Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 5084:f7fe817c92a2
Correctly handle multiple X-Forwarded-For headers (ticket #106).
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Wed, 27 Feb 2013 13:29:50 +0000 |
| parents | 42a888fdad0b |
| children | 7f1cbcc71327 |
comparison
equal
deleted
inserted
replaced
| 5083:a805dc9c85cd | 5084:f7fe817c92a2 |
|---|---|
| 19 | 19 |
| 20 static ngx_int_t ngx_http_process_header_line(ngx_http_request_t *r, | 20 static ngx_int_t ngx_http_process_header_line(ngx_http_request_t *r, |
| 21 ngx_table_elt_t *h, ngx_uint_t offset); | 21 ngx_table_elt_t *h, ngx_uint_t offset); |
| 22 static ngx_int_t ngx_http_process_unique_header_line(ngx_http_request_t *r, | 22 static ngx_int_t ngx_http_process_unique_header_line(ngx_http_request_t *r, |
| 23 ngx_table_elt_t *h, ngx_uint_t offset); | 23 ngx_table_elt_t *h, ngx_uint_t offset); |
| 24 static ngx_int_t ngx_http_process_multi_header_lines(ngx_http_request_t *r, | |
| 25 ngx_table_elt_t *h, ngx_uint_t offset); | |
| 24 static ngx_int_t ngx_http_process_host(ngx_http_request_t *r, | 26 static ngx_int_t ngx_http_process_host(ngx_http_request_t *r, |
| 25 ngx_table_elt_t *h, ngx_uint_t offset); | 27 ngx_table_elt_t *h, ngx_uint_t offset); |
| 26 static ngx_int_t ngx_http_process_connection(ngx_http_request_t *r, | 28 static ngx_int_t ngx_http_process_connection(ngx_http_request_t *r, |
| 27 ngx_table_elt_t *h, ngx_uint_t offset); | 29 ngx_table_elt_t *h, ngx_uint_t offset); |
| 28 static ngx_int_t ngx_http_process_user_agent(ngx_http_request_t *r, | 30 static ngx_int_t ngx_http_process_user_agent(ngx_http_request_t *r, |
| 29 ngx_table_elt_t *h, ngx_uint_t offset); | |
| 30 static ngx_int_t ngx_http_process_cookie(ngx_http_request_t *r, | |
| 31 ngx_table_elt_t *h, ngx_uint_t offset); | 31 ngx_table_elt_t *h, ngx_uint_t offset); |
| 32 | 32 |
| 33 static ngx_int_t ngx_http_process_request_header(ngx_http_request_t *r); | 33 static ngx_int_t ngx_http_process_request_header(ngx_http_request_t *r); |
| 34 static void ngx_http_process_request(ngx_http_request_t *r); | 34 static void ngx_http_process_request(ngx_http_request_t *r); |
| 35 static ssize_t ngx_http_validate_host(ngx_http_request_t *r, u_char **host, | 35 static ssize_t ngx_http_validate_host(ngx_http_request_t *r, u_char **host, |
| 151 ngx_http_process_header_line }, | 151 ngx_http_process_header_line }, |
| 152 | 152 |
| 153 #if (NGX_HTTP_X_FORWARDED_FOR) | 153 #if (NGX_HTTP_X_FORWARDED_FOR) |
| 154 { ngx_string("X-Forwarded-For"), | 154 { ngx_string("X-Forwarded-For"), |
| 155 offsetof(ngx_http_headers_in_t, x_forwarded_for), | 155 offsetof(ngx_http_headers_in_t, x_forwarded_for), |
| 156 ngx_http_process_header_line }, | 156 ngx_http_process_multi_header_lines }, |
| 157 #endif | 157 #endif |
| 158 | 158 |
| 159 #if (NGX_HTTP_REALIP) | 159 #if (NGX_HTTP_REALIP) |
| 160 { ngx_string("X-Real-IP"), | 160 { ngx_string("X-Real-IP"), |
