diff options
author | Francis Lavoie <lavofr@gmail.com> | 2020-07-17 16:48:50 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-17 14:48:50 -0600 |
commit | 0665a86eb72a178a42741d477b765169d7423fd8 (patch) | |
tree | 18ba97014fdef0f4466841c89f13afebcc059d15 /modules/caddyhttp/reverseproxy | |
parent | 3fdaf507857bacddeeaeac2d23b1e15bb99bc633 (diff) |
fastcgi: Ensure leading slash, omit SERVER_PORT if empty for compliance (#3570)
See https://tools.ietf.org/html/rfc3875#section-4.1.13 for SCRIPT_NAME requiring leading slash
See https://tools.ietf.org/html/rfc3875#section-4.1.15 for SERVER_PORT requiring omission if empty
Diffstat (limited to 'modules/caddyhttp/reverseproxy')
-rw-r--r-- | modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go index c12e932..8c03172 100644 --- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go +++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go @@ -202,6 +202,12 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) { pathPrefix, _ := r.Context().Value(caddy.CtxKey("path_prefix")).(string) scriptName = path.Join(pathPrefix, scriptName) + // Ensure the SCRIPT_NAME has a leading slash for compliance with RFC3875 + // Info: https://tools.ietf.org/html/rfc3875#section-4.1.13 + if scriptName != "" && !strings.HasPrefix(scriptName, "/") { + scriptName = "/" + scriptName + } + // Get the request URL from context. The context stores the original URL in case // it was changed by a middleware such as rewrite. By default, we pass the // original URI in as the value of REQUEST_URI (the user can overwrite this @@ -249,7 +255,6 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) { "REQUEST_METHOD": r.Method, "REQUEST_SCHEME": requestScheme, "SERVER_NAME": reqHost, - "SERVER_PORT": reqPort, "SERVER_PROTOCOL": r.Proto, "SERVER_SOFTWARE": t.serverSoftware, @@ -269,6 +274,13 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) { env["PATH_TRANSLATED"] = filepath.Join(root, pathInfo) // Info: http://www.oreilly.com/openbook/cgi/ch02_04.html } + // compliance with the CGI specification requires that + // SERVER_PORT should only exist if it's a valid numeric value. + // Info: https://www.ietf.org/rfc/rfc3875 Page 18 + if reqPort != "" { + env["SERVER_PORT"] = reqPort + } + // Some web apps rely on knowing HTTPS or not if r.TLS != nil { env["HTTPS"] = "on" |