Source File
server.go
Belonging Package
net/http
Copyright 2009 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.
HTTP server. See RFC 7230 through 7235.
package http
import (
urlpkg
)
Errors used by the HTTP server.
ErrBodyNotAllowed is returned by ResponseWriter.Write calls when the HTTP method or response code does not permit a body.
ErrBodyNotAllowed = errors.New("http: request method or response status code does not allow body")
ErrHijacked is returned by ResponseWriter.Write calls when the underlying connection has been hijacked using the Hijacker interface. A zero-byte write on a hijacked connection will return ErrHijacked without any other side effects.
ErrHijacked = errors.New("http: connection has been hijacked")
ErrContentLength is returned by ResponseWriter.Write calls when a Handler set a Content-Length response header with a declared size and then attempted to write more bytes than declared.
ErrContentLength = errors.New("http: wrote more than the declared Content-Length")
Deprecated: ErrWriteAfterFlush is no longer returned by anything in the net/http package. Callers should not compare errors against this variable.
ErrWriteAfterFlush = errors.New("unused")
)
A Handler responds to an HTTP request. ServeHTTP should write reply headers and data to the ResponseWriter and then return. Returning signals that the request is finished; it is not valid to use the ResponseWriter or read from the Request.Body after or concurrently with the completion of the ServeHTTP call. Depending on the HTTP client software, HTTP protocol version, and any intermediaries between the client and the Go server, it may not be possible to read from the Request.Body after writing to the ResponseWriter. Cautious handlers should read the Request.Body first, and then reply. Except for reading the body, handlers should not modify the provided Request. If ServeHTTP panics, the server (the caller of ServeHTTP) assumes that the effect of the panic was isolated to the active request. It recovers the panic, logs a stack trace to the server error log, and either closes the network connection or sends an HTTP/2 RST_STREAM, depending on the HTTP protocol. To abort a handler so the client sees an interrupted response but the server doesn't log an error, panic with the value ErrAbortHandler.
type Handler interface {
ServeHTTP(ResponseWriter, *Request)
}
A ResponseWriter interface is used by an HTTP handler to construct an HTTP response. A ResponseWriter may not be used after the Handler.ServeHTTP method has returned.
Header returns the header map that will be sent by WriteHeader. The Header map also is the mechanism with which Handlers can set HTTP trailers. Changing the header map after a call to WriteHeader (or Write) has no effect unless the modified headers are trailers. There are two ways to set Trailers. The preferred way is to predeclare in the headers which trailers you will later send by setting the "Trailer" header to the names of the trailer keys which will come later. In this case, those keys of the Header map are treated as if they were trailers. See the example. The second way, for trailer keys not known to the Handler until after the first Write, is to prefix the Header map keys with the TrailerPrefix constant value. See TrailerPrefix. To suppress automatic response headers (such as "Date"), set their value to nil.
Header() Header
Write writes the data to the connection as part of an HTTP reply. If WriteHeader has not yet been called, Write calls WriteHeader(http.StatusOK) before writing the data. If the Header does not contain a Content-Type line, Write adds a Content-Type set to the result of passing the initial 512 bytes of written data to DetectContentType. Additionally, if the total size of all written data is under a few KB and there are no Flush calls, the Content-Length header is added automatically. Depending on the HTTP protocol version and the client, calling Write or WriteHeader may prevent future reads on the Request.Body. For HTTP/1.x requests, handlers should read any needed request body data before writing the response. Once the headers have been flushed (due to either an explicit Flusher.Flush call or writing enough data to trigger a flush), the request body may be unavailable. For HTTP/2 requests, the Go HTTP server permits handlers to continue to read the request body while concurrently writing the response. However, such behavior may not be supported by all HTTP/2 clients. Handlers should read before writing if possible to maximize compatibility.
WriteHeader sends an HTTP response header with the provided status code. If WriteHeader is not called explicitly, the first call to Write will trigger an implicit WriteHeader(http.StatusOK). Thus explicit calls to WriteHeader are mainly used to send error codes. The provided code must be a valid HTTP 1xx-5xx status code. Only one header may be written. Go does not currently support sending user-defined 1xx informational headers, with the exception of 100-continue response header that the Server sends automatically when the Request.Body is read.
WriteHeader(statusCode int)
}
The Flusher interface is implemented by ResponseWriters that allow an HTTP handler to flush buffered data to the client. The default HTTP/1.x and HTTP/2 ResponseWriter implementations support Flusher, but ResponseWriter wrappers may not. Handlers should always test for this ability at runtime. Note that even for ResponseWriters that support Flush, if the client is connected through an HTTP proxy, the buffered data may not reach the client until the response completes.
Flush sends any buffered data to the client.
Flush()
}
The Hijacker interface is implemented by ResponseWriters that allow an HTTP handler to take over the connection. The default ResponseWriter for HTTP/1.x connections supports Hijacker, but HTTP/2 connections intentionally do not. ResponseWriter wrappers may also not support Hijacker. Handlers should always test for this ability at runtime.
Hijack lets the caller take over the connection. After a call to Hijack the HTTP server library will not do anything else with the connection. It becomes the caller's responsibility to manage and close the connection. The returned net.Conn may have read or write deadlines already set, depending on the configuration of the Server. It is the caller's responsibility to set or clear those deadlines as needed. The returned bufio.Reader may contain unprocessed buffered data from the client. After a call to Hijack, the original Request.Body must not be used. The original Request's Context remains valid and is not canceled until the Request's ServeHTTP method returns.
Hijack() (net.Conn, *bufio.ReadWriter, error)
}
The CloseNotifier interface is implemented by ResponseWriters which allow detecting when the underlying connection has gone away. This mechanism can be used to cancel long operations on the server if the client has disconnected before the response is ready. Deprecated: the CloseNotifier interface predates Go's context package. New code should use Request.Context instead.
CloseNotify returns a channel that receives at most a single value (true) when the client connection has gone away. CloseNotify may wait to notify until Request.Body has been fully read. After the Handler has returned, there is no guarantee that the channel receives a value. If the protocol is HTTP/1.1 and CloseNotify is called while processing an idempotent request (such a GET) while HTTP/1.1 pipelining is in use, the arrival of a subsequent pipelined request may cause a value to be sent on the returned channel. In practice HTTP/1.1 pipelining is not enabled in browsers and not seen often in the wild. If this is a problem, use HTTP/2 or only use CloseNotify on methods such as POST.
CloseNotify() <-chan bool
}
ServerContextKey is a context key. It can be used in HTTP handlers with Context.Value to access the server that started the handler. The associated value will be of type *Server.
ServerContextKey = &contextKey{"http-server"}
LocalAddrContextKey is a context key. It can be used in HTTP handlers with Context.Value to access the local address the connection arrived on. The associated value will be of type net.Addr.
LocalAddrContextKey = &contextKey{"local-addr"}
)
A conn represents the server side of an HTTP connection.
cancelCtx cancels the connection-level context.
rwc is the underlying network connection. This is never wrapped by other types and is the value given out to CloseNotifier callers. It is usually of type *net.TCPConn or *tls.Conn.
remoteAddr is rwc.RemoteAddr().String(). It is not populated synchronously inside the Listener's Accept goroutine, as some implementations block. It is populated immediately inside the (*conn).serve goroutine. This is the value of a Handler's (*Request).RemoteAddr.
tlsState is the TLS connection state when using TLS. nil means not TLS.
werr is set to the first write error to rwc. It is set via checkConnErrorWriter{w}, where bufw writes.
r is bufr's read source. It's a wrapper around rwc that provides io.LimitedReader-style limiting (while reading request headers) and functionality to support CloseNotifier. See *connReader docs.
lastMethod is the method of the most recent request on this connection, if any.
hijackedv is whether this connection has been hijacked by a Handler with the Hijacker interface. It is guarded by mu.
c.mu must be held.
func ( *conn) () ( net.Conn, *bufio.ReadWriter, error) {
if .hijackedv {
return nil, nil, ErrHijacked
}
.r.abortPendingRead()
.hijackedv = true
= .rwc
.SetDeadline(time.Time{})
= bufio.NewReadWriter(.bufr, bufio.NewWriter())
if .r.hasByte {
if , := .bufr.Peek(.bufr.Buffered() + 1); != nil {
return nil, nil, fmt.Errorf("unexpected Peek failure reading buffered byte: %v", )
}
}
.setState(, StateHijacked, runHooks)
return
}
This should be >= 512 bytes for DetectContentType, but otherwise it's somewhat arbitrary.
const bufferBeforeChunkingSize = 2048
chunkWriter writes to a response's conn buffer, and is the writer wrapped by the response.bufw buffered writer. chunkWriter also is responsible for finalizing the Header, including conditionally setting the Content-Type and setting a Content-Length in cases where the handler's final output is smaller than the buffer size. It also conditionally adds chunk headers, when in chunking mode. See the comment above (*response).Write for the entire write flow.
type chunkWriter struct {
res *response
header is either nil or a deep clone of res.handlerHeader at the time of res.writeHeader, if res.writeHeader is called and extra buffering is being done to calculate Content-Type and/or Content-Length.
wroteHeader tells whether the header's been written to "the wire" (or rather: w.conn.buf). this is unlike (*response).wroteHeader, which tells only whether it was logically written.
set by the writeHeader method:
chunking bool // using chunked transfer encoding for reply body
}
var (
crlf = []byte("\r\n")
colonSpace = []byte(": ")
)
func ( *chunkWriter) ( []byte) ( int, error) {
if !.wroteHeader {
.writeHeader()
}
Eat writes.
return len(), nil
}
if .chunking {
_, = fmt.Fprintf(.res.conn.bufw, "%x\r\n", len())
if != nil {
.res.conn.rwc.Close()
return
}
}
, = .res.conn.bufw.Write()
if .chunking && == nil {
_, = .res.conn.bufw.Write(crlf)
}
if != nil {
.res.conn.rwc.Close()
}
return
}
func ( *chunkWriter) () {
if !.wroteHeader {
.writeHeader(nil)
}
.res.conn.bufw.Flush()
}
func ( *chunkWriter) () {
if !.wroteHeader {
.writeHeader(nil)
}
if .chunking {
zero chunk to mark EOF
.WriteString("0\r\n")
if := .res.finalTrailers(); != nil {
.Write() // the writer handles noting errors
final blank line after the trailers (whether present or not)
.WriteString("\r\n")
}
}
A response represents the server side of an HTTP response.
