Share via

HTTP_FILTER_RAW_DATA structure

  • Article

Applies to: desktop apps only

The Forefront TMG Web proxy includes a pointer to the HTTP_FILTER_RAW_DATA structure in the notification that it sends to Web filters when it reads or is about to send raw data. If your filter should be notified for events involving reading or sending raw data, it must register to receive one or more of these notifications:

  • SF_NOTIFY_READ_RAW_DATA
  • SF_NOTIFY_SEND_RAW_DATA
  • SF_NOTIFY_FORWARD_RAW_DATA
  • SF_NOTIFY_RECEIVE_RESPONSE_RAW_DATA

For more information about the types of event notifications that are sent to Web filters, see Event Notifications.

Syntax

typedef struct _HTTP_FILTER_RAW_DATA {
  PVOID pvInData;
  DWORD cbInData;
  DWORD cbInBuffer;
  DWORD dwReserved;
} HTTP_FILTER_RAW_DATA, *PHTTP_FILTER_RAW_DATA;

Members

  • pvInData
    Pointer to the data buffer.

  • cbInData
    The amount of data, in bytes, in the buffer pointed to by pvInData.

  • cbInBuffer
    The size, in bytes, of the buffer pointed to by pvInData.

  • dwReserved
    Reserved for future use.

Remarks

When the Web proxy sends an SF_NOTIFY_READ_RAW_DATA or SF_NOTIFY_SEND_RAW_DATA notification, this structure is pointed to by the pvNotification parameter in the HttpFilterProc entry-point function. When the Web proxy sends an SF_NOTIFY_FORWARD_RAW_DATA or SF_NOTIFY_RECEIVE_RESPONSE_RAW_DATA notification, this structure is pointed to by the pvNotification parameter in the HttpWPXFilterProc entry-point function. Web filters that modify the raw data being sent or received can replace the pvInData pointer. (If the pointer is replaced, cbInData and cbInBuffer must also be appropriately updated.) The new buffer memory must remain valid until the end of the request. The new buffer memory can remain valid by using AllocMem or AllocMemoryPerRequest, or by using a buffer owned by the filter. In addition, the filter must not attempt to free or otherwise deallocate the old pvInData pointer. Only the owner of the memory block can free the buffer.

If a filter accumulates a response in an SF_NOTIFY_RECEIVE_RESPONSE_RAW_DATA notification without releasing it to the next filter, the filter may not release the data until it receives an SF_NOTIFY_END_OF_REQUEST notification, which indicates that the server closed the connection. At this point, the filter will typically call WriteClient with the accumulated data. However, this will prevent other server-side filters from obtaining the raw response data, and those filters will be skipped. We recommend not accumulating the body of a response without releasing it to the next filter. If you must do so, accumulate the data in an SF_NOTIFY_SEND_RAW_DATA notification rather than an SF_NOTIFY_RECEIVE_RESPONSE_RAW_DATA notification.

Warning  We do not recommend that filters modify the raw data in place. The memory segment may be read-only or the data may be cached directly by an ISAPI extension.

Requirements

Minimum supported client

 None supported

Minimum supported server

 Windows Server 2008 R2, Windows Server 2008 with SP2 (64-bit only)

Version

 Forefront Threat Management Gateway (TMG) 2010

Header

 Httpfilt.h

See also

Notification Structures

 

 

Build date: 7/12/2010