URI escaping for X-Accel-Redirect and proxy_pass in 1.4.7 and 1.6.0

gwilym nginx-forum at nginx.us
Tue Jun 17 06:49:54 UTC 2014


We are updating Nginx from 1.4.7 and 1.6.0 and noticed an error in our app
likely related to the 1.5.9 change: now nginx expects escaped URIs in
"X-Accel-Redirect" headers.

We have an internal location for proxying content from a backend HTTP system
(Swift, actually). The location block looks like this:

location ~
^/protected/swift/(http|https)/([A-Za-z0-9\.\-]+)/([1-9][0-9]+)/([A-Za-z0-9_]+)/(.*)
{
  internal;
  proxy_set_header X-Auth-Token $4;
  proxy_pass $1://$2:$3/$5;
  proxy_hide_header Content-Type;
}

Nginx 1.4.7 functions as expected when sending X-Accel-Redirect:
/protected/swift/http/HOST/PORT/TOKEN/v1/AUTH_test/content/image%20with%20spaces.jpg

Under 1.6.0 this fails. It produces a GET request to the backend decoded
into spaces and so becomes an invalid HTTP request.

The workaround is to _double_ encode so as to send back
"image%2520with%2520spaces.jpg" to Nginx but we can't roll this out until
Nginx 1.6 because it breaks 1.4... but we can't roll out 1.6 until the code
is there.

Is there a solution that works for both?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,250909,250909#msg-250909



More information about the nginx mailing list