type response struct {
conn *conn
req *Request // request for this response
reqBody io.ReadCloser
cancelCtx context.CancelFunc // when ServeHTTP exits
wroteHeader bool // reply header has been (logically) written
wroteContinue bool // 100 Continue response was written
wants10KeepAlive bool // HTTP/1.0 w/ Connection "keep-alive"
wantsClose bool // HTTP request has Connection "close"
canWriteContinue is a boolean value accessed as an atomic int32 that says whether or not a 100 Continue header can be written to the connection. writeContinueMu must be held while writing the header. These two fields together synchronize the body reader (the expectContinueReader, which wants to write 100 Continue) against the main writer.
canWriteContinue atomicBool
writeContinueMu sync.Mutex
w *bufio.Writer // buffers output in chunks to chunkWriter
cw chunkWriter
handlerHeader is the Header that Handlers get access to, which may be retained and mutated even after WriteHeader. handlerHeader is copied into cw.header at WriteHeader time, and privately mutated thereafter.
handlerHeader Header
calledHeader bool // handler accessed handlerHeader via Header
written int64 // number of bytes written in body
contentLength int64 // explicitly-declared Content-Length; or -1
status int // status code passed to WriteHeader
close connection after this reply. set on request and updated after response from handler if there's a "Connection: keep-alive" response header and a Content-Length.
requestBodyLimitHit is set by requestTooLarge when maxBytesReader hits its max size. It is checked in WriteHeader, to make sure we don't consume the remaining request body to try to advance to the next HTTP request. Instead, when this is set, we stop reading subsequent requests on this connection and stop reading input from it.
trailers are the headers to be sent after the handler finishes writing the body. This field is initialized from the Trailer response header when the response header is written.
trailers []string
handlerDone atomicBool // set true when the handler exits
Buffers for Date, Content-Length, and status code
closeNotifyCh is the channel returned by CloseNotify. TODO(bradfitz): this is currently (for Go 1.8) always non-nil. Make this lazily-created again as it used to be?
closeNotifyCh chan bool
didCloseNotify int32 // atomic (only 0->1 winner should send)
}
TrailerPrefix is a magic prefix for ResponseWriter.Header map keys that, if present, signals that the map entry is actually for the response trailers, and not the response headers. The prefix is stripped after the ServeHTTP call finishes and the values are sent in the trailers. This mechanism is intended only for trailers that are not known prior to the headers being written. If the set of trailers is fixed or known before the header is written, the normal Go trailers mechanism is preferred: https://golang.org/pkg/net/http/#ResponseWriter https://golang.org/pkg/net/http/#example_ResponseWriter_trailers
const TrailerPrefix = "Trailer:"
finalTrailers is called after the Handler exits and returns a non-nil value if the Handler set any trailers.
func ( *response) () Header {
var Header
for , := range .handlerHeader {
if strings.HasPrefix(, TrailerPrefix) {
if == nil {
= make(Header)
}
[strings.TrimPrefix(, TrailerPrefix)] =
}
}
for , := range .trailers {
if == nil {
= make(Header)
}
for , := range .handlerHeader[] {
.Add(, )
}
}
return
}
type atomicBool int32
func ( *atomicBool) () bool { return atomic.LoadInt32((*int32)()) != 0 }
func ( *atomicBool) () { atomic.StoreInt32((*int32)(), 1) }
func ( *atomicBool) () { atomic.StoreInt32((*int32)(), 0) }
declareTrailer is called for each Trailer header when the response header is written. It notes that a header will need to be written in the trailers at the end of the response.
func ( *response) ( string) {
= CanonicalHeaderKey()
requestTooLarge is called by maxBytesReader when too much input has been read from the client.
func ( *response) () {
.closeAfterReply = true
.requestBodyLimitHit = true
if !.wroteHeader {
.Header().Set("Connection", "close")
}
}
needsSniff reports whether a Content-Type still needs to be sniffed.
func ( *response) () bool {
, := .handlerHeader["Content-Type"]
return !.cw.wroteHeader && ! && .written < sniffLen
}
writerOnly hides an io.Writer value's optional ReadFrom method from io.Copy.
type writerOnly struct {
io.Writer
}
ReadFrom is here to optimize copying from an *os.File regular file to a *net.TCPConn with sendfile, or from a supported src type such as a *net.TCPConn on Linux with splice.
func ( *response) ( io.Reader) ( int64, error) {
:= copyBufPool.Get().(*[]byte)
:= *
defer copyBufPool.Put()
Our underlying w.conn.rwc is usually a *TCPConn (with its own ReadFrom method). If not, just fall back to the normal copy method.
, := .conn.rwc.(io.ReaderFrom)
if ! {
return io.CopyBuffer(writerOnly{}, , )
}
sendfile path:
Do not start actually writing response until src is readable. If body length is <= sniffLen, sendfile/splice path will do little anyway. This small read also satisfies sniffing the body in case Content-Type is missing.
Write the small amount read normally.
Do not send StatusOK in the error case where nothing has been written.
if == nil && !.wroteHeader {
.WriteHeader(StatusOK) // nr == 0, no error (or EOF)
}
if != nil || {
return ,
}
.w.Flush() // get rid of any previous writes
.cw.flush() // make sure Header is written; flush data to rwc
Now that cw has been flushed, its chunking field is guaranteed initialized.
if !.cw.chunking && .bodyAllowed() {
, := .ReadFrom()
+=
.written +=
return ,
}
, := io.Copy(writerOnly{}, )
+=
return ,
}
debugServerConnections controls whether all server connections are wrapped with a verbose logging wrapper.
const debugServerConnections = false
Create new connection from rwc.
func ( *Server) ( net.Conn) *conn {
:= &conn{
server: ,
rwc: ,
}
if debugServerConnections {
.rwc = newLoggingConn("server", .rwc)
}
return
}
type readResult struct {
_ incomparable
n int
err error
b byte // byte read, if n == 1
}
connReader is the io.Reader wrapper used by *conn. It combines a selectively-activated io.LimitedReader (to bound request header read sizes) with support for selectively keeping an io.Reader.Read call blocked in a background goroutine to wait for activity and trigger a CloseNotifier channel.
type connReader struct {
conn *conn
mu sync.Mutex // guards following
hasByte bool
byteBuf [1]byte
cond *sync.Cond
inRead bool
aborted bool // set true before conn.rwc deadline is set to past
remain int64 // bytes remaining
}
func ( *connReader) () {
.mu.Lock()
if .cond == nil {
.cond = sync.NewCond(&.mu)
}
}
func ( *connReader) () { .mu.Unlock() }
func ( *connReader) () {
.lock()
defer .unlock()
if .inRead {
panic("invalid concurrent Body.Read call")
}
if .hasByte {
return
}
.inRead = true
.conn.rwc.SetReadDeadline(time.Time{})
go .backgroundRead()
}
func ( *connReader) () {
, := .conn.rwc.Read(.byteBuf[:])
.lock()
if == 1 {
We were past the end of the previous request's body already (since we wouldn't be in a background read otherwise), so this is a pipelined HTTP request. Prior to Go 1.11 we used to send on the CloseNotify channel and cancel the context here, but the behavior was documented as only "may", and we only did that because that's how CloseNotify accidentally behaved in very early Go releases prior to context support. Once we added context support, people used a Handler's Request.Context() and passed it along. Having that context cancel on pipelined HTTP requests caused problems. Fortunately, almost nothing uses HTTP/1.x pipelining. Unfortunately, apt-get does, or sometimes does. New Go 1.11 behavior: don't fire CloseNotify or cancel contexts on pipelined requests. Shouldn't affect people, but fixes cases like Issue 23921. This does mean that a client closing their TCP connection after sending a pipelined request won't cancel the context, but we'll catch that on any write failure (in checkConnErrorWriter.Write). If the server never writes, yes, there are still contrived server & client behaviors where this fails to ever cancel the context, but that's kinda why HTTP/1.x pipelining died anyway.
}
Ignore this error. It's the expected error from another goroutine calling abortPendingRead.
} else if != nil {
.handleReadError()
}
.aborted = false
.inRead = false
.unlock()
.cond.Broadcast()
}
func ( *connReader) () {
.lock()
defer .unlock()
if !.inRead {
return
}
.aborted = true
.conn.rwc.SetReadDeadline(aLongTimeAgo)
for .inRead {
.cond.Wait()
}
.conn.rwc.SetReadDeadline(time.Time{})
}
func ( *connReader) ( int64) { .remain = }
func ( *connReader) () { .remain = maxInt64 }
func ( *connReader) () bool { return .remain <= 0 }
handleReadError is called whenever a Read from the client returns a non-nil error. The provided non-nil err is almost always io.EOF or a "use of closed network connection". In any case, the error is not particularly interesting, except perhaps for debugging during development. Any error means the connection is dead and we should down its context. It may be called from multiple goroutines.
func ( *connReader) ( error) {
.conn.cancelCtx()
.closeNotify()
}
may be called from multiple goroutines.
func ( *connReader) () {
, := .conn.curReq.Load().(*response)
if != nil && atomic.CompareAndSwapInt32(&.didCloseNotify, 0, 1) {
.closeNotifyCh <- true
}
}
func ( *connReader) ( []byte) ( int, error) {
.lock()
if .inRead {
.unlock()
if .conn.hijacked() {
panic("invalid Body.Read call. After hijacked, the original Request must not be used")
}
panic("invalid concurrent Body.Read call")
}
if .hitReadLimit() {
.unlock()
return 0, io.EOF
}
if len() == 0 {
.unlock()
return 0, nil
}
if int64(len()) > .remain {
= [:.remain]
}
if .hasByte {
[0] = .byteBuf[0]
.hasByte = false
.unlock()
return 1, nil
}
.inRead = true
.unlock()
, = .conn.rwc.Read()
.lock()
.inRead = false
if != nil {
.handleReadError()
}
.remain -= int64()
.unlock()
.cond.Broadcast()
return ,
}
var (
bufioReaderPool sync.Pool
bufioWriter2kPool sync.Pool
bufioWriter4kPool sync.Pool
)
var copyBufPool = sync.Pool{
New: func() interface{} {
:= make([]byte, 32*1024)
return &
},
}
func ( int) *sync.Pool {
switch {
case 2 << 10:
return &bufioWriter2kPool
case 4 << 10:
return &bufioWriter4kPool
}
return nil
}
func ( io.Reader) *bufio.Reader {
if := bufioReaderPool.Get(); != nil {
:= .(*bufio.Reader)
.Reset()
return
Note: if this reader size is ever changed, update TestHandlerBodyClose's assumptions.
return bufio.NewReader()
}
func ( *bufio.Reader) {
.Reset(nil)
bufioReaderPool.Put()
}
func ( io.Writer, int) *bufio.Writer {
:= bufioWriterPool()
if != nil {
if := .Get(); != nil {
:= .(*bufio.Writer)
.Reset()
return
}
}
return bufio.NewWriterSize(, )
}
func ( *bufio.Writer) {
.Reset(nil)
if := bufioWriterPool(.Available()); != nil {
.Put()
}
}
DefaultMaxHeaderBytes is the maximum permitted size of the headers in an HTTP request. This can be overridden by setting Server.MaxHeaderBytes.
const DefaultMaxHeaderBytes = 1 << 20 // 1 MB
func ( *Server) () int {
if .MaxHeaderBytes > 0 {
return .MaxHeaderBytes
}
return DefaultMaxHeaderBytes
}
func ( *Server) () int64 {
return int64(.maxHeaderBytes()) + 4096 // bufio slop
}
wrapper around io.ReadCloser which on first read, sends an HTTP/1.1 100 Continue header
type expectContinueReader struct {
resp *response
readCloser io.ReadCloser
closed atomicBool
sawEOF atomicBool
}
func ( *expectContinueReader) ( []byte) ( int, error) {
if .closed.isSet() {
return 0, ErrBodyReadAfterClose
}
:= .resp
if !.wroteContinue && .canWriteContinue.isSet() && !.conn.hijacked() {
.wroteContinue = true
.writeContinueMu.Lock()
if .canWriteContinue.isSet() {
.conn.bufw.WriteString("HTTP/1.1 100 Continue\r\n\r\n")
.conn.bufw.Flush()
.canWriteContinue.setFalse()
}
.writeContinueMu.Unlock()
}
, = .readCloser.Read()
if == io.EOF {
.sawEOF.setTrue()
}
return
}
func ( *expectContinueReader) () error {
.closed.setTrue()
return .readCloser.Close()
}
TimeFormat is the time format to use when generating times in HTTP headers. It is like time.RFC1123 but hard-codes GMT as the time zone. The time being formatted must be in UTC for Format to generate the correct format. For parsing this time format, see ParseTime.
const TimeFormat = "Mon, 02 Jan 2006 15:04:05 GMT"
appendTime is a non-allocating version of []byte(t.UTC().Format(TimeFormat))
func ( []byte, time.Time) []byte {
const = "SunMonTueWedThuFriSat"
const = "JanFebMarAprMayJunJulAugSepOctNovDec"
= .UTC()
, , := .Date()
, , := .Clock()
:= [3*.Weekday():]
:= [3*(-1):]
return append(,
[0], [1], [2], ',', ' ',
byte('0'+/10), byte('0'+%10), ' ',
[0], [1], [2], ' ',
byte('0'+/1000), byte('0'+(/100)%10), byte('0'+(/10)%10), byte('0'+%10), ' ',
byte('0'+/10), byte('0'+%10), ':',
byte('0'+/10), byte('0'+%10), ':',
byte('0'+/10), byte('0'+%10), ' ',
'G', 'M', 'T')
}
var errTooLarge = errors.New("http: request too large")
Read next request from connection.
func ( *conn) ( context.Context) ( *response, error) {
if .hijacked() {
return nil, ErrHijacked
}
var (
time.Time // or zero if none
time.Time // or zero if none
)
:= time.Now()
if := .server.readHeaderTimeout(); != 0 {
= .Add()
}
if := .server.ReadTimeout; != 0 {
= .Add()
}
.rwc.SetReadDeadline()
if := .server.WriteTimeout; != 0 {
defer func() {
.rwc.SetWriteDeadline(time.Now().Add())
}()
}
.r.setReadLimit(.server.initialReadLimitSize())
RFC 7230 section 3 tolerance for old buggy clients.
, := .bufr.Peek(4) // ReadRequest will get err below
.bufr.Discard(numLeadingCRorLF())
}
, := readRequest(.bufr, keepHostHeader)
if != nil {
if .r.hitReadLimit() {
return nil, errTooLarge
}
return nil,
}
if !http1ServerSupportsRequest() {
return nil, statusError{StatusHTTPVersionNotSupported, "unsupported protocol version"}
}
.lastMethod = .Method
.r.setInfiniteReadLimit()
, := .Header["Host"]
:= .isH2Upgrade()
if .ProtoAtLeast(1, 1) && (! || len() == 0) && ! && .Method != "CONNECT" {
return nil, badRequestError("missing required Host header")
}
if len() > 1 {
return nil, badRequestError("too many Host headers")
}
if len() == 1 && !httpguts.ValidHostHeader([0]) {
return nil, badRequestError("malformed Host header")
}
for , := range .Header {
if !httpguts.ValidHeaderFieldName() {
return nil, badRequestError("invalid header name")
}
for , := range {
if !httpguts.ValidHeaderFieldValue() {
return nil, badRequestError("invalid header value")
}
}
}
delete(.Header, "Host")
, := context.WithCancel()
.ctx =
.RemoteAddr = .remoteAddr
.TLS = .tlsState
if , := .Body.(*body); {
.doEarlyClose = true
}
Adjust the read deadline if necessary.
if !.Equal() {
.rwc.SetReadDeadline()
}
= &response{
conn: ,
cancelCtx: ,
req: ,
reqBody: .Body,
handlerHeader: make(Header),
contentLength: -1,
closeNotifyCh: make(chan bool, 1),
We populate these ahead of time so we're not reading from req.Header after their Handler starts and maybe mutates it (Issue 14940)
wants10KeepAlive: .wantsHttp10KeepAlive(),
wantsClose: .wantsClose(),
}
if {
.closeAfterReply = true
}
.cw.res =
.w = newBufioWriterSize(&.cw, bufferBeforeChunkingSize)
return , nil
}
http1ServerSupportsRequest reports whether Go's HTTP/1.x server supports the given request.
func ( *Request) bool {
if .ProtoMajor == 1 {
return true
Accept "PRI * HTTP/2.0" upgrade requests, so Handlers can wire up their own HTTP/2 upgrades.
if .ProtoMajor == 2 && .ProtoMinor == 0 &&
.Method == "PRI" && .RequestURI == "*" {
return true
Reject HTTP/0.x, and all other HTTP/2+ requests (which aren't encoded in ASCII anyway).
Accessing the header between logically writing it and physically writing it means we need to allocate a clone to snapshot the logically written state.
.cw.header = .handlerHeader.Clone()
}
.calledHeader = true
return .handlerHeader
}
maxPostHandlerReadBytes is the max number of Request.Body bytes not consumed by a handler that the server will read from the client in order to keep a connection alive. If there are more bytes than this then the server to be paranoid instead sends a "Connection: close" response. This number is approximately what a typical machine's TCP buffer size is anyway. (if we have the bytes on the machine, we might as well read them)
const maxPostHandlerReadBytes = 256 << 10
Issue 22880: require valid WriteHeader status codes. For now we only enforce that it's three digits. In the future we might block things over 599 (600 and above aren't defined at https://httpwg.org/specs/rfc7231.html#status.codes) and we might block under 200 (once we have more mature 1xx support). But for now any three digits. We used to send "HTTP/1.1 000 0" on the wire in responses but there's no equivalent bogus thing we can realistically send in HTTP/2, so we'll consistently panic instead and help people find their bugs early. (We can't return an error from WriteHeader even if we wanted to.)
relevantCaller searches the call stack for the first function outside of net/http. The purpose of this function is to provide more helpful error messages.
func () runtime.Frame {
:= make([]uintptr, 16)
:= runtime.Callers(1, )
:= runtime.CallersFrames([:])
var runtime.Frame
for {
, := .Next()
if !strings.HasPrefix(.Function, "net/http.") {
return
}
if ! {
break
}
}
return
}
func ( *response) ( int) {
if .conn.hijacked() {
:= relevantCaller()
.conn.server.logf("http: response.WriteHeader on hijacked connection from %s (%s:%d)", .Function, path.Base(.File), .Line)
return
}
if .wroteHeader {
:= relevantCaller()
.conn.server.logf("http: superfluous response.WriteHeader call from %s (%s:%d)", .Function, path.Base(.File), .Line)
return
}
checkWriteHeaderCode()
.wroteHeader = true
.status =
if .calledHeader && .cw.header == nil {
.cw.header = .handlerHeader.Clone()
}
if := .handlerHeader.get("Content-Length"); != "" {
, := strconv.ParseInt(, 10, 64)
if == nil && >= 0 {
.contentLength =
} else {
.conn.server.logf("http: invalid Content-Length of %q", )
.handlerHeader.Del("Content-Length")
}
}
}
extraHeader is the set of headers sometimes added by chunkWriter.writeHeader. This type is used to avoid extra allocations from cloning and/or populating the response Header map and all its 1-element slices.
type extraHeader struct {
contentType string
connection string
transferEncoding string
date []byte // written if not nil
contentLength []byte // written if not nil
}
Sorted the same as extraHeader.Write's loop.
var extraHeaderKeys = [][]byte{
[]byte("Content-Type"),
[]byte("Connection"),
[]byte("Transfer-Encoding"),
}
var (
headerContentLength = []byte("Content-Length: ")
headerDate = []byte("Date: ")
)
Write writes the headers described in h to w. This method has a value receiver, despite the somewhat large size of h, because it prevents an allocation. The escape analysis isn't smart enough to realize this function doesn't mutate h.
func ( extraHeader) ( *bufio.Writer) {
if .date != nil {
.Write(headerDate)
.Write(.date)
.Write(crlf)
}
if .contentLength != nil {
.Write(headerContentLength)
.Write(.contentLength)
.Write(crlf)
}
for , := range []string{.contentType, .connection, .transferEncoding} {
if != "" {
.Write(extraHeaderKeys[])
.Write(colonSpace)
.WriteString()
.Write(crlf)
}
}
}
writeHeader finalizes the header sent to the client and writes it to cw.res.conn.bufw. p is not written by writeHeader, but is the first chunk of the body that will be written. It is sniffed for a Content-Type if none is set explicitly. It's also used to set the Content-Length, if the total body size was small and the handler has already finished running.
func ( *chunkWriter) ( []byte) {
if .wroteHeader {
return
}
.wroteHeader = true
:= .res
:= .conn.server.doKeepAlives()
:= .req.Method == "HEAD"
header is written out to w.conn.buf below. Depending on the state of the handler, we either own the map or not. If we don't own it, the exclude map is created lazily for WriteSubset to remove headers. The setHeader struct holds headers we need to add.
Don't write out the fake "Trailer:foo" keys. See TrailerPrefix.
