Hi,
i use Facebook authentication in my website.
Facebook produce URL with the following pattern :
https://www.mysite.net/profile.xhtml?state=dfecc191-5eb5-4e08-a514-bc70fdc17611&code=AQBKJ_1VuycE7-DPigKfrAt9BLGQJww-p0RKY_Lta6uDxsaMUgzR98soPiOD6NDZ6kyU-NJUHmpAqEOSCxOKi7UGgh0fJSfC9kyh18FtSbQNJdyNEkkfaNtP9GMC8y25W6fOjyR2fj3OnQQTFDwmm-gckqofvhJsmnPSWgHxaan7uiaz_Wgc5JcdTu2DfzhOjqUQ_QG7X14jWDdq9CUtHuSV#_=_
As you can see facebook add "#_=_" at the end of code parameter value.
Now, if you try to build any kind of URL GET with a # in it, NGINX will stop to parse the request when it encountered #.
For instance : http://www.mysite.net/index.html?value1=jo#hn&value2=doe
Gives the following log :
- - [16/Aug/2012:11:25:33 +0200] "GET /index.html?value1=jo HTTP/1.1" 200 4976 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.79 Safari/537.1"
Nginx stops to parse the request !
Any idea ?
It's bit critical with facesbook but maybe i can add #_=_ to my parameter value from my java servlet ...
Thanks.