SSI "unsafe URI" problem after upgrade from 0.5 to 0.6
Toni Mueller
support-nginx at oeko.net
Mon Sep 15 18:02:32 MSD 2008
Hi,
I am running a site which has a lot of
<!--#include virtual="../menu-left.incl" -->
in it, which worked like a charm in 0.5.x, but broke in 0.6.32 due to
the error "unsafe URI ... detected while sending response to client".
The URI used by nginx looks much like this:
/bla/blubb/../menu-left.incl
Now, the user instead sees an error message: "[an error occurred while
processing the directive]", which doesn't exactly make me look
"professional". ;}
It would be nice if this behaviour could be configurable. Of course,
that would slow things down, although I don't know how much, after the
penalty for using SSI has already been incurred.
This problem looks like having been discussed on the russian mailing
list already, but I can't really read it.
http://www.lexa.ru/nginx-ru/msg05741.html
TIA!
Kind regards,
--Toni++
More information about the nginx
mailing list