# HG changeset patch
# User Igor Sysoev <igor@sysoev.ru>
# Date 1252315781 0
# Node ID ecc8d537e9a93e5d73e75df72fb9c86384d82e3e
# Parent  1ecd37f610c0121cbeb501e47e699b9a53e804de
handle "/../" case more reliably

diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -1134,11 +1134,15 @@ ngx_http_parse_complex_uri(ngx_http_requ
 #endif
             case '/':
                 state = sw_slash;
-                u -= 4;
-                if (u < r->uri.data) {
-                    return NGX_HTTP_PARSE_INVALID_REQUEST;
-                }
-                while (*(u - 1) != '/') {
+                u -= 5;
+                for ( ;; ) {
+                    if (u < r->uri.data) {
+                        return NGX_HTTP_PARSE_INVALID_REQUEST;
+                    }
+                    if (*u == '/') {
+                        u++;
+                        break;
+                    }
                     u--;
                 }
                 break;