Allow internal redirect to URI x, but deny external request for x?

J. Lewis Muir jlmuir at imca-cat.org
Fri Aug 30 18:58:23 UTC 2019


On 08/30, J. Lewis Muir wrote:
> On 08/30, J. Lewis Muir wrote:
> > I'm wondering if the fastcgi_split_path_info function or the if
> > directive is what's emitting the file op message in the error log which
> > would mean that one or both of $realpath_root or $fastcgi_script_name
> > are not set to what I expect. (?)
> 
> Adding
> 
>   return 200 "document_root: $document_root\nfastcgi_script_name: $fastcgi_script_name\n";
> 
> to the location like this
> 
>   location ~ ^/my-app/(.*?[^/]\.php(?:/.*|$)) {
>     alias /srv/www/my-app/current/$1;
>     return 200 "realpath_root: $realpath_root\nfastcgi_script_name: $fastcgi_script_name\n";
>   }

Hmm, I think I need to call fastcgi_split_path_info first, so now I did

  location ~ ^/my-app/(.*?[^/]\.php(?:/.*|$)) {
    alias /srv/www/my-app/current/$1;
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    return 200 "realpath_root: $realpath_root\nfastcgi_script_name: $fastcgi_script_name\nfastcgi_path_info: $fastcgi_path_info\n";
  }

which yields the following:

  $ curl http://localhost/my-app/
  realpath_root: /srv/www/my-app/releases/1.0.2/index.php
  fastcgi_script_name: /my-app/index.php
  fastcgi_path_info:

That doesn't seem right.

Still puzzled,

Lewis


More information about the nginx mailing list