IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

divide special response handling into several functions

Browse Source 
fix "?" escaping introduced in r1467
This commit is contained in:
Igor Sysoev 2007-10-26 16:17:17 +00:00
parent 81924e8e16
commit e430ab4d55
1 changed files with 316 additions and 252 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

514
src/http/ngx_http_special_response.c
View File

@ -10,14 +10,21 @@
#include <nginx.h>
static u_char error_full_tail[] =
static ngx_int_t ngx_http_send_error_page(ngx_http_request_t *r,
ngx_http_err_page_t *err_page);
static ngx_int_t ngx_http_send_special_response(ngx_http_request_t *r,
ngx_http_core_loc_conf_t *clcf, ngx_uint_t err);
static ngx_int_t ngx_http_send_refresh(ngx_http_request_t *r);
static u_char ngx_http_error_full_tail[] =
"<hr><center>" NGINX_VER "</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char error_tail[] =
static u_char ngx_http_error_tail[] =
"<hr><center>nginx</center>" CRLF
"</body>" CRLF
"</html>" CRLF
@ -42,7 +49,7 @@ static u_char ngx_http_msie_refresh_tail[] =
"\"></head><body></body></html>" CRLF;
static char error_301_page[] =
static char ngx_http_error_301_page[] =
"<html>" CRLF
"<head><title>301 Moved Permanently</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -50,7 +57,7 @@ static char error_301_page[] =
;
static char error_302_page[] =
static char ngx_http_error_302_page[] =
"<html>" CRLF
"<head><title>302 Found</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -58,7 +65,7 @@ static char error_302_page[] =
;
static char error_400_page[] =
static char ngx_http_error_400_page[] =
"<html>" CRLF
"<head><title>400 Bad Request</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -66,7 +73,7 @@ static char error_400_page[] =
;
static char error_401_page[] =
static char ngx_http_error_401_page[] =
"<html>" CRLF
"<head><title>401 Authorization Required</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -74,7 +81,7 @@ static char error_401_page[] =
;
static char error_402_page[] =
static char ngx_http_error_402_page[] =
"<html>" CRLF
"<head><title>402 Payment Required</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -82,7 +89,7 @@ static char error_402_page[] =
;
static char error_403_page[] =
static char ngx_http_error_403_page[] =
"<html>" CRLF
"<head><title>403 Forbidden</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -90,7 +97,7 @@ static char error_403_page[] =
;
static char error_404_page[] =
static char ngx_http_error_404_page[] =
"<html>" CRLF
"<head><title>404 Not Found</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -98,7 +105,7 @@ static char error_404_page[] =
;
static char error_405_page[] =
static char ngx_http_error_405_page[] =
"<html>" CRLF
"<head><title>405 Not Allowed</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -106,7 +113,7 @@ static char error_405_page[] =
;
static char error_406_page[] =
static char ngx_http_error_406_page[] =
"<html>" CRLF
"<head><title>406 Not Acceptable</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -114,7 +121,7 @@ static char error_406_page[] =
;
static char error_408_page[] =
static char ngx_http_error_408_page[] =
"<html>" CRLF
"<head><title>408 Request Time-out</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -122,7 +129,7 @@ static char error_408_page[] =
;
static char error_409_page[] =
static char ngx_http_error_409_page[] =
"<html>" CRLF
"<head><title>409 Conflict</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -130,7 +137,7 @@ static char error_409_page[] =
;
static char error_410_page[] =
static char ngx_http_error_410_page[] =
"<html>" CRLF
"<head><title>410 Gone</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -138,7 +145,7 @@ static char error_410_page[] =
;
static char error_411_page[] =
static char ngx_http_error_411_page[] =
