nginx.git/src/http/modules/perl, branch release-1.19.9

Perl: removed unused variable, forgotten in 975d7ab37b39.

2019-07-17T14:00:57+00:00

Perl: named locations in $r->internal_redirect().

2019-07-12T12:39:28+00:00

Perl: expect escaped URIs in $r->internal_redirect().

2019-07-12T12:39:26+00:00

Similarly to the change in 5491:74bfa803a5aa (1.5.9), we should accept
properly escaped URIs and unescape them as needed, else it is not possible
to handle URIs with question marks.

Perl: additional ctx->header_sent checks.

2019-07-12T12:39:25+00:00

As we now have ctx->header_sent flag, it is further used to prevent
duplicate $r->send_http_header() calls, prevent output before sending
header, and $r->internal_redirect() after sending header.

Further, $r->send_http_header() protected from calls after
$r->internal_redirect().

Perl: avoid returning 500 if header was already sent.

2019-07-12T12:39:25+00:00

Returning NGX_HTTP_INTERNAL_SERVER_ERROR if a perl code died after
sending header will lead to a "header already sent" alert.  To avoid
it, we now check if header was already sent, and return NGX_ERROR
instead if it was.

Perl: avoid redirects on errors.

2019-07-12T12:38:27+00:00

Previously, redirects scheduled with $r->internal_redirect() were followed
even if the code then died.  Now these are ignored and nginx will return
an error instead.

Perl: disabled unrelated calls from variable handlers.

2019-07-12T12:35:31+00:00

Variable handlers are not expected to send anything to the client, cannot
sleep or read body, and are not expected to modify the request.  Added
appropriate protection to prevent accidental foot shooting.

Perl: protection against duplicate $r->sleep() calls.

2019-07-12T12:34:37+00:00

Duplicate $r->sleep() and/or $r->has_request_body() calls result
in undefined behaviour (in practice, connection leaks were observed).
To prevent this, croak() added in appropriate places.

Perl: handling of allocation errors.

2019-07-12T10:56:23+00:00

Previously, allocation errors in nginx.xs were more or less ignored,
potentially resulting in incorrect code execution in specific low-memory
conditions.  This is changed to use ctx->error bit and croak(), similarly
to how output errors are now handled.

Note that this is mostly a cosmetic change, as Perl itself exits on memory
allocation errors, and hence nginx with Perl is hardly usable in low-memory
conditions.

Perl: propagate errors.

2019-07-12T10:56:21+00:00

When an error happens, the ctx->error bit is now set, and croak()
is called to terminate further processing.  The ctx->error bit is
checked in ngx_http_perl_call_handler() to cancel further processing,
and is also checked in various output functions - to make sure these won't
be called if croak() was handled by an eval{} in perl code.

In particular, this ensures that output chain won't be called after
errors, as filters might not expect this to happen.  This fixes some
segmentation faults under low memory conditions.  Also this stops
request processing after filter finalization or request body reading
errors.

For cases where an HTTP error status can be additionally returned (for
example, 416 (Requested Range Not Satisfiable) from the range filter),
the ctx->status field is also added.