Skip to content

Commit

Permalink
Merge pull request alibaba#264 from zhuzhaoyuan/suppress-server-banner
Browse files Browse the repository at this point in the history 
Suppress server banner in error pages
  • Loading branch information
@yaoweibin
yaoweibin committed Jun 14, 2013
2 parents 9c26382 + 2439495 commit 0c15cfb
Show file tree
Hide file tree
Showing 6 changed files with 174 additions and 31 deletions.
3 changes: 2 additions & 1 deletion src/core/nginx.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,10 @@
#define NGINX_VERSION "1.2.9"
#define NGINX_VER "nginx/" NGINX_VERSION

#define TENGINE "Tengine"
#define tengine_version 1005000
#define TENGINE_VERSION "1.5.0"
#define TENGINE_VER "Tengine/" TENGINE_VERSION
#define TENGINE_VER TENGINE "/" TENGINE_VERSION

#define NGINX_VAR "NGINX"
#define NGX_OLDPID_EXT ".oldbin"
Expand Down
14 changes: 10 additions & 4 deletions src/http/ngx_http_core_module.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -642,7 +642,7 @@ static ngx_command_t ngx_http_core_commands[] = {
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
ngx_http_set_server_tag,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_core_loc_conf_t, server_tag),
0,
NULL },

{ ngx_string("if_modified_since"),
Expand Down Expand Up @@ -3502,6 +3502,7 @@ ngx_http_core_create_loc_conf(ngx_conf_t *cf)
* clcf->alias = 0;
* clcf->gzip_proxied = 0;
* clcf->server_tag = { 0, NULL };
* clcf->server_tag_header = { 0, NULL };
* clcf->keepalive_disable = 0;
*/

Expand Down Expand Up @@ -3766,6 +3767,8 @@ ngx_http_core_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_uint_value(conf->server_tag_type, prev->server_tag_type,
NGX_HTTP_SERVER_TAG_ON);
ngx_conf_merge_str_value(conf->server_tag, prev->server_tag, "");
ngx_conf_merge_str_value(conf->server_tag_header,
prev->server_tag_header, "");

ngx_conf_merge_off_value(conf->client_max_body_size,
prev->client_max_body_size, 1 * 1024 * 1024);
Expand Down Expand Up @@ -5258,10 +5261,13 @@ ngx_http_set_server_tag(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
} else {
ccf->server_tag_type = NGX_HTTP_SERVER_TAG_CUSTOMIZED;

ccf->server_tag.len = value[1].len + sizeof("Server: ") - 1
ccf->server_tag = value[1];

ccf->server_tag_header.len = value[1].len + sizeof("Server: ") - 1
+ sizeof(CRLF) - 1;
ccf->server_tag.data = ngx_palloc(cf->pool, ccf->server_tag.len);
if ((p = ccf->server_tag.data) == NULL) {
ccf->server_tag_header.data = ngx_palloc(cf->pool,
ccf->server_tag_header.len);
if ((p = ccf->server_tag_header.data) == NULL) {
return NGX_CONF_ERROR;
}

Expand Down
1 change: 1 addition & 0 deletions src/http/ngx_http_core_module.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -406,6 +406,7 @@ struct ngx_http_core_loc_conf_s {

ngx_uint_t server_tag_type; /* server tag type */
ngx_str_t server_tag; /* customized server tag */
ngx_str_t server_tag_header; /* server tag header */

#if (NGX_HTTP_GZIP)
ngx_flag_t gzip_vary; /* gzip_vary */
Expand Down
8 changes: 4 additions & 4 deletions src/http/ngx_http_header_filter_module.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ ngx_module_t ngx_http_header_filter_module = {
};


static char ngx_http_server_string[] = "Server: Tengine" CRLF;
static char ngx_http_server_string[] = "Server: " TENGINE CRLF;
static char ngx_http_server_full_string[] = "Server: " TENGINE_VER CRLF;


Expand Down Expand Up @@ -282,7 +282,7 @@ ngx_http_header_filter(ngx_http_request_t *r)
: sizeof(ngx_http_server_string) - 1;

} else if (clcf->server_tag_type == NGX_HTTP_SERVER_TAG_CUSTOMIZED) {
len += clcf->server_tag.len;
len += clcf->server_tag_header.len;
}
}

Expand Down Expand Up @@ -469,8 +469,8 @@ ngx_http_header_filter(ngx_http_request_t *r)

b->last = ngx_cpymem(b->last, p, len);
} else if (clcf->server_tag_type == NGX_HTTP_SERVER_TAG_CUSTOMIZED) {
p = clcf->server_tag.data;
len = clcf->server_tag.len;
p = clcf->server_tag_header.data;
len = clcf->server_tag_header.len;
b->last = ngx_cpymem(b->last, p, len);
}

Expand Down
101 changes: 79 additions & 22 deletions src/http/ngx_http_special_response.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,15 +69,19 @@ static u_char ngx_http_server_info_tail[] =
;


static u_char ngx_http_error_full_tail[] =
"<hr/>Powered by " TENGINE_VER CRLF
"</body>" CRLF
"</html>" CRLF
;
static u_char ngx_http_error_banner[] =
"<hr/>Powered by " TENGINE;


static u_char ngx_http_error_full_banner[] =
"<hr/>Powered by " TENGINE_VER;


static u_char ngx_http_error_powered_by[] =
"<hr/>Powered by ";


static u_char ngx_http_error_tail[] =
"<hr/>Powered by Tengine" CRLF
"</body>" CRLF
"</html>" CRLF
;
Expand Down Expand Up @@ -699,37 +703,39 @@ static ngx_int_t
ngx_http_send_special_response(ngx_http_request_t *r,
ngx_http_core_loc_conf_t *clcf, ngx_uint_t err)
{
u_char *tail;
size_t len;
ngx_int_t rc;
ngx_buf_t *b, *ib;
ngx_uint_t i, msie_padding;
ngx_chain_t out[5];

ib = NULL;
ngx_chain_t out[7];

if (clcf->server_info && err >= NGX_HTTP_OFF_4XX) {
ib = ngx_http_set_server_info(r);
if (ib == NULL) {
return NGX_ERROR;
}
}

if (clcf->server_tokens) {
len = sizeof(ngx_http_error_full_tail) - 1;
tail = ngx_http_error_full_tail;

