Nginx location - Distinguish requests by arguments or queries
Francis Daly
francis at daoine.org
Wed Feb 26 08:48:06 UTC 2020
On Tue, Feb 25, 2020 at 05:06:15PM +0000, Francis Daly wrote:
> On Tue, Feb 25, 2020 at 07:05:05AM -0500, stmx38 wrote:
Hi there,
two corrections to my suggestion...
> > For location /test we should permit only POST, for /test?doc we should
> > permit only GET methods.
> Something like:
>
> ==
> map $request_method$request_uri $block_this {
> default 1;
> ~*GET/test\?doc 0;
> ~*POST/test\?. 1;
> ~*POST/test 0;
> }
> ==
> The case-insensitive is because I don't know if your clients do GET or get
> or gEt; and I don't know how important it is that *no* "should-be-blocked"
> requests get to your back-end. Adjust to taste based on testing.
"method" (GET, POST, etc) is case-sensitive -- so will always be
uppercase, so you don't need the case-insensitive matching.
And the patterns should be anchored to the start, to avoid some false
matches.
So - change each instance of "~*" to be "~^", and it should be righter.
Cheers,
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list