我找不到很多关于如何使用 Nginx 管理 cookie 的资源……
我看到两个变量与 cookies 有关,即 $http_cookies 和 $cookie_COOKIENAME。
无论如何,我绝对不知道如何使用 Nginx 读取 cookie。
例如,如果存在具有特殊值的 cookie,我想返回 403,我尝试过这个但似乎不起作用:
if ($cookie_mycookiename = "509fd1e420bba") { return 403; }
也尝试使用 $http_cookie
if ($http_cookie = "509fd1e420bba") { return 403; }
我真的不明白 Nginx 如何处理 cookies……
编辑这是我的完整 Nginx 配置
server {
listen 80;
root /home/minou/vids/;
index index.html index.htm;
#server_name localhost;
location / {
# First attempt to serve request as a file, then
# as directory, then fall back to index.html
try_files $uri $uri/ /index.html;
if ($cookie_fileURI = "6509fd1e420bba") { return 403; }
}
# anti hotlinking
location ~* \.(jpg)$ {
valid_referers none blocked mywebsite.com www.mywebsite.com;
if ($invalid_referer) { return 403; }
}
}
答案1
请注意,if在 中使用location可能无法按预期工作,尤其是与 一起使用时try_files。请参阅:https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
请尝试以下操作:
server {
listen 80;
root /home/minou/vids/;
index index.html index.htm;
#server_name localhost;
if ($cookie_fileURI = "6509fd1e420bba") { return 403; }
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.html
try_files $uri $uri/ /index.html;
}
# anti hotlinking
location ~* \.(jpg)$ {
valid_referers none blocked mywebsite.com www.mywebsite.com;
if ($invalid_referer) { return 403; }
}
}
答案2
使用以下代码:
if ($http_cookie ~* "cookiename=cookievalue") {return 403}