#
2743:3aeba568771b |
| 31-Jan-2024 |
Andrei Zeliankou |
Router: match when pattern and tested string are both zero length
Otherwise, undefined behaviour will be triggered.
Can be reproduced by test/test_routing.py::test_routes_match_host_empty with enab
Router: match when pattern and tested string are both zero length
Otherwise, undefined behaviour will be triggered.
Can be reproduced by test/test_routing.py::test_routes_match_host_empty with enabled UndefinedBehaviorSanitizer:
src/nxt_http_route.c:2141:17: runtime error: applying zero offset to null pointer #0 0x100562588 in nxt_http_route_test_rule nxt_http_route.c:2091 #1 0x100564ed8 in nxt_http_route_handler nxt_http_route.c:1574 #2 0x10055188c in nxt_http_request_action nxt_http_request.c:570 #3 0x10052b1a0 in nxt_h1p_request_body_read nxt_h1proto.c:998 #4 0x100449c38 in nxt_event_engine_start nxt_event_engine.c:542 #5 0x100436828 in nxt_thread_trampoline nxt_thread.c:126 #6 0x18133e030 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x7030) #7 0x181338e38 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1e38)
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/nxt_http_route.c:2141:17
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
show more ...
|
Revision tags: 1.32.0-1, 1.32.0, 1.31.1-1, 1.31.1, 1.31.0-1, 1.31.0 |
|
#
2512:5e9e70378c1d |
| 09-Aug-2023 |
Zhidao HONG |
HTTP: controlling response headers support.
|
#
2511:f4e6a9834a2b |
| 09-Aug-2023 |
Zhidao HONG |
HTTP: stored matched action in nxt_http_request_t.
No functional changes.
|
Revision tags: 1.30.0-1, 1.30.0 |
|
#
2448:243735980417 |
| 20-Apr-2023 |
Zhidao HONG |
HTTP: added basic URI rewrite.
This commit introduced the basic URI rewrite. It allows users to change request URI. Note the "rewrite" option ignores the contained query if any and the query from th
HTTP: added basic URI rewrite.
This commit introduced the basic URI rewrite. It allows users to change request URI. Note the "rewrite" option ignores the contained query if any and the query from the request is preserverd. An example: "routes": [ { "match": { "uri": "/v1/test" }, "action": { "return": 200 } }, { "action": { "rewrite": "/v1$uri", "pass": "routes" } } ]
Reviewed-by: Alejandro Colomar <alx@nginx.com>
show more ...
|
#
2381:a68b5f5bf46c |
| 26-Jan-2023 |
Alejandro Colomar |
HTTP: added route logging.
- Configuration: added "/config/settings/http/log_route".
Type: bool Default: false
This adds configurability to the error log. It allows enabling and disa
HTTP: added route logging.
- Configuration: added "/config/settings/http/log_route".
Type: bool Default: false
This adds configurability to the error log. It allows enabling and disabling logs related to how the router performs selection of the routes.
- HTTP: logging request line.
Log level: [notice]
The request line is essential to understand which logs correspond to which request when reading the logs.
- HTTP: logging route that's been discarded.
Log level: [info]
- HTTP: logging route whose action is selected.
Log level: [notice]
- HTTP: logging when "fallback" action is taken.
Log level: [notice]
Closes: <https://github.com/nginx/unit/issues/758> Link: <https://github.com/nginx/unit/pull/824> Link: <https://github.com/nginx/unit/pull/839> Suggested-by: Timo Stark <t.stark@nginx.com> Suggested-by: Mark L Wood-Patrick <mwoodpatrick@gmail.com> Suggested-by: Liam Crilly <liam@nginx.com> Tested-by: Liam Crilly <liam@nginx.com> Acked-by: Artem Konev <a.konev@f5.com> Cc: Andrew Clayton <a.clayton@nginx.com> Cc: Andrei Zeliankou <zelenkov@nginx.com> Reviewed-by: Zhidao Hong <z.hong@f5.com> Signed-off-by: Alejandro Colomar <alx@nginx.com>
show more ...
|
#
2380:3f702daa2f3f |
| 10-Jan-2023 |
Alejandro Colomar |
HTTP: rewrote while loop as for loop.
