From 95e8cecde56b679950d41444e8638b1acdb90a0c Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Thu, 13 Sep 2012 13:31:56 +0000
Subject: [PATCH] Fixed: Domain names in rewrite rules need the . and special
chars to be escaped
---
.../plugins-available/apache2_plugin.inc.php | 22 +++++++++++-------
server/plugins-available/nginx_plugin.inc.php | 23 +++++++++++--------
2 files changed, 28 insertions(+), 17 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 7d3a2e694..398b4aef8 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -884,23 +884,23 @@ class apache2_plugin {
switch($data['new']['subdomain']) {
case 'www':
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
- $rewrite_rules[] = array( 'rewrite_domain' => '^www.'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^' . $this->_rewrite_quote('www.'.$data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
- $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
break;
default:
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
@@ -965,23 +965,25 @@ class apache2_plugin {
switch($alias['subdomain']) {
case 'www':
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
- $rewrite_rules[] = array( 'rewrite_domain' => '^www.'.$alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^' . $this->_rewrite_quote('www.'.$alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
- $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$this->_rewrite_quote($alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
break;
default:
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$alias['domain'],
+ if(substr($alias['domain'], 0, 2) === '*.') $domain_rule = '(^|\.)'.$this->_rewrite_quote($alias['domain']);
+ else $domain_rule = '^'.$this->_rewrite_quote($alias['domain']);
+ $rewrite_rules[] = array( 'rewrite_domain' => $domain_rule,
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
'rewrite_target' => $rewrite_target,
'rewrite_target_ssl' => $rewrite_target_ssl);
@@ -2561,6 +2563,10 @@ class apache2_plugin {
return symlink($cfrom, $to);
}
+ private function _rewrite_quote($string) {
+ return str_replace(array('.', '*', '?', '+'), array('\\.', '\\*', '\\?', '\\+'), $string);
+ }
+
} // end class
?>
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index e5a37ffc9..399cb1e18 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -966,7 +966,7 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -987,7 +987,7 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => '^www.'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^' . $this->_rewrite_quote('www.'.$data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -1009,7 +1009,7 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => $data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -1031,7 +1031,7 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($data['new']['domain']),
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -1107,7 +1107,7 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$this->_rewrite_quote($alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -1128,7 +1128,7 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => '^www.'.$alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^' . $this->_rewrite_quote('www.'.$alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -1150,7 +1150,7 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => $alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '(^|\.)' . $this->_rewrite_quote($alias['domain']),
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -1172,7 +1172,9 @@ class nginx_plugin {
unset($tmp_redirect_path);
unset($tmp_redirect_path_parts);
}
- $rewrite_rules[] = array( 'rewrite_domain' => '^'.$alias['domain'],
+ if(substr($alias['domain'], 0, 2) === '*.') $domain_rule = '(^|\.)'.$this->_rewrite_quote($alias['domain']);
+ else $domain_rule = '^'.$this->_rewrite_quote($alias['domain']);
+ $rewrite_rules[] = array( 'rewrite_domain' => $domain_rule,
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
'rewrite_target' => $alias['redirect_path'],
'rewrite_exclude' => $rewrite_exclude);
@@ -2163,7 +2165,10 @@ class nginx_plugin {
return symlink($cfrom, $to);
}
-
+
+ private function _rewrite_quote($string) {
+ return str_replace(array('.', '*', '?', '+'), array('\\.', '\\*', '\\?', '\\+'), $string);
+ }
} // end class
--
GitLab