I want help...
Francis Daly
francis at daoine.org
Fri Dec 14 20:51:38 UTC 2012
On Sat, Dec 15, 2012 at 04:18:55AM +0800, Thomas Joseph wrote:
Hi there,
it seems to me that the level of application-specific control you are
looking for probably does not belong in a default nginx.conf.
The back-end application is probably the right place to do these checks.
You could try using one of the nginx embedded language modules, which
may provide more features.
Or you could try using the various $arg_* variables in a map --
http://nginx.org/r/map.
> And a valid submission will be https://x.y.com/?abc=1.2.3.4&pqr=asdf&xyz=123888598
Would https://x.y.com/?abc=1.2.3.4&xyz=123888598&pqr=asdf be
invalid? Unless you control the client, you probably don't control
the order.
> abc is numeric, with . in between, and ending in digit(s), think of a uuid like 2.16.840.1.113883
>
> pqr is only alpha, but has 2 choices, asdf or lkjh
>
> xyz is purely numeric
Untested, but something like
map $arg_xyz $xyz_bad {
default 1
~ ^[0-9]+$ 0
}
with similar things for "abc" and "pqr", would set variables that you
could then test for.
if ($xyz_bad) {
return 400 "xyz is wrong"
}
> location / {
> ....
> ....
> if ($args ~ ^((abc=(\d+\.)+(\d+))\&(pqr=(asdf|lkjh))\&(xyz=\d+))$){
> proxy_pass http://127.0.0.1:890/?$1;
> }
>
> Still I can not limit the repetition, like (abc=(\d{3,10})). Seems nginx, does not support {}. Is that true ?
I don't know; but it possibly depends on the regex library found at
compile time.
> And what about "if is evil"
Don't use "if" inside "location" unless you can explain why your usage
is correct. That's the rule I tend to use.
Good luck with it,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list