Nginx 不会将 POST 发送到 FastCGI 后端,但 GET 可以正常工作?

tag-icon tag-icon nginx http fastcgi mercurial
Nginx 不会将 POST 发送到 FastCGI 后端,但 GET 可以正常工作?

不知道为什么,但它很乐意向 FastCGI 后端(在本例中为 Mercurial hgwebdir)发送 GET,但如果请求是 POST,则只需求助于文件系统。

相关部分nginx.conf

    location / {
        root /var/www/htdocs/;
        index index.html;
        autoindex on;
    }

    location /hg {
        fastcgi_pass unix:/var/run/hg-fastcgi.socket;
        include fastcgi_params;

        if ($request_uri ~ ^/hg([^?#]*)) {
            set $rewritten_uri $1;
        }

        limit_except GET {
            allow all;
            deny all;

            auth_basic "hg secured repos";
            auth_basic_user_file /var/trac.htpasswd;
        }

        fastcgi_param SCRIPT_NAME "/hg";
        fastcgi_param PATH_INFO $rewritten_uri;

        # for authentication
        fastcgi_param AUTH_USER $remote_user;
        fastcgi_param REMOTE_USER $remote_user;

        #fastcgi_pass_header Authorization;
        #fastcgi_intercept_errors on;
    }

GET 工作正常,但 POST 会将此错误传递到 error_log:

2010/05/17 14:12:27 [error] 18736#0: *1601 open() "/usr/html/hg/test" failed (2: No such file or directory), client: XX.XX.XX.XX, server: domain.com, request: "POST /hg/test HTTP/1.1", host: "domain.com"

可能是什么问题?我试图允许通过 GET 对该页面进行只读访问,但在使用hg push发送 POST 请求的相同 URL 时需要授权。

答案1

这是 nginx 的一个错误,已在0.8.48

顺便说一句,您必须使用fastcgi_split_path_info因为if无法正确触发limit_except

因此,最后类似这样的事情应该对你有用:

location /hg {
    fastcgi_pass unix:/var/run/hg-fastcgi.socket;
    include fastcgi_params;

    limit_except GET HEAD {
        auth_basic "hg secured repos";
        auth_basic_user_file /var/trac.htpasswd;
    }

    fastcgi_split_path_info ^(/hg)(.*)$;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;

    # for authentication
    fastcgi_param AUTH_USER $remote_user;
    fastcgi_param REMOTE_USER $remote_user;
}

答案2

如果有人陷入了我所陷入的困境,下面就是我摆脱困境的方法:

    location /hg {
        fastcgi_pass unix:/var/run/hg-fastcgi.socket;
        include fastcgi_params;

        if ($request_uri ~ ^/hg([^?#]*)) {
            set $rewritten_uri $1;
        }
        rewrite ^/hg$ /hg/ redirect;

        fastcgi_param SCRIPT_NAME "/hg";
        fastcgi_param PATH_INFO $rewritten_uri;

        # for authentication
        fastcgi_param AUTH_USER $remote_user;
        fastcgi_param REMOTE_USER $remote_user;

        fastcgi_intercept_errors on;
        error_page 401 = @hgauth;
    }

    location @hgauth {
        fastcgi_pass unix:/var/run/hg-fastcgi.socket;
        include fastcgi_params;

        if ($request_uri ~ ^/hg([^?#]*)) {
            set $rewritten_uri $1;
        }   
        auth_basic "hg secured repos";
        auth_basic_user_file /var/trac.htpasswd;

        fastcgi_param SCRIPT_NAME "/hg";
        fastcgi_param PATH_INFO $rewritten_uri;

        # for authentication
        fastcgi_param AUTH_USER $remote_user;
        fastcgi_param REMOTE_USER $remote_user;
    }

重要的部分是fastcgi_intercept_errors on;error_page 401 = @hgauth;和 使用location @hgauth {。我不确定是否有其他方法可以做到这一点。如果这个答案有帮助,请告诉我!

相关内容