mischief/openbsd-src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2025-01-03 06:45:37 -08:00
Code

httpd: allow $REQUEST_SCHEME in redirect targets, ok jung@ florian@

Browse Source 
Sometimes you want to redirect a request to another site but maintaining
the same type of connection (http or https) as the original request.
Allow a $REQUEST_SCHEME variable to be used in redirect locations to
allow this, e.g.

  location "/cgi-bin/foobar*" { block return 302 "$REQUEST_SCHEME://foobar.example.org$REQUEST_URI" }
This commit is contained in:
sthen 2020-02-25 15:18:41 +00:00
parent 6f241297ae
commit 603a52d71c
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
usr.sbin/httpd/httpd.conf.5
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: httpd.conf.5,v 1.108 2020/02/09 09:44:04 florian Exp $
.\" $OpenBSD: httpd.conf.5,v 1.109 2020/02/25 15:18:41 sthen Exp $
.\"
.\" Copyright (c) 2014, 2015 Reyk Floeter <reyk@openbsd.org>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: February 9 2020 $
.Dd $Mdocdate: February 25 2020 $
.Dt HTTPD.CONF 5
.Os
.Sh NAME
@ -217,6 +217,8 @@ The IP address of the connected client.
The TCP source port of the connected client.
.It Ic $REMOTE_USER
The remote user for HTTP authentication.
.It Ic $REQUEST_SCHEME
The request scheme (http or https).
.It Ic $REQUEST_URI
The request path and optional query string.
.It Ic $SERVER_ADDR
@ -774,11 +776,13 @@ directive:
.Bd -literal -offset indent
server "example.com" {
listen on 10.0.0.1 port 80
block return 301 "http://www.example.com$REQUEST_URI"
listen on 10.0.0.1 tls port 443
block return 301 "$REQUEST_SCHEME://www.example.com$REQUEST_URI"
}
server "www.example.com" {
listen on 10.0.0.1 port 80
listen on 10.0.0.1 tls port 443
}
.Ed
The request can also be rewritten with the

11
usr.sbin/httpd/server_http.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: server_http.c,v 1.136 2020/01/14 20:48:57 benno Exp $ */
/* $OpenBSD: server_http.c,v 1.137 2020/02/25 15:18:41 sthen Exp $ */
/*
* Copyright (c) 2006 - 2018 Reyk Floeter <reyk@openbsd.org>
@ -1148,6 +1148,15 @@ server_expand_http(struct client *clt, const char *val, char *buf,
if (ret != 0)
return (NULL);
}
if (strstr(val, "$REQUEST_SCHEME") != NULL) {
if (srv_conf->flags & SRVFLAG_TLS) {
ret = expand_string(buf, len, "$REQUEST_SCHEME", "https");
} else {
ret = expand_string(buf, len, "$REQUEST_SCHEME", "http");
}
if (ret != 0)
return (NULL);
}
if (strstr(val, "$SERVER_") != NULL) {
if (strstr(val, "$SERVER_ADDR") != NULL) {
if (print_host(&srv_conf->ss,