"<html>" CRLF
"<head><title>411 Length Required</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -146,7 +153,7 @@ static char error_411_page[] =
;
static char error_412_page[] =
static char ngx_http_error_412_page[] =
"<html>" CRLF
"<head><title>412 Precondition Failed</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -154,7 +161,7 @@ static char error_412_page[] =
;
static char error_413_page[] =
static char ngx_http_error_413_page[] =
"<html>" CRLF
"<head><title>413 Request Entity Too Large</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -162,7 +169,7 @@ static char error_413_page[] =
;
static char error_414_page[] =
static char ngx_http_error_414_page[] =
"<html>" CRLF
"<head><title>414 Request-URI Too Large</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -170,7 +177,7 @@ static char error_414_page[] =
;
static char error_415_page[] =
static char ngx_http_error_415_page[] =
"<html>" CRLF
"<head><title>415 Unsupported Media Type</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -178,7 +185,7 @@ static char error_415_page[] =
;
static char error_416_page[] =
static char ngx_http_error_416_page[] =
"<html>" CRLF
"<head><title>416 Requested Range Not Satisfiable</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -186,7 +193,7 @@ static char error_416_page[] =
;
static char error_495_page[] =
static char ngx_http_error_495_page[] =
"<html>" CRLF
"<head><title>400 The SSL certificate error</title></head>"
CRLF
@ -196,7 +203,7 @@ CRLF
;
static char error_496_page[] =
static char ngx_http_error_496_page[] =
"<html>" CRLF
"<head><title>400 No required SSL certificate was sent</title></head>"
CRLF
@ -206,7 +213,7 @@ CRLF
;
static char error_497_page[] =
static char ngx_http_error_497_page[] =
"<html>" CRLF
"<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>"
CRLF
@ -216,7 +223,7 @@ CRLF
;
static char error_500_page[] =
static char ngx_http_error_500_page[] =
"<html>" CRLF
"<head><title>500 Internal Server Error</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -224,7 +231,7 @@ static char error_500_page[] =
;
static char error_501_page[] =
static char ngx_http_error_501_page[] =
"<html>" CRLF
"<head><title>501 Method Not Implemented</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -232,7 +239,7 @@ static char error_501_page[] =
;
static char error_502_page[] =
static char ngx_http_error_502_page[] =
"<html>" CRLF
"<head><title>502 Bad Gateway</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -240,7 +247,7 @@ static char error_502_page[] =
;
static char error_503_page[] =
static char ngx_http_error_503_page[] =
"<html>" CRLF
"<head><title>503 Service Temporarily Unavailable</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -248,7 +255,7 @@ static char error_503_page[] =
;
static char error_504_page[] =
static char ngx_http_error_504_page[] =
"<html>" CRLF
"<head><title>504 Gateway Time-out</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -256,7 +263,7 @@ static char error_504_page[] =
;
static char error_507_page[] =
static char ngx_http_error_507_page[] =
"<html>" CRLF
"<head><title>507 Insufficient Storage</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
@ -264,53 +271,53 @@ static char error_507_page[] =
;
static ngx_str_t error_pages[] = {
static ngx_str_t ngx_http_error_pages[] = {
ngx_null_string, /* 201, 204 */
#define NGX_HTTP_LEVEL_200 1
/* ngx_null_string, */ /* 300 */
ngx_string(error_301_page),
ngx_string(error_302_page),
ngx_string(ngx_http_error_301_page),
ngx_string(ngx_http_error_302_page),
ngx_null_string, /* 303 */
#define NGX_HTTP_LEVEL_300 3
ngx_string(error_400_page),
ngx_string(error_401_page),
ngx_string(error_402_page),
ngx_string(error_403_page),
ngx_string(error_404_page),
ngx_string(error_405_page),
ngx_string(error_406_page),
