Mercurial > hg > nginx-vendor-current
comparison src/http/modules/ngx_http_dav_module.c @ 530:4c5d2c627a6c NGINX_0_8_17
nginx 0.8.17
*) Security: now "/../" are disabled in "Destination" request header
line.
*) Change: now $host variable value is always low case.
*) Feature: the $ssl_session_id variable.
*) Bugfix: socket leak; the bug had appeared in 0.8.11.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 28 Sep 2009 00:00:00 +0400 |
parents | 7efcdb937752 |
children | f7ec98e3caeb |
comparison
equal
deleted
inserted
replaced
529:b8ac674b0ec9 | 530:4c5d2c627a6c |
---|---|
514 { | 514 { |
515 u_char *p, *host, *last, ch; | 515 u_char *p, *host, *last, ch; |
516 size_t len, root; | 516 size_t len, root; |
517 ngx_err_t err; | 517 ngx_err_t err; |
518 ngx_int_t rc, depth; | 518 ngx_int_t rc, depth; |
519 ngx_uint_t overwrite, slash, dir; | 519 ngx_uint_t overwrite, slash, dir, flags; |
520 ngx_str_t path, uri; | 520 ngx_str_t path, uri, duri, args; |
521 ngx_tree_ctx_t tree; | 521 ngx_tree_ctx_t tree; |
522 ngx_copy_file_t cf; | 522 ngx_copy_file_t cf; |
523 ngx_file_info_t fi; | 523 ngx_file_info_t fi; |
524 ngx_table_elt_t *dest, *over; | 524 ngx_table_elt_t *dest, *over; |
525 ngx_ext_rename_file_t ext; | 525 ngx_ext_rename_file_t ext; |
591 "client sent invalid \"Destination\" header: \"%V\"", | 591 "client sent invalid \"Destination\" header: \"%V\"", |
592 &dest->value); | 592 &dest->value); |
593 return NGX_HTTP_BAD_REQUEST; | 593 return NGX_HTTP_BAD_REQUEST; |
594 | 594 |
595 destination_done: | 595 destination_done: |
596 | |
597 duri.len = last - p; | |
598 duri.data = p; | |
599 flags = 0; | |
600 | |
601 if (ngx_http_parse_unsafe_uri(r, &duri, &args, &flags) != NGX_OK) { | |
602 goto invalid_destination; | |
603 } | |
596 | 604 |
597 if ((r->uri.data[r->uri.len - 1] == '/' && *(last - 1) != '/') | 605 if ((r->uri.data[r->uri.len - 1] == '/' && *(last - 1) != '/') |
598 || (r->uri.data[r->uri.len - 1] != '/' && *(last - 1) == '/')) | 606 || (r->uri.data[r->uri.len - 1] != '/' && *(last - 1) == '/')) |
599 { | 607 { |
600 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | 608 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, |
654 | 662 |
655 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | 663 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
656 "http copy from: \"%s\"", path.data); | 664 "http copy from: \"%s\"", path.data); |
657 | 665 |
658 uri = r->uri; | 666 uri = r->uri; |
659 | 667 r->uri = duri; |
660 r->uri.len = last - p; | |
661 r->uri.data = p; | |
662 | 668 |
663 ngx_http_map_uri_to_path(r, ©.path, &root, 0); | 669 ngx_http_map_uri_to_path(r, ©.path, &root, 0); |
664 | 670 |
665 r->uri = uri; | 671 r->uri = uri; |
666 | 672 |