Opened 11 months ago
Last modified 11 months ago
#2518 closed defect
if in location with regex capture will reset numeric variable like $1 from captured group but not for named capture group — at Initial Version
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.25.x |
| Keywords: | Cc: | ||
| uname -a: | Linux azure 5.15.0-67-generic #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.25.1
built by gcc 11.2.0 (Ubuntu 11.2.0-19ubuntu1) built with OpenSSL 3.0.2 15 Mar 2022 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-http_v3_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -ffile-prefix-map=/data/builder/debuild/nginx-1.25.1/debian/debuild-base/nginx-1.25.1=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -flto=auto -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' |
||
Description
This works:
location ~ /uploads/(?<filePath>.*)$ { if ($http_referer !~ "^https:example.com") { return 403; } more_set_headers 'X-Path: $1' 'X-Path2: $filePath' 'X-Referer: $http_referer'; try_files $uri altUploads/$filePath ../otherUploads/$filePath =404; }
and this won't:
location ~ /uploads/(.*)$ { if ($http_referer !~ "^https://example.com") { return 403; } more_set_headers 'X-Path: $1' 'X-Referer: $http_referer'; try_files $uri altUploads/$1 ../otherUploads/$1 =404; }
The X-Path header doesn't exist in the response header when requesting the latter one.
If we remove the whole if block both variable and headers will be appeared in the response.
location ~ /uploads/(.*)$ { more_set_headers 'X-Path: $1' 'X-Referer: $http_referer'; try_files $uri altUploads/$1 ../otherUploads/$1 =404; }
Note:
See TracTickets
for help on using tickets.
