Another auth/location question - probably very simple to fix :)
Igor Sysoev
is at rambler-co.ru
Sun Aug 17 10:09:50 MSD 2008
On Sat, Aug 16, 2008 at 03:00:34PM -0700, mike wrote:
> On Sat, Aug 16, 2008 at 1:07 PM, Igor Sysoev <is at rambler-co.ru> wrote:
>
> > Looking at code, I've found that simple should work:
> >
> > location /wordpress/admin {
> >
> > If nginx has found maximum static match, it look inclusive static and
> > regex locations. The matched inclusive regex location stops searching.
> >
> > It seems that inclusive locations should be documented: forgot how they
> > works :).
>
> this works:
> location ~ /wordpress/wp-admin.* {
> auth_basic "wordpress";
> auth_basic_user_file /home/mike/web/foo.com/.htpasswd;
> location ~ \.php$ {
> fastcgi_pass 127.0.0.1:11000;
> }
> }
>
> this does not:
>
> location /wordpress/admin/ {
> auth_basic "wordpress";
> auth_basic_user_file /home/mike/web/foo.com/.htpasswd;
> location ~ \.php$ {
> fastcgi_pass 127.0.0.1:11000;
> }
> }
>
> and this is the only other location block in that server block...
>
> location ~ \.php$ {
> fastcgi_pass 127.0.0.1:11000;
> }
The attached patch should fix two inclusive bugs.
If will not help, the current workaround is to use one level locations:
location ~ /wordpress/wp-admin {
auth
}
location ~ /wordpress/wp-admin/.*\.php$ {
auth
fastcgi
}
location ~ \.php$ {
fastcgi
}
--
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/http/ngx_http_core_module.c
===================================================================
--- src/http/ngx_http_core_module.c (revision 1500)
+++ src/http/ngx_http_core_module.c (working copy)
@@ -1117,18 +1117,41 @@
}
+/*
+ * NGX_OK - exact or regex match
+ * NGX_DONE - auto redirect
+ * NGX_AGAIN - inclusive match
+ * NGX_DECLINED - no match
+ * NGX_HTTP_INTERNAL_SERVER_ERROR - error
+ */
+
static ngx_int_t
ngx_http_core_find_location(ngx_http_request_t *r)
{
ngx_int_t rc;
ngx_http_core_loc_conf_t *pclcf;
+#if (NGX_PCRE)
+ ngx_int_t n;
+ ngx_uint_t noregex;
+ ngx_http_core_loc_conf_t *clcf, **clcfp;
+ noregex = 0;
+#endif
+
pclcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
rc = ngx_http_core_find_static_location(r, pclcf->static_locations);
if (rc == NGX_AGAIN) {
+
+#if (NGX_PCRE)
+ clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
+
+ noregex = clcf->noregex;
+#endif
+
/* look up nested locations */
+
rc = ngx_http_core_find_location(r);
}
@@ -1139,14 +1162,9 @@
/* rc == NGX_DECLINED or rc == NGX_AGAIN in nested location */
#if (NGX_PCRE)
- {
- ngx_int_t n;
- ngx_http_core_loc_conf_t *clcf, **clcfp;
- clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
+ if (noregex == 0 && pclcf->regex_locations) {
- if (clcf->noregex == 0 && pclcf->regex_locations) {
-
for (clcfp = pclcf->regex_locations; *clcfp; clcfp++) {
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
@@ -1172,10 +1190,11 @@
/* look up nested locations */
- return ngx_http_core_find_location(r);
+ (void) ngx_http_core_find_location(r);
+
+ return NGX_OK;
}
}
- }
#endif
return rc;
More information about the nginx
mailing list