aboutsummaryrefslogtreecommitdiffhomepage
path: root/caddy.go
diff options
context:
space:
mode:
authorjhwz <[email protected]>2022-07-13 06:23:55 +1200
committerGitHub <[email protected]>2022-07-12 12:23:55 -0600
commitad3a83fb9169899226ce12a61c16b5bf4d03c482 (patch)
tree62f19bf05422fe5844c9c90c73402b12f639a7a4 /caddy.go
parent53c4d788d4bbc00d396be743a2c0b36482e53c6e (diff)
downloadcaddy-ad3a83fb9169899226ce12a61c16b5bf4d03c482.tar.gz
caddy-ad3a83fb9169899226ce12a61c16b5bf4d03c482.zip
admin: expect quoted ETags (#4879)v2.5.2
* expect quoted etags * admin: Minor refactor of etag facilities Co-authored-by: Matthew Holt <[email protected]>
Diffstat (limited to 'caddy.go')
-rw-r--r--caddy.go10
1 files changed, 9 insertions, 1 deletions
diff --git a/caddy.go b/caddy.go
index 0c6dfcd00..98ee5b39b 100644
--- a/caddy.go
+++ b/caddy.go
@@ -145,8 +145,16 @@ func changeConfig(method, path string, input []byte, ifMatchHeader string, force
defer currentCfgMu.Unlock()
if ifMatchHeader != "" {
+ // expect the first and last character to be quotes
+ if len(ifMatchHeader) < 2 || ifMatchHeader[0] != '"' || ifMatchHeader[len(ifMatchHeader)-1] != '"' {
+ return APIError{
+ HTTPStatus: http.StatusBadRequest,
+ Err: fmt.Errorf("malformed If-Match header; expect quoted string"),
+ }
+ }
+
// read out the parts
- parts := strings.Fields(ifMatchHeader)
+ parts := strings.Fields(ifMatchHeader[1 : len(ifMatchHeader)-1])
if len(parts) != 2 {
return APIError{
HTTPStatus: http.StatusBadRequest,