|
 |
6014ec |
From dfd818595b54942cb1adc45f6aed95c9b706e3a8 Mon Sep 17 00:00:00 2001
|
|
|
6014ec |
From: Amos Jeffries <yadij@users.noreply.github.com>
|
|
|
6014ec |
Date: Fri, 4 Sep 2020 17:38:30 +1200
|
|
|
6014ec |
Subject: [PATCH] Merge pull request from GHSA-jvf6-h9gj-pmj6
|
|
|
6014ec |
|
|
|
6014ec |
* Add slash prefix to path-rootless or path-noscheme URLs
|
|
|
6014ec |
|
|
|
6014ec |
* Update src/anyp/Uri.cc
|
|
|
6014ec |
|
|
|
6014ec |
Co-authored-by: Alex Rousskov <rousskov@measurement-factory.com>
|
|
|
6014ec |
|
|
|
6014ec |
* restore file trailer GH auto-removes
|
|
|
6014ec |
|
|
|
6014ec |
* Remove redundant path-empty check
|
|
|
6014ec |
|
|
|
6014ec |
* Removed stale comment left behind by b2ab59a
|
|
|
6014ec |
|
|
|
6014ec |
Many things imply a leading `/` in a URI. Their enumeration is likely to
|
|
|
6014ec |
(and did) become stale, misleading the reader.
|
|
|
6014ec |
|
|
|
6014ec |
* fixup: Remind that the `src` iterator may be at its end
|
|
|
6014ec |
|
|
|
6014ec |
We are dereferencing `src` without comparing it to `\0`.
|
|
|
6014ec |
To many readers that (incorrectly) implies that we are not done iterating yet.
|
|
|
6014ec |
|
|
|
6014ec |
Also fixed branch-added comment indentation.
|
|
|
6014ec |
|
|
|
6014ec |
Co-authored-by: Alex Rousskov <rousskov@measurement-factory.com>
|
|
|
6014ec |
---
|
|
|
6014ec |
src/anyp/Uri.cc | 10 +++-------
|
|
|
6014ec |
1 file changed, 3 insertions(+), 7 deletions(-)
|
|
|
6014ec |
|
|
|
6014ec |
diff --git a/src/anyp/Uri.cc b/src/anyp/Uri.cc
|
|
|
6014ec |
index b745c54..31f02d5 100644
|
|
|
6014ec |
--- a/src/anyp/Uri.cc
|
|
|
6014ec |
+++ b/src/anyp/Uri.cc
|
|
|
6014ec |
@@ -293,8 +293,9 @@ AnyP::Uri::parse(const HttpRequestMethod& method, const SBuf &rawUrl)
|
|
|
6014ec |
return false;
|
|
|
6014ec |
*dst = '\0';
|
|
|
6014ec |
|
|
|
6014ec |
- // bug 3074: received 'path' starting with '?', '#', or '\0' implies '/'
|
|
|
6014ec |
- if (*src == '?' || *src == '#' || *src == '\0') {
|
|
|
6014ec |
+ // We are looking at path-abempty.
|
|
|
6014ec |
+ if (*src != '/') {
|
|
|
6014ec |
+ // path-empty, including the end of the `src` c-string cases
|
|
|
6014ec |
urlpath[0] = '/';
|
|
|
6014ec |
dst = &urlpath[1];
|
|
|
6014ec |
} else {
|
|
|
6014ec |
@@ -308,11 +309,6 @@ AnyP::Uri::parse(const HttpRequestMethod& method, const SBuf &rawUrl)
|
|
|
6014ec |
/* We -could- be at the end of the buffer here */
|
|
|
6014ec |
if (i > l)
|
|
|
6014ec |
return false;
|
|
|
6014ec |
- /* If the URL path is empty we set it to be "/" */
|
|
|
6014ec |
- if (dst == urlpath) {
|
|
|
6014ec |
- *dst = '/';
|
|
|
6014ec |
- ++dst;
|
|
|
6014ec |
- }
|
|
|
6014ec |
*dst = '\0';
|
|
|
6014ec |
|
|
|
6014ec |
foundPort = scheme.defaultPort(); // may be reset later
|