Opened 22 months ago
Closed 22 months ago
#2453 closed defect (wontfix)
Variables in different contexts are mixed together
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.23.x |
| Keywords: | Cc: | ||
| uname -a: | Linux 0b8f251ef7a8 4.18.0-448.el8.x86_64 #1 SMP Wed Jan 18 15:02:46 UTC 2023 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.23.3
built by gcc 10.2.1 20210110 (Debian 10.2.1-6) built with OpenSSL 1.1.1n 15 Mar 2022 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -ffile-prefix-map=/data/builder/debuild/nginx-1.23.3/debian/debuild-base/nginx-1.23.3=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' |
||
Description (last modified by )
Variables in different contexts are mixed together for the syntax-check.
Reproduceable with the nginx-Docker image:
docker run -it --rm nginx:latest /bin/bash
- Incorrect config with missing variable
# cat <<EOT > /etc/nginx/conf.d/server1.conf server { listen 80; server_name server1; rewrite /helloworld https://www.example.com/\$target; } EOT # nginx -t nginx: [emerg] unknown "target" variable nginx: configuration file /etc/nginx/nginx.conf test failed
Expected error-message because variable target is not set.
- Correct config with same variable set
# cat <<EOT > /etc/nginx/conf.d/server2.conf server { listen 80; server_name server2; set \$target bar; rewrite /foo https://www.example.com/\$target; } EOT # nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Unexpectedly no error-message for server1.conf + server2.conf together, because the variable set in server2.conf is wrongly used also for server1.conf
Note: A request to server1/helloworld correctly redirects to www.example.com/ (and not www.example.com/bar)
Change History (2)
comment:1 by , 22 months ago
| Description: | modified (diff) |
|---|
comment:2 by , 22 months ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
Variables are global, and a variable defined anywhere in the http module is therefore known to nginx and won't produce errors during configuration parsing. For example, such variables can be used in various global entities, such as during logging defined at the http level. Similarly, variables defined at the http level, such as with map, can be used anywhere.
While this approach is unable to catch configuration errors like the one in your example during configuration parsing, it makes it possible to keep the code clean and simple.
To simplify catching of such configuration errors, nginx instead provides a runtime warning by default if a variable from the http rewrite module (created with
set) is used but not set in the particular request handling path, see uninitialized_variable_warn.