If you don't like 301 redirects because permanent caching — can't blame you
there, as I'm in same boat — an easier way would be to simply use what I
call the exception handling mechanism of nginx to change all 301 replies to
302, and you don't need any patches to perform such a change, as a simple
# HG changeset patch
# User Blake Williams
# Date 1567294312 -36000
# Sun Sep 01 09:31:52 2019 +1000
# Node ID 9cdf1baf51d3b2ae8fb0d80d10148ba9605d1799
# Parent 44ce08f5259f034c102b7f99b37c423de848c75a
Tests: added slash_redirect_temporary
diff -r 44ce08f5259f -r 9cdf1baf51d3 http_slash_red
Hello!
We ran into an issue where with the permanent redirects in
ngx_http_static_module.c that occur when you omit a slash when requesting a
folder, for example from "/foo" to the folder "/foo/". We changed some things
around in our site so that "/foo" was actually a file, not a folder, but
u
On 08/31, Francis Daly wrote:
> On Sat, Aug 31, 2019 at 09:10:09AM -0500, J. Lewis Muir wrote:
> > On 08/31, Francis Daly wrote:
>
> Hi there,
>
> > > * starts with /my-app/current/ -> reject
> > > * starts with /my-app/releases/ -> reject
>
> Actually -- those two "rejects" should not be need
On Sat, Aug 31, 2019 at 09:10:09AM -0500, J. Lewis Muir wrote:
> On 08/31, Francis Daly wrote:
Hi there,
> > * starts with /my-app/current/ -> reject
> > * starts with /my-app/releases/ -> reject
Actually -- those two "rejects" should not be needed.
The app probably should not be installed in
Nginx does detect these traversal attacks. They come up as a 400 error. I got
two yesterday. But out of paranoia, I wouldn't leave the web root. There is
always some zero day.
That traversal attack was from some new to me Hong Kong hosting company and
earned a place on my firewall block. Blocki
Hung Nguyen: No, it’s browser limitation
You're right, this is a browser limitation
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,285362,285494#msg-285494
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/n
On 08/30, Ian Hobson wrote:
> Hi Lewis,
>
> On 30/08/19 18:33, J. Lewis Muir wrote:
> > Hello!
> >
> > I'm using nginx 1.12.2 on RHEL 7, and I've got a FastCGI web app that
> > uses a deployment structure which uses an atomic symlink change for an
> > atomic app deploy, and I'm wishing to be able
On 08/31, Francis Daly wrote:
> On Sat, Aug 31, 2019 at 12:21:40AM +0100, Francis Daly wrote:
>
> Hi there,
>
> A few further thoughts here...
>
> > It sounds like your desires are for requests:
> >
> > * starts with /my-app/current/ -> reject
> > * starts with /my-app/releases/ -> reject
> >
Hi Mark,
On 30/08/19 22:23, lists wrote:
I've been following this thread not really out of need but rather that it is really
interesting. That said, I don't think for security you want to "escape" the web
root. The risk is that might aid a traversal attack.
I am curious to know how this migh
On 08/31, Francis Daly wrote:
> On Fri, Aug 30, 2019 at 04:59:36PM -0500, J. Lewis Muir wrote:
>
> Hi there,
>
> > I was wishing for a way to specify a new root but with a modified
> > request URI. So, I tried the alias directive, and I assumed that
> > $document_root and $realpath_root would re
On Sat, Aug 31, 2019 at 12:21:40AM +0100, Francis Daly wrote:
Hi there,
A few further thoughts here...
> It sounds like your desires are for requests:
>
> * starts with /my-app/current/ -> reject
> * starts with /my-app/releases/ -> reject
> * matches /my-app/something.php, or /myapp/somethi
12 matches
Mail list logo
