Refactor add_header directives to use AddHeaderDirective class and improve header handling

Author: dvershinin

docs/index.md

@@ -1,8 +1,8 @@
 GIXY
 ====
-[![Mozilla Public License 2.0](https://img.shields.io/github/license/dvershinin/gixy.svg?style=flat-square)](https://github.com/dvershinin/gixy/blob/master/LICENSE)
+[![Mozilla Public License 2.0](https://img.shields.io/badge/license-MPLv2.0-brightgreen?style=flat-square)](https://github.com/dvershinin/gixy/blob/master/LICENSE)
 [![Python tests](https://github.com/dvershinin/gixy/actions/workflows/pythonpackage.yml/badge.svg)](https://github.com/dvershinin/gixy/actions/workflows/pythonpackage.yml)
-[![Your feedback is greatly appreciated](https://img.shields.io/maintenance/yes/2023.svg?style=flat-square)](https://github.com/dvershinin/gixy/issues/new)
+[![Your feedback is greatly appreciated](https://img.shields.io/maintenance/yes/2025.svg?style=flat-square)](https://github.com/dvershinin/gixy/issues/new)
 [![GitHub issues](https://img.shields.io/github/issues/dvershinin/gixy.svg?style=flat-square)](https://github.com/dvershinin/gixy/issues)
 [![GitHub pull requests](https://img.shields.io/github/issues-pr/dvershinin/gixy.svg?style=flat-square)](https://github.com/dvershinin/gixy/pulls)
 

gixy/core/sre_parse/sre_parse.py

@@ -138,7 +138,7 @@ def getwidth(self):
             if op is BRANCH:
                 i = MAXREPEAT - 1
                 j = 0
-                for av in av[1]:
+                for _ in av[1]:
                     l, h = av.getwidth()
                     i = min(i, l)
                     j = max(j, h)
@@ -166,7 +166,9 @@ def getwidth(self):
 
 
 class Tokenizer:
+
     def __init__(self, string):
+        self.next = None
         self.string = string
         self.index = 0
         self.__next()
@@ -753,11 +755,6 @@ def literal(literal, p=p, pappend=a):
         else:
             pappend((LITERAL, literal))
 
-    sep = source[:0]
-    if type(sep) is type(""):
-        makechar = chr
-    else:
-        makechar = unichr
     while 1:
         this = sget()
         if this is None:
@@ -795,20 +792,20 @@ def literal(literal, p=p, pappend=a):
                     this = this + sget()
                     if s.next in OCTDIGITS:
                         this = this + sget()
-                literal(makechar(int(this[1:], 8) & 0xFF))
+                literal(chr(int(this[1:], 8) & 0xFF))
             elif c in DIGITS:
                 isoctal = False
                 if s.next in DIGITS:
                     this = this + sget()
                     if c in OCTDIGITS and this[2] in OCTDIGITS and s.next in OCTDIGITS:
                         this = this + sget()
                         isoctal = True
-                        literal(makechar(int(this[1:], 8) & 0xFF))
+                        literal(chr(int(this[1:], 8) & 0xFF))
                 if not isoctal:
                     a((MARK, int(this[1:])))
             else:
                 try:
-                    this = makechar(ESCAPES[this][1])
+                    this = chr(ESCAPES[this][1])
                 except KeyError:
                     pass
                 literal(this)

gixy/directives/directive.py

@@ -77,11 +77,53 @@ def __init__(self, name, args):
         super(AddHeaderDirective, self).__init__(name, args)
         self.header = args[0].lower()
         self.value = args[1]
+        self.headers = {self.header: self.value}
         self.always = False
         if len(args) > 2 and args[2] == "always":
             self.always = True
 
 
+class MoreSetHeadersDirective(Directive):
+    """
+    Syntax:	more_set_headers 'Foo: bar' 'Baz: bah';
+    """
+
+    nginx_name = "more_set_headers"
+
+    def get_headers(self):
+        # See headers more documentation: https://github.com/openresty/headers-more-nginx-module#description
+        result = {}
+        skip_next = False
+        for arg in self.args:
+            if arg in ["-s", "-t"]:
+                # Mark to skip the next value because it's not a header
+                skip_next = True
+            elif arg.startswith("-"):
+                # Skip any options
+                continue
+            elif skip_next:
+                skip_next = False
+            elif not skip_next:
+                # Now it's a header in format "Header: value" or "Header:" or just "Header" (for clearing)
+                parts = arg.split(":", 1)
+                header = parts[0]
+                value = None
+                if len(parts) > 1 and parts[1].strip():
+                    # strip only whitespace character from left side, preserving newlines
+                    # this is needed to support multiline headers
+                    value = parts[1].lstrip(" ")
+                result[header] = value
+        return result
+
+    def __init__(self, name, args):
+        super().__init__(name, args)
+        self.headers = self.get_headers()
+        # first header is the main header name
+        self.header = list(self.headers.keys())[0]
+        # value is
+        self.value = self.headers[self.header]
+
+
 class SetDirective(Directive):
     nginx_name = "set"
     provide_variables = True

