Welcome! Log In Create A New Profile

Advanced

Re: X-Accel-Redirect Decode Patch

Maxim Dounin
September 09, 2010 01:28PM
Hello!

On Thu, Sep 09, 2010 at 08:03:07AM -0400, rovervr wrote:

> I created a small patch for that issue which works for me. But it needs
> to be reviewed by Igor or someone who knows C better than me.
> It checks the static request from X-Accel-Redirect for '%' and escapes
> them if found.

This patch is wrong, it breaks access to normal files with '%'.
Additionally, it doesn't change X-Accel-Redirect behaviour for
non-static files.

Instead X-Accel-Redirect value should be unescaped when it got
from upstream, somewhere before ngx_http_internal_redirect() call.
I personally believe ngx_http_parse_unsafe_uri() should be changed
to unescape uri (note that it will also affect ssi and dav
modules). Though I haven't investigated this carefully enough.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx
Subject Author Posted

[Bug] X-Accel-Redirect

rovervr September 08, 2010 06:56AM

Re: [Bug] X-Accel-Redirect

Maxim Dounin September 08, 2010 11:16AM

X-Accel-Redirect Decode Patch

rovervr September 09, 2010 08:03AM

Re: X-Accel-Redirect Decode Patch

Dennis J. September 09, 2010 08:40AM

Re: X-Accel-Redirect Decode Patch

Maxim Dounin September 09, 2010 01:28PM

Re: [Bug] X-Accel-Redirect

rovervr September 09, 2010 08:50AM

Re: [Bug] X-Accel-Redirect

rovervr September 09, 2010 02:19PM

Re: [Bug] X-Accel-Redirect

rovervr September 09, 2010 02:29PM

Re: [Bug] X-Accel-Redirect

rovervr October 03, 2010 10:11AM

Re: [Bug] X-Accel-Redirect

Maxim Dounin September 09, 2010 02:42PM

Re: [Bug] X-Accel-Redirect

Maxim Dounin September 09, 2010 02:50PM

Re: [Bug] X-Accel-Redirect

Maxim Dounin October 16, 2010 01:26PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 51
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready