Nginx allowed characters inside full URL / URI and ARGS
nginx-forum at forum.nginx.org
Sat Jul 15 09:56:21 UTC 2017
Yes but characters in args like = & and ? are allowed and its when they
insert more than one occurance of them nginx accepts them and they bypass
any caches that you have.
&argument=value | Cache : HIT
&&&arguement===value | Cache : MISS
And when they want to DoS you they will do something like the following.
It is easy to bypass the cache when your not suppose to.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,275500,275509#msg-275509
More information about the nginx