search

kyprizel / testcookie-nginx-module

simple robot mitigation module using cookie based challenge/response technique. Not supported any more.
http://kyprizel.github.com/testcookie-nginx-module/
524 stars 139 forks source link

Bad content-type header length on custom redirect #24

Closed LoadLow closed 9 years ago

LoadLow commented 9 years ago

Hi, i've found a problem with the content-type length on custom redirections. With this problem, custom redirects are broken because WebBrowsers can't receive the text/html content type (so the file is displayed/downloaded as octet/stream binary file).

r->headers_out.content_type_len = sizeof("text/html") - 1;

instead of :

r->headers_out.content_type.len = sizeof("text/html") - 1;

Fork/Commit with the correct content_type.len : https://github.com/LoadLow/testcookie-nginx-module/commit/bc814568ff038f626cfc29fcc78fbb09709a9d72

kyprizel commented 9 years ago

Why do you want to modify len twice?

LoadLow commented 9 years ago

Because 

r->headers_out.content_type_len = sizeof("text/html") - 1;

Doesn't modify the type_len, because content_type is a struct, we should do :

r->headers_out.content_type.len = sizeof("text/html") - 1;

I've tested without this line many times, and when content_type.len isn't edited, web browsers download the redirect html page as binary file...

kyprizel commented 9 years ago

thanks, fixed!