Welcome! Log In Create A New Profile

[nginx] svn commit: r4512 - in branches/stable-1.0: . src/http

Forum List Message List New Topic Print View

Anonymous User

March 05, 2012 07:50AM

Author: mdounin
Date: 2012-03-05 12:49:32 +0000 (Mon, 05 Mar 2012)
New Revision: 4512

Log:
Merge of r4473:

Core: protection from cycles with named locations and post_action.

Now redirects to named locations are counted against normal uri changes
limit, and post_action respects this limit as well. As a result at least
the following (bad) configurations no longer trigger infinite cycles:

1. Post action which recursively triggers post action:

location / {
post_action /index.html;
}

2. Post action pointing to nonexistent named location:

location / {
post_action @nonexistent;
}

3. Recursive error page for 500 (Internal Server Error) pointing to
a nonexistent named location:

location / {
recursive_error_pages on;
error_page 500 @nonexistent;
return 500;
}

Modified:
branches/stable-1.0/
branches/stable-1.0/src/http/ngx_http_core_module.c
branches/stable-1.0/src/http/ngx_http_request.c

Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
- /trunk:3960-3974,3977-3987,3991-3996,3998,4000-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143-4144,4147-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4217-4223,4227-4232,4235-4237,4265-4268,4270,4274-4276,4278-4280,4282-4284,4294-4295,4298,4300-4309,4313,4315,4320-4321,4326-4327,4335-4336,4338-4343,4372-4375,4377,4379,4381-4385,4393,4396,4398,4400-4406,4413,4415-4416,4422-4423,4460-4461,4468,4470-4471
+ /trunk:3960-3974,3977-3987,3991-3996,3998,4000-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143-4144,4147-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4217-4223,4227-4232,4235-4237,4265-4268,4270,4274-4276,4278-4280,4282-4284,4294-4295,4298,4300-4309,4313,4315,4320-4321,4326-4327,4335-4336,4338-4343,4372-4375,4377,4379,4381-4385,4393,4396,4398,4400-4406,4413,4415-4416,4422-4423,4460-4461,4468,4470-4471,4473

Modified: branches/stable-1.0/src/http/ngx_http_core_module.c
===================================================================
--- branches/stable-1.0/src/http/ngx_http_core_module.c 2012-03-05 12:36:51 UTC (rev 4511)
+++ branches/stable-1.0/src/http/ngx_http_core_module.c 2012-03-05 12:49:32 UTC (rev 4512)
@@ -2524,7 +2524,17 @@
ngx_http_core_main_conf_t *cmcf;

r->main->count++;
+ r->uri_changes--;

+ if (r->uri_changes == 0) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "rewrite or internal redirection cycle "
+ "while redirect to named location \"%V\"", name);
+
+ ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
+ return NGX_DONE;
+ }
+
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);

if (cscf->named_locations) {

Modified: branches/stable-1.0/src/http/ngx_http_request.c
===================================================================
--- branches/stable-1.0/src/http/ngx_http_request.c 2012-03-05 12:36:51 UTC (rev 4511)
+++ branches/stable-1.0/src/http/ngx_http_request.c 2012-03-05 12:49:32 UTC (rev 4512)
@@ -2898,6 +2898,10 @@
return NGX_DECLINED;
}

+ if (r->post_action && r->uri_changes == 0) {
+ return NGX_DECLINED;
+ }
+
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"post action: \"%V\"", &clcf->post_action);

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[nginx] svn commit: r4512 - in branches/stable-1.0: . src/http	Anonymous User	1048	March 05, 2012 07:50AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 159

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018