Welcome! Log In Create A New Profile

Re: Best way to only allow specific file extensions?

Forum List Message List New Topic Print View

Nick Pearson

March 08, 2010 11:24PM

Looks like your regex is still wrong. At the beginning, this:

^(\/|\.html|\.jpg [...]

is saying:

[beginning of URI] then [/ OR .html OR .jpg ...]

I think what you meant was for the first slash to be outside the parens:

^\/(\.html|...

However, I think what you really want is to get rid of the ^ and the
leading slash altogether, and just focus on how the URI ends:

(\.html|\.jpg|\.php|\.png|\.css|\.ico|\.js|\.swf|\.gif|robots\.txt)$

Otherwise, your regex will only match things like "/.html" and
"/.jpg". The only one that would work with the ^ and leading slash is
"/robots.txt".

Nick

On Mon, Mar 8, 2010 at 3:57 PM, David Taveras <d3taveras38d3@gmail.com> wrote:
> Hello Cliff,
>
> I tried your suiggestion however at the end it is allowing any file
> extension and it is still letting in unrecognized extensions.
>
> Thanks
>
> David
>
>
> On Mon, Mar 8, 2010 at 4:01 PM, Cliff Wells <cliff@develix.com> wrote:
>> On Mon, 2010-03-08 at 15:39 -0500, David Taveras wrote:
>>> Hello,
>>>
>>> Iam running a reverse proxy and I would like only to relay certain
>>> type of extensions to the backend.. (and ofcourse any directory)
>>>
>>> location / {
>>> proxy_pass http://www.domain.org:80/;
>>> proxy_pass_header Set-Cookie;
>>> proxy_set_header X-Real-IP $remote_addr;
>>>
>>> }
>>>
>>> ## Only allow these file types to document root
>>> location / {
>>> if ($request_uri ~*
>>> (^\/|\.html|\.jpg|\.php|\.png|\.css|\.ico|\.js|\.swf|\.gif|robots\.txt)$
>>> ) {
>>> break;
>>> }
>>> return 444;
>>> }
>>
>> You can use regular expressions in the location, no need for separate
>> "if":
>>
>> location ~ ^(\/|\.html|\.jpg|\.php|\.png|\.css|\.ico|\.js|\.swf|\.gif|robots\.txt)$ {
>> return 444;
>> }
>>
>> Also, double-check your regex. It looks like you've misplaced your
>> parens in the original, you have (^...)$ and it should be ^(...)$.
>>
>> Regards,
>> Cliff
>>
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://nginx.org/mailman/listinfo/nginx
>>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx
>

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Best way to only allow specific file extensions?	David Taveras	March 08, 2010 03:46PM
Re: Best way to only allow specific file extensions?	David Taveras	March 08, 2010 03:48PM
Re: Best way to only allow specific file extensions?	Cliff Wells	March 08, 2010 04:06PM
Re: Best way to only allow specific file extensions?	David Taveras	March 08, 2010 05:00PM
Re: Best way to only allow specific file extensions?	Nick Pearson	March 08, 2010 11:24PM
Re: Best way to only allow specific file extensions?	Cliff Wells	March 09, 2010 12:42AM
Re: Best way to only allow specific file extensions?	Cliff Wells	March 09, 2010 12:48AM
Re: Best way to only allow specific file extensions?	Igor Sysoev	March 09, 2010 02:42AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 122

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018