ngx_string(ngx_http_error_400_page),
ngx_string(ngx_http_error_401_page),
ngx_string(ngx_http_error_402_page),
ngx_string(ngx_http_error_403_page),
ngx_string(ngx_http_error_404_page),
ngx_string(ngx_http_error_405_page),
ngx_string(ngx_http_error_406_page),
ngx_null_string, /* 407 */
ngx_string(error_408_page),
ngx_string(error_409_page),
ngx_string(error_410_page),
ngx_string(error_411_page),
ngx_string(error_412_page),
ngx_string(error_413_page),
ngx_string(error_414_page),
ngx_string(error_415_page),
ngx_string(error_416_page),
ngx_string(ngx_http_error_408_page),
ngx_string(ngx_http_error_409_page),
ngx_string(ngx_http_error_410_page),
ngx_string(ngx_http_error_411_page),
ngx_string(ngx_http_error_412_page),
ngx_string(ngx_http_error_413_page),
ngx_string(ngx_http_error_414_page),
ngx_string(ngx_http_error_415_page),
ngx_string(ngx_http_error_416_page),
#define NGX_HTTP_LEVEL_400 17
ngx_string(error_495_page), /* 495, https certificate error */
ngx_string(error_496_page), /* 496, https no certificate */
ngx_string(error_497_page), /* 497, http to https */
ngx_string(error_404_page), /* 498, invalid host name */
ngx_null_string, /* 499, client had closed connection */
ngx_string(ngx_http_error_495_page), /* 495, https certificate error */
ngx_string(ngx_http_error_496_page), /* 496, https no certificate */
ngx_string(ngx_http_error_497_page), /* 497, http to https */
ngx_string(ngx_http_error_404_page), /* 498, invalid host name */
ngx_null_string, /* 499, client has closed connection */
ngx_string(error_500_page),
ngx_string(error_501_page),
ngx_string(error_502_page),
ngx_string(error_503_page),
ngx_string(error_504_page),
ngx_string(ngx_http_error_500_page),
ngx_string(ngx_http_error_501_page),
ngx_string(ngx_http_error_502_page),
ngx_string(ngx_http_error_503_page),
ngx_string(ngx_http_error_504_page),
ngx_null_string, /* 505 */
ngx_null_string, /* 506 */
ngx_string(error_507_page)
ngx_string(ngx_http_error_507_page)
};
@ -320,14 +327,8 @@ static ngx_str_t ngx_http_get_name = { 3, (u_char *) "GET " };
ngx_int_t
ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
{
u_char *p;
size_t msie_refresh;
uintptr_t escape;
ngx_int_t rc;
ngx_buf_t *b;
ngx_str_t *uri, *location;
ngx_uint_t i, n, err, msie_padding;
ngx_chain_t *out, *cl;
ngx_uint_t i, err;
ngx_http_err_page_t *err_page;
ngx_http_core_loc_conf_t *clcf;
@ -378,66 +379,18 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
err_page = clcf->error_pages->elts;
for (i = 0; i < clcf->error_pages->nelts; i++) {
if (err_page[i].status == error) {
r->err_status = err_page[i].overwrite;
return ngx_http_send_error_page(r, &err_page[i]);
}
}
}
r->method = NGX_HTTP_GET;
r->method_name = ngx_http_get_name;
uri = &err_page[i].uri;
if (err_page[i].uri_lengths) {
if (ngx_http_script_run(r, uri,
err_page[i].uri_lengths->elts, 0,
err_page[i].uri_values->elts)
== NULL)
if (clcf->msie_refresh
&& r->headers_in.msie
&& (error == NGX_HTTP_MOVED_PERMANENTLY
|| error == NGX_HTTP_MOVED_TEMPORARILY))
{
return NGX_ERROR;
}
if (r->zero_in_uri) {
for (n = 0; n < uri->len; n++) {
if (uri->data[n] == '\0') {
goto zero;
}
}
r->zero_in_uri = 0;
}
} else {
r->zero_in_uri = 0;
}
zero:
if (uri->data[0] == '/') {
return ngx_http_internal_redirect(r, uri, NULL);
}
if (uri->data[0] == '@') {
return ngx_http_named_location(r, uri);
}
r->headers_out.location =
ngx_list_push(&r->headers_out.headers);
if (r->headers_out.location) {
error = NGX_HTTP_MOVED_TEMPORARILY;
r->err_status = NGX_HTTP_MOVED_TEMPORARILY;
r->headers_out.location->hash = 1;
r->headers_out.location->key.len = sizeof("Location") - 1;
r->headers_out.location->key.data = (u_char *) "Location";
r->headers_out.location->value = *uri;
} else {
return NGX_ERROR;
}
}
}
return ngx_http_send_refresh(r);
}
if (error == NGX_HTTP_CREATED) {
