checking headers

Larry Martell larry.martell at gmail.com
Tue May 31 11:41:06 UTC 2016


On Mon, May 30, 2016 at 2:19 PM, Robert Paprocki
<rpaprocki at fearnothingproductions.net> wrote:
>
>
> On Sat, May 28, 2016 at 12:48 PM, Larry Martell <larry.martell at gmail.com>
> wrote:
>>
>> Is there any way with nginx to check a request's headers and send back
>> a 401 if the headers are not proper?
>
>
>
> Yes, you can do with this via the 'map' and 'if' directives. A trivial
> example:
>
> http {
>         # if the "X-Foo" request header contains the phrase 'data', set $bar
> to 1; otherwise, set it to 0
>         map $http_x_foo $bar {
>                 default 0;
>                 "~data" 1;
>         }
>
>     server {
>         location /t {
>                 if ($bar) {
>                         return 401;
>                 }
>         }
> }
>
> See also http://nginx.org/en/docs/http/ngx_http_map_module.html and
> http://nginx.org/en/docs/http/ngx_http_rewrite_module.html#if

I added this to the http section:

    map $http_x_capdata_auth $not_auth {
        default 1;
        "authorized" 0;
    }

and this to the location section:

            if ($not_auth) {
                return 401;
            }

and it's always returning a 401, even if there is a header:

X-Capdata-Auth: authorized

And I doing something wrong here? How can I debug this?



More information about the nginx mailing list