Opened 4 years ago

Closed 4 years ago

#1224 closed defect (invalid)

Wildcard in server_name

Reported by: gnought@… Owned by:
Priority: major Milestone:
Component: nginx-core Version: 1.10.x
Keywords: wildcard, server_name Cc:
uname -a: Linux gnought-vm 4.9.13-muqss-xanmod19 #1 SMP Mon Feb 27 20:17:36 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.10.2
built by gcc 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4)
built with OpenSSL 1.0.2g 1 Mar 2016
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --without-http_memcached_module --with-http_realip_module --with-http_ssl_module --with-http_gunzip_module --with-http_stub_status_module --add-module=/usr/local/nginx_extra_module/ngx_http_consistent_hash-master --add-module=/usr/local/nginx_extra_module/ngx_http_dyups_module-master --add-module=/usr/local/nginx_extra_module/ngx_http_enhanced_memcached_module-master --add-module=/usr/local/nginx_extra_module/ngx_upstream_jdomain-master --add-module=/usr/local/nginx_extra_module/memc-nginx-module-master --add-module=/usr/local/nginx_extra_module/srcache-nginx-module-master --add-module=/usr/local/nginx_extra_module/headers-more-nginx-module-master

Description

The following nginx config is regarded as invalid via { nginx -t }. However the config will become valid if removing the 2nd server block.
Is the "xxx*abc.com" be valid in nginx conf?

pid nginx.pid;
events {}
http {  
  access_log off;
  server {
    server_name xxx*abc.com;
    location = /abc { return 200; }
  }
  ## START: Remove the following server block will make nginx valid ##
  server {
    server_name abc.com;
    location = /abc { return 200; }
  }
  ## END ##
}

Change History (1)

comment:1 by Maxim Dounin, 4 years ago

Resolution: invalid
Status: newclosed

Wildcards are only allowed as the first or the last part of the name, see docs. With only one server block names are not checked at all, hence the configuration with only one server is accepted.

If you want to do complex checks on names, consider using regular expressions instead.

Note: See TracTickets for help on using tickets.