[PATCH] Support X-Forwarded-Proto in redirects
Maxim Dounin
mdounin at mdounin.ru
Mon Mar 19 20:09:04 UTC 2018
Hello!
On Mon, Mar 19, 2018 at 08:53:46PM +0100, Lukas Vacek wrote:
> # HG changeset patch
> # User Lukas Vacek <lucas.vacek at gmail.com>
> # Date 1521488415 -3600
> # Mon Mar 19 20:40:15 2018 +0100
> # Node ID 0f9ed8bb5c9505f7a77271eed54e7b01b9b65a81
> # Parent 413189f03c8d13d0d20bd5e44fa0e48e693badef
> Support X-Forwarded-Proto in redirects
>
> This patch adds a new configuration option x_forwarded_proto_in_redirect
> (default off) to fill schema from X-Forwarded-Proto HTTP header in
> URLs generated by nginx.
>
> This is handy when running nginx behind SSL off-loading reverse proxy.
Try "absolute_redirect off" instead, see
http://nginx.org/r/absolute_redirect for details.
[...]
> + if (clcf->x_forwarded_proto_in_redirect) {
> + part = &r->headers_in.headers.part;
> + header = part->elts;
> +
> + for (i = 0; /* void */; i++) {
> + if (i >= part->nelts) {
> + if (part->next == NULL) {
> + break;
> + }
> +
> + part = part->next;
> + header = part->elts;
> + i = 0;
> + }
> +
> + if (ngx_strcasecmp(header[i].key.data,
> + (u_char *)"X-Forwarded-Proto") == 0) {
> + proto = header[i].value;
> + break;
> + }
> + }
> + }
Just a side note: full scan of all headers is certainly not
something that should be used for such tasks. Instead, a field
for a header should be added to r->headers_in, and an entry should
be added to the ngx_http_headers_in array. With such approach it
is possible to test / access interesting headers immediately in
the code, with minimal overhead.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list