Mercurial > hg > nginx
changeset 5321:9806f7932474
Referer module: fixed regex matching against HTTPS referers.
When matching a compiled regex against value in the "Referer" header field,
the length was calculated incorrectly for strings that start from "https://".
This might cause matching to fail for regexes with end-of-line anchors.
Patch by Liangbin Li.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 13 Aug 2013 17:47:04 +0400 |
| parents | ad137a80919f |
| children | bdb3588681c9 |
| files | src/http/modules/ngx_http_referer_module.c |
| diffstat | 1 files changed, 3 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/src/http/modules/ngx_http_referer_module.c +++ b/src/http/modules/ngx_http_referer_module.c @@ -147,10 +147,12 @@ ngx_http_referer_variable(ngx_http_reque if (ngx_strncasecmp(ref, (u_char *) "http://", 7) == 0) { ref += 7; + len -= 7; goto valid_scheme; } else if (ngx_strncasecmp(ref, (u_char *) "https://", 8) == 0) { ref += 8; + len -= 8; goto valid_scheme; } } @@ -191,7 +193,7 @@ valid_scheme: ngx_int_t rc; ngx_str_t referer; - referer.len = len - 7; + referer.len = len; referer.data = ref; rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log);