diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2011-11-01 14:09:15 +0000 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2011-11-01 14:09:15 +0000 |
| commit | 844ce56e348734b597ba9307dff2d5051a280b52 (patch) | |
| tree | e4bff18600fcdee3b8c01a1a8529384a8ad55651 /src/http/modules | |
| parent | 5fdf27caec130f041771ee51daaf38e9574141d4 (diff) | |
| download | nginx-844ce56e348734b597ba9307dff2d5051a280b52.tar.gz nginx-844ce56e348734b597ba9307dff2d5051a280b52.tar.bz2 | |
Merging r4193, r4194:
Autoindex fixes:
*) Autoindex: escape '?' in file names.
For files with '?' in their names autoindex generated links with '?' not
escaped. This resulted in effectively truncated links as '?' indicates
query string start.
This is an updated version of the patch originally posted at [1]. It
introduces generic NGX_ESCAPE_URI_COMPONENT which escapes everything but
unreserved characters as per RFC 3986. This approach also renders unneeded
special colon processing (as colon is percent-encoded now), it's dropped
accordingly.
[1] http://nginx.org/pipermail/nginx-devel/2010-February/000112.html
*) Autoindex: escape html in file names.
Diffstat (limited to 'src/http/modules')
| -rw-r--r-- | src/http/modules/ngx_http_autoindex_module.c | 75 |
1 files changed, 52 insertions, 23 deletions
diff --git a/src/http/modules/ngx_http_autoindex_module.c b/src/http/modules/ngx_http_autoindex_module.c index b67931806..bd7388126 100644 --- a/src/http/modules/ngx_http_autoindex_module.c +++ b/src/http/modules/ngx_http_autoindex_module.c @@ -26,9 +26,9 @@ typedef struct { ngx_str_t name; size_t utf_len; size_t escape; + size_t escape_html; unsigned dir:1; - unsigned colon:1; time_t mtime; off_t size; @@ -138,7 +138,7 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) { u_char *last, *filename, scale; off_t length; - size_t len, utf_len, allocated, root; + size_t len, char_len, escape_html, allocated, root; ngx_tm_t tm; ngx_err_t err; ngx_buf_t *b; @@ -338,7 +338,10 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) ngx_cpystrn(entry->name.data, ngx_de_name(&dir), len + 1); entry->escape = 2 * ngx_escape_uri(NULL, ngx_de_name(&dir), len, - NGX_ESCAPE_HTML); + NGX_ESCAPE_URI_COMPONENT); + + entry->escape_html = ngx_escape_html(NULL, entry->name.data, + entry->name.len); if (utf8) { entry->utf_len = ngx_utf8_length(entry->name.data, entry->name.len); @@ -346,8 +349,6 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) entry->utf_len = len; } - entry->colon = (ngx_strchr(entry->name.data, ':') != NULL); - entry->dir = ngx_de_is_dir(&dir); entry->mtime = ngx_de_mtime(&dir); entry->size = ngx_de_size(&dir); @@ -358,10 +359,12 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) ngx_close_dir_n " \"%s\" failed", &path); } + escape_html = ngx_escape_html(NULL, r->uri.data, r->uri.len); + len = sizeof(title) - 1 - + r->uri.len + + r->uri.len + escape_html + sizeof(header) - 1 - + r->uri.len + + r->uri.len + escape_html + sizeof("</h1>") - 1 + sizeof("<hr><pre><a href=\"../\">../</a>" CRLF) - 1 + sizeof("</pre><hr>") - 1 @@ -373,7 +376,8 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) + entry[i].name.len + entry[i].escape + 1 /* 1 is for "/" */ + sizeof("\">") - 1 - + entry[i].name.len - entry[i].utf_len + entry[i].colon * 2 + + entry[i].name.len - entry[i].utf_len + + entry[i].escape_html + NGX_HTTP_AUTOINDEX_NAME_LEN + sizeof(">") - 2 + sizeof("</a>") - 1 + sizeof(" 28-Sep-1970 12:00 ") - 1 @@ -393,9 +397,18 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) } b->last = ngx_cpymem(b->last, title, sizeof(title) - 1); - b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); - b->last = ngx_cpymem(b->last, header, sizeof(header) - 1); - b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); + + if (escape_html) { + b->last = (u_char *) ngx_escape_html(b->last, r->uri.data, r->uri.len); + b->last = ngx_cpymem(b->last, header, sizeof(header) - 1); + b->last = (u_char *) ngx_escape_html(b->last, r->uri.data, r->uri.len); + + } else { + b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); + b->last = ngx_cpymem(b->last, header, sizeof(header) - 1); + b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); + } + b->last = ngx_cpymem(b->last, "</h1>", sizeof("</h1>") - 1); b->last = ngx_cpymem(b->last, "<hr><pre><a href=\"../\">../</a>" CRLF, @@ -406,14 +419,9 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) for (i = 0; i < entries.nelts; i++) { b->last = ngx_cpymem(b->last, "<a href=\"", sizeof("<a href=\"") - 1); - if (entry[i].colon) { - *b->last++ = '.'; - *b->last++ = '/'; - } - if (entry[i].escape) { ngx_escape_uri(b->last, entry[i].name.data, entry[i].name.len, - NGX_ESCAPE_HTML); + NGX_ESCAPE_URI_COMPONENT); b->last += entry[i].name.len + entry[i].escape; @@ -433,20 +441,41 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) if (entry[i].name.len != len) { if (len > NGX_HTTP_AUTOINDEX_NAME_LEN) { - utf_len = NGX_HTTP_AUTOINDEX_NAME_LEN - 3 + 1; + char_len = NGX_HTTP_AUTOINDEX_NAME_LEN - 3 + 1; } else { - utf_len = NGX_HTTP_AUTOINDEX_NAME_LEN + 1; + char_len = NGX_HTTP_AUTOINDEX_NAME_LEN + 1; } + last = b->last; b->last = ngx_utf8_cpystrn(b->last, entry[i].name.data, - utf_len, entry[i].name.len + 1); + char_len, entry[i].name.len + 1); + + if (entry[i].escape_html) { + b->last = (u_char *) ngx_escape_html(last, entry[i].name.data, + b->last - last); + } + last = b->last; } else { - b->last = ngx_cpystrn(b->last, entry[i].name.data, - NGX_HTTP_AUTOINDEX_NAME_LEN + 1); - last = b->last - 3; + if (entry[i].escape_html) { + if (len > NGX_HTTP_AUTOINDEX_NAME_LEN) { + char_len = NGX_HTTP_AUTOINDEX_NAME_LEN - 3; + + } else { + char_len = len; + } + + b->last = (u_char *) ngx_escape_html(b->last, + entry[i].name.data, char_len); + last = b->last; + + } else { + b->last = ngx_cpystrn(b->last, entry[i].name.data, + NGX_HTTP_AUTOINDEX_NAME_LEN + 1); + last = b->last - 3; + } } if (len > NGX_HTTP_AUTOINDEX_NAME_LEN) { |