Welcome! Log In Create A New Profile

Advanced

Re: I want help...

Previous Message Next Message
Forum List Message List New Topic Print View
Thomas Joseph
December 14, 2012 03:20PM
Hello all,

Want to share what I came up with.

See, I have 3 key strings , say abc, pqr and xyz.

And a valid submission will be https://x.y.com/?abc=1.2.3.4&pqr=asdf&xyz=123888598

abc is numeric, with . in between, and ending in digit(s), think of a uuid like 2.16.840.1.113883

pqr is only alpha, but has 2 choices, asdf or lkjh

xyz is purely numeric

I do not use this for anything other than reverse proxy, if the pattern matches.

Here is what I come up with:

location / {
....
....
if ($args ~ ^((abc=(\d+\.)+(\d+))\&(pqr=(asdf|lkjh))\&(xyz=\d+))$){
proxy_pass http://127.0.0.1:890/?$1;
}

Still I can not limit the repetition, like (abc=(\d{3,10})). Seems nginx, does not support {}. Is that true ? 
Provided that I can predict if there can not be more than 64 characters for abc how do I do it ?

And what about "if is evil"

Does that make sense in 1.2.6 too ??

Tell me I am wrong !!

Thanks all.

tjoseph.

________________________________
From: Thomas Joseph <tjoseph1@ymail.com>
To: "nginx@nginx.org" <nginx@nginx.org>
Sent: Tuesday, 11 December 2012 12:57 AM
Subject: Re: I want help...


Did I tell that I am looking into a reverse proxy situation ? No.

My mistake. I want to have a reverse proxy, that would filter the incoming
and pass-on/reject  upon the rules.

[SSL enabled web-client]=>[NGINX]=>{filtering]=>[My own custom built HTTP application]
[SSL enabled web-client]<=[NGINX]<=[My own custom built HTTP application] 


Thanks,

tjoseph.

________________________________
From: Thomas Joseph <tjoseph1@ymail.com>
To: "nginx@nginx.org" <nginx@nginx.org>
Sent: Tuesday, 11 December 2012 12:26 AM
Subject: I want help...


Hello all,

What is the best way to block un-expected submissions?

For example, I have this puzzle:
 ((aaa=(\d{1,8}\.)+(\d{1,8}))\&(bbb=\w{10,30})\&(ccc=\d{1,10}))


aaa is uuid, bbb is alphanumric, ccc is just numeric.

I want to have nginx validating this regex, and one more, if someone craft
(ddd=xyz) in the submission url, it has to FAIL.

Pls, comments are welcome.

tjoseph.


_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx


_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

I want help...

Thomas Joseph December 10, 2012 01:58PM

Re: I want help...

Thomas Joseph December 10, 2012 02:30PM

Re: I want help...

Thomas Joseph December 14, 2012 03:20PM

Re: I want help...

Francis Daly December 14, 2012 03:52PM

Re: I want help...

Thomas Joseph December 14, 2012 05:00PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 233
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready