[fix] Do match skipped/redirected/unprotected URIs against URL arguments

This commit is contained in:
Alexis Gavoty 2014-12-07 19:40:03 +01:00
parent 7f32fed667
commit 48983a6e68

View file

@ -766,9 +766,9 @@ end
if conf["redirected_urls"] then if conf["redirected_urls"] then
for url, redirect_url in pairs(conf["redirected_urls"]) do for url, redirect_url in pairs(conf["redirected_urls"]) do
if url == ngx.var.host..ngx.var.uri if url == ngx.var.host..ngx.var.uri..uri_args_string()
or url == ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri or url == ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri..uri_args_string()
or url == ngx.var.uri then or url == ngx.var.uri..uri_args_string() then
detect_redirection(redirect_url) detect_redirection(redirect_url)
end end
end end
@ -776,9 +776,9 @@ end
if conf["redirected_regex"] then if conf["redirected_regex"] then
for regex, redirect_url in pairs(conf["redirected_regex"]) do for regex, redirect_url in pairs(conf["redirected_regex"]) do
if string.match(ngx.var.host..ngx.var.uri, regex) if string.match(ngx.var.host..ngx.var.uri..uri_args_string(), regex)
or string.match(ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri, regex) or string.match(ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri..uri_args_string(), regex)
or string.match(ngx.var.uri, regex) then or string.match(ngx.var.uri..uri_args_string(), regex) then
detect_redirection(redirect_url) detect_redirection(redirect_url)
end end
end end
@ -814,8 +814,8 @@ end
if conf["skipped_urls"] then if conf["skipped_urls"] then
for _, url in ipairs(conf["skipped_urls"]) do for _, url in ipairs(conf["skipped_urls"]) do
if (string.starts(ngx.var.host..ngx.var.uri, url) if (string.starts(ngx.var.host..ngx.var.uri..uri_args_string(), url)
or string.starts(ngx.var.uri, url)) or string.starts(ngx.var.uri..uri_args_string(), url))
and not is_protected() then and not is_protected() then
return pass() return pass()
end end
@ -824,8 +824,8 @@ end
if conf["skipped_regex"] then if conf["skipped_regex"] then
for _, regex in ipairs(conf["skipped_regex"]) do for _, regex in ipairs(conf["skipped_regex"]) do
if (string.match(ngx.var.host..ngx.var.uri, regex) if (string.match(ngx.var.host..ngx.var.uri..uri_args_string(), regex)
or string.match(ngx.var.uri, regex)) or string.match(ngx.var.uri..uri_args_string(), regex))
and not is_protected() then and not is_protected() then
return pass() return pass()
end end
@ -839,8 +839,8 @@ end
if conf["unprotected_urls"] then if conf["unprotected_urls"] then
for _, url in ipairs(conf["unprotected_urls"]) do for _, url in ipairs(conf["unprotected_urls"]) do
if (string.starts(ngx.var.host..ngx.var.uri, url) if (string.starts(ngx.var.host..ngx.var.uri..uri_args_string(), url)
or string.starts(ngx.var.uri, url)) or string.starts(ngx.var.uri..uri_args_string(), url))
and not is_protected() then and not is_protected() then
if is_logged_in() then if is_logged_in() then
set_headers() set_headers()
@ -852,8 +852,8 @@ end
if conf["unprotected_regex"] then if conf["unprotected_regex"] then
for _, regex in ipairs(conf["unprotected_regex"]) do for _, regex in ipairs(conf["unprotected_regex"]) do
if (string.match(ngx.var.host..ngx.var.uri, regex) if (string.match(ngx.var.host..ngx.var.uri..uri_args_string(), regex)
or string.match(ngx.var.uri, regex)) or string.match(ngx.var.uri..uri_args_string(), regex))
and not is_protected() then and not is_protected() then
if is_logged_in() then if is_logged_in() then
set_headers() set_headers()