So is "rewrite_by_lua" also evil?

Nginx User nginx at nginxuser.net
Fri Oct 14 19:24:52 UTC 2011


On 14 October 2011 16:27, Nginx User <nginx at nginxuser.net> wrote:
> Looking at things further, it may be a mime type issue clouding things.
> My js files use the non-standard but widely adopted "text/javascript"
> while Nginx comes with the standard but not always supported
> "application/X-javascript" mime type.
> Not sure I changed the mimes types file accordingly when I went to 1.0.8.
>
> The phpMyadmin one is funny though as all it does is use an alias.

OK. I went back to nginx1.0.8 and 0.31rc11, made sure everything was
proper and made sure I only used rewrite by lua to trigger the jump

server {
      ...
      location @pretty_urls {
              # some rewrite rules to php
      }
      location @proxy {
              include /etc/nginx/firewall.default;
              proxy_pass http://127.0.0.1:8080;
              ...
      }
      location ~ ^.+\.php$ {
              content_by_lua 'ngx.exec("@proxy");';
      }
      location / {
              try_files $uri $uri/ @pretty_urls;
      }
}

Everything works perfectly and not a hint of evil behaviour. Not sure
what I missed before but I am now as happy as Larry.

Now I can implement the second stage of my WAF implementation plan
where firewall.default would query PHPIDS (https://phpids.org/)
instead of my homebrew regexes.



More information about the nginx mailing list