Mercurial > hg > nginx
comparison src/http/modules/ngx_http_proxy_module.c @ 6311:44122bddd9a1
Proxy: improved code readability.
Do not assume that space character follows the method name, just pass it
explicitly.
The fuss around it has already proved to be unsafe, see bbdb172f0927 and
http://mailman.nginx.org/pipermail/nginx-ru/2013-January/049692.html for
details.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Fri, 06 Nov 2015 15:21:51 +0300 |
parents | a93345ee8f52 |
children | 91c8d990fb45 |
comparison
equal
deleted
inserted
replaced
6310:9d00576252aa | 6311:44122bddd9a1 |
---|---|
1155 #endif | 1155 #endif |
1156 | 1156 |
1157 if (u->method.len) { | 1157 if (u->method.len) { |
1158 /* HEAD was changed to GET to cache response */ | 1158 /* HEAD was changed to GET to cache response */ |
1159 method = u->method; | 1159 method = u->method; |
1160 method.len++; | |
1161 | 1160 |
1162 } else if (plcf->method.len) { | 1161 } else if (plcf->method.len) { |
1163 method = plcf->method; | 1162 method = plcf->method; |
1164 | 1163 |
1165 } else { | 1164 } else { |
1166 method = r->method_name; | 1165 method = r->method_name; |
1167 method.len++; | |
1168 } | 1166 } |
1169 | 1167 |
1170 ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); | 1168 ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); |
1171 | 1169 |
1172 if (method.len == 5 | 1170 if (method.len == 4 |
1173 && ngx_strncasecmp(method.data, (u_char *) "HEAD ", 5) == 0) | 1171 && ngx_strncasecmp(method.data, (u_char *) "HEAD", 4) == 0) |
1174 { | 1172 { |
1175 ctx->head = 1; | 1173 ctx->head = 1; |
1176 } | 1174 } |
1177 | 1175 |
1178 len = method.len + sizeof(ngx_http_proxy_version) - 1 + sizeof(CRLF) - 1; | 1176 len = method.len + 1 + sizeof(ngx_http_proxy_version) - 1 |
1177 + sizeof(CRLF) - 1; | |
1179 | 1178 |
1180 escape = 0; | 1179 escape = 0; |
1181 loc_len = 0; | 1180 loc_len = 0; |
1182 unparsed_uri = 0; | 1181 unparsed_uri = 0; |
1183 | 1182 |
1292 | 1291 |
1293 | 1292 |
1294 /* the request line */ | 1293 /* the request line */ |
1295 | 1294 |
1296 b->last = ngx_copy(b->last, method.data, method.len); | 1295 b->last = ngx_copy(b->last, method.data, method.len); |
1296 *b->last++ = ' '; | |
1297 | 1297 |
1298 u->uri.data = b->last; | 1298 u->uri.data = b->last; |
1299 | 1299 |
1300 if (plcf->proxy_lengths && ctx->vars.uri.len) { | 1300 if (plcf->proxy_lengths && ctx->vars.uri.len) { |
1301 b->last = ngx_copy(b->last, ctx->vars.uri.data, ctx->vars.uri.len); | 1301 b->last = ngx_copy(b->last, ctx->vars.uri.data, ctx->vars.uri.len); |
3157 | 3157 |
3158 #endif | 3158 #endif |
3159 | 3159 |
3160 ngx_conf_merge_str_value(conf->method, prev->method, ""); | 3160 ngx_conf_merge_str_value(conf->method, prev->method, ""); |
3161 | 3161 |
3162 if (conf->method.len | |
3163 && conf->method.data[conf->method.len - 1] != ' ') | |
3164 { | |
3165 conf->method.data[conf->method.len] = ' '; | |
3166 conf->method.len++; | |
3167 } | |
3168 | |
3169 ngx_conf_merge_value(conf->upstream.pass_request_headers, | 3162 ngx_conf_merge_value(conf->upstream.pass_request_headers, |
3170 prev->upstream.pass_request_headers, 1); | 3163 prev->upstream.pass_request_headers, 1); |
3171 ngx_conf_merge_value(conf->upstream.pass_request_body, | 3164 ngx_conf_merge_value(conf->upstream.pass_request_body, |
3172 prev->upstream.pass_request_body, 1); | 3165 prev->upstream.pass_request_body, 1); |
3173 | 3166 |