Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 5084:f7fe817c92a2
Correctly handle multiple X-Forwarded-For headers (ticket #106).
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Wed, 27 Feb 2013 13:29:50 +0000 |
parents | 42a888fdad0b |
children | 7f1cbcc71327 |
comparison
equal
deleted
inserted
replaced
5083:a805dc9c85cd | 5084:f7fe817c92a2 |
---|---|
19 | 19 |
20 static ngx_int_t ngx_http_process_header_line(ngx_http_request_t *r, | 20 static ngx_int_t ngx_http_process_header_line(ngx_http_request_t *r, |
21 ngx_table_elt_t *h, ngx_uint_t offset); | 21 ngx_table_elt_t *h, ngx_uint_t offset); |
22 static ngx_int_t ngx_http_process_unique_header_line(ngx_http_request_t *r, | 22 static ngx_int_t ngx_http_process_unique_header_line(ngx_http_request_t *r, |
23 ngx_table_elt_t *h, ngx_uint_t offset); | 23 ngx_table_elt_t *h, ngx_uint_t offset); |
24 static ngx_int_t ngx_http_process_multi_header_lines(ngx_http_request_t *r, | |
25 ngx_table_elt_t *h, ngx_uint_t offset); | |
24 static ngx_int_t ngx_http_process_host(ngx_http_request_t *r, | 26 static ngx_int_t ngx_http_process_host(ngx_http_request_t *r, |
25 ngx_table_elt_t *h, ngx_uint_t offset); | 27 ngx_table_elt_t *h, ngx_uint_t offset); |
26 static ngx_int_t ngx_http_process_connection(ngx_http_request_t *r, | 28 static ngx_int_t ngx_http_process_connection(ngx_http_request_t *r, |
27 ngx_table_elt_t *h, ngx_uint_t offset); | 29 ngx_table_elt_t *h, ngx_uint_t offset); |
28 static ngx_int_t ngx_http_process_user_agent(ngx_http_request_t *r, | 30 static ngx_int_t ngx_http_process_user_agent(ngx_http_request_t *r, |
29 ngx_table_elt_t *h, ngx_uint_t offset); | |
30 static ngx_int_t ngx_http_process_cookie(ngx_http_request_t *r, | |
31 ngx_table_elt_t *h, ngx_uint_t offset); | 31 ngx_table_elt_t *h, ngx_uint_t offset); |
32 | 32 |
33 static ngx_int_t ngx_http_process_request_header(ngx_http_request_t *r); | 33 static ngx_int_t ngx_http_process_request_header(ngx_http_request_t *r); |
34 static void ngx_http_process_request(ngx_http_request_t *r); | 34 static void ngx_http_process_request(ngx_http_request_t *r); |
35 static ssize_t ngx_http_validate_host(ngx_http_request_t *r, u_char **host, | 35 static ssize_t ngx_http_validate_host(ngx_http_request_t *r, u_char **host, |
151 ngx_http_process_header_line }, | 151 ngx_http_process_header_line }, |
152 | 152 |
153 #if (NGX_HTTP_X_FORWARDED_FOR) | 153 #if (NGX_HTTP_X_FORWARDED_FOR) |
154 { ngx_string("X-Forwarded-For"), | 154 { ngx_string("X-Forwarded-For"), |
155 offsetof(ngx_http_headers_in_t, x_forwarded_for), | 155 offsetof(ngx_http_headers_in_t, x_forwarded_for), |
156 ngx_http_process_header_line }, | 156 ngx_http_process_multi_header_lines }, |
157 #endif | 157 #endif |
158 | 158 |
159 #if (NGX_HTTP_REALIP) | 159 #if (NGX_HTTP_REALIP) |
160 { ngx_string("X-Real-IP"), | 160 { ngx_string("X-Real-IP"), |
161 offsetof(ngx_http_headers_in_t, x_real_ip), | 161 offsetof(ngx_http_headers_in_t, x_real_ip), |
183 | 183 |
184 { ngx_string("Date"), offsetof(ngx_http_headers_in_t, date), | 184 { ngx_string("Date"), offsetof(ngx_http_headers_in_t, date), |
185 ngx_http_process_header_line }, | 185 ngx_http_process_header_line }, |
186 #endif | 186 #endif |
187 | 187 |
188 { ngx_string("Cookie"), 0, ngx_http_process_cookie }, | 188 { ngx_string("Cookie"), offsetof(ngx_http_headers_in_t, cookies), |
189 ngx_http_process_multi_header_lines }, | |
189 | 190 |
190 { ngx_null_string, 0, NULL } | 191 { ngx_null_string, 0, NULL } |
191 }; | 192 }; |
192 | 193 |
193 | 194 |
928 { | 929 { |
929 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | 930 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); |
930 return; | 931 return; |
931 } | 932 } |
932 | 933 |
933 | |
934 if (ngx_array_init(&r->headers_in.cookies, r->pool, 2, | |
935 sizeof(ngx_table_elt_t *)) | |
936 != NGX_OK) | |
937 { | |
938 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | |
939 return; | |
940 } | |
941 | |
942 c->log->action = "reading client request headers"; | 934 c->log->action = "reading client request headers"; |
943 | 935 |
944 rev->handler = ngx_http_process_request_headers; | 936 rev->handler = ngx_http_process_request_headers; |
945 ngx_http_process_request_headers(rev); | 937 ngx_http_process_request_headers(rev); |
946 | 938 |
1533 return NGX_OK; | 1525 return NGX_OK; |
1534 } | 1526 } |
1535 | 1527 |
1536 | 1528 |
1537 static ngx_int_t | 1529 static ngx_int_t |
1538 ngx_http_process_cookie(ngx_http_request_t *r, ngx_table_elt_t *h, | 1530 ngx_http_process_multi_header_lines(ngx_http_request_t *r, ngx_table_elt_t *h, |
1539 ngx_uint_t offset) | 1531 ngx_uint_t offset) |
1540 { | 1532 { |
1541 ngx_table_elt_t **cookie; | 1533 ngx_array_t *headers; |
1542 | 1534 ngx_table_elt_t **ph; |
1543 cookie = ngx_array_push(&r->headers_in.cookies); | 1535 |
1544 if (cookie) { | 1536 headers = (ngx_array_t *) ((char *) &r->headers_in + offset); |
1545 *cookie = h; | 1537 |
1546 return NGX_OK; | 1538 if (headers->elts == NULL) { |
1547 } | 1539 if (ngx_array_init(headers, r->pool, 1, sizeof(ngx_table_elt_t *)) |
1548 | 1540 != NGX_OK) |
1549 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | 1541 { |
1550 | 1542 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); |
1551 return NGX_ERROR; | 1543 return NGX_ERROR; |
1544 } | |
1545 } | |
1546 | |
1547 ph = ngx_array_push(headers); | |
1548 if (ph == NULL) { | |
1549 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | |
1550 return NGX_ERROR; | |
1551 } | |
1552 | |
1553 *ph = h; | |
1554 return NGX_OK; | |
1552 } | 1555 } |
1553 | 1556 |
1554 | 1557 |
1555 static ngx_int_t | 1558 static ngx_int_t |
1556 ngx_http_process_request_header(ngx_http_request_t *r) | 1559 ngx_http_process_request_header(ngx_http_request_t *r) |