This considerably simplifies the function, and will also help log the iteration in which we are, which corresponds to the route array element.
Link: <https://g
HTTP: rewrote while loop as for loop.
This considerably simplifies the function, and will also help log the iteration in which we are, which corresponds to the route array element.
Link: <https://github.com/nginx/unit/pull/824> Link: <https://github.com/nginx/unit/pull/839> Reviewed-by: Andrew Clayton <a.clayton@nginx.com> Tested-by: Liam Crilly <liam@nginx.com> Reviewed-by: Zhidao Hong <z.hong@f5.com> Signed-off-by: Alejandro Colomar <alx@nginx.com>
show more ...
|
Revision tags: 1.29.1-1, 1.29.1, 1.29.0-1, 1.29.0 |
|
#
2247:baa6b9879267 |
| 20-Nov-2022 |
Zhidao HONG |
Basic njs support.
|
#
2246:5f4056478375 |
| 20-Nov-2022 |
Zhidao HONG |
Var: separating nxt_tstr_t from nxt_var_t.
It's for the introduction of njs support. For each option that supports native variable and JS template literals introduced next, it's unified as template
Var: separating nxt_tstr_t from nxt_var_t.
It's for the introduction of njs support. For each option that supports native variable and JS template literals introduced next, it's unified as template string.
No functional changes.
show more ...
|
#
2232:1fb2182a4d03 |
| 02-Nov-2022 |
Alejandro Colomar |
Removed the unsafe nxt_memchr() wrapper for memchr(3).
The casts are unnecessary, since memchr(3)'s argument is 'const void *'. It might have been necessary in the times of K&R, where 'void *' didn'
Removed the unsafe nxt_memchr() wrapper for memchr(3).
The casts are unnecessary, since memchr(3)'s argument is 'const void *'. It might have been necessary in the times of K&R, where 'void *' didn't exist. Nowadays, it's unnecessary, and _very_ unsafe, since casts can hide all classes of bugs by silencing most compiler warnings.
The changes from nxt_memchr() to memchr(3) were scripted:
$ find src/ -type f \ | grep '\.[ch]$' \ | xargs sed -i 's/nxt_memchr/memchr/'
Reviewed-by: Andrew Clayton <a.clayton@nginx.com> Signed-off-by: Alejandro Colomar <alx@nginx.com>
show more ...
|
#
2231:5b3a69fd47a7 |
| 02-Nov-2022 |
Alejandro Colomar |
Removed the unsafe nxt_memcmp() wrapper for memcmp(3).
The casts are unnecessary, since memcmp(3)'s arguments are 'void *'. It might have been necessary in the times of K&R, where 'void *' didn't ex
Removed the unsafe nxt_memcmp() wrapper for memcmp(3).
The casts are unnecessary, since memcmp(3)'s arguments are 'void *'. It might have been necessary in the times of K&R, where 'void *' didn't exist. Nowadays, it's unnecessary, and _very_ unsafe, since casts can hide all classes of bugs by silencing most compiler warnings.
The changes from nxt_memcmp() to memcmp(3) were scripted:
$ find src/ -type f \ | grep '\.[ch]$' \ | xargs sed -i 's/nxt_memcmp/memcmp/'
Reviewed-by: Andrew Clayton <a.clayton@nginx.com> Signed-off-by: Alejandro Colomar <alx@nginx.com>
show more ...
|
Revision tags: 1.28.0-1, 1.28.0 |
|
#
2161:f8e608f69800 |
| 27-Feb-2022 |
Alejandro Colomar |
Supporting UNIX sockets in address matching.
This closes #645 issue on GitHub.
(Also moved a changelog line that was misplaced in a previous commit.)
|
#
2147:7bf58b1b18c4 |
| 13-Jul-2022 |
Zhidao HONG |
Var: dynamic variables support.
