mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-27 06:03:48 +03:00
caddyhttp: Trim dot/space only on Windows (fix #5613)
Follow-up to #2917. Path matcher needs to trim dots and spaces but only on Windows.
This commit is contained in:
parent
7914ba3573
commit
66114cb155
2 changed files with 9 additions and 8 deletions
|
@ -25,6 +25,7 @@ import (
|
|||
"path"
|
||||
"reflect"
|
||||
"regexp"
|
||||
"runtime"
|
||||
"sort"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
@ -395,7 +396,9 @@ func (m MatchPath) Match(r *http.Request) bool {
|
|||
// security risk (cry) if PHP files end up being served
|
||||
// as static files, exposing the source code, instead of
|
||||
// being matched by *.php to be treated as PHP scripts.
|
||||
reqPath = strings.TrimRight(reqPath, ". ")
|
||||
if runtime.GOOS == "windows" { // issue #5613
|
||||
reqPath = strings.TrimRight(reqPath, ". ")
|
||||
}
|
||||
|
||||
repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer)
|
||||
|
||||
|
|
|
@ -21,6 +21,7 @@ import (
|
|||
"net/http/httptest"
|
||||
"net/url"
|
||||
"os"
|
||||
"runtime"
|
||||
"testing"
|
||||
|
||||
"github.com/caddyserver/caddy/v2"
|
||||
|
@ -253,11 +254,6 @@ func TestPathMatcher(t *testing.T) {
|
|||
input: "/FOOOO",
|
||||
expect: true,
|
||||
},
|
||||
{
|
||||
match: MatchPath{"*.php"},
|
||||
input: "/foo/index.php. .",
|
||||
expect: true,
|
||||
},
|
||||
{
|
||||
match: MatchPath{"/foo/bar.txt"},
|
||||
input: "/foo/BAR.txt",
|
||||
|
@ -435,8 +431,10 @@ func TestPathMatcher(t *testing.T) {
|
|||
|
||||
func TestPathMatcherWindows(t *testing.T) {
|
||||
// only Windows has this bug where it will ignore
|
||||
// trailing dots and spaces in a filename, but we
|
||||
// test for it on all platforms to be more consistent
|
||||
// trailing dots and spaces in a filename
|
||||
if runtime.GOOS != "windows" {
|
||||
return
|
||||
}
|
||||
|
||||
req := &http.Request{URL: &url.URL{Path: "/index.php . . .."}}
|
||||
repl := caddy.NewReplacer()
|
||||
|
|
Loading…
Reference in a new issue