allow traffic through with a certain header value

Francis Daly francis at daoine.org
Wed Jun 20 15:13:56 UTC 2018


On Tue, Jun 19, 2018 at 03:34:13PM -0400, vchhabra at medallia.com wrote:

Hi there,

> I'm trying the "if" statement below in my
> nginx app config file, but doesn't seem to quite work.     It just gives a
> 403 for every request.

>     location / {
> 	 if ($http_headerkey != "headervalue") {
>          return 403; }

It seems to work for me:

  server {
    listen 8000;
    location / {
      if ($http_headerkey != "headervalue") { return 403; }
      return 404;
    }
  }

And then:

$ curl -I -H HeaderKey:headervalue http://127.0.0.1:8000/x
HTTP/1.1 404 Not Found

$ curl -I -H HeaderKey:somethingelse http://127.0.0.1:8000/x
HTTP/1.1 403 Forbidden

$ curl -I http://127.0.0.1:8000/x
HTTP/1.1 403 Forbidden

I get 403 if the key does not have the value, and I get the here-expected 404
if the key does have the value.

What do you get if you try that test?

	f
-- 
Francis Daly        francis at daoine.org


More information about the nginx mailing list