HTTP: expect escaped URIs in r.internalRedirect().

Similarly to the nginx change in 975d7ab37b39 (1.17.2), we should accept
properly escaped URIs and unescape them as needed, else it is not possible
to handle URIs with question marks.

Previously, the URI was used as is.

1 files changed, 13 insertions, 2 deletions

diff --git a/nginx/ngx_http_js_module.c b/nginx/ngx_http_js_module.c
index 1f7d4440..46c72026 100644
--- a/nginx/ngx_http_js_module.c
+++ b/nginx/ngx_http_js_module.c
@@ -890,7 +890,9 @@ ngx_http_js_content_write_event_handler(ngx_http_request_t *r)
 static void
 ngx_http_js_content_finalize(ngx_http_request_t *r, ngx_http_js_ctx_t *ctx)
 {
-    ngx_str_t  args;
+    ngx_str_t   args;
+    ngx_int_t   rc;
+    ngx_uint_t  flags;
 
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "http js content rc: %i", ctx->status);
@@ -900,7 +902,16 @@ ngx_http_js_content_finalize(ngx_http_request_t *r, ngx_http_js_ctx_t *ctx)
             ngx_http_named_location(r, &ctx->redirect_uri);
 
         } else {
-            ngx_http_split_args(r, &ctx->redirect_uri, &args);
+            ngx_str_null(&args);
+            flags = NGX_HTTP_LOG_UNSAFE;
+
+            rc = ngx_http_parse_unsafe_uri(r, &ctx->redirect_uri, &args,
+                                           &flags);
+            if (rc != NGX_OK) {
+                ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
+                return;
+            }
+
             ngx_http_internal_redirect(r, &ctx->redirect_uri, &args);
         }
     }