Questions about proxy_pass and internal directives

mrtn nginx-forum at nginx.us
Fri Oct 19 00:08:21 UTC 2012


Reinis Rozitis Wrote:
-------------------------------------------------------
> You are using 'internal' in a wrong way (at least judging from your 
> configuration excerpts).
> 
> If you read the documentation 
> http://nginx.org/en/docs/http/ngx_http_core_module.html#internal you
> should 
> see that internal locations can't be accessed directly from
> client/browser 
> but need some sort of _internal_ redirect.
> 
> 
> 
> If there is a need for a backend application to check for permissions
> but 
> serve the file from nginx (while the same time denying direct access)
> one 
> way to do it is making the backend application to send
> 'X-Accel-Redirect' 
> header ( some examples: http://wiki.nginx.org/XSendfile ).

That's exactly what I am doing. 

location ^~ /foo/bar/ {
                internal;
                proxy_pass              http://127.0.0.1:8080;
                proxy_redirect         off;
}

I use "internal" directive to block direct access to anything
"/foo/bar/,,,", which seems to be what nginx is doing. At the same time, I
proxy_pass the request to the backend application server to check for
permissions. If success, the backend server sends a 'X-Accel-Redirect'
header back to nginx to serve the file.

Now the problem is proxy_pass does not seem to work, as no request is being
proxied to the backend server. I wondered if this is because I put it
together with "internal" directive inside the location block, but from here:
http://wiki.nginx.org/X-accel, it seems that this combination should be
fine, as it is given as an example.

I'm scratching my head now...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,231998,232008#msg-232008



More information about the nginx mailing list