拒绝所有未阻止返回重定向的操作 [英] deny all not preventing return redirection
问题描述
Nginx对我来说表现出乎意料.这是两个简化的位置块.
Nginx is behaving unexpectedly for me. Here are two simplified location blocks.
这按预期工作.返回403错误:
This works as expected. Returns 403 error:
location / {
deny all;
root /var/www/test;
}
我预期会出现403错误.但是,这将返回301并重定向:
I expected a 403 error. However, this returns 301 and redirects:
location / {
deny all;
return 301 https://$server_name$request_uri;
}
如何使用return指令拒绝和阻止任何URL重定向?
How can I deny and prevent any url redirection with return directive?
推荐答案
在nginx中,return指令来自重写模块,而deny来自访问模块.根据 nginx文档和源代码,重写模块在return),访问模块在NGX_HTTP_ACCESS_PHASE阶段进行处理,重写阶段发生在访问阶段之前,因此return停止请求处理并在重写阶段返回301.
In nginx, return directive is from rewrite module, and deny is from access module. According to nginx document and source code, rewrite module is processed in NGX_HTTP_REWRITE_PHASE phase (for return in location context), the access module is processed in NGX_HTTP_ACCESS_PHASE phase, rewrite phase happens before access phase, thus return stops request processing and returns 301 in rewrite phase.
这篇关于拒绝所有未阻止返回重定向的操作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
