[nginx] Updated request line parsing to allow uncommon chars in ...
Maxim Dounin
mdounin at mdounin.ru
Thu Aug 21 23:34:37 UTC 2025
details: http://freenginx.org/hg/nginx/rev/c5503ee3c658
branches:
changeset: 9415:c5503ee3c658
user: Maxim Dounin <mdounin at mdounin.ru>
date: Thu Aug 21 23:49:41 2025 +0300
description:
Updated request line parsing to allow uncommon chars in host.
Previously, only ALPHA, DIGIT, ".", and "-" were allowed in the host
component of the request line (if it's not an IP literal). On the other
hand, RFC 3986 allows the following:
reg-name = *( unreserved / pct-encoded / sub-delims )
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~"
sub-delims = "!" / "$" / "&" / "'" / "(" / ")"
/ "*" / "+" / "," / ";" / "="
pct-encoded = "%" HEXDIG HEXDIG
Notably, the "_" character is used in practice but was not allowed in the
request line. At the same time, this and other characters do actually work
in practice, as they are accepted in the Host header field, which uses more
relaxed parsing.
With this change, all characters which are valid in the host name per
RFC 3986 are also allowed in the request line.
diffstat:
src/http/ngx_http_parse.c | 11 ++++++++++-
1 files changed, 10 insertions(+), 1 deletions(-)
diffs (21 lines):
diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -392,7 +392,16 @@ ngx_http_parse_request_line(ngx_http_req
break;
}
- if ((ch >= '0' && ch <= '9') || ch == '.' || ch == '-') {
+ if (ch >= '0' && ch <= '9') {
+ break;
+ }
+
+ if (ch == '.' || ch == '-' || ch == '_' || ch == '~'
+ || ch == '!' || ch == '$' || ch == '&' || ch == '\''
+ || ch == '(' || ch == ')' || ch == '*' || ch == '+'
+ || ch == ',' || ch == ';' || ch == '=' || ch == '%')
+ {
+ /* unreserved, sub-delims, pct-encoded */
break;
}
More information about the nginx-devel
mailing list