Questions about proxy_pass and internal directives
mrtn
nginx-forum at nginx.us
Fri Oct 19 00:08:21 UTC 2012
Reinis Rozitis Wrote:
-------------------------------------------------------
> You are using 'internal' in a wrong way (at least judging from your
> configuration excerpts).
>
> If you read the documentation
> http://nginx.org/en/docs/http/ngx_http_core_module.html#internal you
> should
> see that internal locations can't be accessed directly from
> client/browser
> but need some sort of _internal_ redirect.
>
>
>
> If there is a need for a backend application to check for permissions
> but
> serve the file from nginx (while the same time denying direct access)
> one
> way to do it is making the backend application to send
> 'X-Accel-Redirect'
> header ( some examples: http://wiki.nginx.org/XSendfile ).
That's exactly what I am doing.
location ^~ /foo/bar/ {
internal;
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
}
I use "internal" directive to block direct access to anything
"/foo/bar/,,,", which seems to be what nginx is doing. At the same time, I
proxy_pass the request to the backend application server to check for
permissions. If success, the backend server sends a 'X-Accel-Redirect'
header back to nginx to serve the file.
Now the problem is proxy_pass does not seem to work, as no request is being
proxied to the backend server. I wondered if this is because I put it
together with "internal" directive inside the location block, but from here:
http://wiki.nginx.org/X-accel, it seems that this combination should be
fine, as it is given as an example.
I'm scratching my head now...
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,231998,232008#msg-232008
More information about the nginx
mailing list