Changes with nginx 1.5.4 27 Aug 2013v1.5.4

*) Change: the "js" extension MIME type has been changed to
"application/javascript"; default value of the "charset_types"
directive was changed accordingly.

*) Change: now the "image_filter" directive with the "size" parameter
returns responses with the "application/json" MIME type.

*) Feature: the ngx_http_auth_request_module.

*) Bugfix: a segmentation fault might occur on start or during
reconfiguration if the "try_files" directive was used with an empty
parameter.

*) Bugfix: memory leak if relative paths were specified using variables
in the "root" or "auth_basic_user_file" directives.

*) Bugfix: the "valid_referers" directive incorrectly executed regular
expressions if a "Referer" header started with "https://".
Thanks to Liangbin Li.

*) Bugfix: responses might hang if subrequests were used and an SSL
handshake error happened during subrequest processing.
Thanks to Aviram Cohen.

*) Bugfix: in the ngx_http_autoindex_module.

*) Bugfix: in the ngx_http_spdy_module.

1 files changed, 3 insertions, 1 deletions

diff --git a/src/http/modules/ngx_http_referer_module.c b/src/http/modules/ngx_http_referer_module.c
index d18b8b9d8..85b75ab3d 100644
--- a/src/http/modules/ngx_http_referer_module.c
+++ b/src/http/modules/ngx_http_referer_module.c
@@ -147,10 +147,12 @@ ngx_http_referer_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v,
 
         if (ngx_strncasecmp(ref, (u_char *) "http://", 7) == 0) {
             ref += 7;
+            len -= 7;
             goto valid_scheme;
 
         } else if (ngx_strncasecmp(ref, (u_char *) "https://", 8) == 0) {
             ref += 8;
+            len -= 8;
             goto valid_scheme;
         }
     }
@@ -191,7 +193,7 @@ valid_scheme:
         ngx_int_t  rc;
         ngx_str_t  referer;
 
-        referer.len = len - 7;
+        referer.len = len;
         referer.data = ref;
 
         rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log);