@ -468,30 +421,150 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
case NGX_HTTPS_CERT_ERROR:
case NGX_HTTPS_NO_CERT:
r->err_status = NGX_HTTP_BAD_REQUEST;
error = NGX_HTTP_BAD_REQUEST;
break;
}
}
return ngx_http_send_special_response(r, clcf, err);
}
static ngx_int_t
ngx_http_send_error_page(ngx_http_request_t *r, ngx_http_err_page_t *err_page)
{
u_char ch, *p, *last;
ngx_str_t *uri, *args, u, a;
ngx_table_elt_t *location;
ngx_http_core_loc_conf_t *clcf;
r->err_status = err_page->overwrite;
r->method = NGX_HTTP_GET;
r->method_name = ngx_http_get_name;
r->zero_in_uri = 0;
args = NULL;
if (err_page->uri_lengths) {
if (ngx_http_script_run(r, &u, err_page->uri_lengths->elts, 0,
err_page->uri_values->elts)
== NULL)
{
return NGX_ERROR;
}
p = u.data;
uri = &u;
if (*p == '/') {
last = p + uri->len;
while (p < last) {
ch = *p++;
if (ch == '?') {
a.len = last - p;
a.data = p;
args = &a;
u.len = p - 1 - u.data;
while (p < last) {
if (*p++ == '\0') {
r->zero_in_uri = 1;
break;
}
}
break;
}
if (ch == '\0') {
r->zero_in_uri = 1;
continue;
}
}
}
} else {
uri = &err_page->uri;
}
if (uri->data[0] == '/') {
return ngx_http_internal_redirect(r, uri, args);
}
if (uri->data[0] == '@') {
return ngx_http_named_location(r, uri);
}
location = ngx_list_push(&r->headers_out.headers);
if (location == NULL) {
return NGX_ERROR;
}
r->err_status = NGX_HTTP_MOVED_TEMPORARILY;
location->hash = 1;
location->key.len = sizeof("Location") - 1;
location->key.data = (u_char *) "Location";
location->value = *uri;
r->headers_out.location = location;
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
if (clcf->msie_refresh && r->headers_in.msie) {
return ngx_http_send_refresh(r);
}
return ngx_http_send_special_response(r, clcf, NGX_HTTP_MOVED_TEMPORARILY
- NGX_HTTP_MOVED_PERMANENTLY
+ NGX_HTTP_LEVEL_200);
}
static ngx_int_t
ngx_http_send_special_response(ngx_http_request_t *r,
ngx_http_core_loc_conf_t *clcf, ngx_uint_t err)
{
u_char *tail;
size_t len;
ngx_int_t rc;
ngx_buf_t *b;
ngx_uint_t msie_padding;
ngx_chain_t out[3];
if (clcf->server_tokens) {
len = sizeof(ngx_http_error_full_tail) - 1;
tail = ngx_http_error_full_tail;
} else {
len = sizeof(ngx_http_error_tail) - 1;
tail = ngx_http_error_tail;
}
msie_padding = 0;
if (!r->zero_body) {
if (error_pages[err].len) {
r->headers_out.content_length_n = error_pages[err].len
+ (clcf->server_tokens ? sizeof(error_full_tail) - 1:
sizeof(error_tail) - 1);
if (ngx_http_error_pages[err].len) {
r->headers_out.content_length_n = ngx_http_error_pages[err].len
+ len;
if (clcf->msie_padding
&& r->headers_in.msie
&& r->http_version >= NGX_HTTP_VERSION_10
&& error >= NGX_HTTP_BAD_REQUEST
&& error != NGX_HTTP_REQUEST_URI_TOO_LARGE)
&& err >= NGX_HTTP_LEVEL_300)
{
r->headers_out.content_length_n +=
sizeof(ngx_http_msie_stub) - 1;
msie_padding = 1;
}
r->headers_out.content_type_len = sizeof("text/html") - 1;
r->headers_out.content_type.len = sizeof("text/html") - 1;
r->headers_out.content_type.data = (u_char *) "text/html";
@ -509,33 +582,6 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
r->headers_out.content_length = NULL;
}
if (clcf->msie_refresh
&& r->headers_in.msie
&& (error == NGX_HTTP_MOVED_PERMANENTLY
|| error == NGX_HTTP_MOVED_TEMPORARILY))
{
location = &r->headers_out.location->value;
escape = 2 * ngx_escape_uri(NULL, location->data, location->len,
NGX_ESCAPE_REFRESH);
msie_refresh = sizeof(ngx_http_msie_refresh_head) - 1
+ escape + location->len
+ sizeof(ngx_http_msie_refresh_tail) - 1;
r->err_status = NGX_HTTP_OK;
r->headers_out.content_type_len = sizeof("text/html") - 1;
r->headers_out.content_length_n = msie_refresh;
r->headers_out.location->hash = 0;
r->headers_out.location = NULL;
} else {
location = NULL;
escape = 0;
msie_refresh = 0;
}
ngx_http_clear_accept_ranges(r);
ngx_http_clear_last_modified(r);
