summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/reverseproxy/fastcgi
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2020-03-22 07:48:21 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2020-03-22 07:48:34 -0600
commitf2ce81cc8b5adcd453566d292ac0b0b47fc64e99 (patch)
tree90e34450428a44d08e1c7f41f59443251e5a20ca /modules/caddyhttp/reverseproxy/fastcgi
parent2cab475ba516fa725d012f53ca417c3e039607de (diff)
fastcgi: Support multiple path splitters (close #1564)
Diffstat (limited to 'modules/caddyhttp/reverseproxy/fastcgi')
-rw-r--r--modules/caddyhttp/reverseproxy/fastcgi/caddyfile.go6
-rw-r--r--modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go18
2 files changed, 15 insertions, 9 deletions
diff --git a/modules/caddyhttp/reverseproxy/fastcgi/caddyfile.go b/modules/caddyhttp/reverseproxy/fastcgi/caddyfile.go
index 81fd48e..5b378f8 100644
--- a/modules/caddyhttp/reverseproxy/fastcgi/caddyfile.go
+++ b/modules/caddyhttp/reverseproxy/fastcgi/caddyfile.go
@@ -51,10 +51,10 @@ func (t *Transport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
t.Root = d.Val()
case "split":
- if !d.NextArg() {
+ t.SplitPath = d.RemainingArgs()
+ if len(t.SplitPath) == 0 {
return d.ArgErr()
}
- t.SplitPath = d.Val()
case "env":
args := d.RemainingArgs()
@@ -173,7 +173,7 @@ func parsePHPFastCGI(h httpcaddyfile.Helper) ([]httpcaddyfile.ConfigValue, error
}
// set up the transport for FastCGI, and specifically PHP
- fcgiTransport := Transport{SplitPath: ".php"}
+ fcgiTransport := Transport{SplitPath: []string{".php"}}
// create the reverse proxy handler which uses our FastCGI transport
rpHandler := &reverseproxy.Handler{
diff --git a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
index aa0d1cd..9d2dc39 100644
--- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
+++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
@@ -47,10 +47,11 @@ type Transport struct {
// with the value of SplitPath. The first piece will be assumed as the
// actual resource (CGI script) name, and the second piece will be set to
// PATH_INFO for the CGI script to use.
+ //
// Future enhancements should be careful to avoid CVE-2019-11043,
// which can be mitigated with use of a try_files-like behavior
- // that 404's if the fastcgi path info is not found.
- SplitPath string `json:"split_path,omitempty"`
+ // that 404s if the fastcgi path info is not found.
+ SplitPath []string `json:"split_path,omitempty"`
// Extra environment variables.
EnvVars map[string]string `json:"env,omitempty"`
@@ -168,7 +169,7 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) {
// Split path in preparation for env variables.
// Previous canSplit checks ensure this can never be -1.
- // TODO: I haven't brought over canSplit; make sure this doesn't break
+ // TODO: I haven't brought over canSplit from v1; make sure this doesn't break
splitPos := t.splitPos(fpath)
// Request has the extension; path was split successfully
@@ -284,14 +285,19 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) {
// splitPos returns the index where path should
// be split based on t.SplitPath.
func (t Transport) splitPos(path string) int {
- // TODO:
+ // TODO: from v1...
// if httpserver.CaseSensitivePath {
// return strings.Index(path, r.SplitPath)
// }
- return strings.Index(strings.ToLower(path), strings.ToLower(t.SplitPath))
+ lowerPath := strings.ToLower(path)
+ for _, split := range t.SplitPath {
+ if idx := strings.Index(lowerPath, strings.ToLower(split)); idx > -1 {
+ return idx
+ }
+ }
+ return -1
}
-// TODO:
// Map of supported protocols to Apache ssl_mod format
// Note that these are slightly different from SupportedProtocols in caddytls/config.go
var tlsProtocolStrings = map[uint16]string{