aboutsummaryrefslogtreecommitdiffhomepage
path: root/modules/caddyhttp/map
diff options
context:
space:
mode:
authorMatthew Holt <[email protected]>2021-10-19 12:25:36 -0600
committerMatthew Holt <[email protected]>2021-10-19 12:25:36 -0600
commita2119c09e95eeb871c2b30046f596d61257b108c (patch)
tree72ceea264c468dc2d06f4ab3232ef904f157def2 /modules/caddyhttp/map
parent062657d0d80aa1c2e3af51414db634f49c9a03a0 (diff)
downloadcaddy-a2119c09e95eeb871c2b30046f596d61257b108c.tar.gz
caddy-a2119c09e95eeb871c2b30046f596d61257b108c.zip
map: Fix 95c03506 (avoid repeated expansions)
Diffstat (limited to 'modules/caddyhttp/map')
-rw-r--r--modules/caddyhttp/map/map.go28
-rw-r--r--modules/caddyhttp/map/map_test.go27
2 files changed, 33 insertions, 22 deletions
diff --git a/modules/caddyhttp/map/map.go b/modules/caddyhttp/map/map.go
index 670a55bd4..839495501 100644
--- a/modules/caddyhttp/map/map.go
+++ b/modules/caddyhttp/map/map.go
@@ -131,27 +131,21 @@ func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhtt
// find the first mapping matching the input and return
// the requested destination/output value
for _, m := range h.Mappings {
- if m.re != nil {
- if m.re.MatchString(input) {
- if output := m.Outputs[destIdx]; output == nil {
- continue
- } else {
- var result []byte
- for _, submatches := range m.re.FindAllStringSubmatchIndex(input, -1) {
- result = m.re.ExpandString(result, m.Outputs[destIdx].(string), input, submatches)
- }
- output = string(result)
- return output, true
- }
- }
+ output := m.Outputs[destIdx]
+ if output == nil {
continue
}
- if input == m.Input {
- if output := m.Outputs[destIdx]; output == nil {
+ if m.re != nil {
+ var result []byte
+ matches := m.re.FindStringSubmatchIndex(input)
+ if matches == nil {
continue
- } else {
- return output, true
}
+ result = m.re.ExpandString(result, output.(string), input, matches)
+ return string(result), true
+ }
+ if input == m.Input {
+ return output, true
}
}
diff --git a/modules/caddyhttp/map/map_test.go b/modules/caddyhttp/map/map_test.go
index 59e5c5ef2..2789459b6 100644
--- a/modules/caddyhttp/map/map_test.go
+++ b/modules/caddyhttp/map/map_test.go
@@ -14,11 +14,11 @@ import (
func TestHandler(t *testing.T) {
for i, tc := range []struct {
handler Handler
- reqPath string
+ reqURI string
expect map[string]interface{}
}{
{
- reqPath: "/foo",
+ reqURI: "/foo",
handler: Handler{
Source: "{http.request.uri.path}",
Destinations: []string{"{output}"},
@@ -34,7 +34,7 @@ func TestHandler(t *testing.T) {
},
},
{
- reqPath: "/abcdef",
+ reqURI: "/abcdef",
handler: Handler{
Source: "{http.request.uri.path}",
Destinations: []string{"{output}"},
@@ -50,7 +50,7 @@ func TestHandler(t *testing.T) {
},
},
{
- reqPath: "/ABCxyzDEF",
+ reqURI: "/ABCxyzDEF",
handler: Handler{
Source: "{http.request.uri.path}",
Destinations: []string{"{output}"},
@@ -65,12 +65,29 @@ func TestHandler(t *testing.T) {
"output": "...xyz...",
},
},
+ {
+ // Test case from https://caddy.community/t/map-directive-and-regular-expressions/13866/14?u=matt
+ reqURI: "/?s=0%27+AND+%28SELECT+0+FROM+%28SELECT+count%28%2A%29%2C+CONCAT%28%28SELECT+%40%40version%29%2C+0x23%2C+FLOOR%28RAND%280%29%2A2%29%29+AS+x+FROM+information_schema.columns+GROUP+BY+x%29+y%29+-+-+%27",
+ handler: Handler{
+ Source: "{http.request.uri}",
+ Destinations: []string{"{output}"},
+ Mappings: []Mapping{
+ {
+ InputRegexp: "(?i)(\\^|`|<|>|%|\\\\|\\{|\\}|\\|)",
+ Outputs: []interface{}{"3"},
+ },
+ },
+ },
+ expect: map[string]interface{}{
+ "output": "3",
+ },
+ },
} {
if err := tc.handler.Provision(caddy.Context{}); err != nil {
t.Fatalf("Test %d: Provisioning handler: %v", i, err)
}
- req, err := http.NewRequest(http.MethodGet, tc.reqPath, nil)
+ req, err := http.NewRequest(http.MethodGet, tc.reqURI, nil)
if err != nil {
t.Fatalf("Test %d: Creating request: %v", i, err)
}