Welcome! Log In Create A New Profile

Advanced

Nginx truncate URL GET with # in it (Facebook auth)

Posted by olivierursus 
Forum List Message List New Topic
olivierursus
Nginx truncate URL GET with # in it (Facebook auth)
August 16, 2012 05:29AM
Hi,


i use Facebook authentication in my website.

Facebook produce URL with the following pattern :

https://www.mysite.net/profile.xhtml?state=dfecc191-5eb5-4e08-a514-bc70fdc17611&code=AQBKJ_1VuycE7-DPigKfrAt9BLGQJww-p0RKY_Lta6uDxsaMUgzR98soPiOD6NDZ6kyU-NJUHmpAqEOSCxOKi7UGgh0fJSfC9kyh18FtSbQNJdyNEkkfaNtP9GMC8y25W6fOjyR2fj3OnQQTFDwmm-gckqofvhJsmnPSWgHxaan7uiaz_Wgc5JcdTu2DfzhOjqUQ_QG7X14jWDdq9CUtHuSV#_=_

As you can see facebook add "#_=_" at the end of code parameter value.

Now, if you try to build any kind of URL GET with a # in it, NGINX will stop to parse the request when it encountered #.

For instance : http://www.mysite.net/index.html?value1=jo#hn&value2=doe

Gives the following log :

- - [16/Aug/2012:11:25:33 +0200] "GET /index.html?value1=jo HTTP/1.1" 200 4976 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.79 Safari/537.1"

Nginx stops to parse the request !

Any idea ?

It's bit critical with facesbook but maybe i can add #_=_ to my parameter value from my java servlet ...

Thanks.
Reply Quote
olivierursus
Re: Nginx truncate URL GET with # in it (Facebook auth)
August 16, 2012 08:46AM
I forget to tell i use nginx 1.2.3

Thanks.
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 128
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready