serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-27 06:03:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

httpcaddyfile: Don't lowercase placeholder contents (fixes #3264)

Browse source
This commit is contained in:
Matthew Holt 2020-04-14 16:11:46 -06:00
parent 2609a72893
commit 829e36d535
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
3 changed files with 54 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
caddyconfig/httpcaddyfile/addresses.go
View file

@ -20,6 +20,7 @@ import (
"reflect" "reflect"
"strconv" "strconv"
"strings" "strings"
"unicode"
"github.com/caddyserver/caddy/v2" "github.com/caddyserver/caddy/v2"
"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile"
@ -333,8 +334,8 @@ func (a Address) Normalize() Address {
return Address{ return Address{
Original: a.Original, Original: a.Original,
Scheme: strings.ToLower(a.Scheme), Scheme: lowerExceptPlaceholders(a.Scheme),
Host: strings.ToLower(host), Host: lowerExceptPlaceholders(host),
Port: a.Port, Port: a.Port,
Path: path, Path: path,
} }
@ -361,3 +362,31 @@ func (a Address) Key() string {
} }
return res return res
} }
// lowerExceptPlaceholders lowercases s except within
// placeholders (substrings in non-escaped '{ }' spans).
// See https://github.com/caddyserver/caddy/issues/3264
func lowerExceptPlaceholders(s string) string {
var sb strings.Builder
var escaped, inPlaceholder bool
for _, ch := range s {
if ch == '\\' && !escaped {
escaped = true
sb.WriteRune(ch)
continue
}
if ch == '{' && !escaped {
inPlaceholder = true
}
if ch == '}' && inPlaceholder && !escaped {
inPlaceholder = false
}
if inPlaceholder {
sb.WriteRune(ch)
} else {
sb.WriteRune(unicode.ToLower(ch))
}
escaped = false
}
return sb.String()
}

22
caddyconfig/httpcaddyfile/addresses_test.go
View file

@ -108,6 +108,10 @@ func TestKeyNormalization(t *testing.T) {
input string input string
expect string expect string
}{ }{
{
input: "example.com",
expect: "example.com",
},
{ {
input: "http://host:1234/path", input: "http://host:1234/path",
expect: "http://host:1234/path", expect: "http://host:1234/path",
@ -124,6 +128,22 @@ func TestKeyNormalization(t *testing.T) {
input: "A:2015/Path", input: "A:2015/Path",
expect: "a:2015/Path", expect: "a:2015/Path",
}, },
{
input: "sub.{env.MY_DOMAIN}",
expect: "sub.{env.MY_DOMAIN}",
},
{
input: "sub.ExAmPle",
expect: "sub.example",
},
{
input: "sub.\\{env.MY_DOMAIN\\}",
expect: "sub.\\{env.my_domain\\}",
},
{
input: "sub.{env.MY_DOMAIN}.com",
expect: "sub.{env.MY_DOMAIN}.com",
},
{ {
input: ":80", input: ":80",
expect: ":80", expect: ":80",
@ -156,7 +176,7 @@ func TestKeyNormalization(t *testing.T) {
continue continue
} }
if actual := addr.Normalize().Key(); actual != tc.expect { if actual := addr.Normalize().Key(); actual != tc.expect {
t.Errorf("Test %d: Normalized key for address '%s' was '%s' but expected '%s'", i, tc.input, actual, tc.expect) t.Errorf("Test %d: Input '%s': Expected '%s' but got '%s'", i, tc.input, tc.expect, actual)
} }
} }

2
modules/caddyhttp/caddyauth/caddyauth.go
View file

@ -29,6 +29,8 @@ func init() {
// Authentication is a middleware which provides user authentication. // Authentication is a middleware which provides user authentication.
// Rejects requests with HTTP 401 if the request is not authenticated. // Rejects requests with HTTP 401 if the request is not authenticated.
//
// Its API is still experimental and may be subject to change.
type Authentication struct { type Authentication struct {
// A set of authentication providers. If none are specified, // A set of authentication providers. If none are specified,
// all requests will always be unauthenticated. // all requests will always be unauthenticated.