Igor Sysoev Wrote:
-------------------------------------------------------
> Changes with nginx 0.8.50
> 02 Sep 2010
>
> *) Feature: the "secure_link",
> "secure_link_md5", and
> "secure_link_expires" directives of the
> ngx_http_secure_link_module.
Hello!
While this is a very welcome enhancement to this module I'm having a hard time figuring out its correct usage. It appears (to me) that there's a limitation (bug?) in the base64 decoding.
As a simple test case I use:
location ~ ^/a/(?<key>[0-9a-zA-Z\+/=]+) {
secure_link_md5 "a";
secure_link "$key";
if ($secure_link = "") {
return 501;
}
if ($secure_link != "") {
return 502;
}
}
A request to http://127.0.01:8182/a/DMF1ucDxtqgxw5niaXcmYQ== then returns 502 as expected.
However if I change from:
secure_link_md5 "a";
to:
secure_link_md5 "b";
and place a request to http://127.0.01:8182/a/kutf/uauL+w61xx3dTFXjw==
I receive a 501. I immediately thought is was the / in the base64 encoded data that caused this and tried to URL encode the base64 string but it doesn't seem to work. I also tried using the "URL applications" variant of Base 64 without any success.
What am I missing?
regards
MÃ¥rten Gustafson