Skip to content

Commit

Permalink
fix: escape uri in module side
Browse files Browse the repository at this point in the history 
* subsumed vozlt#305
* avoiding unintentioned PCRE2's dependency addition
  • Loading branch information
@u5surf
u5surf committed Jan 2, 2025
1 parent 3407cc2 commit 162ed93
Show file tree
Hide file tree
Showing 5 changed files with 584 additions and 560 deletions.
13 changes: 2 additions & 11 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,19 +77,10 @@ jobs:
working-directory: freenginx
run: |
patch -p1 < /home/runner/work/nginx-module-vts/nginx-module-vts/nginx_upstream_check/check_1.20.1+.patch
- name: 'checkout pcre2'
uses: actions/checkout@v3
with:
repository: PCRE2Project/pcre2
path: pcre2
- name: 'autogen pcre2'
working-directory: pcre2
run: |
./autogen.sh
- name: 'build nginx'
working-directory: nginx
run: |
./auto/configure --with-ld-opt="-Wl,-rpath,/usr/local/lib" --with-pcre=/home/runner/work/nginx-module-vts/nginx-module-vts/pcre2 --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/ngx_devel_kit --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/lua-nginx-module --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx-module-vts --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx_upstream_check
./auto/configure --with-ld-opt="-Wl,-rpath,/usr/local/lib" --without-pcre2 --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/ngx_devel_kit --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/lua-nginx-module --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx-module-vts --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx_upstream_check
make
sudo make install
/usr/local/nginx/sbin/nginx -V
Expand All @@ -99,7 +90,7 @@ jobs:
- name: 'build freenginx'
working-directory: freenginx
run: |
./auto/configure --prefix=/usr/local/freenginx --with-ld-opt="-Wl,-rpath,/usr/local/lib" --with-pcre=/home/runner/work/nginx-module-vts/nginx-module-vts/pcre2 --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/ngx_devel_kit --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/lua-nginx-module --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx-module-vts --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx_upstream_check
./auto/configure --prefix=/usr/local/freenginx --with-ld-opt="-Wl,-rpath,/usr/local/lib" --without-pcre2 --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/ngx_devel_kit --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/lua-nginx-module --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx-module-vts --add-module=/home/runner/work/nginx-module-vts/nginx-module-vts/nginx_upstream_check
make
sudo make install
/usr/local/freenginx/sbin/nginx -V
Expand Down
6 changes: 3 additions & 3 deletions share/status.template.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -631,7 +631,7 @@ <h1>
? '<img class="flag flag-{}" />'.format(name.toLowerCase())
: '';

s = '{}{}'.format(aHe('th', encodeURI('{}{}'.format(flag, name))),
s = '{}{}'.format(aHe('th', '{}{}'.format(flag, name)),
aHe('td', [(zone.requestCounter + zone.overCounts['maxIntegerSize'] * zone.overCounts['requestCounter']),
aPs.getValue('{}.{}'.format(uniq, 'requestCounter'), zone.requestCounter), mTh(zone.requestMsec)
]));
Expand Down Expand Up @@ -681,7 +681,7 @@ <h1>

clas = (n++ % 2) ? 'odd' : '';

s = '{}{}'.format(aHe('th', encodeURI(peer.server)),
s = '{}{}'.format(aHe('th', peer.server),
aHe('td', [sTh(peer.backup, peer.down), mTh(peer.responseMsec),
peer.weight, peer.maxFails, peer.failTimeout,
(peer.requestCounter + peer.overCounts['maxIntegerSize'] * peer.overCounts['requestCounter']),
Expand Down Expand Up @@ -722,7 +722,7 @@ <h1>

clas = (n++ % 2) ? 'odd' : '';

s = '{}{}'.format(aHe('th', encodeURI(name)),
s = '{}{}'.format(aHe('th', name),
aHe('td', [bTh(zone.maxSize),
bTh(zone.usedSize),
bTh(zone.outBytes + zone.overCounts['maxIntegerSize'] * zone.overCounts['outBytes']),
Expand Down
33 changes: 33 additions & 0 deletions src/ngx_http_vhost_traffic_status_display_json.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ ngx_http_vhost_traffic_status_display_set_server_node(
}

