Commit 8e307799 authored by Poul-Henning Kamp's avatar Poul-Henning Kamp

Add a check to avoid doing ESI parsing of objects that do not look

like XML.  Our definition of "looks like XML" is that the first
non-white-space character is '<'.

Add a new parameter "esi_syntax" with bits to steer the ESI parser.

Use the first bit to disable the "looks like XML" check.



git-svn-id: http://www.varnish-cache.org/svn/trunk/varnish-cache@3016 d4fa192b-c00b-0410-8231-f00ffab90ce4
parent 967111bf
...@@ -637,6 +637,26 @@ VRT_ESI(struct sess *sp) ...@@ -637,6 +637,26 @@ VRT_ESI(struct sess *sp)
CHECK_OBJ_NOTNULL(sp->obj, OBJECT_MAGIC); CHECK_OBJ_NOTNULL(sp->obj, OBJECT_MAGIC);
if (!(params->esi_syntax & 0x00000001)) {
/*
* By default, we will not ESI process an object where
* the first non-space character is different from '<'
*/
st = VTAILQ_FIRST(&sp->obj->store);
AN(st);
for (u = 0; u < st->len; u++) {
if (isspace(st->ptr[u]))
continue;
if (st->ptr[u] == '<')
break;
WSP(sp, SLT_ESI_xmlerror,
"No ESI processing, "
"binary object: 0x%02x at pos %u.",
st->ptr[u], u);
return;
}
}
/* XXX: only if GET ? */ /* XXX: only if GET ? */
ew = eww; ew = eww;
memset(eww, 0, sizeof eww); memset(eww, 0, sizeof eww);
......
...@@ -143,6 +143,9 @@ struct params { ...@@ -143,6 +143,9 @@ struct params {
/* Maximum esi:include depth allowed */ /* Maximum esi:include depth allowed */
unsigned max_esi_includes; unsigned max_esi_includes;
/* ESI parser hints */
unsigned esi_syntax;
/* Rush exponent */ /* Rush exponent */
unsigned rush_exponent; unsigned rush_exponent;
......
...@@ -719,6 +719,13 @@ static const struct parspec parspec[] = { ...@@ -719,6 +719,13 @@ static const struct parspec parspec[] = {
"the backend, so don't increase thoughtlessly.\n", "the backend, so don't increase thoughtlessly.\n",
0, 0,
"4", "restarts" }, "4", "restarts" },
{ "esi_syntax",
tweak_uint, &master.esi_syntax, 0, UINT_MAX,
"Bitmap controlling ESI parsing code:\n"
" 0x00000001 - Don't check if it looks like XML\n"
"Use 0x notation and do the bitor in your head :-)\n",
0,
"0", "restarts" },
{ "max_esi_includes", { "max_esi_includes",
tweak_uint, &master.max_esi_includes, 0, UINT_MAX, tweak_uint, &master.max_esi_includes, 0, UINT_MAX,
"Maximum depth of esi:include processing." "Maximum depth of esi:include processing."
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment