mirror of https://github.com/yandex/gixy
Fixed invalid escape sequences
Andrew Krasichkov
parent
cbc7f91f4b
commit
340f715f00
|
|
@ -3,19 +3,19 @@ from gixy.core.variable import Variable
|
|||
|
||||
BUILTIN_VARIABLES = {
|
||||
# http://nginx.org/en/docs/http/ngx_http_core_module.html#var_uri
|
||||
'uri': '/[^\x20\t]*',
|
||||
'uri': r'/[^\x20\t]*',
|
||||
# http://nginx.org/en/docs/http/ngx_http_core_module.html#var_document_uri
|
||||
'document_uri': '/[^\x20\t]*',
|
||||
'document_uri': r'/[^\x20\t]*',
|
||||
# http://nginx.org/en/docs/http/ngx_http_core_module.html#var_arg_
|
||||
'arg_': '[^\s&]+',
|
||||
'arg_': r'[^\s&]+',
|
||||
# http://nginx.org/en/docs/http/ngx_http_core_module.html#var_args
|
||||
'args': '[^\s]+',
|
||||
'args': r'[^\s]+',
|
||||
# http://nginx.org/en/docs/http/ngx_http_core_module.html#var_query_string
|
||||
'query_string': '[^\s]+',
|
||||
'query_string': r'[^\s]+',
|
||||
# http://nginx.org/en/docs/http/ngx_http_core_module.html#var_request_uri
|
||||
'request_uri': '/[^\s]*',
|
||||
'request_uri': r'/[^\s]*',
|
||||
# http://nginx.org/en/docs/http/ngx_http_core_module.html#var_http_
|
||||
'http_': '[\x21-\x7e]',
|
||||
'http_': r'[\x21-\x7e]',
|
||||
|
||||
# http://nginx.org/en/docs/http/ngx_http_upstream_module.html#var_upstream_http_
|
||||
'upstream_http_': '',
|
||||
|
|
|
|||
|
|
@ -115,7 +115,7 @@ class SetByLuaDirective(Directive):
|
|||
class RewriteDirective(Directive):
|
||||
nginx_name = 'rewrite'
|
||||
provide_variables = True
|
||||
boundary = Regexp('[^\s\r\n]')
|
||||
boundary = Regexp(r'[^\s\r\n]')
|
||||
|
||||
def __init__(self, name, args):
|
||||
super(RewriteDirective, self).__init__(name, args)
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ from gixy.core.variable import compile_script
|
|||
|
||||
|
||||
class http_splitting(Plugin):
|
||||
"""
|
||||
r"""
|
||||
Insecure examples:
|
||||
rewrite ^ http://$host$uri;
|
||||
return 301 http://$host$uri;
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ LOG = logging.getLogger(__name__)
|
|||
|
||||
|
||||
class origins(Plugin):
|
||||
"""
|
||||
r"""
|
||||
Insecure example:
|
||||
if ($http_referer !~ "^https?://([^/]+metrika.*yandex\.ru/"){
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
|
|
@ -29,7 +29,7 @@ class origins(Plugin):
|
|||
if self.config.get('domains') and self.config.get('domains')[0] and self.config.get('domains')[0] != '*':
|
||||
domains = '|'.join(re.escape(d) for d in self.config.get('domains'))
|
||||
else:
|
||||
domains = '[^/.]*\.[^/]{2,7}'
|
||||
domains = r'[^/.]*\.[^/]{2,7}'
|
||||
|
||||
scheme = 'https{http}'.format(http=('?' if not self.config.get('https_only') else ''))
|
||||
regex = r'^{scheme}://(?:[^/.]*\.){{0,10}}(?P<domain>{domains})(?::\d*)?(?:/|\?|$)'.format(
|
||||
|
|
|
|||
Loading…
Reference in New Issue