@ -545,10 +591,7 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
return rc;
}
if (msie_refresh == 0) {
if (error_pages[err].len == 0) {
if (ngx_http_error_pages[err].len == 0) {
return NGX_OK;
}
@ -558,17 +601,11 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
}
b->memory = 1;
b->pos = error_pages[err].data;
b->last = error_pages[err].data + error_pages[err].len;
cl = ngx_alloc_chain_link(r->pool);
if (cl == NULL) {
return NGX_ERROR;
}
cl->buf = b;
out = cl;
b->pos = ngx_http_error_pages[err].data;
b->last = ngx_http_error_pages[err].data + ngx_http_error_pages[err].len;
out[0].buf = b;
out[0].next = &out[1];
b = ngx_calloc_buf(r->pool);
if (b == NULL) {
@ -577,21 +614,11 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
b->memory = 1;
if (clcf->server_tokens) {
b->pos = error_full_tail;
b->last = error_full_tail + sizeof(error_full_tail) - 1;
} else {
b->pos = error_tail;
b->last = error_tail + sizeof(error_tail) - 1;
}
b->pos = tail;
b->last = tail + len;
cl->next = ngx_alloc_chain_link(r->pool);
if (cl->next == NULL) {
return NGX_ERROR;
}
cl = cl->next;
cl->buf = b;
out[1].buf = b;
out[1].next = NULL;;
if (msie_padding) {
b = ngx_calloc_buf(r->pool);
@ -603,42 +630,9 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
b->pos = ngx_http_msie_stub;
b->last = ngx_http_msie_stub + sizeof(ngx_http_msie_stub) - 1;
cl->next = ngx_alloc_chain_link(r->pool);
if (cl->next == NULL) {
return NGX_ERROR;
}
cl = cl->next;
cl->buf = b;
}
} else {
b = ngx_create_temp_buf(r->pool, msie_refresh);
if (b == NULL) {
return NGX_ERROR;
}
p = ngx_cpymem(b->pos, ngx_http_msie_refresh_head,
sizeof(ngx_http_msie_refresh_head) - 1);
if (escape == 0) {
p = ngx_cpymem(p, location->data, location->len);
} else {
p = (u_char *) ngx_escape_uri(p, location->data, location->len,
NGX_ESCAPE_REFRESH);
}
b->last = ngx_cpymem(p, ngx_http_msie_refresh_tail,
sizeof(ngx_http_msie_refresh_tail) - 1);
cl = ngx_alloc_chain_link(r->pool);
if (cl == NULL) {
return NGX_ERROR;
}
cl->buf = b;
out = cl;
out[1].next = &out[2];
out[2].buf = b;
out[2].next = NULL;;
}
if (r == r->main) {
@ -647,7 +641,77 @@ ngx_http_special_response_handler(ngx_http_request_t *r, ngx_int_t error)
b->last_in_chain = 1;
cl->next = NULL;
return ngx_http_output_filter(r, out);
return ngx_http_output_filter(r, &out[0]);
}
static ngx_int_t
ngx_http_send_refresh(ngx_http_request_t *r)
{
u_char *p, *location;
size_t len, size;
uintptr_t escape;
ngx_int_t rc;
ngx_buf_t *b;
ngx_chain_t out;
len = r->headers_out.location->value.len;
location = r->headers_out.location->value.data;
escape = 2 * ngx_escape_uri(NULL, location, len, NGX_ESCAPE_REFRESH);
size = sizeof(ngx_http_msie_refresh_head) - 1
+ escape + len
+ sizeof(ngx_http_msie_refresh_tail) - 1;
r->err_status = NGX_HTTP_OK;
r->headers_out.content_type_len = sizeof("text/html") - 1;
r->headers_out.content_type.len = sizeof("text/html") - 1;
r->headers_out.content_type.data = (u_char *) "text/html";
r->headers_out.location->hash = 0;
r->headers_out.location = NULL;
r->headers_out.content_length_n = size;
if (r->headers_out.content_length) {
r->headers_out.content_length->hash = 0;
r->headers_out.content_length = NULL;
}
ngx_http_clear_accept_ranges(r);
ngx_http_clear_last_modified(r);
rc = ngx_http_send_header(r);
if (rc == NGX_ERROR || r->header_only) {
return rc;
}
b = ngx_create_temp_buf(r->pool, size);
if (b == NULL) {
return NGX_ERROR;
}
p = ngx_cpymem(b->pos, ngx_http_msie_refresh_head,
sizeof(ngx_http_msie_refresh_head) - 1);
if (escape == 0) {
p = ngx_cpymem(p, location, len);
} else {
p = (u_char *) ngx_escape_uri(p, location, len, NGX_ESCAPE_REFRESH);
}
b->last = ngx_cpymem(p, ngx_http_msie_refresh_tail,
sizeof(ngx_http_msie_refresh_tail) - 1);
b->last_buf = 1;
b->last_in_chain = 1;
out.buf = b;
out.next = NULL;
return ngx_http_output_filter(r, &out);
}