I want to read a header in nginx.conf which has '-' in it
x-foo-bar
using $http_name
$http_x-foo-bar the value of the variable becomes "-foo-bar"
looks like its trying to find a header named x and then appending -foo-bar to the value
is there any way to escape these "-"s
I tried / but
$http_x/-foo/-bar gives a value of /-foo/-bar
According to the documentation:
a variable name is the field name converted to lower case with dashes
replaced by underscores
Try:
$http_x_foo_bar
Related
In SQLite you can use named parameters in statements, like this (Python example):
cur.execute("insert into lang values (:foo, :bar)", {'foo': 'a', 'bar': 2})
Is there any way to have parameter names containing spaces? I.e:
cur.execute("insert into lang values (:'foo bar')", {'foo bar': 'a'})
The documentation suggests not but you never know.
Apparently for the #AAA form you can:
The identifier name in this case can include one or more occurrences of "::" and a suffix enclosed in "(...)" containing any text at all.
But that doesn't let you have an arbitrary name since the brackets are still part of the name. So the answer appears to be no.
I'm currently writing my CSP policy in NGINX and I need to provide a report-uri that has the special character ; in it. Notice that ; is valid for an URI path.
default-src: 'self'; report-uri: /;index
However, the ; doesn't get recognized as a valid character and so I'm getting following error in my browsers (Chrome) console:
Unrecognized Content-Security-Policy directive 'index'.
Is there any way to escape the character or wrap the URI inside a string (inside the header string)? I already tried \; and single quote wrapping (I'm using double quotes to wrap the header content).
You need to percent-encode the semicolon as %3B. The CSP spec has the following note:
Note: Characters like U+003B SEMICOLON (;) and U+002C COMMA (,) cannot appear in source expressions directly: if you’d like to include these characters in a source expression, they must be percent encoded as %3B and %2C respectively.
So the CSP policy shown in the question should instead be written like this:
default-src: 'self'; report-uri: /%3Bindex
I have a URL like that: localhost:8080/demo/
And when I call localhost:8080/demo/''''''''' It working fine.
But when I try with localhost:8080/demo/;;; It not working and return HTTP code 404 Not Found.
I tried with few special character # % \ ? / , it returned 400 too.
Anyone can explain it for me?
Thank you so much!
These special characters are not directly allowed in URLs,
because they have special meanings there.
For example:
/ is separator within the path,
? marks the query-part of an URL,
# marks a page-internal link,
etc.
Quoted from Wikipedia: Percent-encoding reserved characters:
When a character from the reserved set (a "reserved character")
has special meaning (a "reserved purpose") in a certain context,
and a URI scheme says that it is necessary to use that character
for some other purpose, then the character must be percent-encoded.
Percent-encoding a reserved character involves converting the
character to its corresponding byte value in ASCII and then
representing that value as a pair of hexadecimal digits. The digits,
preceded by a percent sign (%) which is used as an escape character,
are then used in the URI in place of the reserved character.
For example: ; is a reserved character. Therefore, when ; shall occur
in an URL but without having its special meaning, then it needs to be
replaced by %3B as defined here
I need to find attribute values in an ASPX file using regular expressions.
That means you don't need to worry about malformed HTML or any HTML related issues.
I need to find the value of a particular attribute (LocText). I want to get what's inside the quotes.
Any ASPX tags such as <%=, <%#, <%$ etc. inside the value don't make sense for this attribute therefore are considered as part of it.
The regex I began with looks like this:
LocText="([^"]+)"
This works great, the first group, which is the result text, gets everything except the double quotes, which are not allowed there (" ; must be used instead)
But the ASPX file allows using of single quotes - second regular expression must be applied then.
LocText='([^']+)'
I could use these two regular expressions but I'm looking for a way to connect them.
LocText=("([^"]+)"|'([^']+)')
This also works but doesn't seem very efficient as it's creating unnecessary number of groups. I think this could be somehow done by using backreferences, but I can't get it to work.
LocText=(["']{1})([^\1]+)\1
I thought that by this, I save the single/double quote to the first group and then I tell it to read anything that is NOT the char found in the first group. This is enclosed again by the quote from the first group. Obviously, I'm wrong and it's not working like that.
Is there any way, how to connect the first two expressions together creating just a minimum amount of groups with one group being the value of the attribute I want to get? Is it possible using a backreference for the single/double quote value, or have I completely misunderstood the meaning of them?
I'd say your solution with alternation isn't that bad, but you could use named captures so the result will always be found in the same group's value:
Regex regexObj = new Regex(#"LocText=(?:""(?<attr>[^""]+)""|'(?<attr>[^']+)')");
resultString = regexObj.Match(subjectString).Groups["attr"].Value;
Explanation:
LocText= # Match LocText=
(?: # Either match
"(?<attr>[^"]+)" # "...", capture in named group <attr>
| # or match
'(?<attr>[^']+)' # '...', also capture in named group <attr>
) # End of alternation
Another option would be to use lookahead assertions ([^\1] isn't working because you can't place backreferences inside a character class, but you can use them in lookarounds):
Regex regexObj = new Regex(#"LocText=([""'])((?:(?!\1).)*)\1");
resultString = regexObj.Match(subjectString).Groups[2].Value;
Explanation:
LocText= # Match LocText=
(["']) # Match and capture (group 1) " or '
( # Match and capture (group 2)...
(?: # Try to match...
(?!\1) # (unless it's the quote character we matched before)
. # any character
)* # repeat any number of times
) # End of capturing group 2
\1 # Match the previous quote character
$valid-url = "p1=".rawurlencode($_GET['p1'])."&type=".rawurlencode($_GET['type'])."&os=".rawurlencode($_GET['os'])."&price=".rawurlencode($_GET['price'])."&sort=".rawurlencode($_GET['sort'])."&sort_order=".rawurlencode($_GET['sort_order'])."&perpage=".rawurlencode($perpage)."";
i am trying to build the url and pass it to <a href=''..but its throwing escaping problem...can i get some help on this.
You can't use '-' in variable names! Your fixed code is:
$validurl = "p1=".rawurlencode($_GET['p1'])."&type=".rawurlencode($_GET['type'])."&os=".rawurlencode($_GET['os'])."&price=".rawurlencode($_GET['price'])."&sort=".rawurlencode($_GET['sort'])."&sort_order=".rawurlencode($_GET['sort_order'])."&perpage=".rawurlencode($perpage)."";
You should try to name the variable properly - is not allowed in variable names in PHP
Reference:
http://www.php.net/manual/en/language.variables.basics.php
Quote:
Variables in PHP are represented by a dollar sign followed by the name of the variable. The variable name is case-sensitive.
Variable names follow the same rules as other labels in PHP. A valid variable name starts with a letter or underscore, followed by any number of letters, numbers, or underscores. As a regular expression, it would be expressed thus: '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*'