github-mirror/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-11-25 09:40:13 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

headers: Only replace known placeholders (#4880)

Browse Source
This commit is contained in:
Francis Lavoie 2022-07-12 14:16:03 -04:00 committed by GitHub
parent d6bc9e0b5c
commit 53c4d788d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
modules/caddyhttp/headers/headers.go
View File

@ -194,27 +194,27 @@ type RespHeaderOps struct {
func (ops HeaderOps) ApplyTo(hdr http.Header, repl *caddy.Replacer) {
// add
for fieldName, vals := range ops.Add {
fieldName = repl.ReplaceAll(fieldName, "")
fieldName = repl.ReplaceKnown(fieldName, "")
for _, v := range vals {
hdr.Add(fieldName, repl.ReplaceAll(v, ""))
hdr.Add(fieldName, repl.ReplaceKnown(v, ""))
}
}
// set
for fieldName, vals := range ops.Set {
fieldName = repl.ReplaceAll(fieldName, "")
fieldName = repl.ReplaceKnown(fieldName, "")
var newVals []string
for i := range vals {
// append to new slice so we don't overwrite
// the original values in ops.Set
newVals = append(newVals, repl.ReplaceAll(vals[i], ""))
newVals = append(newVals, repl.ReplaceKnown(vals[i], ""))
}
hdr.Set(fieldName, strings.Join(newVals, ","))
}
// delete
for _, fieldName := range ops.Delete {
fieldName = strings.ToLower(repl.ReplaceAll(fieldName, ""))
fieldName = strings.ToLower(repl.ReplaceKnown(fieldName, ""))
switch {
case strings.HasPrefix(fieldName, "*") && strings.HasSuffix(fieldName, "*"):
for existingField := range hdr {
@ -241,13 +241,13 @@ func (ops HeaderOps) ApplyTo(hdr http.Header, repl *caddy.Replacer) {
// replace
for fieldName, replacements := range ops.Replace {
fieldName = http.CanonicalHeaderKey(repl.ReplaceAll(fieldName, ""))
fieldName = http.CanonicalHeaderKey(repl.ReplaceKnown(fieldName, ""))
// all fields...
if fieldName == "*" {
for _, r := range replacements {
search := repl.ReplaceAll(r.Search, "")
replace := repl.ReplaceAll(r.Replace, "")
search := repl.ReplaceKnown(r.Search, "")
replace := repl.ReplaceKnown(r.Replace, "")
for fieldName, vals := range hdr {
for i := range vals {
if r.re != nil {
@ -263,8 +263,8 @@ func (ops HeaderOps) ApplyTo(hdr http.Header, repl *caddy.Replacer) {
// ...or only with the named field
for _, r := range replacements {
search := repl.ReplaceAll(r.Search, "")
replace := repl.ReplaceAll(r.Replace, "")
search := repl.ReplaceKnown(r.Search, "")
replace := repl.ReplaceKnown(r.Replace, "")
for hdrFieldName, vals := range hdr {
// see issue #4330 for why we don't simply use hdr[fieldName]
if http.CanonicalHeaderKey(hdrFieldName) != fieldName {