diff src/http/ngx_http_core_module.c @ 7848:1bde031b59ff

Location header escaping in redirects (ticket #882). The header is escaped in redirects based on request URI or location name (auto redirect).
author Ruslan Ermilov <ru@nginx.com>
date Mon, 24 May 2021 21:55:20 +0300
parents bdd4d89370a7
children e3dbd9449b14 d514f88053e5
line wrap: on
line diff
--- a/src/http/ngx_http_core_module.c
+++ b/src/http/ngx_http_core_module.c
@@ -1010,10 +1010,10 @@ ngx_http_core_find_config_phase(ngx_http
         ngx_str_set(&r->headers_out.location->key, "Location");
 
         if (r->args.len == 0) {
-            r->headers_out.location->value = clcf->name;
+            r->headers_out.location->value = clcf->escaped_name;
 
         } else {
-            len = clcf->name.len + 1 + r->args.len;
+            len = clcf->escaped_name.len + 1 + r->args.len;
             p = ngx_pnalloc(r->pool, len);
 
             if (p == NULL) {
@@ -1025,7 +1025,7 @@ ngx_http_core_find_config_phase(ngx_http
             r->headers_out.location->value.len = len;
             r->headers_out.location->value.data = p;
 
-            p = ngx_cpymem(p, clcf->name.data, clcf->name.len);
+            p = ngx_cpymem(p, clcf->escaped_name.data, clcf->escaped_name.len);
             *p++ = '?';
             ngx_memcpy(p, r->args.data, r->args.len);
         }
@@ -3467,6 +3467,7 @@ ngx_http_core_create_loc_conf(ngx_conf_t
     /*
      * set by ngx_pcalloc():
      *
+     *     clcf->escaped_name = { 0, NULL };
      *     clcf->root = { 0, NULL };
      *     clcf->limit_except = 0;
      *     clcf->post_action = { 0, NULL };