fastcgi: Support multiple path splitters (close #1564)

2024-11-24 06:12:46 +08:00 · 2020-03-22 07:48:21 -06:00 · 2020-03-22 07:48:21 -06:00 · f2ce81cc8b
commit f2ce81cc8b
parent 2cab475ba5
2 changed files with 15 additions and 9 deletions
--- a/modules/caddyhttp/reverseproxy/fastcgi/caddyfile.go
+++ b/modules/caddyhttp/reverseproxy/fastcgi/caddyfile.go
@ -51,10 +51,10 @@ func (t *Transport) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 				t.Root = d.Val()

 			case "split":
-				if !d.NextArg() {
+				t.SplitPath = d.RemainingArgs()
+				if len(t.SplitPath) == 0 {
 					return d.ArgErr()
 				}
-				t.SplitPath = d.Val()

 			case "env":
 				args := d.RemainingArgs()
@ -173,7 +173,7 @@ func parsePHPFastCGI(h httpcaddyfile.Helper) ([]httpcaddyfile.ConfigValue, error
 	}

 	// set up the transport for FastCGI, and specifically PHP
-	fcgiTransport := Transport{SplitPath: ".php"}
+	fcgiTransport := Transport{SplitPath: []string{".php"}}

 	// create the reverse proxy handler which uses our FastCGI transport
 	rpHandler := &reverseproxy.Handler{
--- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
+++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
@ -47,10 +47,11 @@ type Transport struct {
 	// with the value of SplitPath. The first piece will be assumed as the
 	// actual resource (CGI script) name, and the second piece will be set to
 	// PATH_INFO for the CGI script to use.
+	//
 	// Future enhancements should be careful to avoid CVE-2019-11043,
 	// which can be mitigated with use of a try_files-like behavior
-	// that 404's if the fastcgi path info is not found.
-	SplitPath string `json:"split_path,omitempty"`
+	// that 404s if the fastcgi path info is not found.
+	SplitPath []string `json:"split_path,omitempty"`

 	// Extra environment variables.
 	EnvVars map[string]string `json:"env,omitempty"`
@ -168,7 +169,7 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) {

 	// Split path in preparation for env variables.
 	// Previous canSplit checks ensure this can never be -1.
-	// TODO: I haven't brought over canSplit; make sure this doesn't break
+	// TODO: I haven't brought over canSplit from v1; make sure this doesn't break
 	splitPos := t.splitPos(fpath)

 	// Request has the extension; path was split successfully
@ -284,14 +285,19 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) {
 // splitPos returns the index where path should
 // be split based on t.SplitPath.
 func (t Transport) splitPos(path string) int {
-	// TODO:
+	// TODO: from v1...
 	// if httpserver.CaseSensitivePath {
 	// 	return strings.Index(path, r.SplitPath)
 	// }
-	return strings.Index(strings.ToLower(path), strings.ToLower(t.SplitPath))
+	lowerPath := strings.ToLower(path)
+	for _, split := range t.SplitPath {
+		if idx := strings.Index(lowerPath, strings.ToLower(split)); idx > -1 {
+			return idx
+		}
+	}
+	return -1
 }

-// TODO:
 // Map of supported protocols to Apache ssl_mod format
 // Note that these are slightly different from SupportedProtocols in caddytls/config.go
 var tlsProtocolStrings = map[uint16]string{