Check SCRIPT_NAME is at the request path's beginning

2026-01-14 11:09:11 +08:00 · 2022-05-22 00:42:55 +02:00 · 2022-05-22 00:42:55 +02:00 · f0c91cca48
commit f0c91cca48
parent 72238fcf8d
2 changed files with 15 additions and 2 deletions
--- a/gunicorn/http/errors.py
+++ b/gunicorn/http/errors.py
@ -22,6 +22,15 @@ class NoMoreData(IOError):
        return "No more data after: %r" % self.buf


+class ConfigurationProblem(ParseException):
+    def __init__(self, info):
+        self.info = info
+        self.code = 500
+
+    def __str__(self):
+        return "Configuration problem: %s" % self.info
+
+
 class InvalidRequestLine(ParseException):
    def __init__(self, req):
        self.req = req
--- a/gunicorn/http/wsgi.py
+++ b/gunicorn/http/wsgi.py
@ -10,7 +10,7 @@ import re
 import sys

 from gunicorn.http.message import TOKEN_RE
-from gunicorn.http.errors import InvalidHeader, InvalidHeaderName
+from gunicorn.http.errors import ConfigurationProblem, InvalidHeader, InvalidHeaderName
 from gunicorn import SERVER_SOFTWARE, SERVER
 from gunicorn import util

@ -182,7 +182,11 @@ def create(req, sock, client, server, cfg):
    # set the path and script name
    path_info = req.path
    if script_name:
-        path_info = path_info.split(script_name, 1)[1]
+        if not path_info.startswith(script_name):
+            raise ConfigurationProblem(
+                "Request path %r does not start with SCRIPT_NAME %r" %
+                (path_info, script_name))
+        path_info = path_info[len(script_name):]
    environ['PATH_INFO'] = util.unquote_to_wsgi_str(path_info)
    environ['SCRIPT_NAME'] = script_name