3 * Copyright (C) Igor Sysoev
7 #include <ngx_config.h>
12 #define NGX_HTTP_REFERER_NO_URI_PART ((void *) 4)
16 #define ngx_regex_t void
22 ngx_hash_combined_t hash;
28 ngx_flag_t no_referer;
29 ngx_flag_t blocked_referer;
31 ngx_hash_keys_arrays_t *keys;
32 } ngx_http_referer_conf_t;
35 static void * ngx_http_referer_create_conf(ngx_conf_t *cf);
36 static char * ngx_http_referer_merge_conf(ngx_conf_t *cf, void *parent,
38 static char *ngx_http_valid_referers(ngx_conf_t *cf, ngx_command_t *cmd,
40 static char *ngx_http_add_referer(ngx_conf_t *cf, ngx_hash_keys_arrays_t *keys,
41 ngx_str_t *value, ngx_str_t *uri);
42 static char *ngx_http_add_regex_referer(ngx_conf_t *cf,
43 ngx_http_referer_conf_t *rlcf, ngx_str_t *name, ngx_regex_t *regex);
44 static int ngx_libc_cdecl ngx_http_cmp_referer_wildcards(const void *one,
48 static ngx_command_t ngx_http_referer_commands[] = {
50 { ngx_string("valid_referers"),
51 NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
52 ngx_http_valid_referers,
53 NGX_HTTP_LOC_CONF_OFFSET,
61 static ngx_http_module_t ngx_http_referer_module_ctx = {
62 NULL, /* preconfiguration */
63 NULL, /* postconfiguration */
65 NULL, /* create main configuration */
66 NULL, /* init main configuration */
68 NULL, /* create server configuration */
69 NULL, /* merge server configuration */
71 ngx_http_referer_create_conf, /* create location configuration */
72 ngx_http_referer_merge_conf /* merge location configuration */
76 ngx_module_t ngx_http_referer_module = {
78 &ngx_http_referer_module_ctx, /* module context */
79 ngx_http_referer_commands, /* module directives */
80 NGX_HTTP_MODULE, /* module type */
81 NULL, /* init master */
82 NULL, /* init module */
83 NULL, /* init process */
84 NULL, /* init thread */
85 NULL, /* exit thread */
86 NULL, /* exit process */
87 NULL, /* exit master */
93 ngx_http_referer_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v,
96 u_char *p, *ref, *last;
100 ngx_http_referer_conf_t *rlcf;
103 rlcf = ngx_http_get_module_loc_conf(r, ngx_http_referer_module);
105 if (rlcf->hash.hash.buckets == NULL
106 && rlcf->hash.wc_head == NULL
107 && rlcf->hash.wc_tail == NULL
109 && rlcf->regex == NULL
116 if (r->headers_in.referer == NULL) {
117 if (rlcf->no_referer) {
124 len = r->headers_in.referer->value.len;
125 ref = r->headers_in.referer->value.data;
127 if (len < sizeof("http://i.ru") - 1
128 || (ngx_strncasecmp(ref, (u_char *) "http://", 7) != 0))
130 if (rlcf->blocked_referer) {
142 for (p = ref; p < last; p++) {
143 if (*p == '/' || *p == ':') {
147 buf[i] = ngx_tolower(*p);
148 key = ngx_hash(key, buf[i++]);
155 uri = ngx_hash_find_combined(&rlcf->hash, key, buf, p - ref);
167 referer.len = len - 7;
170 rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log);
176 if (rc == NGX_ERROR) {
187 *v = ngx_http_variable_true_value;
193 for ( /* void */ ; p < last; p++) {
201 if (uri == NGX_HTTP_REFERER_NO_URI_PART) {
205 if (len < uri->len || ngx_strncmp(uri->data, p, uri->len) != 0) {
211 *v = ngx_http_variable_null_value;
218 ngx_http_referer_create_conf(ngx_conf_t *cf)
220 ngx_http_referer_conf_t *conf;
