summaryrefslogtreecommitdiffhomepage
path: root/src/nxt_http_request.c (follow)
AgeCommit message (Collapse)AuthorFilesLines
2021-09-07Router: refactored variable pass.Zhidao HONG1-2/+0
Since the "pass" option supports both strings and variables, a generic nxt_var_t structure can be used in the configuration phase, and the "name" field in actions is redundant. No functional changes.
2021-08-12Router: client IP address replacement.Oisin Canty1-0/+150
This commit introduces the replacement of the client address based on the value of a specified HTTP header. This is intended for use when Unit is placed behind a reverse proxy like nginx or a CDN. You must specify the source addresses of the trusted proxies. This can be accomplished with any valid IP pattern supported by Unit's match block: ["10.0.0.1", "10.4.0.0/16", "!192.168.1.1"] The feature is configured per listener. The client address replacement functionality only operates when there is a source IP match and the specified header is present. Typically this would be an 'X-Forwarded-For' header. { "listeners": { "127.0.0.1:8080": { "client_ip": { "header": "X-Forwarded-For", "source": [ "10.0.0.0/8" ] }, "pass": "applications/my_app" }, } } If a request occurs and Unit receives a header like below: "X-Forwarded-For: 84.123.23.23" By default, Unit trusts the last rightmost IP in the header, so REMOTE_ADDR will be set to 84.123.23.23 if the connection originated from 10.0.0.0/8. If Unit runs behind consecutive reverse proxies and receives a header similar to the following: "X-Forwarded-For: 84.123.23.23, 10.0.0.254" You will need to enable "recursive" checking, which walks the header from last address to first and chooses the first non-trusted address it finds. { "listeners": { "127.0.0.1:8080": { "client_ip": { "header": "X-Forwarded-For", "source": [ "10.0.0.0/8" ] "recursive": true, }, "pass": "applications/my_app" }, } } If a connection from 10.0.0.0/8 occurs, the chain is walked. Here, 10.0.0.254 is also a trusted address so the client address will be replaced with 84.123.23.23. If all IP addresses in the header are trusted, the client address is set to the first address in the header: If 10.0.0.0/8 is trusted and "X-Forwarded-For: 10.0.0.3, 10.0.0.2, 10.0.0.1", the client address will be replaced with 10.0.0.3.
2021-07-24Router: split nxt_http_app_conf_t from nxt_http_action_t.Zhidao HONG1-3/+1
No functional changes.
2021-04-22Router: grouped app and share fields in nxt_http_action_t.Zhidao HONG1-2/+2
This is a prerequisite for further introduction of openat2() features. No functional changes.
2020-10-26Increased request memory pool size.Valentin Bartenev1-1/+1
Previous value was too small, which reduced efficiency of the pool causing a lot of additional allocations even for simple request and response.
2020-08-13Basic variables support.Valentin Bartenev1-4/+11
2020-05-14PHP: implemented "targets" option.Valentin Bartenev1-0/+2
This allows to specify multiple subsequent targets inside PHP applications. For example: { "listeners": { "*:80": { "pass": "routes" } }, "routes": [ { "match": { "uri": "/info" }, "action": { "pass": "applications/my_app/phpinfo" } }, { "match": { "uri": "/hello" }, "action": { "pass": "applications/my_app/hello" } }, { "action": { "pass": "applications/my_app/rest" } } ], "applications": { "my_app": { "type": "php", "targets": { "phpinfo": { "script": "phpinfo.php", "root": "/www/data/admin", }, "hello": { "script": "hello.php", "root": "/www/data/test", }, "rest": { "root": "/www/data/example.com", "index": "index.php" }, } } } }
2020-04-16Using malloc/free for the http fields hash.Max Romanov1-3/+3
This is required due to lack of a graceful shutdown: there is a small gap between the runtime's memory pool release and router process's exit. Thus, a worker thread may start processing a request between these two operations, which may result in an http fields hash access and subsequent crash. To simplify issue reproduction, it makes sense to add a 2 sec sleep before exit() in nxt_runtime_exit().
2020-03-12Using disk file to store large request body.Max Romanov1-0/+8
This closes #386 on GitHub.
