16 - 注意事項五, 12/11/2021 - 13:03 的修訂版本

修訂版本可以讓你追蹤文章的多個版本的不同之處。

 

 


Off-By-Slash

 

i.e.

location /api {
        proxy_pass http://apiserver/v1/;
}

request

http://server/api/user -> http://apiserver/v1//user

/../

# Nginx normalize "/v1/../" to "/"

http://server/api../ -> http://apiserver/v1/../ -> http://apiserver/

風險

Apache server-status being exposed with the URL http://server/api../server-status

Checking

http://server/api/user -> http://apiserver/v1//user

http://server/apiuser -> http://apiserver/v1/user

 


Root inside Location Block

 

If you add a root to every location block then a location block that isn’t matched will have no root.

server {
    server_name www.example.com;
    location / {
        root /var/www/nginx-default/;
        # [...]
      }
    location /foo {
        root /var/www/nginx-default/;
        # [...]
    }
}

 


Server Name (If)

 

Since you’re requesting NGINX to check for the Host header for every request, it’s extremely inefficient.

server {
    server_name example.com *.example.com;
        if ($host ~* ^www\.(.+)) {
            set $raw_domain $1;
            rewrite ^/(.*)$ $raw_domain/$1 permanent;
        }
        # [...]
    }
}

建議做法

server {
    server_name www.example.com;
    return 301 $scheme://example.com$request_uri;
}
server {
    server_name example.com;
    # [...]
}

 


Incorrect return context

 

The return directive applies only inside the topmost context it’s defined in.

A request to /a/test.html will return a 301.

server {
    location /a/ {
        try_files test.html =404;
    }
    return 301 http://example.org;
}