Mercurial > hg > nginx
comparison src/http/ngx_http_parse.c @ 3571:67394153ec39
fix "/dir/%3F../" and "/dir/%23../" cases
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Fri, 04 Jun 2010 16:05:55 +0000 |
parents | 84905c7b2aa7 |
children | 64bd39f03182 |
comparison
equal
deleted
inserted
replaced
3570:e03b8a4fb906 | 3571:67394153ec39 |
---|---|
1185 | 1185 |
1186 case sw_quoted_second: | 1186 case sw_quoted_second: |
1187 if (ch >= '0' && ch <= '9') { | 1187 if (ch >= '0' && ch <= '9') { |
1188 ch = (u_char) ((decoded << 4) + ch - '0'); | 1188 ch = (u_char) ((decoded << 4) + ch - '0'); |
1189 | 1189 |
1190 if (ch == '%') { | 1190 if (ch == '%' || ch == '#') { |
1191 state = sw_usual; | 1191 state = sw_usual; |
1192 *u++ = ch; | 1192 *u++ = ch; |
1193 ch = *p++; | 1193 ch = *p++; |
1194 break; | 1194 break; |
1195 } | |
1196 | |
1197 if (ch == '#') { | |
1198 *u++ = ch; | |
1199 ch = *p++; | |
1200 | 1195 |
1201 } else if (ch == '\0') { | 1196 } else if (ch == '\0') { |
1202 return NGX_HTTP_PARSE_INVALID_REQUEST; | 1197 return NGX_HTTP_PARSE_INVALID_REQUEST; |
1203 } | 1198 } |
1204 | 1199 |
1209 c = (u_char) (ch | 0x20); | 1204 c = (u_char) (ch | 0x20); |
1210 if (c >= 'a' && c <= 'f') { | 1205 if (c >= 'a' && c <= 'f') { |
1211 ch = (u_char) ((decoded << 4) + c - 'a' + 10); | 1206 ch = (u_char) ((decoded << 4) + c - 'a' + 10); |
1212 | 1207 |
1213 if (ch == '?') { | 1208 if (ch == '?') { |
1209 state = sw_usual; | |
1214 *u++ = ch; | 1210 *u++ = ch; |
1215 ch = *p++; | 1211 ch = *p++; |
1212 break; | |
1216 | 1213 |
1217 } else if (ch == '+') { | 1214 } else if (ch == '+') { |
1218 r->plus_in_uri = 1; | 1215 r->plus_in_uri = 1; |
1219 } | 1216 } |
1220 | 1217 |