nginx.git/src/http/modules/ngx_http_referer_module.c, branch release-1.19.3 nginx Referer: fixed $invalid_referer. 2017-08-04T05:01:55+00:00 Ruslan Ermilov ru@nginx.com 2017-08-04T05:01:55+00:00 c09bba400d233331f1b405e18c6912a30502dee9 The variable was considered non-existent in the absence of any valid_referers directives. Given the following config snippet, location / { return 200 $invalid_referer; } location /referer { valid_referers server_names; } "location /" should work identically and independently on other "location /referer". The fix is to always add the $invalid_referer variable as long as the module is compiled in, as is done by other modules. 
The variable was considered non-existent in the absence of any
valid_referers directives.

Given the following config snippet,

    location / {
        return 200 $invalid_referer;
    }

    location /referer {
        valid_referers server_names;
    }

"location /" should work identically and independently on other
"location /referer".

The fix is to always add the $invalid_referer variable as long
as the module is compiled in, as is done by other modules.
Style. 2016-03-30T08:52:16+00:00 Ruslan Ermilov ru@nginx.com 2016-03-30T08:52:16+00:00 7ad57da59821294255610545b2b5ce07e74124a5 






Referer: fixed hostname buffer overflow check.
2013-08-29T18:35:54+00:00

Valentin Bartenev
vbart@nginx.com

2013-08-29T18:35:54+00:00

6d7ec5009a585fbbfa01a1b02fe7116957bcf5f0

Because of premature check the effective buffer size was 255 symbols
while the buffer is able to handle 256.





Because of premature check the effective buffer size was 255 symbols
while the buffer is able to handle 256.







Referer: "server_names" parsing deferred to merge phase.
2013-08-29T18:35:27+00:00

Sergey Kandaurov
pluknet@nginx.com

2013-08-29T18:35:27+00:00

e4209c02695eeff839d8e7aa807b62fe502bb4e8

This allows to approach "server_name" values specified below the
"valid_referers" directive when used within the "server_names" parameter, e.g.:

    server_name  example.org;
    valid_referers server_names;
    server_name  example.com;

As a bonus, this fixes bogus error with "server_names" specified several times.





This allows to approach "server_name" values specified below the
"valid_referers" directive when used within the "server_names" parameter, e.g.:

    server_name  example.org;
    valid_referers server_names;
    server_name  example.com;

As a bonus, this fixes bogus error with "server_names" specified several times.







Referer: fixed server_name regex matching.
2013-08-29T18:35:26+00:00

Sergey Kandaurov
pluknet@nginx.com

2013-08-29T18:35:26+00:00

8658c5b8a11c2155e66e1bd1c322099f672f7c15

The server_name regexes are normally compiled for case-sensitive matching.
This violates case-insensitive obligations in the referer module.  To fix
this, the host string is converted to lower case before matching.

Previously server_name regex was executed against the whole referer string
after dropping the scheme part.  This could led to an improper matching, e.g.:

    server_name ~^localhost$;
    valid_referers server_names;

    Referer: http://localhost/index.html

It was changed to look only at the hostname part.

The server_name regexes are separated into another array to not clash with
regular regexes.





The server_name regexes are normally compiled for case-sensitive matching.
This violates case-insensitive obligations in the referer module.  To fix
this, the host string is converted to lower case before matching.

Previously server_name regex was executed against the whole referer string
after dropping the scheme part.  This could led to an improper matching, e.g.:

    server_name ~^localhost$;
    valid_referers server_names;

    Referer: http://localhost/index.html

It was changed to look only at the hostname part.

The server_name regexes are separated into another array to not clash with
regular regexes.







Referer: fixed error type usage inconsistency for ngx_http_add*().
2013-08-29T18:35:26+00:00

Sergey Kandaurov
pluknet@nginx.com

2013-08-29T18:35:26+00:00

3ef0dfa145513c98b331f75730c3f16e4713cda4












Referer module: fixed regex matching against HTTPS referers.
2013-08-13T13:47:04+00:00

Sergey Kandaurov
pluknet@nginx.com

2013-08-13T13:47:04+00:00

9aaf256e4024e278e099c94281246aada63fc2fa

When matching a compiled regex against value in the "Referer" header field,
the length was calculated incorrectly for strings that start from "https://".
This might cause matching to fail for regexes with end-of-line anchors.

Patch by Liangbin Li.





When matching a compiled regex against value in the "Referer" header field,
the length was calculated incorrectly for strings that start from "https://".
This might cause matching to fail for regexes with end-of-line anchors.

Patch by Liangbin Li.







Referer module: added $invalid_referer to variables hash.
2013-05-22T18:31:53+00:00

Maxim Dounin
mdounin@mdounin.ru

2013-05-22T18:31:53+00:00

4fd486e68ccc90f38c4bfc1ed9abef99565471cb

This makes it accessible via dynamic lookup with ngx_http_get_variable()
from Perl, SSI, etc.

Patch by Yichun Zhang (agentzh).





This makes it accessible via dynamic lookup with ngx_http_get_variable()
from Perl, SSI, etc.

Patch by Yichun Zhang (agentzh).







Copyright updated.
2012-01-18T15:07:43+00:00

Maxim Konovalov
maxim@nginx.com

2012-01-18T15:07:43+00:00

f8d59e33f34185c28d1d3c6625a897e214b7ca73












Fix names of the referer hash size directives introduced in r3940.
2011-08-18T16:27:30+00:00

Igor Sysoev
igor@sysoev.ru

2011-08-18T16:27:30+00:00

c4ff39ae2b79a6a54535f3c8abc9f2ccefa4ee99