fix: Normalize location path to avoid multiple forward slashes

Fixes: nginxinc#88
dav-pascual · Mar 6, 2023 · e750aa8 · e750aa8
1 parent c7db9c9
commit e750aa8
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/common/etc/nginx/templates/default.conf.template b/common/etc/nginx/templates/default.conf.template
@@ -30,6 +30,13 @@ server {
     # information that could be used to find an exploit.
     server_tokens off;
 
+    # Normalize location path. Remove instances of double/multipe forward slashes.
+    # Disabling merge_slashes is necessary for this feature to work.
+    # Disabling port redirection to avoid broken URLs in bridged hosts
+    port_in_redirect off;
+    merge_slashes off;
+    rewrite (.*?)//+(.*) $1/$2 redirect;
+
     # Uncomment this for a HTTP header that will let you know the cache status
     # of an object.
     # add_header X-Cache-Status $upstream_cache_status;

diff --git a/test/integration/test_api.sh b/test/integration/test_api.sh
@@ -153,7 +153,7 @@ assertHttpRequestEquals "HEAD" "a.txt?some=param&that=should&be=stripped#aaah" "
 assertHttpRequestEquals "HEAD" "b/c/d.txt" "200"
 assertHttpRequestEquals "HEAD" "b/c/../e.txt" "200"
 assertHttpRequestEquals "HEAD" "b/e.txt" "200"
-assertHttpRequestEquals "HEAD" "b//e.txt" "200"
+assertHttpRequestEquals "HEAD" "b//e.txt" "302"
 assertHttpRequestEquals "HEAD" "a/abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.txt" "200"
 
 # We try to request URLs that are properly encoded as well as URLs that
@@ -220,11 +220,7 @@ fi
 assertHttpRequestEquals "HEAD" "b/" "404"
 assertHttpRequestEquals "HEAD" "/b/c/" "404"
 assertHttpRequestEquals "HEAD" "/soap" "404"
-if [ "${append_slash}" == "1" ] && [ "${index_page}" == "0" ]; then
 assertHttpRequestEquals "HEAD" "b//c" "302"
-else
-assertHttpRequestEquals "HEAD" "b//c" "404"
-fi
 
 if [ "${index_page}" == "1" ]; then
 assertHttpRequestEquals "HEAD" "/statichost/" "200"