If the handler is done but never sent a Content-Length response header and this is our first (and last) write, set it, even to zero. This helps HTTP/1.0 clients keep their "keep-alive" connections alive. Exceptions: 304/204/1xx responses never get Content-Length, and if it was a HEAD request, we don't know the difference between 0 actual bytes and 0 bytes because the handler noticed it was a HEAD request and chose not to write anything. So for HEAD, the handler should either write the Content-Length or write non-zero bytes. If it's actually 0 bytes and the handler never looked at the Request.Method, we just don't send a Content-Length header. Further, we don't send an automatic Content-Length if they set a Transfer-Encoding, because they're generally incompatible.
if .handlerDone.isSet() && ! && ! && bodyAllowedForStatus(.status) && .get("Content-Length") == "" && (! || len() > 0) {
.contentLength = int64(len())
.contentLength = strconv.AppendInt(.res.clenBuf[:0], int64(len()), 10)
}
If this was an HTTP/1.0 request with keep-alive and we sent a Content-Length back, we can make this a keep-alive response ...
if .wants10KeepAlive && {
:= .get("Content-Length") != ""
if && .get("Connection") == "keep-alive" {
.closeAfterReply = false
}
}
Check for an explicit (and valid) Content-Length header.
:= .contentLength != -1
if .wants10KeepAlive && ( || || !bodyAllowedForStatus(.status)) {
, := ["Connection"]
if ! {
.connection = "keep-alive"
}
} else if !.req.ProtoAtLeast(1, 1) || .wantsClose {
.closeAfterReply = true
}
if .get("Connection") == "close" || ! {
.closeAfterReply = true
}
If the client wanted a 100-continue but we never sent it to them (or, more strictly: we never finished reading their request body), don't reuse this connection because it's now in an unknown state: we might be sending this response at the same time the client is now sending its request body after a timeout. (Some HTTP clients send Expect: 100-continue but knowing that some servers don't support it, the clients set a timer and send the body later anyway) If we haven't seen EOF, we can't skip over the unread body because we don't know if the next bytes on the wire will be the body-following-the-timer or the subsequent request. See Issue 11549.
if , := .req.Body.(*expectContinueReader); && !.sawEOF.isSet() {
.closeAfterReply = true
}
Per RFC 2616, we should consume the request body before replying, if the handler hasn't already done so. But we don't want to do an unbounded amount of reading here for DoS reasons, so we only try up to a threshold. TODO(bradfitz): where does RFC 2616 say that? See Issue 15527 about HTTP/1.x Handlers concurrently reading and writing, like HTTP/2 handlers can do. Maybe this code should be relaxed?
if .req.ContentLength != 0 && !.closeAfterReply {
var , bool
switch bdy := .req.Body.(type) {
case *expectContinueReader:
if .resp.wroteContinue {
= true
}
case *body:
.mu.Lock()
switch {
case .closed:
Body was closed in handler with non-EOF error.
.closeAfterReply = true
}
case .unreadDataSizeLocked() >= maxPostHandlerReadBytes:
= true
default:
= true
}
.mu.Unlock()
default:
= true
}
if {
, := io.CopyN(io.Discard, .reqBody, maxPostHandlerReadBytes+1)
switch {
There must be even more data left over.
= true
Body was already consumed and closed.
The remaining body was just consumed, close it.
= .reqBody.Close()
if != nil {
.closeAfterReply = true
}
Some other kind of error occurred, like a read timeout, or corrupt chunked encoding. In any case, whatever remains on the wire must not be parsed as another HTTP request.
.closeAfterReply = true
}
}
if {
.requestTooLarge()
("Connection")
.connection = "close"
}
}
:= .status
If no content type, apply sniffing algorithm to body.
, := ["Content-Type"]
If the Content-Encoding was set and is non-blank, we shouldn't sniff the body. See Issue 31753.
:= .Get("Content-Encoding")
:= len() > 0
if ! && ! && ! && len() > 0 {
.contentType = DetectContentType()
}
} else {
for , := range suppressedHeaders() {
()
}
}
if !.has("Date") {
.date = appendTime(.res.dateBuf[:0], time.Now())
}
TODO: return an error if WriteHeader gets a return parameter For now just ignore the Content-Length.
.conn.server.logf("http: WriteHeader called with both Transfer-Encoding of %q and a Content-Length of %d",
, .contentLength)
("Content-Length")
= false
}
do nothing
} else if == StatusNoContent {
("Transfer-Encoding")
} else if {
("Transfer-Encoding")
HTTP/1.1 or greater: Transfer-Encoding has been set to identity, and no content-length has been provided. The connection must be closed after the reply is written, and no chunking is to be done. This is the setup recommended in the Server-Sent Events candidate recommendation 11, section 8.
if && == "identity" {
.chunking = false
.closeAfterReply = true
HTTP/1.1 or greater: use chunked transfer encoding to avoid closing the connection at EOF.
.chunking = true
.transferEncoding = "chunked"
We will send the chunked Transfer-Encoding header later.
("Transfer-Encoding")
}
}
HTTP version < 1.1: cannot do chunked transfer encoding and we don't know the Content-Length so signal EOF by closing connection.
.closeAfterReply = true
("Transfer-Encoding") // in case already set
}
Cannot use Content-Length with non-identity Transfer-Encoding.
if .chunking {
("Content-Length")
}
if !.req.ProtoAtLeast(1, 0) {
return
}
Only override the Connection header if it is not a successful protocol switch response and if KeepAlives are not enabled. See https://golang.org/issue/36381.
:= .closeAfterReply &&
(! || !hasToken(.header.get("Connection"), "close")) &&
!isProtocolSwitchResponse(.status, )
if {
("Connection")
if .req.ProtoAtLeast(1, 1) {
.connection = "close"
}
}
writeStatusLine(.conn.bufw, .req.ProtoAtLeast(1, 1), , .statusBuf[:])
.header.WriteSubset(.conn.bufw, )
.Write(.conn.bufw)
.conn.bufw.Write(crlf)
}
foreachHeaderElement splits v according to the "#rule" construction in RFC 7230 section 7 and calls fn for each non-empty element.
func ( string, func(string)) {
= textproto.TrimString()
if == "" {
return
}
if !strings.Contains(, ",") {
()
return
}
for , := range strings.Split(, ",") {
if = textproto.TrimString(); != "" {
()
}
}
}
writeStatusLine writes an HTTP/1.x Status-Line (RFC 7230 Section 3.1.2) to bw. is11 is whether the HTTP request is HTTP/1.1. false means HTTP/1.0. code is the response status code. scratch is an optional scratch buffer. If it has at least capacity 3, it's used.
func ( *bufio.Writer, bool, int, []byte) {
if {
.WriteString("HTTP/1.1 ")
} else {
.WriteString("HTTP/1.0 ")
}
if , := statusText[]; {
.Write(strconv.AppendInt([:0], int64(), 10))
.WriteByte(' ')
.WriteString()
.WriteString("\r\n")
bodyAllowed reports whether a Write is allowed for this response type. It's illegal to call this before the header has been flushed.
func ( *response) () bool {
if !.wroteHeader {
panic("")
}
return bodyAllowedForStatus(.status)
}
The Life Of A Write is like this: Handler starts. No header has been sent. The handler can either write a header, or just start writing. Writing before sending a header sends an implicitly empty 200 OK header. If the handler didn't declare a Content-Length up front, we either go into chunking mode or, if the handler finishes running before the chunking buffer size, we compute a Content-Length and send that in the header instead. Likewise, if the handler didn't set a Content-Type, we sniff that from the initial chunk of output. The Writers are wired together like: 1. *response (the ResponseWriter) -> 2. (*response).w, a *bufio.Writer of bufferBeforeChunkingSize bytes 3. chunkWriter.Writer (whose writeHeader finalizes Content-Length/Type) and which writes the chunk headers, if needed. 4. conn.buf, a bufio.Writer of default (4kB) bytes, writing to -> 5. checkConnErrorWriter{c}, which notes any non-nil error on Write and populates c.werr with it if so. but otherwise writes to: 6. the rwc, the net.Conn. TODO(bradfitz): short-circuit some of the buffering when the initial header contains both a Content-Type and Content-Length. Also short-circuit in (1) when the header's been sent and not in chunking mode, writing directly to (4) instead, if (2) has no buffered data. More generally, we could short-circuit from (1) to (3) even in chunking mode if the write size from (1) is over some threshold and nothing is in (2). The answer might be mostly making bufferBeforeChunkingSize smaller and having bufio's fast-paths deal with this instead.
either dataB or dataS is non-zero.
Body reader wants to write 100 Continue but hasn't yet. Tell it not to. The store must be done while holding the lock because the lock makes sure that there is not an active write this very moment.
.writeContinueMu.Lock()
.canWriteContinue.setFalse()
.writeContinueMu.Unlock()
}
if !.wroteHeader {
.WriteHeader(StatusOK)
}
if == 0 {
return 0, nil
}
if !.bodyAllowed() {
return 0, ErrBodyNotAllowed
}
.written += int64() // ignoring errors, for errorKludge
if .contentLength != -1 && .written > .contentLength {
return 0, ErrContentLength
}
if != nil {
return .w.Write()
} else {
return .w.WriteString()
}
}
func ( *response) () {
.handlerDone.setTrue()
if !.wroteHeader {
.WriteHeader(StatusOK)
}
.w.Flush()
putBufioWriter(.w)
.cw.close()
.conn.bufw.Flush()
.conn.r.abortPendingRead()
Close the body (regardless of w.closeAfterReply) so we can re-use its bufio.Reader later safely.
.reqBody.Close()
if .req.MultipartForm != nil {
.req.MultipartForm.RemoveAll()
}
}
shouldReuseConnection reports whether the underlying TCP connection can be reused. It must only be called after the handler is done executing.
The request or something set while executing the handler indicated we shouldn't reuse this connection.
return false
}
Did not write enough. Avoid getting out of sync.
return false
}
There was some error writing to the underlying connection during the request, so don't re-use this conn.
Steal the bufio.Reader (~4KB worth of memory) and its associated reader for a future connection.
