mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 07:37:02 +02:00
Code Issues Projects Releases Wiki Activity

[MINOR] redirect: add support for the "drop-query" option

Browse Source 
If "drop-query" is present on a "redirect" line using the "prefix" mode,
then the returned Location header will be the request URI without the
query-string. This may be used on some login/logout pages, or when it
must be decided to redirect the user to a non-secure server.

(cherry-picked from commit f2d361ccd73aa16538ce767c766362dd8f0a88fd)
This commit is contained in:
Willy Tarreau 2008-11-19 20:03:04 +01:00
parent 106cb76c4b
commit 79da4697ca
6 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/configuration.txt
View File

@ -2336,7 +2336,8 @@ no option transparent
"transparent" option of the "bind" keyword. "transparent" option of the "bind" keyword.
redirect {location | prefix} <to> [code <code>] {if | unless} <condition> redirect location <to> [code <code>] {if | unless} <condition>
redirect prefix <to> [drop-query] [code <code>] {if | unless} <condition>
Return an HTTP redirection if/unless a condition is matched Return an HTTP redirection if/unless a condition is matched
May be used in sections : defaults | frontend | listen | backend May be used in sections : defaults | frontend | listen | backend
no | yes | yes | yes no | yes | yes | yes
@ -2345,7 +2346,10 @@ redirect {location | prefix} <to> [code <code>] {if | unless} <condition>
response. There are currently two types of redirections : "location" and response. There are currently two types of redirections : "location" and
"prefix". With "location", the exact value in <to> is placed into the HTTP "prefix". With "location", the exact value in <to> is placed into the HTTP
"Location" header. With "prefix", the "Location" header is built from the "Location" header. With "prefix", the "Location" header is built from the
concatenation of <to> and the URI. It is particularly suited for global site concatenation of <to> and the URI. If the optional "drop-query" keyword is
used in a prefix-based redirection, then the location will be set without any
possible query-string, which is useful for directing users to a non-secure
page for instance. The "prefix" mode is particularly suited for global site
redirections. redirections.
The code is optional. It indicates in <code> which type of HTTP redirection The code is optional. It indicates in <code> which type of HTTP redirection
@ -2356,7 +2360,9 @@ redirect {location | prefix} <to> [code <code>] {if | unless} <condition>
acl clear dst_port 80 acl clear dst_port 80
acl secure dst_port 8080 acl secure dst_port 8080
acl login_page url_beg /login acl login_page url_beg /login
acl uid_given url_reg /login?userid=[^&]+
redirect prefix https://mysite.com if login_page !secure redirect prefix https://mysite.com if login_page !secure
redirect prefix http://mysite.com drop-query if login_page !uid_given
redirect location http://mysite.com/ if !login_page secure redirect location http://mysite.com/ if !login_page secure
See section 2.3 about ACL usage. See section 2.3 about ACL usage.

6
include/types/proto_http.h
View File

@ -165,7 +165,11 @@ enum {
DATA_ST_PX_FIN, DATA_ST_PX_FIN,
}; };
/* Redirect flags */
enum {
REDIRECT_FLAG_NONE = 0,
REDIRECT_FLAG_DROP_QS = 1, /* drop query string */
};
/* Redirect types (location, prefix, extended ) */ /* Redirect types (location, prefix, extended ) */
enum { enum {

1
include/types/proxy.h
View File

@ -266,6 +266,7 @@ struct redirect_rule {
int rdr_len; int rdr_len;
char *rdr_str; char *rdr_str;
int code; int code;
unsigned int flags;
}; };
extern struct proxy *proxy; extern struct proxy *proxy;

5
src/cfgparse.c
View File

@ -1118,6 +1118,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
int type = REDIRECT_TYPE_NONE; int type = REDIRECT_TYPE_NONE;
int code = 302; int code = 302;
char *destination = NULL; char *destination = NULL;
unsigned int flags = REDIRECT_FLAG_NONE;
cur_arg = 1; cur_arg = 1;
while (*(args[cur_arg])) { while (*(args[cur_arg])) {
@ -1157,6 +1158,9 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
return -1; return -1;
} }
} }
else if (!strcmp(args[cur_arg],"drop-query")) {
flags |= REDIRECT_FLAG_DROP_QS;
}
else if (!strcmp(args[cur_arg], "if")) { else if (!strcmp(args[cur_arg], "if")) {
pol = ACL_COND_IF; pol = ACL_COND_IF;
cur_arg++; cur_arg++;
@ -1200,6 +1204,7 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
rule->rdr_len = strlen(destination); rule->rdr_len = strlen(destination);
rule->type = type; rule->type = type;
rule->code = code; rule->code = code;
rule->flags = flags;
LIST_INIT(&rule->list); LIST_INIT(&rule->list);
LIST_ADDQ(&curproxy->redirect_rules, &rule->list); LIST_ADDQ(&curproxy->redirect_rules, &rule->list);
} }

10
src/proto_http.c
View File

@ -1894,6 +1894,16 @@ int http_process_request(struct session *s, struct buffer *req)
/* build message using path */ /* build message using path */
if (path) { if (path) {
pathlen = txn->req.sl.rq.u_l + (txn->req.sol+txn->req.sl.rq.u) - path; pathlen = txn->req.sl.rq.u_l + (txn->req.sol+txn->req.sl.rq.u) - path;
if (rule->flags & REDIRECT_FLAG_DROP_QS) {
int qs = 0;
while (qs < pathlen) {
if (path[qs] == '?') {
pathlen = qs;
break;
}
qs++;
}
}
} else { } else {
path = "/"; path = "/";
pathlen = 1; pathlen = 1;

3
tests/test-redirect.cfg
View File

@ -17,9 +17,10 @@ listen sample1
acl url_test1 url_reg test1 acl url_test1 url_reg test1
acl url_test2 url_reg test2 acl url_test2 url_reg test2
acl url_test3 url_reg test3
redirect location /abs/test code 301 if url_test1 redirect location /abs/test code 301 if url_test1
redirect prefix /pfx/test code 302 if url_test2 redirect prefix /pfx/test code 302 if url_test2
redirect prefix /pfx/test code 303 if url_test2 redirect prefix /pfx/test code 303 drop-query if url_test3
### unconditional redirection ### unconditional redirection
#redirect location https://example.com/ if TRUE #redirect location https://example.com/ if TRUE