about error_page and named location

Fri Nov 30 10:03:18 UTC 2012

On Fri, Nov 30, 2012 at 10:33:06AM +0800, 任晓磊 wrote:
> For rejecting some unfriendly access, I use 410 status code for them. The
> config is below:
> 
> error_page 410 /410;
> if (xxx) {
>  return 410;
> }
> 
> location /410 {
>  more_set_headers "Content-Type: text/html;charset=utf8;";
> return 410 '$remote_addr 禁止访问云云';
> }
> 
> When I access it for testing purpose, I got
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html>
> <head><title>410 Gone</title></head>
> <body bgcolor="white">
> <h1>410 Gone</h1>
> <p>The requested resource is no longer available on this server and there
> is no forwarding address. Please remove all references to this
> resource.<hr/>Powered by Tengine
> </body>
> </html>
> 
> If I use error_page 410 @410; and location @410{...} , it works correctly,
> and serves a page with my own message.
> 
> So,
> 1st, What's the differences between norma location and named location, in
> this context?

This is due to implementation differences in handling internal redirects
and named locations.

When you "return 410" on the server level, "error_page 410 /410" does
an internal redirect to location "/410".  This is processed as a new
request, including running ngx_http_rewrite_module directives specified
on the server level, thus "return 410" fires again.  Because
"recursive_error_pages" is off, standard error page is returned.
(If you turn it on, you'll get 500 instead, due to redirection cycling.)

"error_page 410 @410", on the other hand, does a redirect straight to a
named location "@410", thus the processing skips "server rewrites" and
"find configuration" phases of processing, and you get a custom body
for 410 as expected.

You can avoid these differences by moving what you now have on the
server level to "location /".

> 2nd, Are there better ways to serve a html page to unfriendly access, and
> use nginx's variables in the html? I tried return 410 '$remote_addr
> rejected' ,but it gave a application/octet-stream response, browser would
> download it instead of display the message in browser window. So I have to
> use more headers module to set Content-Type.

Content-Type is controlled by http://nginx.org/r/default_type and
http://nginx.org/r/types directives, for example:

: server {
:     default_type application/octet-stream;
:     types {
:         text/html html;
:     }
: 
:     error_page 403 @error;
: 
:     location @error {
:         default_type text/plain;
:         types {}
: 
:         return 200 'error $status\n';
:     }
: }

: $ echo test > html/test.html
: $ curl -i http://localhost:8000/test.html
: HTTP/1.1 200 OK
: Server: nginx/1.3.9
: Date: Fri, 30 Nov 2012 09:53:35 GMT
: Content-Type: text/html
: Content-Length: 5
: Last-Modified: Fri, 30 Nov 2012 09:53:31 GMT
: Connection: keep-alive
: ETag: "50b8821b-5"
: Accept-Ranges: bytes
: 
: test
: $ chmod u-r html/test.html 
: $ curl -i http://localhost:8000/test.html
: HTTP/1.1 403 Forbidden
: Server: nginx/1.3.9
: Date: Fri, 30 Nov 2012 09:53:46 GMT
: Content-Type: text/plain
: Content-Length: 10
: Connection: keep-alive
: 
: error 403

See also http://nginx.org/en/docs/http/ngx_http_ssi_module.html