Access to urldecoded headers


#1

A problem when trying to proxy webdav/svn have is that when you proxy
https to an http backend, COPY requests do not work because of the
Destination: header.

The standard configuration to address this is:
set $destination $http_destination;
if ( $destination ~* ^https(.*)$ ) {
set $destination http$1;
}
proxy_set_header Destination $destination;

However, $http_destination is already urlescaped and becomes escaped
again as part of the capture. This causes filenamess with spaces in
them to become double-escaped (i.e. " " represented by %2520 instead of
%20).

I have not done too much work in the nginx source, so I borrowed very
heavily from the code provided by Kirill K in his patch to urldecode
variable_arguments to create a patch which should allow access to
urldecoded copies of $http_ variables. Changing $http_destination to
$urldecodehttp_destination with the following patch applied appears to
resolve the issue for us.

Any feedback as far as a better way to do this, problems with the code,
or issues that have been overlooked would be appreciated.

I was mostly unsure whether the ngx_palloc code and the “v->len = dst -
v->data;” lines were correct.

Michael

diff -u nginx-0.5.37/src/http/ngx_http_variables.c
nginx-0.5.37-decodepatch/src/http/ngx_http_variables.c
— nginx-0.5.37/src/http/ngx_http_variables.c 2007-12-12
08:57:36.000000000 -0800
+++ nginx-0.5.37-decodepatch/src/http/ngx_http_variables.c 2009-03-26
23:06:26.000000000 -0700
@@ -22,6 +22,8 @@
static ngx_int_t ngx_http_variable_headers(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);

+static ngx_int_t
ngx_http_variable_unknown_header_in_urldecode(ngx_http_request_t *r,

  • ngx_http_variable_value_t *v, uintptr_t data);
    static ngx_int_t ngx_http_variable_unknown_header_in(ngx_http_request_t
    *r,
    ngx_http_variable_value_t *v, uintptr_t data);
    static ngx_int_t
    ngx_http_variable_unknown_header_out(ngx_http_request_t *r,
    @@ -442,6 +444,17 @@
    return NULL;
    }

  • if (ngx_strncmp(name->data, “urldecodehttp_”, 14) == 0) {

  •    if (ngx_http_variable_unknown_header_in_urldecode(r, vv,
    

(uintptr_t) name)

  •        == NGX_OK)
    
  •    {
    
  •        return vv;
    
  •    }
    
  •    return NULL;
    
  • }

  • if (ngx_strncmp(name->data, “http_”, 5) == 0) {

       if (ngx_http_variable_unknown_header_in(r, vv, (uintptr_t) 
    

name)
@@ -632,6 +645,73 @@

static ngx_int_t
+ngx_http_variable_unknown_header_in_urldecode(ngx_http_request_t *r,

  • ngx_http_variable_value_t *v, uintptr_t data)
    +{
  • ngx_str_t *var = (ngx_str_t *) data;
  • ngx_list_part_t *part = &r->headers_in.headers.part;
  • size_t prefix = sizeof(“urldecodehttp_”) - 1;
  • u_char *dst, *src;
  • u_char ch;
  • ngx_uint_t i, n;
  • ngx_table_elt_t *header;
  • header = part->elts;
  • for (i = 0; /* void */ ; i++) {
  •    if (i >= part->nelts) {
    
  •        if (part->next == NULL) {
    
  •            break;
    
  •        }
    
  •        part = part->next;
    
  •        header = part->elts;
    
  •        i = 0;
    
  •    }
    
  •    for (n = 0; n + prefix < var->len && n < header[i].key.len; 
    

n++) {

  •        ch = header[i].key.data[n];
    
  •        if (ch >= 'A' && ch <= 'Z') {
    
  •            ch |= 0x20;
    
  •        } else if (ch == '-') {
    
  •            ch = '_';
    
  •        }
    
  •        if (var->data[n + prefix] != ch) {
    
  •            break;
    
  •        }
    
  •    }
    
  •    if (n + prefix == var->len && n == header[i].key.len) {
    
  •        v->data = ngx_palloc(r->pool, header[i].value.len);
    
  •        if (v->data == NULL) {
    
  •            v->not_found = 1;
    
  •        }
    
  •        else {
    
  •            dst = v->data;
    
  •            src = header[i].value.data;
    
  •            ngx_unescape_uri(&dst, &src, header[i].value.len,
    

NGX_ESCAPE_ARGS);

  •            v->len = dst - v->data;
    
  •            v->valid = 1;
    
  •            v->no_cacheable = 0;
    
  •            v->not_found = 0;
    
  •        }
    
  •        return NGX_OK;
    
  •    }
    
  • }
  • v->not_found = 1;
  • return NGX_OK;
    +}

+static ngx_int_t
ngx_http_variable_unknown_header_in(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
@@ -1351,6 +1431,13 @@
}
}

  •    if (ngx_strncmp(v[i].name.data, "urldecodehttp_", 14) == 0) {
    
  •        v[i].get_handler =
    

ngx_http_variable_unknown_header_in_urldecode;

  •        v[i].data = (uintptr_t) &v[i].name;
    
  •        continue;
    
  •    }
    
  •    if (ngx_strncmp(v[i].name.data, "http_", 5) == 0) {
           v[i].get_handler = ngx_http_variable_unknown_header_in;
           v[i].data = (uintptr_t) &v[i].name;