Mercurial > hg > nginx-vendor-0-8
comparison src/http/ngx_http_parse.c @ 482:392c16f2d858 NGINX_0_7_53
nginx 0.7.53
*) Change: now a log set by --error-log-path is created from the very
start-up.
*) Feature: now the start up errors and warnings are outputted to an
error_log and stderr.
*) Feature: the empty --prefix= configure parameter forces nginx to use
a directory where it was run as prefix.
*) Feature: the -p switch.
*) Feature: the -s switch on Unix platforms.
*) Feature: the -? and -h switches.
Thanks to Jerome Loyet.
*) Feature: now switches may be set in condensed form.
*) Bugfix: nginx/Windows did not work if configuration file was given
by the -c switch.
*) Bugfix: temporary files might be not removed if the "proxy_store",
"fastcgi_store", "proxy_cache", or "fastcgi_cache" were used.
Thanks to Maxim Dounin.
*) Bugfix: an incorrect value was passed to mail proxy authentication
server in "Auth-Method" header line; the bug had appeared
in 0.7.34.
Thanks to Simon Lecaille.
*) Bugfix: system error text descriptions were not logged on Linux;
the bug had appeared in 0.7.45.
*) Bugfix: the "fastcgi_cache_min_uses" directive did not work.
Thanks to Andrew Vorobyoff.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 27 Apr 2009 00:00:00 +0400 |
parents | 09f0ef15d544 |
children | e8b686f230a8 |
comparison
equal
deleted
inserted
replaced
481:0c98173187ac | 482:392c16f2d858 |
---|---|
1335 | 1335 |
1336 if (len == 0 || p[0] == '?') { | 1336 if (len == 0 || p[0] == '?') { |
1337 goto unsafe; | 1337 goto unsafe; |
1338 } | 1338 } |
1339 | 1339 |
1340 if (p[0] == '.' && len == 3 && p[1] == '.' && (p[2] == '/' | 1340 if (p[0] == '.' && len == 3 && p[1] == '.' && (ngx_path_separator(p[2]))) { |
1341 #if (NGX_WIN32) | |
1342 || p[2] == '\\' | |
1343 #endif | |
1344 )) | |
1345 { | |
1346 goto unsafe; | 1341 goto unsafe; |
1347 } | 1342 } |
1348 | 1343 |
1349 for ( /* void */ ; len; len--) { | 1344 for ( /* void */ ; len; len--) { |
1350 | 1345 |
1365 if (ch == '\0') { | 1360 if (ch == '\0') { |
1366 *flags |= NGX_HTTP_ZERO_IN_URI; | 1361 *flags |= NGX_HTTP_ZERO_IN_URI; |
1367 continue; | 1362 continue; |
1368 } | 1363 } |
1369 | 1364 |
1370 if ((ch == '/' | 1365 if (ngx_path_separator(ch) && len > 2) { |
1366 | |
1367 /* detect "/../" */ | |
1368 | |
1369 if (p[0] == '.' && p[1] == '.' && ngx_path_separator(p[2])) { | |
1370 goto unsafe; | |
1371 } | |
1372 | |
1371 #if (NGX_WIN32) | 1373 #if (NGX_WIN32) |
1372 || ch == '\\' | |
1373 #endif | |
1374 ) && len > 2) | |
1375 { | |
1376 /* detect "/../" */ | |
1377 | |
1378 if (p[0] == '.' && p[1] == '.' && p[2] == '/') { | |
1379 goto unsafe; | |
1380 } | |
1381 | |
1382 #if (NGX_WIN32) | |
1383 | |
1384 if (p[2] == '\\') { | |
1385 goto unsafe; | |
1386 } | |
1387 | 1374 |
1388 if (len > 3) { | 1375 if (len > 3) { |
1389 | 1376 |
1390 /* detect "/.../" */ | 1377 /* detect "/.../" */ |
1391 | 1378 |
1392 if (p[0] == '.' && p[1] == '.' && p[2] == '.' | 1379 if (p[0] == '.' && p[1] == '.' && p[2] == '.' |
1393 && (p[3] == '/' || p[3] == '\\')) | 1380 && ngx_path_separator(p[3])) |
1394 { | 1381 { |
1395 goto unsafe; | 1382 goto unsafe; |
1396 } | 1383 } |
1397 } | 1384 } |
1398 #endif | 1385 #endif |