Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Alex Med nginx-forum at forum.nginx.org
Fri Oct 4 19:36:13 UTC 2019 

Dear Francis:

Thank you again for your help!

I apologize. Perhaps, I should have started with what I want to accomplish
with the configuration.  
I want the server to lowercased every URI except the ones that begins with
any of the following
paths: 

/api/
/contentAsset/
/categoriesServlet/
/DotAjaxDirector/
/html/
/dwr/
/dA/
/JsonTag/

Most of the above paths belong to a protected area that requires the user to
login with an id and a password.

So for example, if the server receives a request for
https://example.com/API/ or https://example.com/contentAsset/
or https://example.com/DotAjaxDirector/ it should leave them intact. This is
not happening in certain
instances 

For anything else, it should lowercase any other uri.


Now, to answer your questions:

Your Question # 1
-----
then the requests for /dwr/interface/CategoryAjax.js,
/dwr/interface/HostAjax.js, and /html/images/languages/gh_TW.gif are
served from the first location, not the second.

So - I'm not seeing what you are reporting.

When you do a "curl -i" for /dwr/interface/CategoryAjax.js, what response
do you get?

HTTP 200, HTTP 301, something else?
---

Answer to Your Question:

I get a 401 error not authorized if I use curl.  But if I go and log in the
restricted area via a web browser and viewed the page with the inspertor's
developer tool I no longer see some of the error on the console.  This is
probably because I was getting
the errors from cache? I cleared the cache this morning so I stopped seeing
some errors.  I still see a:
Failed to load resource:the server responded with a status of 404() to the
following urls:
example.com/jsontags
example.comcategoriesservlet

The errors are being generated because nginx is lowercasing JsonTags and
CategoriesServlet.

If I do a curl:

curl -i http://example.com/JsonTags
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 04 Oct 2019 19:21:32 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://example.com/jsontags

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

curl -i http://example.com/CategoriesServlet
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 04 Oct 2019 19:23:56 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://example.com/categoriesservlet

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>



For URIs outside of the restricted areas:

If I write http://example.com/API/ or http://example.com/API they are
lowercased, they should not be lowercase because it
should be served by location #1 which makes the path case insensitive with
the "~".

curl -i http://example.com/API/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 04 Oct 2019 19:24:56 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://example.com/api/

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>



However, the url http://example.com/contentAsset is not lowercased and this
uri is outside of the restricted area.

curl -I
http://example.com/contentAsset/image/ctfgs9b9b-fdcb-4a4a-807d-123x896fb0/fileAsset/filter/Resize,Jpeg/resize_w/1000/Jpeg_q/.8
HTTP/1.1 200 
Server: nginx
Date: Fri, 04 Oct 2019 19:27:10 GMT
Content-Type: image/jpeg
Content-Length: 83580
Connection: keep-alive
Content-Disposition: inline; filename="scarlet-macaw-ara-macao.jpg"
Expires: Sat, 03 Oct 2020 19:27:10 +0000
Cache-Control: public, max-age=31536000
Last-Modified: Sat, 28 Sep 2019 17:49:34 +0000
ETag: dot:ctfgs9b9b-fdcb-4a4a-807d-123x896fb0:1569692974000:83580
Accept-Ranges: bytes


I also get this error:  WebSocket connection to
'ws://example.com/api/ws/v1/system/events' failed: Unexpected response code:
200. This I have been told
that I have to set the proxy pass to localhost rather than IP in order to
work it properly.  I have not tested it yet.

Below is the current configuration for your consideration. Any ideas what I
could be doing wrong?




        # SERVER DEFINITIONS
##BETA EXAMPLE HTTP SERVER CONFIGURATION START
server {

        listen 80;
    
        server_name example.com;

        ## URL REWRITE FUNCTION THAT LOWERCASES ALL URIS
        ## START
       ## THIS IS OUTSIDE OF THE SERVER DEFINITION IN THE HTTP BLOCK - I PUT
IT HERE SO YOU CAN SEE IT

        perl_set $my_uri_to_lowercase 'sub {
         my $r = shift;
         my $uri = $r->uri;
         $uri = lc($uri);
         return $uri;
         }';
        ## URL REWRITE FUNCTION THAT LOWERCASES ALL URIS
        ## END

##Trailing Slash in URLContent
## It doest not work on http://beta.example.com/real-estate/properties
#rewrite ^/(.*)/(.*)/$ /$1/$2 permanent;



## LOCATION #1
## THIS LOCATION WILL PREVENT LOWERCASING IN ANY URI THAT BEGINS WITH
/API/WHATEVER , /CONTENTASSET/WHATEVER, ETC.
## ~ MAKES IT CASEINSENSITIVE SO EITHER /api/ or /API/ will not be
lowercased
## ^ MAKES IT MATCH WITH THE BEGINING OF THE "/" AND THE PATH WE DO NOT WANT
TO LOWERCASE
## I ADDED THE proxy_pass as observation of David Francis on Nginx Forum
## IF URI MATCHES THIS LOCATION THEN IT WILL STOP SEARCHING FOR OTHER
LOCATION MATCHES

location ~
^/(api|contentAsset|categoriesServlet|DotAjaxDirector|html|dwr|dA|JsonTags)/
{
            proxy_pass http://xxx.xx.xx.xxx:IIII;
            proxy_set_header  Host $host;
            proxy_set_header  X-Real-IP $remote_addr;
            proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 600;
            proxy_send_timeout 600;
            proxy_read_timeout 600;
            proxy_redirect off;

		}
      ## LOCATION #2
      ## THIS LOCATION WILL LOWERCASE ANYTHING THAT HAS UPPCASE LETTERS
      ## EXCEPT THE PATHS STATED ON LOCATION #1
      location ~ [A-Z] {

            return 301 $scheme://$host$my_uri_to_lowercase;
     
            proxy_pass http://xxx.xx.xx.xxx:IIII;
            proxy_set_header  Host $host;
            proxy_set_header  X-Real-IP $remote_addr;
            proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 600;
            proxy_send_timeout 600;
            proxy_read_timeout 600;
            proxy_redirect off;
}

      ## LOCATION #3
      ## THIS LOCATION IS THE DEFAULT LOCATION
         location / {
            proxy_pass http://xxx.xx.xx.xxx:IIII;
            proxy_set_header  Host $host;
            proxy_set_header  X-Real-IP $remote_addr;
            proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_connect_timeout 600;
            proxy_send_timeout 600;
            proxy_read_timeout 600;
            proxy_redirect off;

                    }


        }
##BETA EXAMPLE HTTP SERVER CONFIGURATION END

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,285780,285797#msg-285797

More information about the nginx mailing list