gixy/plugins/add_header_content_type.py

@@ -1,4 +1,5 @@
 import gixy
+from gixy.directives.directive import AddHeaderDirective
 from gixy.plugins.plugin import Plugin
 
 
@@ -7,38 +8,16 @@ class add_header_content_type(Plugin):
     Bad example: add_header Content-Type text/plain;
     Good example: default_type text/plain;
     """
-    summary = 'Found add_header usage for setting Content-Type.'
+
+    summary = "Found add_header usage for setting Content-Type."
     severity = gixy.severity.LOW
     description = 'Target Content-Type in NGINX should not be set via "add_header"'
-    help_url = 'https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/add_header_content_type.md'
-    directives = ['add_header']
+    help_url = "https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/add_header_content_type.md"
+    directives = ["add_header"]
 
-    def audit(self, directive):
-        header_values = get_header_values(directive)
-        if directive.header == 'content-type':
-            reason = 'You probably want "default_type {default_type};" instead of "add_header" or "more_set_headers"'.format(default_type=header_values[0])
-            self.add_issue(
-                directive=directive,
-                reason=reason
+    def audit(self, directive: AddHeaderDirective):
+        if directive.header == "content-type":
+            reason = 'You probably want "default_type {default_type};" instead of "add_header" or "more_set_headers"'.format(
+                default_type=directive.value
             )
-
-
-def get_header_values(directive):
-    if directive.name == 'add_header':
-        return [directive.args[1]]
-
-    # See headers more documentation: https://github.com/openresty/headers-more-nginx-module#description
-    result = []
-    skip_next = False
-    for arg in directive.args:
-        if arg in ['-s', '-t']:
-            # Skip next value, because it's not a header
-            skip_next = True
-        elif arg.startswith('-'):
-            # Skip any options
-            pass
-        elif skip_next:
-            skip_next = False
-        elif not skip_next:
-            result.append(arg)
-    return result
+            self.add_issue(directive=directive, reason=reason)

gixy/plugins/add_header_multiline.py

@@ -1,4 +1,5 @@
 import gixy
+from gixy.directives.directive import AddHeaderDirective
 from gixy.plugins.plugin import Plugin
 
 
@@ -20,41 +21,19 @@ class add_header_multiline(Plugin):
     help_url = "https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/addheadermultiline.md"
     directives = ["add_header", "more_set_headers"]
 
-    def audit(self, directive):
-        header_values = get_header_values(directive)
-        for value in header_values:
+    def audit(self, directive: AddHeaderDirective):
+        for header, value in directive.headers.items():
             if "\n\x20" in value or "\n\t" in value:
                 self.add_issue(directive=directive)
                 break
             if "\n" in value:
                 reason = (
-                    'A newline character is found in the directive "{directive}". The resulting header will be '
+                    'A newline character is found in the directive "{directive}". The resulting header {header} will be '
                     "incomplete. Ensure the value is fit on a single line".format(
-                        directive=directive.name
+                        directive=directive.name, header=header
                     )
                 )
                 self.add_issue(
                     severity=gixy.severity.HIGH, directive=directive, reason=reason
                 )
                 break
-
-
-def get_header_values(directive):
-    if directive.name == "add_header":
-        return [directive.args[1]]
-
-    # See headers more documentation: https://github.com/openresty/headers-more-nginx-module#description
-    result = []
-    skip_next = False
-    for arg in directive.args:
-        if arg in ["-s", "-t"]:
-            # Skip the next value because it's not a header
-            skip_next = True
-        elif arg.startswith("-"):
-            # Skip any options
-            pass
-        elif skip_next:
-            skip_next = False
-        elif not skip_next:
-            result.append(arg)
-    return result