} else {
len = sizeof(ngx_http_error_tail) - 1;
tail = ngx_http_error_tail;
ib = NULL;
}

msie_padding = 0;

if (ngx_http_error_pages[err].len) {
r->headers_out.content_length_n = sizeof(ngx_http_error_doctype) - 1
+ ngx_http_error_pages[err].len + len
+ (ib ? (ib->last - ib->pos) : 0);
+ ngx_http_error_pages[err].len
+ (ib ? (ib->last - ib->pos) : 0)
+ sizeof(ngx_http_error_tail) - 1;

if (clcf->server_tag_type == NGX_HTTP_SERVER_TAG_ON) {
r->headers_out.content_length_n += clcf->server_tokens
? sizeof(ngx_http_error_full_banner) - 1
: sizeof(ngx_http_error_banner) - 1;

} else if (clcf->server_tag_type == NGX_HTTP_SERVER_TAG_CUSTOMIZED) {
r->headers_out.content_length_n += sizeof(ngx_http_error_powered_by) - 1;
r->headers_out.content_length_n += clcf->server_tag.len;
}

if (clcf->msie_padding
&& (r->headers_in.msie || r->headers_in.chrome)
&& r->http_version >= NGX_HTTP_VERSION_10
Expand Down Expand Up @@ -800,15 +806,66 @@ ngx_http_send_special_response(ngx_http_request_t *r,
i++;
}

if (clcf->server_tag_type == NGX_HTTP_SERVER_TAG_ON) {
b = ngx_calloc_buf(r->pool);
if (b == NULL) {
return NGX_ERROR;
}

b->memory = 1;

if (clcf->server_tokens) {
b->pos = ngx_http_error_full_banner;
b->last = ngx_http_error_full_banner
+ sizeof(ngx_http_error_full_banner) - 1;

} else {
b->pos = ngx_http_error_banner;
b->last = ngx_http_error_banner + sizeof(ngx_http_error_banner) - 1;
}

out[i].buf = b;
out[i].next = &out[i + 1];
i++;

} else if (clcf->server_tag_type == NGX_HTTP_SERVER_TAG_CUSTOMIZED) {
b = ngx_calloc_buf(r->pool);
if (b == NULL) {
return NGX_ERROR;
}

b->memory = 1;
b->pos = ngx_http_error_powered_by;
b->last = ngx_http_error_powered_by
+ sizeof(ngx_http_error_powered_by) - 1;

out[i].buf = b;
out[i].next = &out[i + 1];
i++;

b = ngx_calloc_buf(r->pool);
if (b == NULL) {
return NGX_ERROR;
}

b->memory = 1;
b->pos = clcf->server_tag.data;
b->last = clcf->server_tag.data + clcf->server_tag.len;

out[i].buf = b;
out[i].next = &out[i + 1];
i++;
}

b = ngx_calloc_buf(r->pool);
if (b == NULL) {
return NGX_ERROR;
}

b->memory = 1;

b->pos = tail;
b->last = tail + len;
b->pos = ngx_http_error_tail;
b->last = ngx_http_error_tail + sizeof(ngx_http_error_tail) - 1;

out[i].buf = b;
out[i].next = NULL;
Expand Down
78 changes: 78 additions & 0 deletions tests/nginx-tests/cases/server_banner.t
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
#!/usr/bin/perl

# Tests for server banners

###############################################################################

use warnings;
use strict;

use Test::More;

BEGIN { use FindBin; chdir($FindBin::Bin); }

use lib 'lib';
use Test::Nginx;

###############################################################################

select STDERR; $| = 1;
select STDOUT; $| = 1;

my $t = Test::Nginx->new()->plan(4);

$t->set_dso("ngx_http_fastcgi_module", "ngx_http_fastcgi_module.so");
$t->set_dso("ngx_http_uwsgi_module", "ngx_http_uwsgi_module.so");
$t->set_dso("ngx_http_scgi_module", "ngx_http_scgi_module.so");
$t->set_dso("ngx_http_upstream_ip_hash_module", "ngx_http_upstream_ip_hash_module.so");
$t->set_dso("ngx_http_upstream_least_conn_module", "ngx_http_upstream_least_conn_module.so");

$t->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
daemon off;
%%TEST_GLOBALS_DSO%%
events {
}
http {
%%TEST_GLOBALS_HTTP%%
server {
server_name localhost;
listen 127.0.0.1:8080;
location /server_tokens_on {
server_tokens on;
return 404;
}
location /server_tokens_off {
server_tokens off;
}
location /server_tag {
server_tag Foobar;
}
location /server_tag_off {
server_tag off;
}
}
}
EOF

$t->run();

###############################################################################

like(http_get('/server_tokens_on'), qr/Powered by Tengine\//, 'server tokens on');
like(http_get('/server_tokens_off'), qr/Powered by Tengine</, 'server tokens off');
like(http_get('/server_tag'), qr/Powered by Foobar/, 'server tag');
unlike(http_get('/server_tag_off'), qr/Powered.*<\/body>/, 'server tag off');

###############################################################################

0 comments on commit 0c15cfb

Please sign in to comment.