This commit adds the variables $arg_NAME, $header_NAME, and $cookie_NAME.
|
#
2133:46433e3cef45 |
| 20-Jun-2022 |
Zhidao HONG |
Router: forwared header replacement.
|
#
2123:36000da0aa5b |
| 19-May-2022 |
Zhidao HONG |
HTTP: generalized uri encoding.
No functional changes.
|
Revision tags: 1.27.0-1, 1.27.0 |
|
#
2108:6e059f15e713 |
| 09-Dec-2021 |
Alejandro Colomar |
Static: supporting new "index" option.
This supports a new option "index" that configures a custom index file name to be served when a directory is requested. This initial support only allows a sin
Static: supporting new "index" option.
This supports a new option "index" that configures a custom index file name to be served when a directory is requested. This initial support only allows a single fixed string. An example:
{ "share": "/www/data/static/$uri", "index": "lookatthis.htm" }
When <example.com/foo/bar/> is requested, </www/data/static/foo/bar/lookatthis.html> is served.
Default is "index.html".
===
nxt_conf_validator.c:
Accept "index" as a member of "share", and make sure it's a string.
===
I tried this feature in my own computer, where I tried the following:
- Setting "index" to "lookatthis.htm", and check that the correct file is being served (check both a different name and a different extension). - Not setting "index", and check that <index.html> is being served. - Settind "index" to an array of strings, and check that the configuration fails:
{ "error": "Invalid configuration.", "detail": "The \"index\" value must be a string, but not an array." }
show more ...
|
#
2104:2ae3c205fcad |
| 18-May-2022 |
Zhidao HONG |
HTTP: generalized argument and cookie parsing.
No functional changes.
|
#
2098:9a890f0c56aa |
| 09-Apr-2022 |
Alejandro Colomar |
Supporting empty Location URIs.
An empty string in Location was being handled specially by not sending a Location header. This may occur after variable resolution, so we need to consider this scena
Supporting empty Location URIs.
An empty string in Location was being handled specially by not sending a Location header. This may occur after variable resolution, so we need to consider this scenario.
The obsolete RFC 2616 defined the Location header as consisting of an absolute URI <https://www.rfc-editor.org/rfc/rfc2616#section-14.30>, which cannot be an empty string. However, the current RFC 7231 allows the Location to be a relative URI <https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2>, and a relative URI may be an empty string <https://stackoverflow.com/a/43338457>.
Due to these considerations, this patch allows sending an empty Location header without handling this case specially. This behavior will probably be more straightforward to users, too. It also simplifies the code, which is now more readable, fast, and conformant to the current RFC. We're skipping an allocation at request time in a common case such as "action": {"return": 404}
show more ...
|
#
2078:0996dd223cdd |
| 18-Dec-2021 |
Alejandro Colomar |
Fixed indentation.
Some lines (incorrectly) had an indentation of 3 or 5, or 7 or 9, or 11 or 13, or 15 or 17 spaces instead of 4, 8, 12, or 16. Fix them.
Found with:
$ find src -type f | xargs g
Fixed indentation.
Some lines (incorrectly) had an indentation of 3 or 5, or 7 or 9, or 11 or 13, or 15 or 17 spaces instead of 4, 8, 12, or 16. Fix them.
Found with:
$ find src -type f | xargs grep -n '^ [^ ]'; $ find src -type f | xargs grep -n '^ [^ *]'; $ find src -type f | xargs grep -n '^ [^ ]'; $ find src -type f | xargs grep -n '^ [^ *]'; $ find src -type f | xargs grep -n '^ [^ +]'; $ find src -type f | xargs grep -n '^ [^ *+]'; $ find src -type f | xargs grep -n '^ [^ +]'; $ find src -type f | xargs grep -n '^ [^ *+]';
show more ...
|
#
2077:624e51cfe97a |
| 18-Dec-2021 |
Alejandro Colomar |
Removed special cases for non-NXT_CONF_VALUE_ARRAY.
The previous commit added more generic APIs for handling NXT_CONF_VALUE_ARRAY and non-NXT_CONF_VALUE_ARRAY together. Modify calling code to remove
Removed special cases for non-NXT_CONF_VALUE_ARRAY.
