URL encoding and other hackery
Adam Doppelt
amd at urbanspoon.com
Sun Feb 17 07:44:00 MSK 2008
Hi. First, let me just say that I love nginx. Thanks for creating and
maintaining it - we appreciate it.
I am using nginx as the front end to a rails cluster. When rails
generates a page I write the page to disk, where nginx can look for it
later. I want to use something like this:
if (-f $document_root/$uri)
But I anticipate a few problems:
1) the uri might include ".." or similar hackery
2) the uri might include query parameters
That leads to my questions:
1) Does nginx validate incoming uris? Will it strip out ".."?
2) Can I URL encode a variable?
Thanks!
Adam
More information about the nginx
mailing list