Mercurial > hg > nginx-vendor-current

comparison src/http/ngx_http_parse.c @ 578:bc110f60c0de NGINX_0_8_41

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 0.8.41 *) Security: nginx/Windows worker might be terminated abnormally if a requested file name has invalid UTF-8 encoding. *) Change: now nginx allows to use spaces in a request line. *) Bugfix: the "proxy_redirect" directive changed incorrectly a backend "Refresh" response header line. Thanks to Andrey Andreew and Max Sogin. *) Bugfix: nginx did not support path without host name in "Destination" request header line.
author Igor Sysoev <http://sysoev.ru>
date Tue, 15 Jun 2010 00:00:00 +0400
parents 01f2313e34f1
children 4d3e880ce86c
comparison
equal deleted inserted replaced
577:dd4c3325a56f 578:bc110f60c0de
110 sw_schema, 110 sw_schema,
111 sw_schema_slash, 111 sw_schema_slash,
112 sw_schema_slash_slash, 112 sw_schema_slash_slash,
113 sw_host, 113 sw_host,
114 sw_port, 114 sw_port,
115 sw_host_http_09,
115 sw_after_slash_in_uri, 116 sw_after_slash_in_uri,
116 sw_check_uri, 117 sw_check_uri,
118 sw_check_uri_http_09,
117 sw_uri, 119 sw_uri,
118 sw_http_09, 120 sw_http_09,
119 sw_http_H, 121 sw_http_H,
120 sw_http_HT, 122 sw_http_HT,
121 sw_http_HTT, 123 sw_http_HTT,
206 case 5: 208 case 5:
207 if (ngx_str5cmp(m, 'M', 'K', 'C', 'O', 'L')) { 209 if (ngx_str5cmp(m, 'M', 'K', 'C', 'O', 'L')) {
208 r->method = NGX_HTTP_MKCOL; 210 r->method = NGX_HTTP_MKCOL;
209 } 211 }
210 212
213 if (ngx_str5cmp(m, 'P', 'A', 'T', 'C', 'H')) {
214 r->method = NGX_HTTP_PATCH;
215 }
216
211 if (ngx_str5cmp(m, 'T', 'R', 'A', 'C', 'E')) { 217 if (ngx_str5cmp(m, 'T', 'R', 'A', 'C', 'E')) {
212 r->method = NGX_HTTP_TRACE; 218 r->method = NGX_HTTP_TRACE;
213 } 219 }
214 220
215 break; 221 break;
351 * use single "/" from request line to preserve pointers, 357 * use single "/" from request line to preserve pointers,
352 * if request line will be copied to large client buffer 358 * if request line will be copied to large client buffer
353 */ 359 */
354 r->uri_start = r->schema_end + 1; 360 r->uri_start = r->schema_end + 1;
355 r->uri_end = r->schema_end + 2; 361 r->uri_end = r->schema_end + 2;
356 state = sw_http_09; 362 state = sw_host_http_09;
357 break; 363 break;
358 default: 364 default:
359 return NGX_HTTP_PARSE_INVALID_REQUEST; 365 return NGX_HTTP_PARSE_INVALID_REQUEST;
360 } 366 }
361 break; 367 break;
377 * use single "/" from request line to preserve pointers, 383 * use single "/" from request line to preserve pointers,
378 * if request line will be copied to large client buffer 384 * if request line will be copied to large client buffer
379 */ 385 */
380 r->uri_start = r->schema_end + 1; 386 r->uri_start = r->schema_end + 1;
381 r->uri_end = r->schema_end + 2; 387 r->uri_end = r->schema_end + 2;
382 state = sw_http_09; 388 state = sw_host_http_09;
383 break; 389 break;
384 default: 390 default:
385 return NGX_HTTP_PARSE_INVALID_REQUEST; 391 return NGX_HTTP_PARSE_INVALID_REQUEST;
386 } 392 }
387 break; 393 break;
394
395 /* space+ after "http://host[:port] " */
396 case sw_host_http_09:
397 switch (ch) {
398 case ' ':
399 break;
400 case CR:
401 r->http_minor = 9;
402 state = sw_almost_done;
403 break;
404 case LF:
405 r->http_minor = 9;
406 goto done;
407 case 'H':
408 r->http_protocol.data = p;
409 state = sw_http_H;
410 break;
411 default:
412 return NGX_HTTP_PARSE_INVALID_REQUEST;
413 }
414 break;
415
388 416
389 /* check "/.", "//", "%", and "\" (Win32) in URI */ 417 /* check "/.", "//", "%", and "\" (Win32) in URI */
390 case sw_after_slash_in_uri: 418 case sw_after_slash_in_uri:
391 419
392 if (usual[ch >> 5] & (1 << (ch & 0x1f))) { 420 if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
395 } 423 }
396 424
397 switch (ch) { 425 switch (ch) {
398 case ' ': 426 case ' ':
399 r->uri_end = p; 427 r->uri_end = p;
400 state = sw_http_09; 428 state = sw_check_uri_http_09;
401 break; 429 break;
402 case CR: 430 case CR:
403 r->uri_end = p; 431 r->uri_end = p;
404 r->http_minor = 9; 432 r->http_minor = 9;
405 state = sw_almost_done; 433 state = sw_almost_done;
460 case '.': 488 case '.':
461 r->uri_ext = p + 1; 489 r->uri_ext = p + 1;
462 break; 490 break;
463 case ' ': 491 case ' ':
464 r->uri_end = p; 492 r->uri_end = p;
465 state = sw_http_09; 493 state = sw_check_uri_http_09;
466 break; 494 break;
467 case CR: 495 case CR:
468 r->uri_end = p; 496 r->uri_end = p;
469 r->http_minor = 9; 497 r->http_minor = 9;
470 state = sw_almost_done; 498 state = sw_almost_done;
497 case '\0': 525 case '\0':
498 return NGX_HTTP_PARSE_INVALID_REQUEST; 526 return NGX_HTTP_PARSE_INVALID_REQUEST;
499 } 527 }
500 break; 528 break;
501 529
530 /* space+ after URI */
531 case sw_check_uri_http_09:
532 switch (ch) {
533 case ' ':
534 break;
535 case CR:
536 r->http_minor = 9;
537 state = sw_almost_done;
538 break;
539 case LF:
540 r->http_minor = 9;
541 goto done;
542 case 'H':
543 r->http_protocol.data = p;
544 state = sw_http_H;
545 break;
546 default:
547 r->space_in_uri = 1;
548 state = sw_check_uri;
549 break;
550 }
551 break;
552
553
502 /* URI */ 554 /* URI */
503 case sw_uri: 555 case sw_uri:
504 556
505 if (usual[ch >> 5] & (1 << (ch & 0x1f))) { 557 if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
506 break; 558 break;
543 case 'H': 595 case 'H':
544 r->http_protocol.data = p; 596 r->http_protocol.data = p;
545 state = sw_http_H; 597 state = sw_http_H;
546 break; 598 break;
547 default: 599 default:
548 return NGX_HTTP_PARSE_INVALID_REQUEST; 600 r->space_in_uri = 1;
601 state = sw_uri;
602 break;
549 } 603 }
550 break; 604 break;
551 605
552 case sw_http_H: 606 case sw_http_H:
553 switch (ch) { 607 switch (ch) {