Welcome! Log In Create A New Profile

Advanced

Help secure my location block

Previous Message Next Message
Forum List Message List New Topic Print View
abhi@littlewiki.in
June 13, 2015 02:36PM
I have files that are served by the backend web app at
|/xxx/File?file=yyy.png|. These files are stored at |/storage/files| on
the server. So, I wrote a location block to serve these files from
storage directly from the web server.

Here is my first take:

|location /xxx/File {
if ($request_method = POST ) {
proxy_pass http://backend;
}

alias /storage/files/;
try_files $arg_file =404;

}
|

The issue is I can do something like |/xxx/File?file=../../etc/foo.bar|
and nginx will serve the foo.bar file for me. So, I switched to this
following:

|location /xxx/File {
if ($request_method = POST ) {
proxy_pass http://backend;
}
if ($arg_file ~ \.\.) { return 403; }
alias /storage/files/$arg_file;

}
|

Can someone point me to any corner cases that can be exploited and what
is the best practice for situations like these?

--
Abhi

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

Help secure my location block

abhi@littlewiki.in June 13, 2015 02:36PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 291
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready