aboutsummaryrefslogtreecommitdiff
path: root/src/http/ngx_http_parse.c
diff options
context:
space:
mode:
authorMaxim Dounin <mdounin@mdounin.ru>2021-06-28 18:01:13 +0300
committerMaxim Dounin <mdounin@mdounin.ru>2021-06-28 18:01:13 +0300
commit05395f4889cf0b66e8d049921ad19f1a08319150 (patch)
treecd8166ac14b8e8d5751abb46b9cb4d07160dc1d2 /src/http/ngx_http_parse.c
parentfee09fc49d510de0078f9bc7fc18dc179cceb62b (diff)
downloadnginx-05395f4889cf0b66e8d049921ad19f1a08319150.tar.gz
nginx-05395f4889cf0b66e8d049921ad19f1a08319150.zip
Disabled spaces in URIs (ticket #196).
From now on, requests with spaces in URIs are immediately rejected rather than allowed. Spaces were allowed in 31e9677b15a1 (0.8.41) to handle bad clients. It is believed that now this behaviour causes more harm than good.
Diffstat (limited to 'src/http/ngx_http_parse.c')
-rw-r--r--src/http/ngx_http_parse.c72
1 files changed, 8 insertions, 64 deletions
diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
index 71fa3c7a5..8297a132b 100644
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -116,10 +116,8 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
sw_host_end,
sw_host_ip_literal,
sw_port,
- sw_host_http_09,
sw_after_slash_in_uri,
sw_check_uri,
- sw_check_uri_http_09,
sw_uri,
sw_http_09,
sw_http_H,
@@ -398,7 +396,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
*/
r->uri_start = r->schema_end + 1;
r->uri_end = r->schema_end + 2;
- state = sw_host_http_09;
+ state = sw_http_09;
break;
default:
return NGX_HTTP_PARSE_INVALID_REQUEST;
@@ -472,35 +470,13 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
*/
r->uri_start = r->schema_end + 1;
r->uri_end = r->schema_end + 2;
- state = sw_host_http_09;
- break;
- default:
- return NGX_HTTP_PARSE_INVALID_REQUEST;
- }
- break;
-
- /* space+ after "http://host[:port] " */
- case sw_host_http_09:
- switch (ch) {
- case ' ':
- break;
- case CR:
- r->http_minor = 9;
- state = sw_almost_done;
- break;
- case LF:
- r->http_minor = 9;
- goto done;
- case 'H':
- r->http_protocol.data = p;
- state = sw_http_H;
+ state = sw_http_09;
break;
default:
return NGX_HTTP_PARSE_INVALID_REQUEST;
}
break;
-
/* check "/.", "//", "%", and "\" (Win32) in URI */
case sw_after_slash_in_uri:
@@ -512,7 +488,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
switch (ch) {
case ' ':
r->uri_end = p;
- state = sw_check_uri_http_09;
+ state = sw_http_09;
break;
case CR:
r->uri_end = p;
@@ -584,7 +560,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
break;
case ' ':
r->uri_end = p;
- state = sw_check_uri_http_09;
+ state = sw_http_09;
break;
case CR:
r->uri_end = p;
@@ -621,31 +597,6 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
}
break;
- /* space+ after URI */
- case sw_check_uri_http_09:
- switch (ch) {
- case ' ':
- break;
- case CR:
- r->http_minor = 9;
- state = sw_almost_done;
- break;
- case LF:
- r->http_minor = 9;
- goto done;
- case 'H':
- r->http_protocol.data = p;
- state = sw_http_H;
- break;
- default:
- r->space_in_uri = 1;
- state = sw_check_uri;
- p--;
- break;
- }
- break;
-
-
/* URI */
case sw_uri:
@@ -692,10 +643,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
state = sw_http_H;
break;
default:
- r->space_in_uri = 1;
- state = sw_uri;
- p--;
- break;
+ return NGX_HTTP_PARSE_INVALID_REQUEST;
}
break;
@@ -1171,9 +1119,7 @@ ngx_http_parse_uri(ngx_http_request_t *r)
switch (ch) {
case ' ':
- r->space_in_uri = 1;
- state = sw_check_uri;
- break;
+ return NGX_ERROR;
case '.':
r->complex_uri = 1;
state = sw_uri;
@@ -1232,8 +1178,7 @@ ngx_http_parse_uri(ngx_http_request_t *r)
r->uri_ext = p + 1;
break;
case ' ':
- r->space_in_uri = 1;
- break;
+ return NGX_ERROR;
#if (NGX_WIN32)
case '\\':
r->complex_uri = 1;
@@ -1267,8 +1212,7 @@ ngx_http_parse_uri(ngx_http_request_t *r)
switch (ch) {
case ' ':
- r->space_in_uri = 1;
- break;
+ return NGX_ERROR;
case '#':
r->complex_uri = 1;
break;