This is an automated email from the ASF dual-hosted git repository. wenming pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-apisix.git
The following commit(s) were added to refs/heads/master by this push: new c07b8b5 bugfix: check if uri option starts with / in proxy-rewrite plugin. (#1039) c07b8b5 is described below commit c07b8b53a5334497b63d45a7f2ee62a1560474bb Author: agile6v <agil...@agile6v.com> AuthorDate: Sun Jan 12 00:24:01 2020 +0800 bugfix: check if uri option starts with / in proxy-rewrite plugin. (#1039) --- lua/apisix/plugins/proxy-rewrite.lua | 6 ++++++ t/plugin/proxy-rewrite.t | 39 ++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) diff --git a/lua/apisix/plugins/proxy-rewrite.lua b/lua/apisix/plugins/proxy-rewrite.lua index 41c8752..ab0e593 100644 --- a/lua/apisix/plugins/proxy-rewrite.lua +++ b/lua/apisix/plugins/proxy-rewrite.lua @@ -21,6 +21,7 @@ local ipairs = ipairs local ngx = ngx local type = type local re_sub = ngx.re.sub +local str_sub = string.sub local schema = { @@ -91,6 +92,11 @@ function _M.check_schema(conf) end end + if conf.uri ~= nil then + if str_sub(conf.uri, 1, 1) ~= "/" then + return false, "invalid uri(" .. conf.uri .. "), must start with /." + end + end --reform header from object into array, so can avoid use pairs, which is NYI if conf.headers then diff --git a/t/plugin/proxy-rewrite.t b/t/plugin/proxy-rewrite.t index c3fe63b..832a197 100644 --- a/t/plugin/proxy-rewrite.t +++ b/t/plugin/proxy-rewrite.t @@ -967,3 +967,42 @@ GET /t --- error_code: 400 --- error_log invalid capturing variable name found + + + +=== TEST 34: set route(invalid uri) +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "proxy-rewrite": { + "uri": "hello" + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/hello" + }]] + ) + + if code >= 300 then + ngx.status = code + end + ngx.say(body) + } + } +--- request +GET /t +--- error_code: 400 +--- response_body eval +qr/invalid uri/ +--- no_error_log +[error]