2020-03-12Moving request memory pool retain call after RPC data allocation.Max Romanov1-10/+0
If the call is done only after a successful RPC data allocation, its corresponding release call is not missed, which avoids a potential leak.
2020-03-12Checking Content-Length value right after header parse.Max Romanov1-1/+8
The check was moved from the request body read stage.
2019-11-14Initial proxy support.Igor Sysoev1-2/+2
2019-11-14Introduced chained buffer completion handlers.Igor Sysoev1-3/+8
2019-11-14Using request task.Igor Sysoev1-2/+2
2019-11-14Replacing pass with action.Igor Sysoev1-15/+15
2019-09-19Basic support for serving static files.Valentin Bartenev1-17/+8
2019-08-26Adding body handler to nxt_http_request_header_send().Igor Sysoev1-2/+3
2019-08-20Introducing websocket support in router and libunit.Max Romanov1-6/+15
2019-08-06Refactored HTTP protocol callback table.Igor Sysoev1-14/+14
2019-07-24Added routing based on request scheme.Axel Duch1-1/+0
Scheme matches exact string “http” or “https”.
2019-05-30Handling routing errors.Igor Sysoev1-15/+12
2019-03-21Adjusting request schema value according to connection tls state.Max Romanov1-6/+9
This closes #223 issue on GitHub.
2019-03-18Setting request error flag in error handler.Max Romanov1-0/+2
Absence of this flag is the reason of memory leak in case when client disconnected before receiving all response data.
2019-03-06Removed unnecessary abstraction layer.Alexander Borisov1-74/+8
2019-02-27Fixed processing of SERVER_NAME after 77aad2c142a0.Valentin Bartenev1-2/+7
Previously, the nxt_router_prepare_msg() function expected server host among other headers unmodified. It's not true anymore since normalization of the Host header has been introduced in 77aad2c142a0. The nxt_unit_split_host() function was removed. It didn't work correctly with IPv6 literals. Anyway, after 77aad2c142a0 the port splitting is done in router while Host header processing.
2019-02-27Initial routing implementation.Igor Sysoev1-8/+45
2019-02-23Removed surplus check for NUL in nxt_http_validate_host().Valentin Bartenev1-1/+0
Such header fields are already rejected by HTTP parser.
2019-02-19Validation and normalization of request host.Valentin Bartenev1-7/+110
2019-02-18Fixed memory leak on response body sending failure.Igor Sysoev1-1/+3
2019-02-18Rejecting requests with duplicate "Content-Length".Valentin Bartenev1-5/+8
2019-02-07Rejecting requests with invalid "Content-Length".Valentin Bartenev1-3/+9
2018-10-22Handling of timers with bias.Valentin Bartenev1-1/+1
Timers that don't require maximum precision (most of them, actually) can be triggered earlier or later within the bias interval. To reduce wakeups by timers, the expire function now triggers not only all timers that fall within the elapsed time, but also those whose bias falls within this interval.
2018-07-30Sending 408 response on idle connection timeout.Igor Sysoev1-12/+13
2018-06-25Introduced nxt_length() macro.Valentin Bartenev1-1/+1
2018-05-30Fixed keep-alive hanging after reconfiguration.Igor Sysoev1-2/+5
2018-05-21Added SERVER_SOFTWARE request meta-variable.Valentin Bartenev1-1/+1
2018-04-11Initial access log support.Valentin Bartenev1-8/+10
2018-04-03HTTP: using r->mem_pool retention counter for response buffers.Igor Sysoev1-11/+58
2018-03-13Capitalization in the "Server" field.Valentin Bartenev1-1/+1
2018-02-12HTTP: the Date response header.Valentin Bartenev1-2/+52
2018-01-24Using size_t for the field width type of the "%*s" specifier.Sergey Kandaurov1-1/+2
2018-01-12HTTP: request body length was not passed to application.Igor Sysoev1-0/+1
The bug has appeared in changeset 5817734dd9b9.
2018-01-11HTTP: request body was not passed to application.Igor Sysoev1-0/+5
The bug has appeared in changeset 5817734dd9b9.
2017-12-29Using correct pointer in test operation.Igor Sysoev1-1/+1
Found by Coverity (CID 215687).
2017-12-28HTTP keep-alive connections support.Igor Sysoev1-0/+384