Mercurial > hg > nginx-quic
comparison src/http/ngx_http_core_module.c @ 4162:fb1375e8b68c stable-1.0
Merging r4036, r4055, r4056, r4057, r4058, r4059, r4060, r4061, r4062, r4063,
r4064:
Ranges related fixes:
The "max_ranges" directive.
"max_ranges 0" disables ranges support at all,
"max_ranges 1" allows the single range, etc.
By default number of ranges is unlimited, to be precise, 2^31-1.
If client requests more ranges than "max_ranges" permits,
nginx disables ranges and returns just the source response.
If total size of all ranges is greater than source response size,
then nginx disables ranges and returns just the source response.
This fix should not affect well-behaving applications but will defeat
DoS attempts exploiting malicious byte ranges.
Now unsatisfiable ranges are processed according to RFC 2616.
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Fri, 30 Sep 2011 14:06:08 +0000 |
parents | d9b486dbf7e5 |
children | 6afb20bf2ad5 |
comparison
equal
deleted
inserted
replaced
4161:010a0907bc95 | 4162:fb1375e8b68c |
---|---|
629 ngx_conf_set_enum_slot, | 629 ngx_conf_set_enum_slot, |
630 NGX_HTTP_LOC_CONF_OFFSET, | 630 NGX_HTTP_LOC_CONF_OFFSET, |
631 offsetof(ngx_http_core_loc_conf_t, if_modified_since), | 631 offsetof(ngx_http_core_loc_conf_t, if_modified_since), |
632 &ngx_http_core_if_modified_since }, | 632 &ngx_http_core_if_modified_since }, |
633 | 633 |
634 { ngx_string("max_ranges"), | |
635 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
636 ngx_conf_set_num_slot, | |
637 NGX_HTTP_LOC_CONF_OFFSET, | |
638 offsetof(ngx_http_core_loc_conf_t, max_ranges), | |
639 NULL }, | |
640 | |
634 { ngx_string("chunked_transfer_encoding"), | 641 { ngx_string("chunked_transfer_encoding"), |
635 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | 642 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, |
636 ngx_conf_set_flag_slot, | 643 ngx_conf_set_flag_slot, |
637 NGX_HTTP_LOC_CONF_OFFSET, | 644 NGX_HTTP_LOC_CONF_OFFSET, |
638 offsetof(ngx_http_core_loc_conf_t, chunked_transfer_encoding), | 645 offsetof(ngx_http_core_loc_conf_t, chunked_transfer_encoding), |
3251 clcf->client_body_buffer_size = NGX_CONF_UNSET_SIZE; | 3258 clcf->client_body_buffer_size = NGX_CONF_UNSET_SIZE; |
3252 clcf->client_body_timeout = NGX_CONF_UNSET_MSEC; | 3259 clcf->client_body_timeout = NGX_CONF_UNSET_MSEC; |
3253 clcf->keepalive_disable = NGX_CONF_UNSET_UINT; | 3260 clcf->keepalive_disable = NGX_CONF_UNSET_UINT; |
3254 clcf->satisfy = NGX_CONF_UNSET_UINT; | 3261 clcf->satisfy = NGX_CONF_UNSET_UINT; |
3255 clcf->if_modified_since = NGX_CONF_UNSET_UINT; | 3262 clcf->if_modified_since = NGX_CONF_UNSET_UINT; |
3263 clcf->max_ranges = NGX_CONF_UNSET_UINT; | |
3256 clcf->client_body_in_file_only = NGX_CONF_UNSET_UINT; | 3264 clcf->client_body_in_file_only = NGX_CONF_UNSET_UINT; |
3257 clcf->client_body_in_single_buffer = NGX_CONF_UNSET; | 3265 clcf->client_body_in_single_buffer = NGX_CONF_UNSET; |
3258 clcf->internal = NGX_CONF_UNSET; | 3266 clcf->internal = NGX_CONF_UNSET; |
3259 clcf->sendfile = NGX_CONF_UNSET; | 3267 clcf->sendfile = NGX_CONF_UNSET; |
3260 clcf->sendfile_max_chunk = NGX_CONF_UNSET_SIZE; | 3268 clcf->sendfile_max_chunk = NGX_CONF_UNSET_SIZE; |
3457 |NGX_HTTP_KEEPALIVE_DISABLE_SAFARI); | 3465 |NGX_HTTP_KEEPALIVE_DISABLE_SAFARI); |
3458 ngx_conf_merge_uint_value(conf->satisfy, prev->satisfy, | 3466 ngx_conf_merge_uint_value(conf->satisfy, prev->satisfy, |
3459 NGX_HTTP_SATISFY_ALL); | 3467 NGX_HTTP_SATISFY_ALL); |
3460 ngx_conf_merge_uint_value(conf->if_modified_since, prev->if_modified_since, | 3468 ngx_conf_merge_uint_value(conf->if_modified_since, prev->if_modified_since, |
3461 NGX_HTTP_IMS_EXACT); | 3469 NGX_HTTP_IMS_EXACT); |
3470 ngx_conf_merge_uint_value(conf->max_ranges, prev->max_ranges, | |
3471 0x7fffffff); | |
3462 ngx_conf_merge_uint_value(conf->client_body_in_file_only, | 3472 ngx_conf_merge_uint_value(conf->client_body_in_file_only, |
3463 prev->client_body_in_file_only, 0); | 3473 prev->client_body_in_file_only, 0); |
3464 ngx_conf_merge_value(conf->client_body_in_single_buffer, | 3474 ngx_conf_merge_value(conf->client_body_in_single_buffer, |
3465 prev->client_body_in_single_buffer, 0); | 3475 prev->client_body_in_single_buffer, 0); |
3466 ngx_conf_merge_value(conf->internal, prev->internal, 0); | 3476 ngx_conf_merge_value(conf->internal, prev->internal, 0); |