diff options
| author | Valentin Bartenev <vbart@nginx.com> | 2013-02-27 17:27:15 +0000 |
|---|---|---|
| committer | Valentin Bartenev <vbart@nginx.com> | 2013-02-27 17:27:15 +0000 |
| commit | 8c4fea17667d63a70e09571e0aa18551765c24c3 (patch) | |
| tree | 75aa4ec9e983a8021140d978988b8a275d239594 /src/http/ngx_http_request.c | |
| parent | d281d0ba8b779b591e96ef237ff149e3d521264f (diff) | |
| download | nginx-8c4fea17667d63a70e09571e0aa18551765c24c3.tar.gz nginx-8c4fea17667d63a70e09571e0aa18551765c24c3.zip | |
Apply server configuration as soon as host is known.
Previously, this was done only after the whole request header
was parsed, and if an error occurred earlier then the request
was processed in the default server (or server chosen by SNI),
while r->headers_in.server might be set to the value from the
Host: header or host from request line.
r->headers_in.server is in turn used for $host variable and
in HTTP redirects if "server_name_in_redirect" is disabled.
Without the change, configurations that rely on this during
error handling are potentially unsafe if SNI is used.
This change also allows to use server specific settings of
"underscores_in_headers", "ignore_invalid_headers", and
"large_client_header_buffers" directives for HTTP requests
and HTTPS requests without SNI.
Diffstat (limited to 'src/http/ngx_http_request.c')
| -rw-r--r-- | src/http/ngx_http_request.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index c96c2633b..aff0a96c8 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -919,13 +919,18 @@ ngx_http_process_request_line(ngx_event_t *rev) return; } + if (ngx_http_set_virtual_server(r, &host) == NGX_ERROR) { + return; + } + r->headers_in.server = host; } if (r->http_version < NGX_HTTP_VERSION_10) { - if (ngx_http_set_virtual_server(r, &r->headers_in.server) - == NGX_ERROR) + if (r->headers_in.server.len == 0 + && ngx_http_set_virtual_server(r, &r->headers_in.server) + == NGX_ERROR) { return; } @@ -1014,7 +1019,6 @@ ngx_http_process_request_headers(ngx_event_t *rev) } cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module); - cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); rc = NGX_AGAIN; @@ -1068,6 +1072,9 @@ ngx_http_process_request_headers(ngx_event_t *rev) } } + /* the host header could change the server configuration context */ + cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); + rc = ngx_http_parse_header_line(r, r->header_in, cscf->underscores_in_headers); @@ -1444,6 +1451,10 @@ ngx_http_process_host(ngx_http_request_t *r, ngx_table_elt_t *h, return NGX_OK; } + if (ngx_http_set_virtual_server(r, &host) == NGX_ERROR) { + return NGX_ERROR; + } + r->headers_in.server = host; return NGX_OK; @@ -1570,7 +1581,10 @@ ngx_http_process_multi_header_lines(ngx_http_request_t *r, ngx_table_elt_t *h, static ngx_int_t ngx_http_process_request_header(ngx_http_request_t *r) { - if (ngx_http_set_virtual_server(r, &r->headers_in.server) == NGX_ERROR) { + if (r->headers_in.server.len == 0 + && ngx_http_set_virtual_server(r, &r->headers_in.server) + == NGX_ERROR) + { return NGX_ERROR; } |