Welcome! Log In Create A New Profile


[PATCH] HTTP: add internal_redirect directive.

Aleksei Bavshin via nginx-devel
November 17, 2022 06:26PM
The directive in question provides direct access to the ngx_http_internal_redirect/ngx_http_named_location APIs, allowing to simplify and optimize several real-life configurations where the modules should be executed multiple times/in a different order/with a different configuration/etc, sometimes based on a condition evaluated during the request processing.
Common examples include passing artifacts of one access module to another (auth_request -> auth_jwt) or deferring the enforcement of pre-access checks (limit_req/limit_conn) after the request is authorized.

Most of that was already achievable with the existing tools, so here is a list of reasons for implementing a dedicated internal_redirect directive:

* It offers a small, single purpose utility which is easier to document or find in the documentation.
We often see configurations using double proxying instead of a redirect, just because the authors weren't aware of the simpler solution and weren't able to find it in the reference; it's not obvious that `try_files` can be used this way, and that's not the main purpose of the directive. The necessary clues are documented, but without highlighting the scenarios in question.
It also may look like an abuse of the directive with some more workarounds on top.

* There is a certain overhead in comparable configurations with the try_files directive: blocking filesystem access, which may introduce noticeable delays[^1], a few allocations and more code in general.

* An ability of conditional execution[^2]. It is common enough with other configuration directives that an empty value means no operation. We can use that to implement the conditions that allow skipping the redirect and proceeding to the content phase handlers.

* We already offer an access to the internal redirect through the njs or perl APIs. The directive allows expressing similar logic as a static configuration.

* The existing directive has some unexpected configuration pitfalls. Case in point, `alias` directive in the same location may result in a prefix being stripped from the redirect target, but only if the parameter contains variables. The behavior may catch some users unaware (#97 and all the duplicates).

[^1]: Which could be partially mitigated with `open_file_cache`. You'll need to read the source or have above average knowledge of the configuration to know that.
[^2]: This can be added to the `try_files` as well, but it will further complicate the code and make already overloaded documentation even worse.

With best regards,

nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org
Subject Author Views Posted

[PATCH] HTTP: add internal_redirect directive. Attachments

Aleksei Bavshin via nginx-devel 486 November 17, 2022 06:26PM

Re: [PATCH] HTTP: add internal_redirect directive.

Maxim Dounin 119 November 17, 2022 11:24PM

RE: [PATCH] HTTP: add internal_redirect directive.

Aleksei Bavshin via nginx-devel 144 November 30, 2022 06:36PM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 112
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready