[PATCH] New variable: $ssl_sni_host
Maxim Dounin
mdounin at mdounin.ru
Wed May 22 17:32:37 UTC 2013
Hello!
On Tue, May 21, 2013 at 01:08:43PM +1000, Christian Marie wrote:
> Patch attached adds a new variable, $ssl_sni_host.
>
> I would find this quite useful as there is no other way of knowing for sure
> which host a request is directed at (at the SSL layer), as the HTTP HOST header
> can be wrong.
>
> Possibly somewhat related to: http://trac.nginx.org/nginx/ticket/229
>
> I should mention that I don't intend for this to be a drop in replacement for
> $http_host, though that could very well work with proxy_pass.
E.g. with SPDY, server name as indicated using SNI in it's turn is
_expected_ to be wrong, at least with Chrome. Using such a
variable with proxy_pass doesn't looks like a good idea.
Such a variable might make sense from logging point of view
though. But probably solution suggested by Piotr Sikora is a bit
better, see here:
http://mailman.nginx.org/pipermail/nginx-devel/2013-May/003745.html
http://mailman.nginx.org/pipermail/nginx-devel/2013-May/003746.html
http://mailman.nginx.org/pipermail/nginx-devel/2013-May/003747.html
--
Maxim Dounin
http://nginx.org/en/donation.html
More information about the nginx-devel
mailing list