuthInfo = NULL;
3360     }
3361
3362     lpwhs = lpwhr->lpHttpSession;
3363     hIC = lpwhs->lpAppInfo;
3364
3365     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3366                           INTERNET_STATUS_CLOSING_CONNECTION, 0, 0);
3367
3368     NETCON_close(&lpwhr->netConnection);
3369
3370     INTERNET_SendCallback(&lpwhr->hdr, lpwhr->hdr.dwContext,
3371                           INTERNET_STATUS_CONNECTION_CLOSED, 0, 0);
3372 }
3373
3374
3375 /***********************************************************************
3376  *           HTTP_FinishedReading (internal)
3377  *
3378  * Called when all content from server has been read by client.
3379  *
3380  */
3381 BOOL HTTP_FinishedReading(LPWININETHTTPREQW lpwhr)
3382 {
3383     WCHAR szConnectionResponse[20];
3384     DWORD dwBufferSize = sizeof(szConnectionResponse);
3385
3386     TRACE("\n");
3387
3388     if (!HTTP_HttpQueryInfoW(lpwhr, HTTP_QUERY_CONNECTION, szConnectionResponse,
3389                              &dwBufferSize, NULL) ||
3390         strcmpiW(szConnectionResponse, szKeepAlive))
3391     {
3392         HTTP_CloseConnection(&lpwhr->hdr);
3393     }
3394
3395     /* FIXME: store data in the URL cache here */
3396
3397     return TRUE;
3398 }
3399
3400 /***********************************************************************
3401  *           HTTP_CloseHTTPRequestHandle (internal)
3402  *
3403  * Deallocate request handle
3404  *
3405  */
3406 static void HTTP_CloseHTTPRequestHandle(LPWININETHANDLEHEADER hdr)
3407 {
3408     DWORD i;
3409     LPWININETHTTPREQW lpwhr = (LPWININETHTTPREQW) hdr;
3410
3411     TRACE("\n");
3412
3413     WININET_Release(&lpwhr->lpHttpSession->hdr);
3414
3415     HeapFree(GetProcessHeap(), 0, lpwhr->lpszPath);
3416     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVerb);
3417     HeapFree(GetProcessHeap(), 0, lpwhr->lpszRawHeaders);
3418     HeapFree(GetProcessHeap(), 0, lpwhr->lpszVersion);
3419     HeapFree(GetProcessHeap(), 0, lpwhr->lpszStatusText);
3420
3421     for (i = 0; i < lpwhr->nCustHeaders; i++)
3422     {
3423         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszField);
3424         HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders[i].lpszValue);
3425     }
3426
3427     HeapFree(GetProcessHeap(), 0, lpwhr->pCustHeaders);
3428     HeapFree(GetProcessHeap(), 0, lpwhr);
3429 }
3430
3431
3432 /***********************************************************************
3433  *           HTTP_CloseHTTPSessionHandle (internal)
3434  *
3435  * Deallocate session handle
3436  *
3437  */
3438 static void HTTP_CloseHTTPSessionHandle(LPWININETHANDLEHEADER hdr)
3439 {
3440     LPWININETHTTPSESSIONW lpwhs = (LPWININETHTTPSESSIONW) hdr;
3441
3442     TRACE("%p\n", lpwhs);
3443
3444     WININET_Release(&lpwhs->lpAppInfo->hdr);
3445
3446     HeapFree(GetProcessHeap(), 0, lpwhs->lpszHostName);
3447     HeapFree(GetProcessHeap(), 0, lpwhs->lpszServerName);
3448     HeapFree(GetProcessHeap(), 0, lpwhs->lpszPassword);
3449     HeapFree(GetProcessHeap(), 0, lpwhs->lpszUserName);
3450     HeapFree(GetProcessHeap(), 0, lpwhs);
3451 }
3452
3453
3454 /***********************************************************************
3455  *           HTTP_GetCustomHeaderIndex (internal)
3456  *
3457  * Return index of custom header from header array
3458  *
3459  */
3460 static INT HTTP_GetCustomHeaderIndex(LPWININETHTTPREQW lpwhr, LPCWSTR lpszField,
3461                                      int requested_index, BOOL request_only)
3462 {
3463     DWORD index;
3464
3465     TRACE("%s\n", debugstr_w(lpszField));
3466
3467     for (index = 0; index < lpwhr->nCustHeaders; index++)
3468     {
