location regular expression not filtering some characters
CM Fields
cmfileds at gmail.com
Tue Jun 19 15:46:32 UTC 2012
I am looking to filter all characters other then those specified in the
"location" regular expression. For example, [\w.]+$ should only allow one or
more letters, numbers, underscore and period just like [a-zA-Z0-9_.]
location ~* ^/data/[\w.]+$ {...}
When I test the url with wget I find the pound (#) and question mark (?) are
allowed through. For example...
This URL is valid and is allowed through
wget "http://example.com/data/1234.txt"
This URL with the additional "#" should not be allowed thorugh, but it is.
wget "http://example.com/data/12#34.txt"
Adding a question mark also gets through when it is supposed to be blocked like
the pound "#" above.
wget "http://example.com/data/12?34.txt"
Are pound (#) and questions mark (?) matches being overridden in Nginx and thus
getting past my regular expression?
Does anyone know of a way to block the "#" or "?" that I am missing?
Just for clarity, I have no need for the "#" or "?" in my script and I can do
checks in the script to exclude these characters if necessary.
More information about the nginx
mailing list