Mercurial > hg > nginx
comparison src/http/ngx_http_upstream.c @ 7679:05e42236e95b
FastCGI: protection from responses with wrong length.
Previous behaviour was to pass everything to the client, but this
seems to be suboptimal and causes issues (ticket #1695). Fix is to
drop extra data instead, as it naturally happens in most clients.
Additionally, we now also issue a warning if the response is too
short, and make sure the fact it is truncated is propagated to the
client. The u->error flag is introduced to make it possible to
propagate the error to the client in case of unbuffered proxying.
For responses to HEAD requests there is an exception: we do allow
both responses without body and responses with body matching the
Content-Length header.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 06 Jul 2020 18:36:23 +0300 |
parents | bffcc5af1d72 |
children | 7015f26aef90 a748095bf94e |
comparison
equal
deleted
inserted
replaced
7678:bffcc5af1d72 | 7679:05e42236e95b |
---|---|
1914 return NGX_ERROR; | 1914 return NGX_ERROR; |
1915 } | 1915 } |
1916 | 1916 |
1917 u->keepalive = 0; | 1917 u->keepalive = 0; |
1918 u->upgrade = 0; | 1918 u->upgrade = 0; |
1919 u->error = 0; | |
1919 | 1920 |
1920 ngx_memzero(&u->headers_in, sizeof(ngx_http_upstream_headers_in_t)); | 1921 ngx_memzero(&u->headers_in, sizeof(ngx_http_upstream_headers_in_t)); |
1921 u->headers_in.content_length_n = -1; | 1922 u->headers_in.content_length_n = -1; |
1922 u->headers_in.last_modified_time = -1; | 1923 u->headers_in.last_modified_time = -1; |
1923 | 1924 |
3622 ngx_http_upstream_finalize_request(r, u, | 3623 ngx_http_upstream_finalize_request(r, u, |
3623 NGX_HTTP_BAD_GATEWAY); | 3624 NGX_HTTP_BAD_GATEWAY); |
3624 return; | 3625 return; |
3625 } | 3626 } |
3626 | 3627 |
3627 if (upstream->read->error) { | 3628 if (upstream->read->error || u->error) { |
3628 ngx_http_upstream_finalize_request(r, u, | 3629 ngx_http_upstream_finalize_request(r, u, |
3629 NGX_HTTP_BAD_GATEWAY); | 3630 NGX_HTTP_BAD_GATEWAY); |
3630 return; | 3631 return; |
3631 } | 3632 } |
3632 | 3633 |