[PATCH] Add "compliant" option to ssl_verify_client for CORS support
Maxim Dounin
mdounin at mdounin.ru
Fri Jan 17 11:53:09 UTC 2020
Hello!
On Thu, Jan 16, 2020 at 12:42:38PM -0700, Sampson Crowley wrote:
> Maxim the work around you provided is invalid,
>
> ssl_verify_client optional;
>
> set $allow 0;
>
> if ($ssl_client_verify = OK) {
> set $allow 1;
> }
>
> if ($method = OPTIONS) {
> set $allow 1;
> }
>
> if (!$allow) {
> return 496;
> }
>
> returns 'invalid condition "!$allow" by nginx and the service fails to start
Sure, my bad. It should be "$allow != 1". And "$method" should be
"$request_method" instead.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list