Steal the bufio.Writer (~4KB worth of memory) and its associated writer for a future connection.
putBufioWriter(.bufw)
.bufw = nil
}
}
Close the connection.
func ( *conn) () {
.finalFlush()
.rwc.Close()
}
rstAvoidanceDelay is the amount of time we sleep after closing the write side of a TCP connection before closing the entire socket. By sleeping, we increase the chances that the client sees our FIN and processes its final data before they process the subsequent RST from closing a connection with known unread data. This RST seems to occur mostly on BSD systems. (And Windows?) This timeout is somewhat arbitrary (~latency around the planet).
const rstAvoidanceDelay = 500 * time.Millisecond
type closeWriter interface {
CloseWrite() error
}
var _ closeWriter = (*net.TCPConn)(nil)
closeWrite flushes any outstanding data and sends a FIN packet (if client is connected via TCP), signalling that we're done. We then pause for a bit, hoping the client processes it before any subsequent RST. See https://golang.org/issue/3595
func ( *conn) () {
.finalFlush()
if , := .rwc.(closeWriter); {
.CloseWrite()
}
time.Sleep(rstAvoidanceDelay)
}
validNextProto reports whether the proto is a valid ALPN protocol name. Everything is valid except the empty string and built-in protocol types, so that those can't be overridden with alternate implementations.
func ( string) bool {
switch {
case "", "http/1.1", "http/1.0":
return false
}
return true
}
const (
runHooks = true
skipHooks = false
)
func ( *conn) ( net.Conn, ConnState, bool) {
:= .server
switch {
case StateNew:
.trackConn(, true)
case StateHijacked, StateClosed:
.trackConn(, false)
}
if > 0xff || < 0 {
panic("internal error")
}
:= uint64(time.Now().Unix()<<8) | uint64()
atomic.StoreUint64(&.curState.atomic, )
if ! {
return
}
if := .ConnState; != nil {
(, )
}
}
func ( *conn) () ( ConnState, int64) {
:= atomic.LoadUint64(&.curState.atomic)
return ConnState( & 0xff), int64( >> 8)
}
badRequestError is a literal string (used by in the server in HTML, unescaped) to tell the user why their request was bad. It should be plain text without user info or other embedded errors.
func ( string) error { return statusError{StatusBadRequest, } }
statusError is an error used to respond to a request with an HTTP status. The text should be plain text without user info or other embedded errors.
type statusError struct {
code int
text string
}
func ( statusError) () string { return StatusText(.code) + ": " + .text }
ErrAbortHandler is a sentinel panic value to abort a handler. While any panic from ServeHTTP aborts the response to the client, panicking with ErrAbortHandler also suppresses logging of a stack trace to the server's error log.
var ErrAbortHandler = errors.New("net/http: abort Handler")
isCommonNetReadError reports whether err is a common error encountered during reading a request off the network when the client has gone away or had its read fail somehow. This is used to determine which logs are interesting enough to log about.
Serve a new connection.
func ( *conn) ( context.Context) {
.remoteAddr = .rwc.RemoteAddr().String()
= context.WithValue(, LocalAddrContextKey, .rwc.LocalAddr())
defer func() {
if := recover(); != nil && != ErrAbortHandler {
const = 64 << 10
:= make([]byte, )
= [:runtime.Stack(, false)]
.server.logf("http: panic serving %v: %v\n%s", .remoteAddr, , )
}
if !.hijacked() {
.close()
.setState(.rwc, StateClosed, runHooks)
}
}()
if , := .rwc.(*tls.Conn); {
if := .server.ReadTimeout; != 0 {
.rwc.SetReadDeadline(time.Now().Add())
}
if := .server.WriteTimeout; != 0 {
.rwc.SetWriteDeadline(time.Now().Add())
}
If the handshake failed due to the client not speaking TLS, assume they're speaking plaintext HTTP and write a 400 response on the TLS conn's underlying net.Conn.
if , := .(tls.RecordHeaderError); && .Conn != nil && tlsRecordHeaderLooksLikeHTTP(.RecordHeader) {
io.WriteString(.Conn, "HTTP/1.0 400 Bad Request\r\n\r\nClient sent an HTTP request to an HTTPS server.\n")
.Conn.Close()
return
}
.server.logf("http: TLS handshake error from %s: %v", .rwc.RemoteAddr(), )
return
}
.tlsState = new(tls.ConnectionState)
*.tlsState = .ConnectionState()
if := .tlsState.NegotiatedProtocol; validNextProto() {
if := .server.TLSNextProto[]; != nil {
Mark freshly created HTTP/2 as active and prevent any server state hooks from being run on these connections. This prevents closeIdleConns from closing such connections. See issue https://golang.org/issue/39776.
.setState(.rwc, StateActive, skipHooks)
(.server, , )
}
return
}
}
HTTP/1.x from here on.
, := context.WithCancel()
.cancelCtx =
defer ()
.r = &connReader{conn: }
.bufr = newBufioReader(.r)
.bufw = newBufioWriterSize(checkConnErrorWriter{}, 4<<10)
for {
, := .readRequest()
If we read any bytes off the wire, we're active.
.setState(.rwc, StateActive, runHooks)
}
if != nil {
const = "\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: close\r\n\r\n"
switch {
Their HTTP client may or may not be able to read this if we're responding to them and hanging up while they're still writing their request. Undefined behavior.
const = "431 Request Header Fields Too Large"
fmt.Fprintf(.rwc, "HTTP/1.1 "+++)
.closeWriteAndWait()
return
Respond as per RFC 7230 Section 3.3.1 which says, A server that receives a request message with a transfer coding it does not understand SHOULD respond with 501 (Unimplemented).
We purposefully aren't echoing back the transfer-encoding's value, so as to mitigate the risk of cross side scripting by an attacker.
fmt.Fprintf(.rwc, "HTTP/1.1 %d %s%sUnsupported transfer encoding", , StatusText(), )
return
case isCommonNetReadError():
return // don't reply
default:
if , := .(statusError); {
fmt.Fprintf(.rwc, "HTTP/1.1 %d %s: %s%s%d %s: %s", .code, StatusText(.code), .text, , .code, StatusText(.code), .text)
return
}
:= "400 Bad Request"
fmt.Fprintf(.rwc, "HTTP/1.1 "+++)
return
}
}
Expect 100 Continue support
:= .req
if .expectsContinue() {
Wrap the Body reader with one that replies on the connection
.Body = &expectContinueReader{readCloser: .Body, resp: }
.canWriteContinue.setTrue()
}
} else if .Header.get("Expect") != "" {
.sendExpectationFailed()
return
}
.curReq.Store()
if requestBodyRemains(.Body) {
registerOnHitEOF(.Body, .conn.r.startBackgroundRead)
} else {
.conn.r.startBackgroundRead()
}
HTTP cannot have multiple simultaneous active requests.[*] Until the server replies to this request, it can't read another, so we might as well run the handler in this goroutine. [*] Not strictly true: HTTP pipelining. We could let them all process in parallel even if their responses need to be serialized. But we're not going to implement HTTP pipelining because it was never deployed in the wild and the answer is HTTP/2.
serverHandler{.server}.ServeHTTP(, .req)
.cancelCtx()
if .hijacked() {
return
}
.finishRequest()
if !.shouldReuseConnection() {
if .requestBodyLimitHit || .closedRequestBodyEarly() {
.closeWriteAndWait()
}
return
}
.setState(.rwc, StateIdle, runHooks)
.curReq.Store((*response)(nil))
We're in shutdown mode. We might've replied to the user without "Connection: close" and they might think they can send another request, but such is life with HTTP/1.1.
return
}
if := .server.idleTimeout(); != 0 {
.rwc.SetReadDeadline(time.Now().Add())
if , := .bufr.Peek(4); != nil {
return
}
}
.rwc.SetReadDeadline(time.Time{})
}
}
TODO(bradfitz): let ServeHTTP handlers handle requests with non-standard expectation[s]? Seems theoretical at best, and doesn't fit into the current ServeHTTP model anyway. We'd need to make the ResponseWriter an optional "ExpectReplier" interface or something. For now we'll just obey RFC 7231 5.1.1 which says "A server that receives an Expect field-value other than 100-continue MAY respond with a 417 (Expectation Failed) status code to indicate that the unexpected expectation cannot be met."
.Header().Set("Connection", "close")
.WriteHeader(StatusExpectationFailed)
.finishRequest()
}
Hijack implements the Hijacker.Hijack method. Our response is both a ResponseWriter and a Hijacker.
Release the bufioWriter that writes to the chunk writer, it is not used after a connection has been hijacked.
, , = .hijackLocked()
if == nil {
putBufioWriter(.w)
.w = nil
}
return , ,
}
func ( *response) () <-chan bool {
if .handlerDone.isSet() {
panic("net/http: CloseNotify called after ServeHTTP finished")
}
return .closeNotifyCh
}
func ( io.ReadCloser, func()) {
switch v := .(type) {
case *expectContinueReader:
(.readCloser, )
case *body:
.registerOnHitEOF()
default:
panic("unexpected type " + fmt.Sprintf("%T", ))
}
}
requestBodyRemains reports whether future calls to Read on rc might yield more data.
func ( io.ReadCloser) bool {
if == NoBody {
return false
}
switch v := .(type) {
case *expectContinueReader:
return (.readCloser)
case *body:
return .bodyRemains()
default:
panic("unexpected type " + fmt.Sprintf("%T", ))
}
}
The HandlerFunc type is an adapter to allow the use of ordinary functions as HTTP handlers. If f is a function with the appropriate signature, HandlerFunc(f) is a Handler that calls f.
type HandlerFunc func(ResponseWriter, *Request)
ServeHTTP calls f(w, r).
func ( HandlerFunc) ( ResponseWriter, *Request) {
(, )
}
Helper handlers
Error replies to the request with the specified error message and HTTP code. It does not otherwise end the request; the caller should ensure no further writes are done to w. The error message should be plain text.
func ( ResponseWriter, string, int) {
.Header().Set("Content-Type", "text/plain; charset=utf-8")
.Header().Set("X-Content-Type-Options", "nosniff")
.WriteHeader()
fmt.Fprintln(, )
}
NotFound replies to the request with an HTTP 404 not found error.
func ( ResponseWriter, *Request) { Error(, "404 page not found", StatusNotFound) }
NotFoundHandler returns a simple request handler that replies to each request with a ``404 page not found'' reply.
func () Handler { return HandlerFunc(NotFound) }
StripPrefix returns a handler that serves HTTP requests by removing the given prefix from the request URL's Path (and RawPath if set) and invoking the handler h. StripPrefix handles a request for a path that doesn't begin with prefix by replying with an HTTP 404 not found error. The prefix must match exactly: if the prefix in the request contains escaped characters the reply is also an HTTP 404 not found error.
func ( string, Handler) Handler {
if == "" {
return
}
return HandlerFunc(func( ResponseWriter, *Request) {
:= strings.TrimPrefix(.URL.Path, )
:= strings.TrimPrefix(.URL.RawPath, )
if len() < len(.URL.Path) && (.URL.RawPath == "" || len() < len(.URL.RawPath)) {
:= new(Request)
* = *
.URL = new(url.URL)
*.URL = *.URL
.URL.Path =
.URL.RawPath =
.ServeHTTP(, )
} else {
NotFound(, )
}
})
}
Redirect replies to the request with a redirect to url, which may be a path relative to the request path. The provided code should be in the 3xx range and is usually StatusMovedPermanently, StatusFound or StatusSeeOther. If the Content-Type header has not been set, Redirect sets it to "text/html; charset=utf-8" and writes a small HTML body. Setting the Content-Type header to any value, including nil, disables that behavior.
func ( ResponseWriter, *Request, string, int) {
If url was relative, make its path absolute by combining with request path. The client would probably do this for us, but doing it ourselves is more reliable. See RFC 7231, section 7.1.2
no leading http://server
make relative path absolute
clean up but preserve trailing slash
RFC 7231 notes that a short HTML body is usually included in the response because older user agents may not understand 301/307. Do it only if the request didn't already have a Content-Type header.
