mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-07 17:52:38 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

HTTP/2: validate client request scheme.

Browse Source 
The scheme is validated as per RFC 3986, Section 3.1.
This commit is contained in:
Ruslan Ermilov 2018-06-07 11:47:10 +03:00
parent c804eb7748
commit 94a2ce426f
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/http/v2/ngx_http_v2.c
View File

@ -3474,6 +3474,9 @@ ngx_http_v2_parse_method(ngx_http_request_t *r, ngx_str_t *value)
static ngx_int_t static ngx_int_t
ngx_http_v2_parse_scheme(ngx_http_request_t *r, ngx_str_t *value) ngx_http_v2_parse_scheme(ngx_http_request_t *r, ngx_str_t *value)
{ {
u_char c, ch;
ngx_uint_t i;
if (r->schema_start) { if (r->schema_start) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent duplicate :scheme header"); "client sent duplicate :scheme header");
@ -3488,6 +3491,26 @@ ngx_http_v2_parse_scheme(ngx_http_request_t *r, ngx_str_t *value)
return NGX_DECLINED; return NGX_DECLINED;
} }
for (i = 0; i < value->len; i++) {
ch = value->data[i];
c = (u_char) (ch | 0x20);
if (c >= 'a' && c <= 'z') {
continue;
}
if (((ch >= '0' && ch <= '9') || ch == '+' || ch == '-' || ch == '.')
&& i > 0)
{
continue;
}
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid :scheme header: \"%V\"", value);
return NGX_DECLINED;
}
r->schema_start = value->data; r->schema_start = value->data;
r->schema_end = value->data + value->len; r->schema_end = value->data + value->len;