Welcome! Log In Create A New Profile

Patch for nginx handling of X-Accel-Redirect URLs

Forum List Message List New Topic Print View

Anonymous User

January 31, 2012 06:52PM

Hello!

By now, nginx does not allow urlencoded X-Accel-Redirect URLs and
totally fails to access files with '?' in name with it.
The problem was also discussed at 'nginx' maillist:
http://nginx.2469901.n2.nabble.com/Bug-X-Accel-Redirect-td5510716.html

The patch suggested there just unescaped the url in
ngx_http_parse_unsafe_uri(). As Maxim Dounin said, this is incorrect
because also unescapes the query string.
I want to suggest another solution - swap ngx_http_parse_unsafe_uri()
to ngx_http_parse_complex_uri(). The patch is in attachment.
What can you say about it?This is a patch for nginx 1.1.12 handling of X-Accel-Redirect URLs:
run them through ngx_http_parse_complex_uri(), not ngx_http_parse_unsafe_uri().
It allows to handle percent-encoded URLs and complex filenames in X-Accel-Redirect
(for example, filenames which contain '?').

--- nginx-1.1.12/src/http/ngx_http_upstream.c 2011-12-26 15:15:23.000000000 +0400
+++ nginx-1.1.12/src/http/ngx_http_upstream.c 2012-02-01 03:33:22.287000794 +0400
@@ -1844,12 +1844,13 @@ ngx_http_upstream_test_connect(ngx_conne
static ngx_int_t
ngx_http_upstream_process_headers(ngx_http_request_t *r, ngx_http_upstream_t *u)
{
- ngx_str_t *uri, args;
- ngx_uint_t i, flags;
+ ngx_uint_t i;
ngx_list_part_t *part;
ngx_table_elt_t *h;
ngx_http_upstream_header_t *hh;
ngx_http_upstream_main_conf_t *umcf;
+ ngx_http_core_srv_conf_t *cscf;
+ ngx_int_t rc;

umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module);

@@ -1885,11 +1886,17 @@ ngx_http_upstream_process_headers(ngx_ht
}
}

- uri = &u->headers_in.x_accel_redirect->value;
- ngx_str_null(&args);
- flags = NGX_HTTP_LOG_UNSAFE;
-
- if (ngx_http_parse_unsafe_uri(r, uri, &args, &flags) != NGX_OK) {
+ r->uri = u->headers_in.x_accel_redirect->value;
+ r->uri_start = r->uri.data;
+ r->uri_end = r->uri.data+r->uri.len;
+ ngx_str_null(&r->args);
+
+ cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
+ rc = ngx_http_parse_complex_uri(r, cscf->merge_slashes);
+
+ if (rc == NGX_HTTP_PARSE_INVALID_REQUEST) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "X-Accel-Redirect to an invalid URI");
ngx_http_finalize_request(r, NGX_HTTP_NOT_FOUND);
return NGX_DONE;
}
@@ -1898,7 +1905,7 @@ ngx_http_upstream_process_headers(ngx_ht
r->method = NGX_HTTP_GET;
}

- ngx_http_internal_redirect(r, uri, &args);
+ ngx_http_internal_redirect(r, &r->uri, &r->args);
ngx_http_finalize_request(r, NGX_DONE);
return NGX_DONE;
}
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
Patch for nginx handling of X-Accel-Redirect URLs	Anonymous User	2828	January 31, 2012 06:52PM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Maxim Dounin	844	January 31, 2012 07:32PM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Виталий Филиппов	878	February 01, 2012 06:04AM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Maxim Dounin	962	February 01, 2012 09:40AM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Anonymous User	805	February 01, 2012 05:36PM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Maxim Dounin	862	February 02, 2012 06:36AM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Anonymous User	776	February 02, 2012 07:00AM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Maxim Dounin	979	February 02, 2012 11:44AM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Anonymous User	832	February 01, 2012 06:28PM
Re: Patch for nginx handling of X-Accel-Redirect URLs	Maxim Dounin	1007	February 09, 2012 12:48PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 177

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018