, := ["Content-Type"]
.Set("Location", hexEscapeNonASCII())
if ! && (.Method == "GET" || .Method == "HEAD") {
.Set("Content-Type", "text/html; charset=utf-8")
}
.WriteHeader()
Shouldn't send the body for POST or HEAD; that leaves GET.
if ! && .Method == "GET" {
:= "<a href=\"" + htmlEscape() + "\">" + statusText[] + "</a>.\n"
fmt.Fprintln(, )
}
}
var htmlReplacer = strings.NewReplacer(
"&", "&",
"<", "<",
""" is shorter than """.
"'" is shorter than "'" and apos was not in HTML until HTML5.
"'", "'",
)
func ( string) string {
return htmlReplacer.Replace()
}
Redirect to a fixed URL
type redirectHandler struct {
url string
code int
}
func ( *redirectHandler) ( ResponseWriter, *Request) {
Redirect(, , .url, .code)
}
RedirectHandler returns a request handler that redirects each request it receives to the given url using the given status code. The provided code should be in the 3xx range and is usually StatusMovedPermanently, StatusFound or StatusSeeOther.
func ( string, int) Handler {
return &redirectHandler{, }
}
ServeMux is an HTTP request multiplexer. It matches the URL of each incoming request against a list of registered patterns and calls the handler for the pattern that most closely matches the URL. Patterns name fixed, rooted paths, like "/favicon.ico", or rooted subtrees, like "/images/" (note the trailing slash). Longer patterns take precedence over shorter ones, so that if there are handlers registered for both "/images/" and "/images/thumbnails/", the latter handler will be called for paths beginning "/images/thumbnails/" and the former will receive requests for any other paths in the "/images/" subtree. Note that since a pattern ending in a slash names a rooted subtree, the pattern "/" matches all paths not matched by other registered patterns, not just the URL with Path == "/". If a subtree has been registered and a request is received naming the subtree root without its trailing slash, ServeMux redirects that request to the subtree root (adding the trailing slash). This behavior can be overridden with a separate registration for the path without the trailing slash. For example, registering "/images/" causes ServeMux to redirect a request for "/images" to "/images/", unless "/images" has been registered separately. Patterns may optionally begin with a host name, restricting matches to URLs on that host only. Host-specific patterns take precedence over general patterns, so that a handler might register for the two patterns "/codesearch" and "codesearch.google.com/" without also taking over requests for "http://www.google.com/". ServeMux also takes care of sanitizing the URL request path and the Host header, stripping the port number and redirecting any request containing . or .. elements or repeated slashes to an equivalent, cleaner URL.
DefaultServeMux is the default ServeMux used by Serve.
var DefaultServeMux = &defaultServeMux
var defaultServeMux ServeMux
cleanPath returns the canonical path for p, eliminating . and .. elements.
path.Clean removes trailing slash except for root; put the trailing slash back if necessary.
Fast path for common case of p being the string we want:
stripHostPort returns h without any trailing ":<port>".
If no port on host, return unchanged
if strings.IndexByte(, ':') == -1 {
return
}
, , := net.SplitHostPort()
if != nil {
return // on error, return unchanged
}
return
}
Find a handler on a handler map given a path string. Most-specific (longest) pattern wins.
Check for longest valid match. mux.es contains all patterns that end in / sorted from longest to shortest.
redirectToPathSlash determines if the given path needs appending "/" to it. This occurs when a handler for path + "/" was already registered, but not for path itself. If the path needs appending to, it creates a new URL, setting the path to u.Path + "/" and returning true to indicate so.
shouldRedirectRLocked reports whether the given path and host should be redirected to path+"/". This should happen if a handler is registered for path+"/" but not path -- see comments at ServeMux.
Handler returns the handler to use for the given request, consulting r.Method, r.Host, and r.URL.Path. It always returns a non-nil handler. If the path is not in its canonical form, the handler will be an internally-generated handler that redirects to the canonical path. If the host contains a port, it is ignored when matching handlers. The path and host are used unchanged for CONNECT requests. Handler also returns the registered pattern that matches the request or, in the case of internally-generated redirects, the pattern that will match after following the redirect. If there is no registered handler that applies to the request, Handler returns a ``page not found'' handler and an empty pattern.
CONNECT requests are not canonicalized.
If r.URL.Path is /tree and its handler is not registered, the /tree -> /tree/ redirect applies to CONNECT requests but the path canonicalization does not.
if , := .redirectToPathSlash(.URL.Host, .URL.Path, .URL); {
return RedirectHandler(.String(), StatusMovedPermanently), .Path
}
return .handler(.Host, .URL.Path)
}
All other requests have any port stripped and path cleaned before passing to mux.handler.
:= stripHostPort(.Host)
:= cleanPath(.URL.Path)
If the given path is /tree and its handler is not registered, redirect for /tree/.
if , := .redirectToPathSlash(, , .URL); {
return RedirectHandler(.String(), StatusMovedPermanently), .Path
}
if != .URL.Path {
_, = .handler(, )
:= *.URL
.Path =
return RedirectHandler(.String(), StatusMovedPermanently),
}
return .handler(, .URL.Path)
}
handler is the main implementation of Handler. The path is known to be in canonical form, except for CONNECT methods.
Host-specific pattern takes precedence over generic ones
ServeHTTP dispatches the request to the handler whose pattern most closely matches the request URL.
func ( *ServeMux) ( ResponseWriter, *Request) {
if .RequestURI == "*" {
if .ProtoAtLeast(1, 1) {
.Header().Set("Connection", "close")
}
.WriteHeader(StatusBadRequest)
return
}
, := .Handler()
.ServeHTTP(, )
}
Handle registers the handler for the given pattern. If a handler already exists for pattern, Handle panics.
func ( *ServeMux) ( string, Handler) {
.mu.Lock()
defer .mu.Unlock()
if == "" {
panic("http: invalid pattern")
}
if == nil {
panic("http: nil handler")
}
if , := .m[]; {
panic("http: multiple registrations for " + )
}
if .m == nil {
.m = make(map[string]muxEntry)
}
:= muxEntry{h: , pattern: }
.m[] =
if [len()-1] == '/' {
.es = appendSorted(.es, )
}
if [0] != '/' {
.hosts = true
}
}
func ( []muxEntry, muxEntry) []muxEntry {
:= len()
:= sort.Search(, func( int) bool {
return len([].pattern) < len(.pattern)
})
if == {
return append(, )
we now know that i points at where we want to insert
HandleFunc registers the handler function for the given pattern.
func ( *ServeMux) ( string, func(ResponseWriter, *Request)) {
if == nil {
panic("http: nil handler")
}
.Handle(, HandlerFunc())
}
Handle registers the handler for the given pattern in the DefaultServeMux. The documentation for ServeMux explains how patterns are matched.
func ( string, Handler) { DefaultServeMux.Handle(, ) }
HandleFunc registers the handler function for the given pattern in the DefaultServeMux. The documentation for ServeMux explains how patterns are matched.
func ( string, func(ResponseWriter, *Request)) {
DefaultServeMux.HandleFunc(, )
}
Serve accepts incoming HTTP connections on the listener l, creating a new service goroutine for each. The service goroutines read requests and then call handler to reply to them. The handler is typically nil, in which case the DefaultServeMux is used. HTTP/2 support is only enabled if the Listener returns *tls.Conn connections and they were configured with "h2" in the TLS Config.NextProtos. Serve always returns a non-nil error.
ServeTLS accepts incoming HTTPS connections on the listener l, creating a new service goroutine for each. The service goroutines read requests and then call handler to reply to them. The handler is typically nil, in which case the DefaultServeMux is used. Additionally, files containing a certificate and matching private key for the server must be provided. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate. ServeTLS always returns a non-nil error.
A Server defines parameters for running an HTTP server. The zero value for Server is a valid configuration.
Addr optionally specifies the TCP address for the server to listen on, in the form "host:port". If empty, ":http" (port 80) is used. The service names are defined in RFC 6335 and assigned by IANA. See net.Dial for details of the address format.
TLSConfig optionally provides a TLS configuration for use by ServeTLS and ListenAndServeTLS. Note that this value is cloned by ServeTLS and ListenAndServeTLS, so it's not possible to modify the configuration with methods like tls.Config.SetSessionTicketKeys. To use SetSessionTicketKeys, use Server.Serve with a TLS Listener instead.
ReadTimeout is the maximum duration for reading the entire request, including the body. Because ReadTimeout does not let Handlers make per-request decisions on each request body's acceptable deadline or upload rate, most users will prefer to use ReadHeaderTimeout. It is valid to use them both.
ReadHeaderTimeout is the amount of time allowed to read request headers. The connection's read deadline is reset after reading the headers and the Handler can decide what is considered too slow for the body. If ReadHeaderTimeout is zero, the value of ReadTimeout is used. If both are zero, there is no timeout.
WriteTimeout is the maximum duration before timing out writes of the response. It is reset whenever a new request's header is read. Like ReadTimeout, it does not let Handlers make decisions on a per-request basis.
IdleTimeout is the maximum amount of time to wait for the next request when keep-alives are enabled. If IdleTimeout is zero, the value of ReadTimeout is used. If both are zero, there is no timeout.
MaxHeaderBytes controls the maximum number of bytes the server will read parsing the request header's keys and values, including the request line. It does not limit the size of the request body. If zero, DefaultMaxHeaderBytes is used.
TLSNextProto optionally specifies a function to take over ownership of the provided TLS connection when an ALPN protocol upgrade has occurred. The map key is the protocol name negotiated. The Handler argument should be used to handle HTTP requests and will initialize the Request's TLS and RemoteAddr if not already set. The connection is automatically closed when the function returns. If TLSNextProto is not nil, HTTP/2 support is not enabled automatically.