The previous commit added more generic APIs for handling NXT_CONF_VALUE_ARRAY and non-NXT_CONF_VALUE_ARRAY together. Modify calling code to remove special cases for arrays and non-arrays, taking special care that the path for non arrays is logically equivalent to the previous special cased code. Use the now-generic array code only.
show more ...
|
Revision tags: 1.26.1-1, 1.26.1, 1.26.0-1, 1.26.0 |
|
#
1991:61155eb41a96 |
| 05-Nov-2021 |
Zhidao HONG |
Router: matching query string support.
The "query" option matches decoded arguments, including plus ('+') to space (' '). Like "uri", it can be a string or an array of strings.
|
#
1990:89f8eb0b5ccf |
| 05-Nov-2021 |
Zhidao HONG |
HTTP: removed surplus check for r->args is not NULL.
|
#
1989:beee0e84eea0 |
| 05-Nov-2021 |
Zhidao HONG |
Router: fixed nxt_http_route_arguments_parse().
A valid query string argument is a string of "key=value\[&key=value ...\]" pairs with non-empty keys. The fix removes invalid empty arguments.
|
#
1959:45b25ffb2e8c |
| 28-Sep-2021 |
Zhidao HONG |
Static: variables in the "chroot" option.
|
#
1954:8f18a05d4c58 |
| 07-Sep-2021 |
Zhidao HONG |
Router: refactored variable pass.
Since the "pass" option supports both strings and variables, a generic nxt_var_t structure can be used in the configuration phase, and the "name" field in actions i
Router: refactored variable pass.
Since the "pass" option supports both strings and variables, a generic nxt_var_t structure can be used in the configuration phase, and the "name" field in actions is redundant.
No functional changes.
show more ...
|
Revision tags: 1.25.0-1, 1.25.0 |
|
#
1936:953434450ea9 |
| 12-Aug-2021 |
Oisin Canty |
Router: client IP address replacement.
This commit introduces the replacement of the client address based on the value of a specified HTTP header. This is intended for use when Unit is placed behin
Router: client IP address replacement.
This commit introduces the replacement of the client address based on the value of a specified HTTP header. This is intended for use when Unit is placed behind a reverse proxy like nginx or a CDN.
You must specify the source addresses of the trusted proxies. This can be accomplished with any valid IP pattern supported by Unit's match block:
["10.0.0.1", "10.4.0.0/16", "!192.168.1.1"]
The feature is configured per listener.
The client address replacement functionality only operates when there is a source IP match and the specified header is present. Typically this would be an 'X-Forwarded-For' header.
{ "listeners": { "127.0.0.1:8080": { "client_ip": { "header": "X-Forwarded-For", "source": [ "10.0.0.0/8" ] }, "pass": "applications/my_app" }, } }
If a request occurs and Unit receives a header like below:
"X-Forwarded-For: 84.123.23.23"
By default, Unit trusts the last rightmost IP in the header, so REMOTE_ADDR will be set to 84.123.23.23 if the connection originated from 10.0.0.0/8.
If Unit runs behind consecutive reverse proxies and receives a header similar to the following:
"X-Forwarded-For: 84.123.23.23, 10.0.0.254"
You will need to enable "recursive" checking, which walks the header from last address to first and chooses the first non-trusted address it finds.
{ "listeners": { "127.0.0.1:8080": { "client_ip": { "header": "X-Forwarded-For", "source": [ "10.0.0.0/8" ] "recursive": true, }, "pass": "applications/my_app" }, } }
If a connection from 10.0.0.0/8 occurs, the chain is walked. Here, 10.0.0.254 is also a trusted address so the client address will be replaced with 84.123.23.23.
If all IP addresses in the header are trusted, the client address is set to the first address in the header:
If 10.0.0.0/8 is trusted and "X-Forwarded-For: 10.0.0.3, 10.0.0.2, 10.0.0.1", the client address will be replaced with 10.0.0.3.
show more ...
|