| 161 offsetof(ngx_http_headers_in_t, x_real_ip), | 161 offsetof(ngx_http_headers_in_t, x_real_ip), |
| 183 | 183 |
| 184 { ngx_string("Date"), offsetof(ngx_http_headers_in_t, date), | 184 { ngx_string("Date"), offsetof(ngx_http_headers_in_t, date), |
| 185 ngx_http_process_header_line }, | 185 ngx_http_process_header_line }, |
| 186 #endif | 186 #endif |
| 187 | 187 |
| 188 { ngx_string("Cookie"), 0, ngx_http_process_cookie }, | 188 { ngx_string("Cookie"), offsetof(ngx_http_headers_in_t, cookies), |
| 189 ngx_http_process_multi_header_lines }, | |
| 189 | 190 |
| 190 { ngx_null_string, 0, NULL } | 191 { ngx_null_string, 0, NULL } |
| 191 }; | 192 }; |
| 192 | 193 |
| 193 | 194 |
| 928 { | 929 { |
| 929 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | 930 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); |
| 930 return; | 931 return; |
| 931 } | 932 } |
| 932 | 933 |
| 933 | |
| 934 if (ngx_array_init(&r->headers_in.cookies, r->pool, 2, | |
| 935 sizeof(ngx_table_elt_t *)) | |
| 936 != NGX_OK) | |
| 937 { | |
| 938 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | |
| 939 return; | |
| 940 } | |
| 941 | |
| 942 c->log->action = "reading client request headers"; | 934 c->log->action = "reading client request headers"; |
| 943 | 935 |
| 944 rev->handler = ngx_http_process_request_headers; | 936 rev->handler = ngx_http_process_request_headers; |
| 945 ngx_http_process_request_headers(rev); | 937 ngx_http_process_request_headers(rev); |
| 946 | 938 |
| 1533 return NGX_OK; | 1525 return NGX_OK; |
| 1534 } | 1526 } |
| 1535 | 1527 |
| 1536 | 1528 |
| 1537 static ngx_int_t | 1529 static ngx_int_t |
| 1538 ngx_http_process_cookie(ngx_http_request_t *r, ngx_table_elt_t *h, | 1530 ngx_http_process_multi_header_lines(ngx_http_request_t *r, ngx_table_elt_t *h, |
| 1539 ngx_uint_t offset) | 1531 ngx_uint_t offset) |
| 1540 { | 1532 { |
| 1541 ngx_table_elt_t **cookie; | 1533 ngx_array_t *headers; |
| 1542 | 1534 ngx_table_elt_t **ph; |
| 1543 cookie = ngx_array_push(&r->headers_in.cookies); | 1535 |
| 1544 if (cookie) { | 1536 headers = (ngx_array_t *) ((char *) &r->headers_in + offset); |
| 1545 *cookie = h; | 1537 |
| 1546 return NGX_OK; | 1538 if (headers->elts == NULL) { |
| 1547 } | 1539 if (ngx_array_init(headers, r->pool, 1, sizeof(ngx_table_elt_t *)) |
| 1548 | 1540 != NGX_OK) |
| 1549 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | 1541 { |
| 1550 | 1542 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); |
| 1551 return NGX_ERROR; | 1543 return NGX_ERROR; |
| 1544 } | |
| 1545 } | |
| 1546 | |
| 1547 ph = ngx_array_push(headers); | |
| 1548 if (ph == NULL) { | |
| 1549 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | |
| 1550 return NGX_ERROR; | |
| 1551 } | |
| 1552 | |
| 1553 *ph = h; | |
| 1554 return NGX_OK; | |
| 1552 } | 1555 } |
| 1553 | 1556 |
| 1554 | 1557 |
| 1555 static ngx_int_t | 1558 static ngx_int_t |
| 1556 ngx_http_process_request_header(ngx_http_request_t *r) | 1559 ngx_http_process_request_header(ngx_http_request_t *r) |