ConnState specifies an optional callback function that is called when a client connection changes state. See the ConnState type and associated constants for details.
ErrorLog specifies an optional logger for errors accepting connections, unexpected behavior from handlers, and underlying FileSystem errors. If nil, logging is done via the log package's standard logger.
BaseContext optionally specifies a function that returns the base context for incoming requests on this server. The provided Listener is the specific Listener that's about to start accepting requests. If BaseContext is nil, the default is context.Background(). If non-nil, it must return a non-nil context.
BaseContext func(net.Listener) context.Context
ConnContext optionally specifies a function that modifies the context used for a new connection c. The provided ctx is derived from the base context and has a ServerContextKey value.
ConnContext func(ctx context.Context, c net.Conn) context.Context
inShutdown atomicBool // true when when server is in shutdown
disableKeepAlives int32 // accessed atomically.
nextProtoOnce sync.Once // guards setupHTTP2_* init
nextProtoErr error // result of http2.ConfigureServer if used
mu sync.Mutex
listeners map[*net.Listener]struct{}
activeConn map[*conn]struct{}
doneChan chan struct{}
onShutdown []func()
}
func ( *Server) () <-chan struct{} {
.mu.Lock()
defer .mu.Unlock()
return .getDoneChanLocked()
}
func ( *Server) () chan struct{} {
if .doneChan == nil {
.doneChan = make(chan struct{})
}
return .doneChan
}
func ( *Server) () {
:= .getDoneChanLocked()
select {
Already closed. Don't close again.
Safe to close here. We're the only closer, guarded by s.mu.
close()
}
}
Close immediately closes all active net.Listeners and any connections in state StateNew, StateActive, or StateIdle. For a graceful shutdown, use Shutdown. Close does not attempt to close (and does not even know about) any hijacked connections, such as WebSockets. Close returns any error returned from closing the Server's underlying Listener(s).
func ( *Server) () error {
.inShutdown.setTrue()
.mu.Lock()
defer .mu.Unlock()
.closeDoneChanLocked()
:= .closeListenersLocked()
for := range .activeConn {
.rwc.Close()
delete(.activeConn, )
}
return
}
shutdownPollIntervalMax is the max polling interval when checking quiescence during Server.Shutdown. Polling starts with a small interval and backs off to the max. Ideally we could find a solution that doesn't involve polling, but which also doesn't have a high runtime cost (and doesn't involve any contentious mutexes), but that is left as an exercise for the reader.
const shutdownPollIntervalMax = 500 * time.Millisecond
Shutdown gracefully shuts down the server without interrupting any active connections. Shutdown works by first closing all open listeners, then closing all idle connections, and then waiting indefinitely for connections to return to idle and then shut down. If the provided context expires before the shutdown is complete, Shutdown returns the context's error, otherwise it returns any error returned from closing the Server's underlying Listener(s). When Shutdown is called, Serve, ListenAndServe, and ListenAndServeTLS immediately return ErrServerClosed. Make sure the program doesn't exit and waits instead for Shutdown to return. Shutdown does not attempt to close nor wait for hijacked connections such as WebSockets. The caller of Shutdown should separately notify such long-lived connections of shutdown and wait for them to close, if desired. See RegisterOnShutdown for a way to register shutdown notification functions. Once Shutdown has been called on a server, it may not be reused; future calls to methods such as Serve will return ErrServerClosed.
func ( *Server) ( context.Context) error {
.inShutdown.setTrue()
.mu.Lock()
:= .closeListenersLocked()
.closeDoneChanLocked()
for , := range .onShutdown {
go ()
}
.mu.Unlock()
:= time.Millisecond
Add 10% jitter.
Double and clamp for next time.
*= 2
if > shutdownPollIntervalMax {
= shutdownPollIntervalMax
}
return
}
:= time.NewTimer(())
defer .Stop()
for {
if .closeIdleConns() && .numListeners() == 0 {
return
}
select {
case <-.Done():
return .Err()
case <-.C:
.Reset(())
}
}
}
RegisterOnShutdown registers a function to call on Shutdown. This can be used to gracefully shutdown connections that have undergone ALPN protocol upgrade or that have been hijacked. This function should start protocol-specific graceful shutdown, but should not wait for shutdown to complete.
closeIdleConns closes all idle connections and reports whether the server is quiescent.
Issue 22682: treat StateNew connections as if they're idle if we haven't read the first request's header in over 5 seconds.
Assume unixSec == 0 means it's a very new connection, without state set yet.
A ConnState represents the state of a client connection to a server. It's used by the optional Server.ConnState hook.
StateNew represents a new connection that is expected to send a request immediately. Connections begin at this state and then transition to either StateActive or StateClosed.
StateActive represents a connection that has read 1 or more bytes of a request. The Server.ConnState hook for StateActive fires before the request has entered a handler and doesn't fire again until the request has been handled. After the request is handled, the state transitions to StateClosed, StateHijacked, or StateIdle. For HTTP/2, StateActive fires on the transition from zero to one active request, and only transitions away once all active requests are complete. That means that ConnState cannot be used to do per-request work; ConnState only notes the overall state of the connection.
StateIdle represents a connection that has finished handling a request and is in the keep-alive state, waiting for a new request. Connections transition from StateIdle to either StateActive or StateClosed.
StateHijacked represents a hijacked connection. This is a terminal state. It does not transition to StateClosed.
StateClosed represents a closed connection. This is a terminal state. Hijacked connections do not transition to StateClosed.
StateClosed
)
var stateName = map[ConnState]string{
StateNew: "new",
StateActive: "active",
StateIdle: "idle",
StateHijacked: "hijacked",
StateClosed: "closed",
}
func ( ConnState) () string {
return stateName[]
}
serverHandler delegates to either the server's Handler or DefaultServeMux and also handles "OPTIONS *" requests.
type serverHandler struct {
srv *Server
}
func ( serverHandler) ( ResponseWriter, *Request) {
:= .srv.Handler
if == nil {
= DefaultServeMux
}
if .RequestURI == "*" && .Method == "OPTIONS" {
= globalOptionsHandler{}
}
.ServeHTTP(, )
}
ListenAndServe listens on the TCP network address srv.Addr and then calls Serve to handle requests on incoming connections. Accepted connections are configured to enable TCP keep-alives. If srv.Addr is blank, ":http" is used. ListenAndServe always returns a non-nil error. After Shutdown or Close, the returned error is ErrServerClosed.
func ( *Server) () error {
if .shuttingDown() {
return ErrServerClosed
}
:= .Addr
if == "" {
= ":http"
}
, := net.Listen("tcp", )
if != nil {
return
}
return .Serve()
}
var testHookServerServe func(*Server, net.Listener) // used if non-nil
shouldDoServeHTTP2 reports whether Server.Serve should configure automatic HTTP/2. (which sets up the srv.TLSNextProto map)
Compatibility with Go 1.6: If there's no TLSConfig, it's possible that the user just didn't set it on the http.Server, but did pass it to tls.NewListener and passed that listener to Serve. So we should configure HTTP/2 (to set up srv.TLSNextProto) in case the listener returns an "h2" *tls.Conn.
return true
The user specified a TLSConfig on their http.Server. In this, case, only configure HTTP/2 if their tls.Config explicitly mentions "h2". Otherwise http2.ConfigureServer would modify the tls.Config to add it, but they probably already passed this tls.Config to tls.NewListener. And if they did, it's too late anyway to fix it. It would only be potentially racy. See Issue 15908.
return strSliceContains(.TLSConfig.NextProtos, http2NextProtoTLS)
}
ErrServerClosed is returned by the Server's Serve, ServeTLS, ListenAndServe, and ListenAndServeTLS methods after a call to Shutdown or Close.
var ErrServerClosed = errors.New("http: Server closed")
Serve accepts incoming connections on the Listener l, creating a new service goroutine for each. The service goroutines read requests and then call srv.Handler to reply to them. HTTP/2 support is only enabled if the Listener returns *tls.Conn connections and they were configured with "h2" in the TLS Config.NextProtos. Serve always returns a non-nil error and closes l. After Shutdown or Close, the returned error is ErrServerClosed.
func ( *Server) ( net.Listener) error {
if := testHookServerServe; != nil {
(, ) // call hook with unwrapped listener
}
:=
= &onceCloseListener{Listener: }
defer .Close()
if := .setupHTTP2_Serve(); != nil {
return
}
if !.trackListener(&, true) {
return ErrServerClosed
}
defer .trackListener(&, false)
:= context.Background()
if .BaseContext != nil {
= .BaseContext()
if == nil {
panic("BaseContext returned a nil context")
}
}
var time.Duration // how long to sleep on accept failure
:= context.WithValue(, ServerContextKey, )
for {
, := .Accept()
if != nil {
select {
case <-.getDoneChan():
return ErrServerClosed
default:
}
if , := .(net.Error); && .Temporary() {
if == 0 {
= 5 * time.Millisecond
} else {
*= 2
}
if := 1 * time.Second; > {
=
}
.logf("http: Accept error: %v; retrying in %v", , )
time.Sleep()
continue
}
return
}
:=
if := .ConnContext; != nil {
= (, )
if == nil {
panic("ConnContext returned nil")
}
}
= 0
:= .newConn()
.setState(.rwc, StateNew, runHooks) // before Serve can return
go .serve()
}
}
ServeTLS accepts incoming connections on the Listener l, creating a new service goroutine for each. The service goroutines perform TLS setup and then read requests, calling srv.Handler to reply to them. Files containing a certificate and matching private key for the server must be provided if neither the Server's TLSConfig.Certificates nor TLSConfig.GetCertificate are populated. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate. ServeTLS always returns a non-nil error. After Shutdown or Close, the returned error is ErrServerClosed.
Setup HTTP/2 before srv.Serve, to initialize srv.TLSConfig before we clone it and create the TLS Listener.
if := .setupHTTP2_ServeTLS(); != nil {
return
}
:= cloneTLSConfig(.TLSConfig)
if !strSliceContains(.NextProtos, "http/1.1") {
.NextProtos = append(.NextProtos, "http/1.1")
}
:= len(.Certificates) > 0 || .GetCertificate != nil
if ! || != "" || != "" {
var error
.Certificates = make([]tls.Certificate, 1)
.Certificates[0], = tls.LoadX509KeyPair(, )
if != nil {
return
}
}
:= tls.NewListener(, )
return .Serve()
}
trackListener adds or removes a net.Listener to the set of tracked listeners. We store a pointer to interface in the map set, in case the net.Listener is not comparable. This is safe because we only call trackListener via Serve and can track+defer untrack the same pointer to local variable there. We never need to compare a Listener from another caller. It reports whether the server is still up (not Shutdown or Closed).
func ( *Server) ( *net.Listener, bool) bool {
.mu.Lock()
defer .mu.Unlock()
if .listeners == nil {
.listeners = make(map[*net.Listener]struct{})
}
if {
if .shuttingDown() {
return false
}
.listeners[] = struct{}{}
} else {
delete(.listeners, )
}
return true
}
func ( *Server) ( *conn, bool) {
.mu.Lock()
defer .mu.Unlock()
if .activeConn == nil {
.activeConn = make(map[*conn]struct{})
}
if {
.activeConn[] = struct{}{}
} else {
delete(.activeConn, )
}
}
func ( *Server) () time.Duration {
if .IdleTimeout != 0 {
return .IdleTimeout
}
return .ReadTimeout
}
func ( *Server) () time.Duration {
if .ReadHeaderTimeout != 0 {
return .ReadHeaderTimeout
}
return .ReadTimeout
}
func ( *Server) () bool {
return atomic.LoadInt32(&.disableKeepAlives) == 0 && !.shuttingDown()
}
func ( *Server) () bool {
return .inShutdown.isSet()
}
SetKeepAlivesEnabled controls whether HTTP keep-alives are enabled. By default, keep-alives are always enabled. Only very resource-constrained environments or servers in the process of shutting down should disable them.
func ( *Server) ( bool) {
if {
atomic.StoreInt32(&.disableKeepAlives, 0)
return
}
atomic.StoreInt32(&.disableKeepAlives, 1)
Close idle HTTP/1 conns:
TODO: Issue 26303: close HTTP/2 conns as soon as they become idle.
logf prints to the ErrorLog of the *Server associated with request r via ServerContextKey. If there's no associated server, or if ErrorLog is nil, logging is done via the log package's standard logger.
ListenAndServe listens on the TCP network address addr and then calls Serve with handler to handle requests on incoming connections. Accepted connections are configured to enable TCP keep-alives. The handler is typically nil, in which case the DefaultServeMux is used. ListenAndServe always returns a non-nil error.
ListenAndServeTLS acts identically to ListenAndServe, except that it expects HTTPS connections. Additionally, files containing a certificate and matching private key for the server must be provided. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate.
ListenAndServeTLS listens on the TCP network address srv.Addr and then calls ServeTLS to handle requests on incoming TLS connections. Accepted connections are configured to enable TCP keep-alives. Filenames containing a certificate and matching private key for the server must be provided if neither the Server's TLSConfig.Certificates nor TLSConfig.GetCertificate are populated. If the certificate is signed by a certificate authority, the certFile should be the concatenation of the server's certificate, any intermediates, and the CA's certificate. If srv.Addr is blank, ":https" is used. ListenAndServeTLS always returns a non-nil error. After Shutdown or Close, the returned error is ErrServerClosed.
setupHTTP2_ServeTLS conditionally configures HTTP/2 on srv and reports whether there was an error setting it up. If it is not configured for policy reasons, nil is returned.
func ( *Server) () error {
.nextProtoOnce.Do(.onceSetNextProtoDefaults)
return .nextProtoErr
}
setupHTTP2_Serve is called from (*Server).Serve and conditionally configures HTTP/2 on srv using a more conservative policy than setupHTTP2_ServeTLS because Serve is called after tls.Listen, and may be called concurrently. See shouldConfigureHTTP2ForServe. The tests named TestTransportAutomaticHTTP2* and TestConcurrentServerServe in server_test.go demonstrate some of the supported use cases and motivations.
func ( *Server) () error {
.nextProtoOnce.Do(.onceSetNextProtoDefaults_Serve)
return .nextProtoErr
}
func ( *Server) () {
if .shouldConfigureHTTP2ForServe() {
.onceSetNextProtoDefaults()
}
}
onceSetNextProtoDefaults configures HTTP/2, if the user hasn't configured otherwise. (by setting srv.TLSNextProto non-nil) It must only be called via srv.nextProtoOnce (use srv.setupHTTP2_*).
Enable HTTP/2 by default if the user hasn't otherwise configured their TLSNextProto map.
if .TLSNextProto == nil {
:= &http2Server{
NewWriteScheduler: func() http2WriteScheduler { return http2NewPriorityWriteScheduler(nil) },
}
.nextProtoErr = http2ConfigureServer(, )
}
}
TimeoutHandler returns a Handler that runs h with the given time limit. The new Handler calls h.ServeHTTP to handle each request, but if a call runs for longer than its time limit, the handler responds with a 503 Service Unavailable error and the given message in its body. (If msg is empty, a suitable default message will be sent.) After such a timeout, writes by h to its ResponseWriter will return ErrHandlerTimeout. TimeoutHandler supports the Pusher interface but does not support the Hijacker or Flusher interfaces.
ErrHandlerTimeout is returned on ResponseWriter Write calls in handlers which have timed out.
When set, no context will be created and this context will be used instead.
testContext context.Context
}
func ( *timeoutHandler) () string {
if .body != "" {
return .body
}
return "<html><head><title>Timeout</title></head><body><h1>Timeout</h1></body></html>"
}
func ( *timeoutHandler) ( ResponseWriter, *Request) {
:= .testContext
if == nil {
var context.CancelFunc
, = context.WithTimeout(.Context(), .dt)
defer ()
}
= .WithContext()
:= make(chan struct{})
:= &timeoutWriter{
w: ,
h: make(Header),
req: ,
}
:= make(chan interface{}, 1)
go func() {
defer func() {
if := recover(); != nil {
<-
}
}()
.handler.ServeHTTP(, )
close()
}()
select {
case := <-:
panic()
case <-:
.mu.Lock()
defer .mu.Unlock()
:= .Header()
for , := range .h {
[] =
}
if !.wroteHeader {
.code = StatusOK
}
.WriteHeader(.code)
.Write(.wbuf.Bytes())
case <-.Done():
.mu.Lock()
defer .mu.Unlock()
.WriteHeader(StatusServiceUnavailable)
io.WriteString(, .errorBody())
.timedOut = true
}
}
type timeoutWriter struct {
w ResponseWriter
h Header
wbuf bytes.Buffer
req *Request
mu sync.Mutex
timedOut bool
wroteHeader bool
code int
}
var _ Pusher = (*timeoutWriter)(nil)
Push implements the Pusher interface.
func ( *timeoutWriter) ( string, *PushOptions) error {
if , := .w.(Pusher); {
return .Push(, )
}
return ErrNotSupported
}
func ( *timeoutWriter) () Header { return .h }
func ( *timeoutWriter) ( []byte) (int, error) {
.mu.Lock()
defer .mu.Unlock()
if .timedOut {
return 0, ErrHandlerTimeout
}
if !.wroteHeader {
.writeHeaderLocked(StatusOK)
}
return .wbuf.Write()
}
func ( *timeoutWriter) ( int) {
checkWriteHeaderCode()
switch {
case .timedOut:
return
case .wroteHeader:
if .req != nil {
:= relevantCaller()
logf(.req, "http: superfluous response.WriteHeader call from %s (%s:%d)", .Function, path.Base(.File), .Line)
}
default:
.wroteHeader = true
.code =
}
}
func ( *timeoutWriter) ( int) {
.mu.Lock()
defer .mu.Unlock()
.writeHeaderLocked()
}
onceCloseListener wraps a net.Listener, protecting it from multiple Close calls.
globalOptionsHandler responds to "OPTIONS *" requests.
type globalOptionsHandler struct{}
func (globalOptionsHandler) ( ResponseWriter, *Request) {
.Header().Set("Content-Length", "0")
Read up to 4KB of OPTIONS body (as mentioned in the spec as being reserved for future use), but anything over that is considered a waste of server resources (or an attack) and we abort and close the connection, courtesy of MaxBytesReader's EOF behavior.
initALPNRequest is an HTTP handler that initializes certain uninitialized fields in its *Request. Such partially-initialized Requests come from ALPN protocol handlers.
type initALPNRequest struct {
ctx context.Context
c *tls.Conn
h serverHandler
}
BaseContext is an exported but unadvertised http.Handler method recognized by x/net/http2 to pass down a context; the TLSNextProto API predates context support so we shoehorn through the only interface we have available.
func ( initALPNRequest) () context.Context { return .ctx }
func ( initALPNRequest) ( ResponseWriter, *Request) {
if .TLS == nil {
.TLS = &tls.ConnectionState{}
*.TLS = .c.ConnectionState()
}
if .Body == nil {
.Body = NoBody
}
if .RemoteAddr == "" {
.RemoteAddr = .c.RemoteAddr().String()
}
.h.ServeHTTP(, )
}
loggingConn is used for debugging.
type loggingConn struct {
name string
net.Conn
}
var (
uniqNameMu sync.Mutex
uniqNameNext = make(map[string]int)
)
func ( string, net.Conn) net.Conn {
uniqNameMu.Lock()
defer uniqNameMu.Unlock()
uniqNameNext[]++
return &loggingConn{
name: fmt.Sprintf("%s-%d", , uniqNameNext[]),
Conn: ,
}
}
func ( *loggingConn) ( []byte) ( int, error) {
log.Printf("%s.Write(%d) = ....", .name, len())
, = .Conn.Write()
log.Printf("%s.Write(%d) = %d, %v", .name, len(), , )
return
}
func ( *loggingConn) ( []byte) ( int, error) {
log.Printf("%s.Read(%d) = ....", .name, len())
, = .Conn.Read()
log.Printf("%s.Read(%d) = %d, %v", .name, len(), , )
return
}
func ( *loggingConn) () ( error) {
log.Printf("%s.Close() = ...", .name)
= .Conn.Close()
log.Printf("%s.Close() = %v", .name, )
return
}
checkConnErrorWriter writes to c.rwc and records any write errors to c.werr. It only contains one field (and a pointer field at that), so it fits in an interface value without an extra allocation.
type checkConnErrorWriter struct {
c *conn
}
func ( checkConnErrorWriter) ( []byte) ( int, error) {
, = .c.rwc.Write()
if != nil && .c.werr == nil {
.c.werr =
.c.cancelCtx()
}
return
}
func ( []byte) ( int) {
for , := range {
if == '\r' || == '\n' {
++
continue
}
break
}
return
}
func ( []string, string) bool {
for , := range {
if == {
return true
}
}
return false
}
 |
The pages are generated with Golds v0.3.2-preview. (GOOS=darwin GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds. |