1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
--- branches/lighttpd-merge-1.4.x/src/connections.c (revision 715)
+++ branches/lighttpd-merge-1.4.x/src/connections.c (revision 716)
@@ -691,7 +691,6 @@
CLEAN(authed_user);
CLEAN(server_name);
CLEAN(error_handler);
- CLEAN(dst_addr_buf);
#undef CLEAN
#define CLEAN(x) \
--- branches/lighttpd-merge-1.4.x/tests/lighttpd.conf (revision 715)
+++ branches/lighttpd-merge-1.4.x/tests/lighttpd.conf (revision 716)
@@ -155,22 +155,21 @@
url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" )
}
-$HTTP["host"] =~ "(remoteip).example.org" {
- $HTTP["remoteip"] =~ "(127.0.0.1)" {
+$HTTP["host"] =~ "(remoteip)\.example\.org" {
+ $HTTP["remoteip"] =~ "(127\.0\.0\.1)" {
url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" )
}
}
-$HTTP["remoteip"] =~ "(127.0.0.1)" {
- $HTTP["host"] =~ "(remoteip2).example.org" {
+$HTTP["remoteip"] =~ "(127\.0\.0\.1)" {
+ $HTTP["host"] =~ "(remoteip2)\.example\.org" {
url.redirect = ( "^/redirect/$" => "http://localhost:2048/%1" )
}
}
-# deny access for all image stealers
-$HTTP["host"] == "referer.example.org" {
- $HTTP["referer"] !~ "^($|http://referer\.example\.org)" {
- url.access-deny = ( ".png" )
+$HTTP["host"] =~ "bug255\.example\.org$" {
+ $HTTP["remoteip"] == "127.0.0.1" {
+ url.access-deny = ( "" )
}
}
@@ -178,3 +177,10 @@
url.access-deny = ( ".jpg" )
}
+# deny access for all image stealers
+$HTTP["host"] == "referer.example.org" {
+ $HTTP["referer"] !~ "^($|http://referer\.example\.org)" {
+ url.access-deny = ( ".png" )
+ }
+}
+
--- branches/lighttpd-merge-1.4.x/tests/core-condition.t (revision 715)
+++ branches/lighttpd-merge-1.4.x/tests/core-condition.t (revision 716)
@@ -71,18 +71,6 @@
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ];
ok($tf->handle_http($t) == 0, 'condition: Referer - referer matches regex');
-TODO: {
- local $TODO = "referer matching in conditionals";
- $t->{REQUEST} = ( <<EOF
-GET /nofile.png HTTP/1.0
-Host: referer.example.org
-Referer: http://evil-referer.example.org/
-EOF
- );
- $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
- ok($tf->handle_http($t) == 0, 'condition: Referer - referer doesn\'t match');
-}
-
$t->{REQUEST} = ( <<EOF
GET /image.jpg HTTP/1.0
Host: www.example.org
@@ -109,6 +97,17 @@
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
ok($tf->handle_http($t) == 0, 'condition: Referer - referer doesn\'t match');
+$t->{REQUEST} = ( <<EOF
+GET /nofile HTTP/1.1
+Host: bug255.example.org
+
+GET /nofile HTTP/1.1
+Host: bug255.example.org
+Connection: close
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.1', 'HTTP-Status' => 403 }, { 'HTTP-Protocol' => 'HTTP/1.1', 'HTTP-Status' => 403 } ];
+ok($tf->handle_http($t) == 0, 'remote ip cache (#255)');
ok($tf->stop_proc == 0, "Stopping lighttpd");
|
GitWeb