Expand description
Redirection module to handle config redirect URLs with pattern matching support.
§Security: ReDoS / pattern complexity
Redirect/rewrite source patterns are admin-supplied at startup. SWS
uses regex_lite, which has no backtracking (linear-time NFA
engine), so the classic catastrophic-backtracking ReDoS class does
not apply. However:
- Per-request work is still proportional to
pattern_size * uri_len. To bound it, requests with URI paths longer than the internal matching cap are skipped (no regex evaluation, no redirect). - Operators should treat redirect patterns as trusted configuration and avoid loading them from untrusted sources.
Functions§
- get_
redirection - It returns a redirect’s destination path and status code if the current request uri matches against the provided redirect’s array.