Ensure that a variable is used in the path when using request_uri, and do not warn on proxy_pass_normalized if request_uri is used#23
Merged
dvershinin merged 2 commits intodvershinin:masterfrom Feb 18, 2025
MegaManSec:master
Merged
Ensure that a variable is used in the path when using request_uri, and do not warn on proxy_pass_normalized if request_uri is used#23dvershinin merged 2 commits intodvershinin:masterfrom MegaManSec:master
dvershinin merged 2 commits intodvershinin:masterfrom
MegaManSec:master
Conversation
Also, turn find_directive_in_scope into find_directives_in_scope, allowing it to turn into a list.
Owner
|
@MegaManSec can you please add those configs above to test and fp test? Also would be great to heavily comment them e.g. with request URL and received by backend URL example, to fully understand what the type of config does. I had used similar configuration elsewhere and no longer understand what it does with those rewrites and the need for return 400, etc. :-) |
Author
|
Great idea. Note, I will rebase when I'm done, too. |
…uest_uri;', to ensure double-encoding does not occur. Also add testcases. Signed-off-by: Joshua Rogers <Joshua@Joshua.Hu>
|
Author
|
All done. Apologies for the spam due to the 20 commits. |
Owner
|
@MegaManSec great and thanks! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



In my previous PR, I messed up the "valid" proxy_pass directive.
will cause the backend server to receive a double-encoded path.
The correct configuration should be:
This PR fixes that. It ensures that a warning is only shown if proxy_pass is used with a path and $1 is not set to $request_uri.
It also warns if $request_uri is used, but no variable is actually set in the proxy_pass directive (which will now warn on anybody that used my incorrect solution)