Hello, We detected XSS vulnerability when we use 301 or 302 redirections. How to reproduce? curl -I -k "http://example.com/test'""'>><svg/onload=alert\`ayman\`>" > ayman.html open ayman.html and you will get the popup! I tried the below redirections and it's valid on all cases: - return 301 https://www.exampl.com$request_uri; - rewrite ^/by ayman - Nginx Mailing List - English
Hi, I have upgraded the GD library on the server recompiling nginx again and all is good now. Thanks a lot.by ayman - Nginx Mailing List - English
Hi, When enabling the cache on image filter; nginx workers crash and keep getting 500. I'm using Nginx 1.14.0 error log: 2018/06/11 12:30:49 46105#0: worker process 46705 exited on signal 11 (core dumped) proxy_cache_path /opt/nginx/img-cache/resized levels=1:2 keys_zone=resizedimages:10m max_size=3G; location ~ ^/resize/(\d+)x(\d+)/(.*) { proxy_passby ayman - Nginx Mailing List - English