Open suikabreaker opened 3 years ago
Can't reproduce in my side.
Got:
¥ curl 127.0.0.1:28000/x -i
HTTP/1.1 200 OK
Server: openresty/1.17.8.2
Date: Mon, 09 Nov 2020 10:14:52 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
<P>HOST:127.0.0.1:28000</P>
<P>ACCEPT:*/*</P>
<P>USER-AGENT:CURL/7.68.0</P>
with
worker_processes 1;
daemon off;
error_log stderr error;
events {
worker_connections 65535;
}
http {
server {
listen 28000 reuseport;
location / {
access_by_lua_block {
if ngx.var.test then -- for reproducing the behaviour
ngx.exit(ngx.HTTP_FORBIDDEN)
end
}
content_by_lua_file './echo.lua';
body_filter_by_lua_block{
ngx.arg[1] = string.upper(ngx.arg[1])
}
}
}
}
Can't reproduce in my side.
Got:
¥ curl 127.0.0.1:28000/x -i HTTP/1.1 200 OK Server: openresty/1.17.8.2 Date: Mon, 09 Nov 2020 10:14:52 GMT Content-Type: text/plain Transfer-Encoding: chunked Connection: keep-alive <P>HOST:127.0.0.1:28000</P> <P>ACCEPT:*/*</P> <P>USER-AGENT:CURL/7.68.0</P>
with
worker_processes 1; daemon off; error_log stderr error; events { worker_connections 65535; } http { server { listen 28000 reuseport; location / { access_by_lua_block { if ngx.var.test then -- for reproducing the behaviour ngx.exit(ngx.HTTP_FORBIDDEN) end } content_by_lua_file './echo.lua'; body_filter_by_lua_block{ ngx.arg[1] = string.upper(ngx.arg[1]) } } } }
try to curl 127.0.0.1:28000/?test=test
and then 127.0.0.1:28000
¥ curl '127.0.0.1:28000/?test=test'
<P>HOST:127.0.0.1:28000</P>
<P>ACCEPT:*/*</P>
<P>USER-AGENT:CURL/7.68.0</P>
¥ curl '127.0.0.1:28000' -i
HTTP/1.1 200 OK
Server: openresty/1.17.8.2
Date: Tue, 10 Nov 2020 02:54:20 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
<P>HOST:127.0.0.1:28000</P>
<P>ACCEPT:*/*</P>
<P>USER-AGENT:CURL/7.68.0</P>
¥ curl '127.0.0.1:28000/?test=test' <P>HOST:127.0.0.1:28000</P> <P>ACCEPT:*/*</P> <P>USER-AGENT:CURL/7.68.0</P> ¥ curl '127.0.0.1:28000' -i HTTP/1.1 200 OK Server: openresty/1.17.8.2 Date: Tue, 10 Nov 2020 02:54:20 GMT Content-Type: text/plain Transfer-Encoding: chunked Connection: keep-alive <P>HOST:127.0.0.1:28000</P> <P>ACCEPT:*/*</P> <P>USER-AGENT:CURL/7.68.0</P>
my fault. change condition to if ngx.req.get_uri_args().test then
and it should reproduce
¥ curl '127.0.0.1:28000/?test=test'
<HTML>
<HEAD><TITLE>403 FORBIDDEN</TITLE></HEAD>
<BODY>
<CENTER><H1>403 FORBIDDEN</H1></CENTER>
<HR><CENTER>OPENRESTY/1.17.8.2</CENTER>
</BODY>
</HTML>
¥ curl '127.0.0.1:28000' -i
HTTP/1.1 200 OK
Server: openresty/1.17.8.2
Date: Tue, 10 Nov 2020 03:22:45 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
<P>HOST:127.0.0.1:28000</P>
<P>ACCEPT:*/*</P>
<P>USER-AGENT:CURL/7.68.0</P>
¥ curl '127.0.0.1:28000/?test=test' <HTML> <HEAD><TITLE>403 FORBIDDEN</TITLE></HEAD> <BODY> <CENTER><H1>403 FORBIDDEN</H1></CENTER> <HR><CENTER>OPENRESTY/1.17.8.2</CENTER> </BODY> </HTML> ¥ curl '127.0.0.1:28000' -i HTTP/1.1 200 OK Server: openresty/1.17.8.2 Date: Tue, 10 Nov 2020 03:22:45 GMT Content-Type: text/plain Transfer-Encoding: chunked Connection: keep-alive <P>HOST:127.0.0.1:28000</P> <P>ACCEPT:*/*</P> <P>USER-AGENT:CURL/7.68.0</P>
I figured out that this is needed to reproduce the hehaviour:
lua_code_cache off;
and this is the full content of echo.lua:
ngx.say("<html><head></head><body>");
local args = ngx.req.get_post_args();
ngx.say("<h2>basic</h2>");
ngx.say("<p>method: ", ngx.req.get_method(),"</p>");
ngx.say("<p>url: ", ngx.var.request_uri,"</p>");
ngx.say("<p>version : ", ngx.req.http_version(),"</p>");
ngx.say("<h2>args","</h2>");
ngx.say("<h3>get","</h3>");
local args, err = ngx.req.get_uri_args()
if not err then
for key, val in pairs(args) do
if type(val) == "table" then
ngx.say("<p>",key, ": { ",table.concat(val, ", "), "}","</p>")
else
ngx.say("<p>",key, ": { ",val, "}","</p>")
end
end
end
ngx.say("<h3>post</h3>");
args, err = ngx.req.get_post_args()
if not err then
for key, val in pairs(args) do
if type(val) == "table" then
ngx.say("<p>",key, ": { ",table.concat(val, ", "), " }","</p>")
else
ngx.say("<p>",key, ": { ", val, " }","</p>")
end
end
end
ngx.say("<h2>parsed_header</h2>");
for k, v in pairs((ngx.req.get_headers())) do
ngx.say("<p>",k, ":", v,"</p>");
end
ngx.say("<h2>","headers","</h2>");
ngx.say("<textarea>",ngx.req.raw_header(),"</textarea>")
ngx.say("<h2>","body","</h2>");
local body = ngx.req.get_body_data() or ""
ngx.say("<textarea>",body,"</textarea>");
ngx.say("</body></html>");
plus we need lua_need_request_body on;
for post_args
.
It's works fine as long as no "test" parameter is sent. And after that, it's OK to keep responsing with capitallized 403 page to "test" request. But it fails to response to normal requsest, with logs saying:
As the msg suggests, I believe that
body_filter_by_lua*
is not supposed to use together withcontent_by_lua*
, but it didn't shows up until first forbidden request.envrioment: