nginx http-core enhancement: named location in subrequests + directive use_location

Sergey Brester serg.brester at sebres.de
Thu Apr 30 17:13:01 UTC 2015


 

Am 30.04.2015 15:55, schrieb Maxim Dounin: 

> Hello!
> 
> On Wed, Apr 29, 2015 at 07:22:51PM +0200, Sergey Brester wrote:
> 
> [...]
> And how it's expected to be processed in a named location if r->uri is "@..."? Function "ngx_http_core_find_named_location" if location was found set "r->loc_conf = (*clcfp)->loc_conf" and returns NGX_OK.

The problem is that the r->uri will be illegal.

I think not for internal request?! 

if (r->internal && r->uri... 

> Note that named locations are ones where requests are handled with their original URIs unmodified. This, in particular, allows to use the original URI to select a file, or in a request to the upstream server, etc. With what you are trying to do it doesn't look different from a static location As I wrote it already (of course it is not a static location): Example, instead of : # auth_request /auth_loc/; You can use named location @auth_loc and write now: auth_request @auth_loc;

So what will happen if the location is:

 location @auth_loc {
 proxy_pass http://auth.backend [1];
 }

Which URI will be used in a HTTP request to auth.backend? As far 
as I see, with your code it will result in a

GET @auth_loc HTTP/1.0

request to the upstream server, and immediate 400 response is what 
will happen.

Yes, in this case the backend upstream should support such uri's or more
likely in named location it should be overwritten... 

But for subrequests (example for auth_request) is anyway original
"document_uri" resp. "script_name" more interesting...
Anyway if proxy_pass should use real uri with "/" you can still use
"normal" named convention for nonnamed internal location. 

Here is my config for example: 

 location @cgisvc_auth1 {
 fastcgi_keep_conn on;
 include fastcgi_params;
 fastcgi_pass_request_body off;
 fastcgi_pass http_cgi_backend;
 } 

 location @cgisvc_auth2 {
 proxy_pass http://localhost:8088/ [1];
 } 

 location /test1 {
 auth_request @cgisvc_auth1;
 } 

 location /test2 {
 auth_request @cgisvc_auth2;
 } 

Links:
------
[1] http://auth.backend
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20150430/138e64fb/attachment.html>


More information about the nginx-devel mailing list