Welcome! Log In Create A New Profile

Advanced

Re: nginx-0.8.50

September 08, 2010 08:30AM
Igor Sysoev Wrote:
-------------------------------------------------------
> Changes with nginx 0.8.50
> 02 Sep 2010
>
> *) Feature: the "secure_link",
> "secure_link_md5", and
> "secure_link_expires" directives of the
> ngx_http_secure_link_module.

Hello!

While this is a very welcome enhancement to this module I'm having a hard time figuring out its correct usage. It appears (to me) that there's a limitation (bug?) in the base64 decoding.

As a simple test case I use:

location ~ ^/a/(?<key>[0-9a-zA-Z\+/=]+) {
secure_link_md5 "a";
secure_link "$key";
if ($secure_link = "") {
return 501;
}
if ($secure_link != "") {
return 502;
}
}

A request to http://127.0.01:8182/a/DMF1ucDxtqgxw5niaXcmYQ== then returns 502 as expected.

However if I change from:
secure_link_md5 "a";
to:
secure_link_md5 "b";
and place a request to http://127.0.01:8182/a/kutf/uauL+w61xx3dTFXjw==
I receive a 501. I immediately thought is was the / in the base64 encoded data that caused this and tried to URL encode the base64 string but it doesn't seem to work. I also tried using the "URL applications" variant of Base 64 without any success.

What am I missing?



regards
MÃ¥rten Gustafson
Subject Author Posted

nginx-0.8.50

Igor Sysoev September 02, 2010 11:08AM

Re: nginx-0.8.50

Reinis Rozitis September 02, 2010 11:36AM

Re: nginx-0.8.50

Igor Sysoev September 02, 2010 11:56AM

Re: nginx-0.8.50

Igor Sysoev September 02, 2010 02:46PM

Re: nginx-0.8.50

aqjh September 02, 2010 09:16PM

Re: nginx-0.8.50

chids September 08, 2010 08:30AM

Re: nginx-0.8.50

chids September 08, 2010 09:42AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 71
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready