diff options
author | Igor Sysoev <igor@sysoev.ru> | 2010-06-04 20:05:55 +0400 |
---|---|---|
committer | Igor Sysoev <igor@sysoev.ru> | 2010-06-04 20:05:55 +0400 |
commit | 4cf7f2727dd6cafbe8064a79701167e4da70ad4d (patch) | |
tree | e65bb0ff714c574827a890b3a48681630a951dfa | |
parent | 04e1156d2e5c3caeb2966f80810733ced2548fcc (diff) |
fix "/dir/%3F../" and "/dir/%23../" cases
-rw-r--r-- | src/http/ngx_http_parse.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c index 2952e02ea..272f030ed 100644 --- a/src/http/ngx_http_parse.c +++ b/src/http/ngx_http_parse.c @@ -1187,16 +1187,11 @@ ngx_http_parse_complex_uri(ngx_http_request_t *r, ngx_uint_t merge_slashes) if (ch >= '0' && ch <= '9') { ch = (u_char) ((decoded << 4) + ch - '0'); - if (ch == '%') { + if (ch == '%' || ch == '#') { state = sw_usual; *u++ = ch; ch = *p++; break; - } - - if (ch == '#') { - *u++ = ch; - ch = *p++; } else if (ch == '\0') { return NGX_HTTP_PARSE_INVALID_REQUEST; @@ -1211,8 +1206,10 @@ ngx_http_parse_complex_uri(ngx_http_request_t *r, ngx_uint_t merge_slashes) ch = (u_char) ((decoded << 4) + c - 'a' + 10); if (ch == '?') { + state = sw_usual; *u++ = ch; ch = *p++; + break; } else if (ch == '+') { r->plus_in_uri = 1; |