从 nginx 向 squid 发送请求时以斜线开头

从 nginx 向 squid 发送请求时以斜线开头

我遇到了一个奇怪的情况。我想加载一个位于 Nginx 后面的网页。因此我将网页请求代理传递给squid以下代码片段所示:

            location /about-me/yellow {
                    proxy_pass http://@squid/http://my-site.example.com/?nu=1&l=2;
                    proxy_set_header Host $host;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header X-Forwarded-Proto $scheme;
                    proxy_set_header Request-URI $request_uri;
                    proxy_redirect off;
            }

当 URL/about-me/yellow被点击时,请求被转发到,squid但收到的请求是/http://my-site.example.com/?nu=1&l=2带有前斜杠的 ie。为什么会发生这种情况?我得到的错误是INVALID_URI。我遗漏了什么?这是我的完整 Nginx 配置。

   upstream @squid {
     server x.x.x.x:3128;
   }

    server {
            root /public/; ## <-- Your only path reference.
            index index.php;
            server_name preprod.mygov.in;
            listen 83;
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Content-Type-Options nosniff;
            add_header Strict-Transport-Security "max-age=31536000; includeSubDomains;preload";
            add_header 'Referrer-Policy' 'no-referrer-when-downgrade';
            add_header X-Frame-Options "SAMEORIGIN";
            add_header Content-Security-Policy upgrade-insecure-requests;
            ### Disable HTTP Methods
            if ($request_method !~ ^(GET|HEAD|POST)$ )
            {
            return 405;
            }

            # Enable compression, this will help if you have for instance advagg module
            # by serving Gzip versions of the files.
            gzip_static on;

            location ~ ^/s3/files/styles/ {
                    try_files $uri @rewrite;
            }

            location = /favicon.ico {
                    log_not_found off;
                    access_log off;
            }

            location = /robots.txt {
                    allow all;
                    log_not_found off;
                    access_log off;
            }


            location ~* \.(txt|log)$ {
                    allow 10.0.0.0/8;
                    deny all;
            }
            location ~* ^.+(\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)|code-style\.pl|/Entries.*|/Repository|/Root|/Tag|/Template)$ {
                    deny all;
            }

            location ~ \..*/.*\.php$ {
                    return 403;
            }

            location ~ ^/sites/(.+)\.(phtml|pl|py|jsp|asp|aspx|shtml|htm|sh|cgi|exe) {
                    deny all;
            }

            location ~ ^/sites/(.+)\.php$ {
                    deny all;
            }

            # No no for private
            location ~ ^/sites/.*/private/ {
                    return 403;
            }

            # Block access to "hidden" files and directories whose names begin with a
            # period. This includes directories used by version control systems such
            # as Subversion or Git to store control files.
            location ~ (^|/)\. {
                    return 403;
            }

            location / {
                    # This is cool because no php is touched for static content
                    try_files $uri @rewrite;
            }

            
            location ~ ^/s3/files/styles/ {
                    try_files $uri @rewrite;
            }


            location @rewrite {
                    # You have 2 options here
                    # For D7 and above:
                    # Clean URLs are handled in drupal_environment_initialize().
                    rewrite ^ /index.php;
                    # For Drupal 6 and bwlow:
                    # Some modules enforce no slash (/) at the end of the URL
                    # Else this rewrite block wouldn't be needed (GlobalRedirect)
                    #rewrite ^/(.*)$ /index.php?q=$1;
            }

            fastcgi_connect_timeout 200;
            fastcgi_send_timeout 200;
            fastcgi_read_timeout 200;
            location ~ \.php$ {
                    fastcgi_split_path_info ^(.+\.php)(/.+)$;
                    # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                    include fastcgi_params;
                    fastcgi_param SCRIPT_FILENAME $request_filename;
                    #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    fastcgi_intercept_errors on;
                    #fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
                    fastcgi_pass 127.0.0.1:9000;
            }


            location ~ ^/sites/.*/files/styles/ {
                    try_files $uri @rewrite;
            }

            location ~* \.(css|png|jpg|jpeg|gif|ico)$ {
                    expires max;
                    log_not_found off;
            }

            location ~* \.(js|json)$ {
                    expires 1d;
                    log_not_found off;
            }

            location ~* \.(svg|woff|woff2)$ {
                    expires 30d;
                    log_not_found off;
            }

            location ~* \.(eot|ttf|woff|woff2)$ {

                    add_header Access-Control-Allow-Origin *;

            }    

            location /about-me/yellow {
                    proxy_pass http://@squid/http://my-site.example.com/?wid=675&lang=bn;
                    proxy_set_header Host $host;
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header X-Forwarded-Proto $scheme;
                    proxy_set_header Request-URI $request_uri;
                    proxy_redirect off;
            }


    }

错误截图:

在此处输入图片描述

这难道不是将请求转发给 Squid 的正确方法吗?我遗漏了什么吗?

答案1

location /about-me/yellow {
    proxy_pass http://@squid/?wid=675&lang=bn;
    proxy_set_header Host "my-site.example.com";
    ...

我希望你的 squid 配置的第一行包含

http_port 3128 accel defaultsite=my-site.example.com

相关内容