匹配并使用nginx从URI路径重定向“http://”(双斜杠)
[英]match and redirect “http://” (double slash) from URI path with nginx
问题描述
I want nginx return ' http://example.com ' with request url ' http://mydomain/url=http://example.com ' use conf blow, but it give me 'http:/xxx.com'. 
我希望nginx返回' http://example.com '请求url'http :// mydomain / url = http://example.com '使用conf blow,但它会给我'http:/xxx.com'。
what's wrong, can someone give some help! 怎么了,有人可以帮忙! thanks. 谢谢。
this is my nginx conf 这是我的nginx conf
location ~ url=(.*)$ {
return 301 $1;
}
1 个解决方案
解决方案1
0 已采纳 2016-07-04 17:40:45
In addition to the suggestion of Alexey Ten to use http://nginx.org/r/merge_slashes , which indeed may cause security issues, you can also use the following, which is probably a better approach anyways (if you are aleady set at the URL structure, that is): 除了Alexey Ten使用http://nginx.org/r/merge_slashes的建议,这确实可能会导致安全问题,你也可以使用以下,这可能是一个更好的方法(如果你已经设置为URL结构,即:):
location /url= {
if ($request_uri ~ ^/url=(.*)$) {
return 301 $1;
}
return 403;
}
Another option would be: 另一种选择是:
location /url=http:/ {
rewrite ^/url=http:/(.*)$ http://$1;
}
BTW, I would avoid using regular expressions in top-level locations, as it's generally less efficient than using the approaches above, but you can basically do the same thing with your approach as well. 顺便说一下,我会避免在顶级位置使用正则表达式,因为它通常比使用上述方法效率低,但你基本上也可以用你的方法做同样的事情。
Note, however, that in any case, unconditionally redirecting users to a user-supplied string may itself make your site vulnerable to certain attacks. 但请注意,无论如何,无条件地将用户重定向到用户提供的字符串本身可能会使您的站点容易受到某些攻击。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.