From 5baae31c1fd54e73dc0ed47e3372bdaea37a27ee Mon Sep 17 00:00:00 2001
From: Kay0u <pierre@kayou.io>
Date: Fri, 29 Dec 2023 00:48:47 +0100
Subject: [PATCH 1/2] nginx check regex in location field
---
package_linter.py | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/package_linter.py b/package_linter.py
index 26f86bd..e077a6e 100755
--- a/package_linter.py
+++ b/package_linter.py
@@ -1422,6 +1422,27 @@ class Configurations(TestSuite):
'more_set_headers "Header-Name: value"'
)
+ @test()
+ def misc_nginx_check_regex_in_location(self):
+ app = self.app
+ for filename in (
+ os.listdir(app.path + "/conf") if os.path.exists(app.path + "/conf") else []
+ ):
+ # Ignore subdirs or filename not containing nginx in the name
+ if (
+ not os.path.isfile(app.path + "/conf/" + filename)
+ or "nginx" not in filename
+ ):
+ continue
+
+ cmd = 'grep -q -IhEro "location ~ __PATH__\" %s' % filename
+
+ if os.system(cmd) != 0:
+ yield Warning(
+ "When using regexp in the nignx location field (location ~ __PATH__), start the path with ^ (location ~ ^__PATH__)."
+ )
+
+
@test()
def misc_nginx_path_traversal(self):
From 74d39d910c3a9dd0205daa6a914284869bb331e9 Mon Sep 17 00:00:00 2001
From: Kay0u <pierre@kayou.io>
Date: Fri, 29 Dec 2023 00:52:27 +0100
Subject: [PATCH 2/2] oupsie
---
package_linter.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package_linter.py b/package_linter.py
index e077a6e..89c5d61 100755
--- a/package_linter.py
+++ b/package_linter.py
@@ -1435,7 +1435,7 @@ class Configurations(TestSuite):
):
continue
- cmd = 'grep -q -IhEro "location ~ __PATH__\" %s' % filename
+ cmd = 'grep -q -IhEro "location ~ __PATH__" %s' % filename
if os.system(cmd) != 0:
yield Warning(