#if (NGX_HTTP_CACHE)
ngx_http_vhost_traffic_status_display_encode_uri(r, &dst);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_SERVER,
&dst, vtsn->stat_request_counter,
vtsn->stat_in_bytes,
Expand Down Expand Up @@ -140,6 +141,7 @@ ngx_http_vhost_traffic_status_display_set_server_node(
vtsn->stat_cache_scarce_counter_oc,
vtsn->stat_request_time_counter_oc);
#else
ngx_http_vhost_traffic_status_display_encode_uri(r, &dst);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_SERVER,
&dst, vtsn->stat_request_counter,
vtsn->stat_in_bytes,
Expand Down Expand Up @@ -286,6 +288,31 @@ ngx_http_vhost_traffic_status_display_set_filter_node(ngx_http_request_t *r,
return ngx_http_vhost_traffic_status_display_set_server_node(r, buf, &key, vtsn);
}

void
ngx_http_vhost_traffic_status_display_encode_uri(ngx_http_request_t *r,
ngx_str_t *uri)
{

size_t len;
ngx_str_t *euri;
u_char *p;
euri = uri;
len = ngx_escape_html(NULL, uri->data, uri->len);

if (len) {
p = ngx_pnalloc(r->pool, uri->len + len);
if (p == NULL) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"display_encode_uri::ngx_pnalloc() failed");
}

(void) ngx_escape_html(p, uri->data, uri->len);
euri->data = p;
euri->len = uri->len + len;
uri = euri;
}
return;
}

u_char *
ngx_http_vhost_traffic_status_display_set_filter(ngx_http_request_t *r,
Expand Down Expand Up @@ -332,6 +359,7 @@ ngx_http_vhost_traffic_status_display_set_filter(ngx_http_request_t *r,
"display_set_filter::escape_json_pool() failed");
}

ngx_http_vhost_traffic_status_display_encode_uri(r, &filter);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_OBJECT_S,
&filter);

Expand Down Expand Up @@ -392,6 +420,7 @@ ngx_http_vhost_traffic_status_display_set_upstream_node(ngx_http_request_t *r,
}

if (vtsn != NULL) {
ngx_http_vhost_traffic_status_display_encode_uri(r, &key);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_UPSTREAM,
&key, vtsn->stat_request_counter,
vtsn->stat_in_bytes, vtsn->stat_out_bytes,
Expand Down Expand Up @@ -434,6 +463,7 @@ ngx_http_vhost_traffic_status_display_set_upstream_node(ngx_http_request_t *r,
vtsn->stat_request_time_counter_oc, vtsn->stat_response_time_counter_oc);

} else {
ngx_http_vhost_traffic_status_display_encode_uri(r, &key);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_UPSTREAM,
&key, (ngx_atomic_uint_t) 0,
(ngx_atomic_uint_t) 0, (ngx_atomic_uint_t) 0,
Expand Down Expand Up @@ -563,6 +593,7 @@ ngx_http_vhost_traffic_status_display_set_upstream_group(ngx_http_request_t *r,

o = buf;

ngx_http_vhost_traffic_status_display_encode_uri(r, &uscf->host);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_ARRAY_S,
&uscf->host);
s = buf;
Expand Down Expand Up @@ -703,6 +734,7 @@ ngx_http_vhost_traffic_status_display_set_upstream_group(ngx_http_request_t *r,

ngx_str_set(&key, "::nogroups");

ngx_http_vhost_traffic_status_display_encode_uri(r, &key);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_ARRAY_S, &key);

s = buf;
Expand Down Expand Up @@ -742,6 +774,7 @@ u_char
"display_set_cache_node::escape_json_pool() failed");
}

ngx_http_vhost_traffic_status_display_encode_uri(r, &key);
buf = ngx_sprintf(buf, NGX_HTTP_VHOST_TRAFFIC_STATUS_JSON_FMT_CACHE,
&key, vtsn->stat_cache_max_size,
vtsn->stat_cache_used_size,
Expand Down
2 changes: 2 additions & 0 deletions src/ngx_http_vhost_traffic_status_display_json.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,8 @@ u_char *ngx_http_vhost_traffic_status_display_set_cache(
u_char *ngx_http_vhost_traffic_status_display_set(ngx_http_request_t *r,
u_char *buf);

void ngx_http_vhost_traffic_status_display_encode_uri(
ngx_http_request_t *r, ngx_str_t *uri);

#endif /* _NGX_HTTP_VTS_DISPLAY_JSON_H_INCLUDED_ */

Expand Down
Loading

0 comments on commit 162ed93

Please sign in to comment.