222 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_referer_conf_t));
224 return NGX_CONF_ERROR;
228 conf->regex = NGX_CONF_UNSET_PTR;
231 conf->no_referer = NGX_CONF_UNSET;
232 conf->blocked_referer = NGX_CONF_UNSET;
239 ngx_http_referer_merge_conf(ngx_conf_t *cf, void *parent, void *child)
241 ngx_http_referer_conf_t *prev = parent;
242 ngx_http_referer_conf_t *conf = child;
244 ngx_hash_init_t hash;
246 if (conf->keys == NULL) {
247 conf->hash = prev->hash;
250 ngx_conf_merge_ptr_value(conf->regex, prev->regex, NULL);
252 ngx_conf_merge_value(conf->no_referer, prev->no_referer, 0);
253 ngx_conf_merge_value(conf->blocked_referer, prev->blocked_referer, 0);
258 if ((conf->no_referer == 1 || conf->blocked_referer == 1)
259 && conf->keys->keys.nelts == 0
260 && conf->keys->dns_wc_head.nelts == 0
261 && conf->keys->dns_wc_tail.nelts == 0)
263 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
264 "the \"none\" or \"blocked\" referers are specified "
265 "in the \"valid_referers\" directive "
266 "without any valid referer");
267 return NGX_CONF_ERROR;
270 hash.key = ngx_hash_key_lc;
271 hash.max_size = 2048; /* TODO: referer_hash_max_size; */
272 hash.bucket_size = 64; /* TODO: referer_hash_bucket_size; */
273 hash.name = "referers_hash";
274 hash.pool = cf->pool;
276 if (conf->keys->keys.nelts) {
277 hash.hash = &conf->hash.hash;
278 hash.temp_pool = NULL;
280 if (ngx_hash_init(&hash, conf->keys->keys.elts, conf->keys->keys.nelts)
283 return NGX_CONF_ERROR;
287 if (conf->keys->dns_wc_head.nelts) {
289 ngx_qsort(conf->keys->dns_wc_head.elts,
290 (size_t) conf->keys->dns_wc_head.nelts,
291 sizeof(ngx_hash_key_t),
292 ngx_http_cmp_referer_wildcards);
295 hash.temp_pool = cf->temp_pool;
297 if (ngx_hash_wildcard_init(&hash, conf->keys->dns_wc_head.elts,
298 conf->keys->dns_wc_head.nelts)
301 return NGX_CONF_ERROR;
304 conf->hash.wc_head = (ngx_hash_wildcard_t *) hash.hash;
307 if (conf->keys->dns_wc_tail.nelts) {
309 ngx_qsort(conf->keys->dns_wc_tail.elts,
310 (size_t) conf->keys->dns_wc_tail.nelts,
311 sizeof(ngx_hash_key_t),
312 ngx_http_cmp_referer_wildcards);
315 hash.temp_pool = cf->temp_pool;
317 if (ngx_hash_wildcard_init(&hash, conf->keys->dns_wc_tail.elts,
318 conf->keys->dns_wc_tail.nelts)
321 return NGX_CONF_ERROR;
324 conf->hash.wc_tail = (ngx_hash_wildcard_t *) hash.hash;
328 ngx_conf_merge_ptr_value(conf->regex, prev->regex, NULL);
331 if (conf->no_referer == NGX_CONF_UNSET) {
332 conf->no_referer = 0;
335 if (conf->blocked_referer == NGX_CONF_UNSET) {
336 conf->blocked_referer = 0;
346 ngx_http_valid_referers(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
348 ngx_http_referer_conf_t *rlcf = conf;
351 ngx_str_t *value, uri, name;
353 ngx_http_variable_t *var;
354 ngx_http_server_name_t *sn;
355 ngx_http_core_srv_conf_t *cscf;
357 name.len = sizeof("invalid_referer") - 1;
358 name.data = (u_char *) "invalid_referer";
360 var = ngx_http_add_variable(cf, &name,
361 NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOHASH);
363 return NGX_CONF_ERROR;
366 var->get_handler = ngx_http_referer_variable;
368 if (rlcf->keys == NULL) {
369 rlcf->keys = ngx_pcalloc(cf->temp_pool, sizeof(ngx_hash_keys_arrays_t));
