Welcome! Log In Create A New Profile

Advanced

[njs] HTTP: expect escaped URIs in r.internalRedirect().

Dmitry Volyntsev
April 28, 2022 08:54PM
details: https://hg.nginx.org/njs/rev/280e866c2973
branches:
changeset: 1845:280e866c2973
user: Dmitry Volyntsev <xeioex@nginx.com>
date: Thu Apr 28 17:23:02 2022 -0700
description:
HTTP: expect escaped URIs in r.internalRedirect().

Similarly to the nginx change in 975d7ab37b39 (1.17.2), we should accept
properly escaped URIs and unescape them as needed, else it is not possible
to handle URIs with question marks.

Previously, the URI was used as is.

diffstat:

nginx/ngx_http_js_module.c | 15 +++++++++++++--
1 files changed, 13 insertions(+), 2 deletions(-)

diffs (32 lines):

diff -r b20de7bcee61 -r 280e866c2973 nginx/ngx_http_js_module.c
--- a/nginx/ngx_http_js_module.c Thu Apr 28 16:37:14 2022 -0700
+++ b/nginx/ngx_http_js_module.c Thu Apr 28 17:23:02 2022 -0700
@@ -890,7 +890,9 @@ ngx_http_js_content_write_event_handler(
static void
ngx_http_js_content_finalize(ngx_http_request_t *r, ngx_http_js_ctx_t *ctx)
{
- ngx_str_t args;
+ ngx_str_t args;
+ ngx_int_t rc;
+ ngx_uint_t flags;

ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http js content rc: %i", ctx->status);
@@ -900,7 +902,16 @@ ngx_http_js_content_finalize(ngx_http_re
ngx_http_named_location(r, &ctx->redirect_uri);

} else {
- ngx_http_split_args(r, &ctx->redirect_uri, &args);
+ ngx_str_null(&args);
+ flags = NGX_HTTP_LOG_UNSAFE;
+
+ rc = ngx_http_parse_unsafe_uri(r, &ctx->redirect_uri, &args,
+ &flags);
+ if (rc != NGX_OK) {
+ ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
+ return;
+ }
+
ngx_http_internal_redirect(r, &ctx->redirect_uri, &args);
}
}
_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org
Subject Author Views Posted

[njs] HTTP: expect escaped URIs in r.internalRedirect().

Dmitry Volyntsev 374 April 28, 2022 08:54PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 74
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready