caddyfile: Prevent bad block opening tokens #4655
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix #4501
Basically, we want to prevent two cases where bad block openings can happen.
☝️ this one used to result in the upstreams list containing
}
(the last token on the line) because since no newline happens,to
reads all the remaining tokens on the same line, consuming bothabc:123
and}
, but never closing the block.This bug is being fixed by checking if after we see a
{
token, whether the next token is on a new line; if not, err. This could break "legitimate" situations where some hypotheticalexpression
-like directive wants to consume all the tokens on the line where{
is some syntactical token of that "language", but I think this is unlikely, and can be worked around by quoting the tokens like"{"
and"}"
(or with backticks).☝️ this one ends up in an upstreams list with
abc:123
and{}
; I don't think there's ever a case where there'd be a placeholder with no name, and having it at the end of line seems like almost always a mistake (where the user is trying to put an empty block in their config).Same idea, we're checking if when we see
{}
whether the next token is on a new line, and if so, err. This can also be worked around by quoting with"{}"
Worth noting that #4643 made the quote workaround possible in this implementation, because now we know whether a particular token was quoted. We would only know the token value previously, without context of quoting. 🎉