370 if (rlcf->keys == NULL) {
371 return NGX_CONF_ERROR;
374 rlcf->keys->pool = cf->pool;
375 rlcf->keys->temp_pool = cf->pool;
377 if (ngx_hash_keys_array_init(rlcf->keys, NGX_HASH_SMALL) != NGX_OK) {
378 return NGX_CONF_ERROR;
382 value = cf->args->elts;
384 for (i = 1; i < cf->args->nelts; i++) {
385 if (value[i].len == 0) {
386 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
387 "invalid referer \"%V\"", &value[i]);
388 return NGX_CONF_ERROR;
391 if (ngx_strcmp(value[i].data, "none") == 0) {
392 rlcf->no_referer = 1;
396 if (ngx_strcmp(value[i].data, "blocked") == 0) {
397 rlcf->blocked_referer = 1;
404 if (ngx_strcmp(value[i].data, "server_names") == 0) {
406 cscf = ngx_http_conf_get_module_srv_conf(cf, ngx_http_core_module);
408 sn = cscf->server_names.elts;
409 for (n = 0; n < cscf->server_names.nelts; n++) {
414 if (ngx_http_add_regex_referer(cf, rlcf, &sn[n].name,
418 return NGX_CONF_ERROR;
425 if (ngx_http_add_referer(cf, rlcf->keys, &sn[n].name, &uri)
428 return NGX_CONF_ERROR;
435 if (value[i].data[0] == '~') {
436 if (ngx_http_add_regex_referer(cf, rlcf, &value[i], NULL) != NGX_OK)
438 return NGX_CONF_ERROR;
444 p = (u_char *) ngx_strchr(value[i].data, '/');
447 uri.len = (value[i].data + value[i].len) - p;
449 value[i].len = p - value[i].data;
452 if (ngx_http_add_referer(cf, rlcf->keys, &value[i], &uri) != NGX_OK) {
453 return NGX_CONF_ERROR;
462 ngx_http_add_referer(ngx_conf_t *cf, ngx_hash_keys_arrays_t *keys,
463 ngx_str_t *value, ngx_str_t *uri)
469 u = NGX_HTTP_REFERER_NO_URI_PART;
472 u = ngx_palloc(cf->pool, sizeof(ngx_str_t));
474 return NGX_CONF_ERROR;
480 rc = ngx_hash_add_key(keys, value, u, NGX_HASH_WILDCARD_KEY);
486 if (rc == NGX_DECLINED) {
487 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
488 "invalid hostname or wildcard \"%V\"", value);
491 if (rc == NGX_BUSY) {
492 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
493 "conflicting parameter \"%V\"", value);
496 return NGX_CONF_ERROR;
501 ngx_http_add_regex_referer(ngx_conf_t *cf, ngx_http_referer_conf_t *rlcf,
502 ngx_str_t *name, ngx_regex_t *regex)
507 u_char errstr[NGX_MAX_CONF_ERRSTR];
509 if (rlcf->regex == NGX_CONF_UNSET_PTR) {
510 rlcf->regex = ngx_array_create(cf->pool, 2, sizeof(ngx_regex_elt_t));
511 if (rlcf->regex == NULL) {
512 return NGX_CONF_ERROR;
516 re = ngx_array_push(rlcf->regex);
518 return NGX_CONF_ERROR;
523 re->name = name->data;
528 err.len = NGX_MAX_CONF_ERRSTR;
534 re->regex = ngx_regex_compile(name, NGX_REGEX_CASELESS, cf->pool, &err);
536 if (re->regex == NULL) {
537 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "%s", err.data);
538 return NGX_CONF_ERROR;
541 re->name = name->data;
547 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
548 "the using of the regex \"%V\" requires PCRE library",
551 return NGX_CONF_ERROR;
557 static int ngx_libc_cdecl
558 ngx_http_cmp_referer_wildcards(const void *one, const void *two)
560 ngx_hash_key_t *first, *second;
562 first = (ngx_hash_key_t *) one;
563 second = (ngx_hash_key_t *) two;
565 return ngx_strcmp(first->key.data, second->key.data);
projects / nginx.git / blob