aboutsummaryrefslogtreecommitdiff
path: root/src/http/ngx_http_core_module.c
diff options
context:
space:
mode:
authorRuslan Ermilov <ru@nginx.com>2021-05-24 21:55:20 +0300
committerRuslan Ermilov <ru@nginx.com>2021-05-24 21:55:20 +0300
commit41a241b3ef74dbbe3d82ab2ebbe682919e4a0b90 (patch)
tree89701bd2d5e83239551cea4a9c79b4292e8b8bc8 /src/http/ngx_http_core_module.c
parent52d0ec7d1799cc67452c32052e96b8cdace0c7b7 (diff)
downloadnginx-41a241b3ef74dbbe3d82ab2ebbe682919e4a0b90.tar.gz
nginx-41a241b3ef74dbbe3d82ab2ebbe682919e4a0b90.zip
Location header escaping in redirects (ticket #882).
The header is escaped in redirects based on request URI or location name (auto redirect).
Diffstat (limited to 'src/http/ngx_http_core_module.c')
-rw-r--r--src/http/ngx_http_core_module.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c
index 96a945be4..bad43ea5c 100644
--- a/src/http/ngx_http_core_module.c
+++ b/src/http/ngx_http_core_module.c
@@ -1010,10 +1010,10 @@ ngx_http_core_find_config_phase(ngx_http_request_t *r,
ngx_str_set(&r->headers_out.location->key, "Location");
if (r->args.len == 0) {
- r->headers_out.location->value = clcf->name;
+ r->headers_out.location->value = clcf->escaped_name;
} else {
- len = clcf->name.len + 1 + r->args.len;
+ len = clcf->escaped_name.len + 1 + r->args.len;
p = ngx_pnalloc(r->pool, len);
if (p == NULL) {
@@ -1025,7 +1025,7 @@ ngx_http_core_find_config_phase(ngx_http_request_t *r,
r->headers_out.location->value.len = len;
r->headers_out.location->value.data = p;
- p = ngx_cpymem(p, clcf->name.data, clcf->name.len);
+ p = ngx_cpymem(p, clcf->escaped_name.data, clcf->escaped_name.len);
*p++ = '?';
ngx_memcpy(p, r->args.data, r->args.len);
}
@@ -3467,6 +3467,7 @@ ngx_http_core_create_loc_conf(ngx_conf_t *cf)
/*
* set by ngx_pcalloc():
*
+ * clcf->escaped_name = { 0, NULL };
* clcf->root = { 0, NULL };
* clcf->limit_except = 0;
* clcf->post_action = { 0, NULL };