Merging r3992, r4192:
access_log related fixes: *) Removal of error message about %name log_format parameters, they have been deleted long ago in 0.5.0-RELEASE. *) Improved access log escaping to better protect other software. Some character sets (notably ISO-8859-1) have C1 control characters in upper half, make sure to escape them.
This commit is contained in:
parent
28bf21f99e
commit
192cd8704d
|
@ -690,12 +690,12 @@ ngx_http_log_escape(u_char *dst, u_char *src, size_t size)
|
|||
0x10000000, /* 0001 0000 0000 0000 0000 0000 0000 0000 */
|
||||
|
||||
/* ~}| {zyx wvut srqp onml kjih gfed cba` */
|
||||
0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
|
||||
0x80000000, /* 1000 0000 0000 0000 0000 0000 0000 0000 */
|
||||
|
||||
0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
|
||||
0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
|
||||
0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
|
||||
0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */
|
||||
0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */
|
||||
0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */
|
||||
0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */
|
||||
0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */
|
||||
};
|
||||
|
||||
|
||||
|
@ -1055,25 +1055,6 @@ ngx_http_log_compile_format(ngx_conf_t *cf, ngx_array_t *flushes,
|
|||
|
||||
for ( /* void */ ; s < args->nelts; s++) {
|
||||
|
||||
for (i = 0; i < value[s].len; i++) {
|
||||
if (value[s].data[i] != '%') {
|
||||
continue;
|
||||
}
|
||||
|
||||
ch = value[s].data[i + 1];
|
||||
|
||||
if ((ch >= 'A' && ch <= 'Z')
|
||||
|| (ch >= 'a' && ch <= 'z')
|
||||
|| ch == '{')
|
||||
{
|
||||
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
|
||||
"the parameters in the \"%%name\" form are not supported, "
|
||||
"use the \"$variable\" instead");
|
||||
|
||||
return NGX_CONF_ERROR;
|
||||
}
|
||||
}
|
||||
|
||||
i = 0;
|
||||
|
||||
while (i < value[s].len) {
|
||||
|
|
Loading…
Reference in New Issue