Skip to content

Commit 968ea68

Browse files
travisghansentravisghansen
committed
proper regex escaping
Signed-off-by: Travis Glenn Hansen <travisghansen@yahoo.com>
1 parent aec8a1a commit 968ea68

File tree

2 files changed

+9
-3
lines changed

2 files changed

+9
-3
lines changed

CHANGELOG.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,9 @@
1+
# v0.5.8
2+
3+
Released 2021-09-05
4+
5+
- properly escape regex values in `haproxy-ingress-proxy`
6+
17
# v0.5.7
28

39
Released 2021-09-05

src/KubernetesPfSenseController/Plugin/HAProxyIngressProxy.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -266,9 +266,9 @@ public function doAction()
266266
if (substr($host, 0, 2) == "*.") {
267267
// hdr(host) -m reg -i ^[^\.]+\.example\.org$
268268
// hdr(host) -m reg -i ^[^\.]+\.example\.org(:[0-9]+)?$
269-
$hostACL = "hdr(host) -m reg -i ^[^\.]+".str_replace(".", "\.", substr($host, 1))."(:[0-9]+)?$";
269+
$hostACL = "hdr(host) -m reg -i ^[^\.]+".str_replace([".", "-"], ["\.", "\-"], substr($host, 1))."(:[0-9]+)?$";
270270
} else {
271-
$hostACL = "hdr(host) -m reg -i ^".str_replace(".", "\.", $host)."(:[0-9]+)?$";
271+
$hostACL = "hdr(host) -m reg -i ^".str_replace([".", "-"], ["\.", "\-"], $host)."(:[0-9]+)?$";
272272
}
273273

274274
// https://kubernetes.io/docs/concepts/services-networking/ingress/#path-types
@@ -319,7 +319,7 @@ public function doAction()
319319
// hdr(host) -m reg -i ^[^\.]+\.example\.org$
320320
// hdr(host) -m reg -i ^[^\.]+\.example\.org(:[0-9]+)?$
321321
// sni should never have the port on the end as the host header may have
322-
$hostACL = "req_ssl_sni -m reg -i ^[^\.]+".str_replace(".", "\.", substr($host, 1));
322+
$hostACL = "req_ssl_sni -m reg -i ^[^\.]+".str_replace([".", "-"], ["\.", "\-"], substr($host, 1));
323323
} else {
324324
$hostACL = "req_ssl_sni -m str -i ${host}"; // exact match case-insensitive
325325
}

0 commit comments

Comments
 (0)