3469         if (strcmpiW(lpwhr->pCustHeaders[index].lpszField, lpszField))
3470             continue;
3471
3472         if (request_only && !(lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
3473             continue;
3474
3475         if (!request_only && (lpwhr->pCustHeaders[index].wFlags & HDR_ISREQUEST))
3476             continue;
3477
3478         if (requested_index == 0)
3479             break;
3480         requested_index --;
3481     }
3482
3483     if (index >= lpwhr->nCustHeaders)
3484         index = -1;
3485
3486     TRACE("Return: %d\n", index);
3487     return index;
3488 }
3489
3490
3491 /***********************************************************************
3492  *           HTTP_InsertCustomHeader (internal)
3493  *
3494  * Insert header into array
3495  *
3496  */
3497 static BOOL HTTP_InsertCustomHeader(LPWININETHTTPREQW lpwhr, LPHTTPHEADERW lpHdr)
3498 {
3499     INT count;
3500     LPHTTPHEADERW lph = NULL;
3501     BOOL r = FALSE;
3502
3503     TRACE("--> %s: %s\n", debugstr_w(lpHdr->lpszField), debugstr_w(lpHdr->lpszValue));
3504     count = lpwhr->nCustHeaders + 1;
3505     if (count > 1)
3506         lph = HeapReAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, lpwhr->pCustHeaders, sizeof(HTTPHEADERW) * count);
3507     else
3508         lph = HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(HTTPHEADERW) * count);
3509
3510     if (NULL != lph)
3511     {
3512         lpwhr->pCustHeaders = lph;
3513         lpwhr->pCustHeaders[count-1].lpszField = WININET_strdupW(lpHdr->lpszField);
3514         lpwhr->pCustHeaders[count-1].lpszValue = WININET_strdupW(lpHdr->lpszValue);
3515         lpwhr->pCustHeaders[count-1].wFlags = lpHdr->wFlags;
3516         lpwhr->pCustHeaders[count-1].wCount= lpHdr->wCount;
3517         lpwhr->nCustHeaders++;
3518         r = TRUE;
3519     }
3520     else
3521     {
3522         INTERNET_SetLastError(ERROR_OUTOFMEMORY);
3523     }
3524
3525     return r;
3526 }
3527
3528
3529 /***********************************************************************
3530  *           HTTP_DeleteCustomHeader (internal)
3531  *
3532  * Delete header from array
3533  *  If this function is called, the indexs may change.
3534  */
3535 static BOOL HTTP_DeleteCustomHeader(LPWININETHTTPREQW lpwhr, DWORD index)
3536 {
3537     if( lpwhr->nCustHeaders <= 0 )
3538         return FALSE;
3539     if( index >= lpwhr->nCustHeaders )
3540         return FALSE;
3541     lpwhr->nCustHeaders--;
3542
3543     memmove( &lpwhr->pCustHeaders[index], &lpwhr->pCustHeaders[index+1],
3544              (lpwhr->nCustHeaders - index)* sizeof(HTTPHEADERW) );
3545     memset( &lpwhr->pCustHeaders[lpwhr->nCustHeaders], 0, sizeof(HTTPHEADERW) );
3546
3547     return TRUE;
3548 }
3549
3550
3551 /***********************************************************************
3552  *           HTTP_VerifyValidHeader (internal)
3553  *
3554  * Verify the given header is not invalid for the given http request
3555  *
3556  */
3557 static BOOL HTTP_VerifyValidHeader(LPWININETHTTPREQW lpwhr, LPCWSTR field)
3558 {
3559     BOOL rc = TRUE;
3560
3561     /* Accept-Encoding is stripped from HTTP/1.0 requests. It is invalid */
3562     if (strcmpiW(field,szAccept_Encoding)==0)
3563         return FALSE;
3564
3565     return rc;
3566 }
3567
3568 /***********************************************************************
3569  *          IsHostInProxyBypassList (@)
3570  *
3571  * Undocumented
3572  *
3573  */
3574 BOOL WINAPI IsHostInProxyBypassList(DWORD flags, LPCSTR szHost, DWORD length)
3575 {
3576    FIXME("STUB: flags=%d host=%s length=%d\n",flags,szHost,length);
3577    return FALSE;
3578 }