#757 closed defect (invalid)
map fails to match hostnames values - possibly following proxy_pass
| Reported by: | Steeve Knight | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-module | Version: | 1.7.x |
| Keywords: | map | Cc: | |
| uname -a: | Linux <drop-name> 3.16.0-28-generic #37-Ubuntu SMP Mon Dec 8 17:15:28 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: | 0.91-ubuntu1 | ||
Description
The following map sets up a value for my Access-Control-Allow-Origin
map $http_origin $corsHost {
default '-missed-me-ha-ha-';
hostnames;
.mastersite.com $http_origin;
#this never works
.minorsite.org $http_origin;
#this works fine
https://minorsite.org $http_origin;
}
Any of whatever.mastersite.com and minorsite.org proxy to mastersite.com via proxy_pass.
whatever.mastersite.com and minorsite.org then may make requests (usualy async) directly to mastersite.com.
whatever.mastersite.com Requests to mastersite.com work just fine and $corsHost is set properly
minorsite.org Requests to mastersite.com always fail and $corsHost is set to default.
Workaround is as above, avoiding the hostname combo and using the full request Origin string.
Change History (3)
comment:1 by , 9 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
comment:2 by , 9 years ago
Nope - sorry, you missed it, and in fact the added comment will likely just inject confusion.
<quote>The .minorsite.org is expected to match minorsite.org and foo.minorsite.org</quote>
I'm telling the above DOES NOT MATCH.
Further, removing the #this works fine pair, and $http_origin being a fully qualified URL, https://minorsite.org NEVER MATCHES the hostname .minorsite.org, however if I change the default to $http_origin and test, https://minorsite.org in fact is returned into $corsHost, so I have thereby verified the test string. It fails where it should be matching.
comment:3 by , 9 years ago
Again: URLs and hostnames are different things. And https://minorsite.org is not a hostname. When parsed as a hostname, it's more like notminorsite.org, and it's _not_ expected to be matched. Try with minorsite.org instead (without the https:// prefix), it will be matched.
The
mapwith hostnames is to match hostnames, not URLs. The.minorsite.orgis expected to matchminorsite.organdfoo.minorsite.org, but nothttps://minorsite.org- as it's know nothing abouthttps://being special and doesn't know howhttps://minorsite.orgis different fromnotreallyminorsite.org.See docs more details.