diff options
author | Ingela Anderton Andin <ingela@erlang.org> | 2021-02-24 13:14:43 +0100 |
---|---|---|
committer | Ingela Anderton Andin <ingela@erlang.org> | 2021-02-24 13:14:43 +0100 |
commit | c246dca5f8f41e60ecc4a10060235f707ef3d018 (patch) | |
tree | aabe6c2e891e7ec096e9c63f059d59d40e020e0a | |
parent | d7d3537c0606a22ad38e2641ac51bc7cdee0b383 (diff) | |
parent | 769d2b0f390c4a1c25b8eae47ad9d03ba07cb8d6 (diff) | |
download | erlang-c246dca5f8f41e60ecc4a10060235f707ef3d018.tar.gz |
Merge branch 'ingela/inets/httpd/mod-head/reject-dir/OTP-17220' into maint
* ingela/inets/httpd/mod-head/reject-dir/OTP-17220:
inets,httpd: HEAD should reject directory link
-rw-r--r-- | lib/inets/src/http_server/mod_head.erl | 4 | ||||
-rw-r--r-- | lib/inets/test/httpd_SUITE.erl | 19 |
2 files changed, 19 insertions, 4 deletions
diff --git a/lib/inets/src/http_server/mod_head.erl b/lib/inets/src/http_server/mod_head.erl index 25c11360eb..e90b089f94 100644 --- a/lib/inets/src/http_server/mod_head.erl +++ b/lib/inets/src/http_server/mod_head.erl @@ -64,6 +64,10 @@ do_head(Info) -> Suffix = httpd_util:suffix(Path), %% Does the file exists? case file:read_file_info(Path) of + {ok, #file_info{type = directory}} -> + Status = httpd_file:handle_error(eacces, "access", Info, Path), + {proceed, + [{status, Status} | Info#mod.data]}; {ok, FileInfo} -> MimeType = httpd_util:lookup_mime_default(Info#mod.config_db, diff --git a/lib/inets/test/httpd_SUITE.erl b/lib/inets/test/httpd_SUITE.erl index e4efeb1b81..7fd357c84c 100644 --- a/lib/inets/test/httpd_SUITE.erl +++ b/lib/inets/test/httpd_SUITE.erl @@ -431,7 +431,17 @@ head(Config) when is_list(Config) -> proplists:get_value(port, Config), proplists:get_value(node, Config), http_request("HEAD /index.html ", Version, Host), - [{statuscode, head_status(Version)}, + [{statuscode, head_status(Version, 200)}, + {version, Version}]), + + ok = httpd_test_lib:verify_request(proplists:get_value(type, Config), Host, + proplists:get_value(port, Config), + proplists:get_value(node, Config), + http_request("HEAD /open/ ", Version, Host), + [{statuscode, head_status(Version, 403)}, + {header, "Content-Type", "text/html"}, + {header, "Date"}, + {header, "Server"}, {version, Version}]). get() -> @@ -2081,10 +2091,11 @@ http_request_missing_CR(Request, "HTTP/1.1" = Version, Host) -> http_request_missing_CR(Request, Version, _) -> Request ++ Version ++ "\r\n\n". -head_status("HTTP/0.9") -> +head_status("HTTP/0.9", _) -> 501; %% Not implemented in HTTP/0.9 -head_status(_) -> - 200. +head_status(_, Expected) -> + Expected. + basic_conf() -> [{modules, [mod_alias, mod_range, mod_responsecontrol, |