Mercurial > hg > nginx
comparison src/http/modules/ngx_http_referer_module.c @ 5321:9806f7932474
Referer module: fixed regex matching against HTTPS referers.
When matching a compiled regex against value in the "Referer" header field,
the length was calculated incorrectly for strings that start from "https://".
This might cause matching to fail for regexes with end-of-line anchors.
Patch by Liangbin Li.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 13 Aug 2013 17:47:04 +0400 |
| parents | 8f74cf107137 |
| children | 9b8a634e348a |
comparison
equal
deleted
inserted
replaced
| 5320:ad137a80919f | 5321:9806f7932474 |
|---|---|
| 145 if (len >= sizeof("http://i.ru") - 1) { | 145 if (len >= sizeof("http://i.ru") - 1) { |
| 146 last = ref + len; | 146 last = ref + len; |
| 147 | 147 |
| 148 if (ngx_strncasecmp(ref, (u_char *) "http://", 7) == 0) { | 148 if (ngx_strncasecmp(ref, (u_char *) "http://", 7) == 0) { |
| 149 ref += 7; | 149 ref += 7; |
| 150 len -= 7; | |
| 150 goto valid_scheme; | 151 goto valid_scheme; |
| 151 | 152 |
| 152 } else if (ngx_strncasecmp(ref, (u_char *) "https://", 8) == 0) { | 153 } else if (ngx_strncasecmp(ref, (u_char *) "https://", 8) == 0) { |
| 153 ref += 8; | 154 ref += 8; |
| 155 len -= 8; | |
| 154 goto valid_scheme; | 156 goto valid_scheme; |
| 155 } | 157 } |
| 156 } | 158 } |
| 157 | 159 |
| 158 if (rlcf->blocked_referer) { | 160 if (rlcf->blocked_referer) { |
| 189 | 191 |
| 190 if (rlcf->regex) { | 192 if (rlcf->regex) { |
| 191 ngx_int_t rc; | 193 ngx_int_t rc; |
| 192 ngx_str_t referer; | 194 ngx_str_t referer; |
| 193 | 195 |
| 194 referer.len = len - 7; | 196 referer.len = len; |
| 195 referer.data = ref; | 197 referer.data = ref; |
| 196 | 198 |
| 197 rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log); | 199 rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log); |
| 198 | 200 |
| 199 if (rc == NGX_OK) { | 201 if (rc == NGX_OK) { |