Welcome! Log In Create A New Profile

Advanced

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

October 04, 2019 03:36PM
Dear Francis:

Thank you again for your help!

I apologize. Perhaps, I should have started with what I want to accomplish with the configuration.
I want the server to lowercased every URI except the ones that begins with any of the following
paths:

/api/
/contentAsset/
/categoriesServlet/
/DotAjaxDirector/
/html/
/dwr/
/dA/
/JsonTag/

Most of the above paths belong to a protected area that requires the user to login with an id and a password.

So for example, if the server receives a request for https://example.com/API/ or https://example.com/contentAsset/
or https://example.com/DotAjaxDirector/ it should leave them intact. This is not happening in certain
instances

For anything else, it should lowercase any other uri.


Now, to answer your questions:

Your Question # 1
-----
then the requests for /dwr/interface/CategoryAjax.js,
/dwr/interface/HostAjax.js, and /html/images/languages/gh_TW.gif are
served from the first location, not the second.

So - I'm not seeing what you are reporting.

When you do a "curl -i" for /dwr/interface/CategoryAjax.js, what response
do you get?

HTTP 200, HTTP 301, something else?
---

Answer to Your Question:

I get a 401 error not authorized if I use curl. But if I go and log in the restricted area via a web browser and viewed the page with the inspertor's
developer tool I no longer see some of the error on the console. This is probably because I was getting
the errors from cache? I cleared the cache this morning so I stopped seeing some errors. I still see a:
Failed to load resource:the server responded with a status of 404() to the following urls:
example.com/jsontags
example.comcategoriesservlet

The errors are being generated because nginx is lowercasing JsonTags and CategoriesServlet.

If I do a curl:

curl -i http://example.com/JsonTags
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 04 Oct 2019 19:21:32 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://example.com/jsontags

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

curl -i http://example.com/CategoriesServlet
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 04 Oct 2019 19:23:56 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://example.com/categoriesservlet

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>



For URIs outside of the restricted areas:

If I write http://example.com/API/ or http://example.com/API they are lowercased, they should not be lowercase because it
should be served by location #1 which makes the path case insensitive with the "~".

curl -i http://example.com/API/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 04 Oct 2019 19:24:56 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://example.com/api/

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>



However, the url http://example.com/contentAsset is not lowercased and this uri is outside of the restricted area.

curl -I http://example.com/contentAsset/image/ctfgs9b9b-fdcb-4a4a-807d-123x896fb0/fileAsset/filter/Resize,Jpeg/resize_w/1000/Jpeg_q/.8
HTTP/1.1 200
Server: nginx
Date: Fri, 04 Oct 2019 19:27:10 GMT
Content-Type: image/jpeg
Content-Length: 83580
Connection: keep-alive
Content-Disposition: inline; filename="scarlet-macaw-ara-macao.jpg"
Expires: Sat, 03 Oct 2020 19:27:10 +0000
Cache-Control: public, max-age=31536000
Last-Modified: Sat, 28 Sep 2019 17:49:34 +0000
ETag: dot:ctfgs9b9b-fdcb-4a4a-807d-123x896fb0:1569692974000:83580
Accept-Ranges: bytes


I also get this error: WebSocket connection to 'ws://example.com/api/ws/v1/system/events' failed: Unexpected response code: 200. This I have been told
that I have to set the proxy pass to localhost rather than IP in order to work it properly. I have not tested it yet.

Below is the current configuration for your consideration. Any ideas what I could be doing wrong?




# SERVER DEFINITIONS
##BETA EXAMPLE HTTP SERVER CONFIGURATION START
server {

listen 80;

server_name example.com;

## URL REWRITE FUNCTION THAT LOWERCASES ALL URIS
## START
## THIS IS OUTSIDE OF THE SERVER DEFINITION IN THE HTTP BLOCK - I PUT IT HERE SO YOU CAN SEE IT

perl_set $my_uri_to_lowercase 'sub {
my $r = shift;
my $uri = $r->uri;
$uri = lc($uri);
return $uri;
}';
## URL REWRITE FUNCTION THAT LOWERCASES ALL URIS
## END

##Trailing Slash in URLContent
## It doest not work on http://beta.example.com/real-estate/properties
#rewrite ^/(.*)/(.*)/$ /$1/$2 permanent;



## LOCATION #1
## THIS LOCATION WILL PREVENT LOWERCASING IN ANY URI THAT BEGINS WITH /API/WHATEVER , /CONTENTASSET/WHATEVER, ETC.
## ~ MAKES IT CASEINSENSITIVE SO EITHER /api/ or /API/ will not be lowercased
## ^ MAKES IT MATCH WITH THE BEGINING OF THE "/" AND THE PATH WE DO NOT WANT TO LOWERCASE
## I ADDED THE proxy_pass as observation of David Francis on Nginx Forum
## IF URI MATCHES THIS LOCATION THEN IT WILL STOP SEARCHING FOR OTHER LOCATION MATCHES

location ~ ^/(api|contentAsset|categoriesServlet|DotAjaxDirector|html|dwr|dA|JsonTags)/ {
proxy_pass http://xxx.xx.xx.xxx:IIII;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_redirect off;

}
## LOCATION #2
## THIS LOCATION WILL LOWERCASE ANYTHING THAT HAS UPPCASE LETTERS
## EXCEPT THE PATHS STATED ON LOCATION #1
location ~ [A-Z] {

return 301 $scheme://$host$my_uri_to_lowercase;

proxy_pass http://xxx.xx.xx.xxx:IIII;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_redirect off;
}

## LOCATION #3
## THIS LOCATION IS THE DEFAULT LOCATION
location / {
proxy_pass http://xxx.xx.xx.xxx:IIII;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_redirect off;

}


}
##BETA EXAMPLE HTTP SERVER CONFIGURATION END
Subject Author Posted

Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Alex Med October 03, 2019 11:36AM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Francis Daly October 03, 2019 11:56AM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Alex Med October 03, 2019 12:21PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Alex Med October 03, 2019 01:03PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Francis Daly October 03, 2019 01:38PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Francis Daly October 03, 2019 03:06PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Alex Med October 04, 2019 03:36PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Francis Daly October 04, 2019 04:52PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Alex Med October 05, 2019 12:41PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Alex Med October 05, 2019 12:50PM

Re: Nginx Reverse Proxy Lowercase URL and some exceptions to the URL

Francis Daly October 06, 2019 07:16AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 72
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready