Forum List Message List New Topic Print View

ru@nginx.com

October 08, 2019 03:00PM

Registered: 7 years ago
Posts: 320

details: https://hg.nginx.org/nginx/rev/5a3426683251
branches:
changeset: 7577:5a3426683251
user: Ruslan Ermilov <ru@nginx.com>
date: Tue Oct 08 21:56:14 2019 +0300
description:
Improved detection of broken percent encoding in URI.

diffstat:

src/http/ngx_http_parse.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)

diffs (14 lines):

diff -r 7fdcf308e0f0 -r 5a3426683251 src/http/ngx_http_parse.c
--- a/src/http/ngx_http_parse.c Mon Sep 30 16:39:20 2019 +0300
+++ b/src/http/ngx_http_parse.c Tue Oct 08 21:56:14 2019 +0300
@@ -1561,6 +1561,10 @@ ngx_http_parse_complex_uri(ngx_http_requ
}
}

+ if (state == sw_quoted || state == sw_quoted_second) {
+ return NGX_HTTP_PARSE_INVALID_REQUEST;
+ }
+
done:

r->uri.len = u - r->uri.data;
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[nginx] Improved detection of broken percent encoding in URI.	ru@nginx.com	507	October 08, 2019 03:00PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 280

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018

[nginx] Improved detection of broken percent encoding in URI.

Online Users