You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by we...@apache.org on 2020/11/15 09:22:35 UTC
[apisix] branch master updated: fix(http-logger): validate uri
(#2708)
This is an automated email from the ASF dual-hosted git repository.
wenming pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 58cba26 fix(http-logger): validate uri (#2708)
58cba26 is described below
commit 58cba26e5199799f76ea1601440af0e757237c3f
Author: 罗泽轩 <sp...@gmail.com>
AuthorDate: Sun Nov 15 17:22:25 2020 +0800
fix(http-logger): validate uri (#2708)
---
apisix/plugins/http-logger.lua | 2 +-
apisix/schema_def.lua | 4 ++++
doc/plugins/http-logger.md | 2 +-
doc/zh-cn/plugins/http-logger.md | 2 +-
t/plugin/http-logger.t | 46 ++++++++++++++++++++++++++++++++++++++--
5 files changed, 51 insertions(+), 5 deletions(-)
diff --git a/apisix/plugins/http-logger.lua b/apisix/plugins/http-logger.lua
index b18efba..7378fec 100644
--- a/apisix/plugins/http-logger.lua
+++ b/apisix/plugins/http-logger.lua
@@ -38,7 +38,7 @@ local lru_log_format = core.lrucache.new({
local schema = {
type = "object",
properties = {
- uri = {type = "string"},
+ uri = core.schema.uri_def,
auth_header = {type = "string", default = ""},
timeout = {type = "integer", minimum = 1, default = 3},
name = {type = "string", default = "http logger"},
diff --git a/apisix/schema_def.lua b/apisix/schema_def.lua
index 104857f..c904ac5 100644
--- a/apisix/schema_def.lua
+++ b/apisix/schema_def.lua
@@ -54,6 +54,10 @@ local ip_def = {
}
_M.ip_def = ip_def
+
+_M.uri_def = {type = "string", pattern = [=[^[^\/]+:\/\/([\da-zA-Z.-]+|\[[\da-fA-F:]+\])(:\d+)?]=]}
+
+
local timestamp_def = {
type = "integer",
}
diff --git a/doc/plugins/http-logger.md b/doc/plugins/http-logger.md
index 8c4f20b..ade3db1 100644
--- a/doc/plugins/http-logger.md
+++ b/doc/plugins/http-logger.md
@@ -60,7 +60,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f13
{
"plugins": {
"http-logger": {
- "uri": "127.0.0.1:80/postendpoint?param=1",
+ "uri": "http://127.0.0.1:80/postendpoint?param=1",
}
},
"upstream": {
diff --git a/doc/zh-cn/plugins/http-logger.md b/doc/zh-cn/plugins/http-logger.md
index b45947e..c52b07e 100644
--- a/doc/zh-cn/plugins/http-logger.md
+++ b/doc/zh-cn/plugins/http-logger.md
@@ -59,7 +59,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f13
{
"plugins": {
"http-logger": {
- "uri": "127.0.0.1:80/postendpoint?param=1"
+ "uri": "http://127.0.0.1:80/postendpoint?param=1"
}
},
"upstream": {
diff --git a/t/plugin/http-logger.t b/t/plugin/http-logger.t
index 029a85e..0b5619f 100644
--- a/t/plugin/http-logger.t
+++ b/t/plugin/http-logger.t
@@ -29,7 +29,7 @@ __DATA__
location /t {
content_by_lua_block {
local plugin = require("apisix.plugins.http-logger")
- local ok, err = plugin.check_schema({uri = "127.0.0.1"})
+ local ok, err = plugin.check_schema({uri = "http://127.0.0.1"})
if not ok then
ngx.say(err)
end
@@ -51,7 +51,7 @@ done
location /t {
content_by_lua_block {
local plugin = require("apisix.plugins.http-logger")
- local ok, err = plugin.check_schema({uri = "127.0.0.1",
+ local ok, err = plugin.check_schema({uri = "http://127.0.0.1",
auth_header = "Basic 123",
timeout = 3,
name = "http-logger",
@@ -595,3 +595,45 @@ hello1 world
--- error_log
Batch Processor[http logger] failed to process entries: failed to connect to host[127.0.0.1] port[9991] connection refused
--- wait: 1.5
+
+
+
+=== TEST 16: check uri
+--- config
+ location /t {
+ content_by_lua_block {
+ local plugin = require("apisix.plugins.http-logger")
+ local bad_uris = {
+ "127.0.0.1",
+ "127.0.0.1:1024",
+ }
+ for _, bad_uri in ipairs(bad_uris) do
+ local ok, err = plugin.check_schema({uri = bad_uri})
+ if ok then
+ ngx.say("mismatched ", bad)
+ end
+ end
+
+ local good_uris = {
+ "http://127.0.0.1:1024/x?aa=b",
+ "http://127.0.0.1:1024?aa=b",
+ "http://127.0.0.1:1024",
+ "http://x.con",
+ "https://x.con",
+ }
+ for _, good_uri in ipairs(good_uris) do
+ local ok, err = plugin.check_schema({uri = good_uri})
+ if not ok then
+ ngx.say("mismatched ", good)
+ end
+ end
+
+ ngx.say("done")
+ }
+ }
+--- request
+GET /t
+--- response_body
+done
+--- no_error_log
+[error]