两个例子:

两个例子:

我有一个 API 服务器,它将所有流量传输到 index.php 脚本,该脚本使用 PHP$_SERVER['REQUEST_URI']变量来解释 URL 并提供正确的响应。

这对于所有事情都完美无缺,除了我有一个脚本,它临时为未经身份验证的端点提供文件供公众使用。因此浏览器正确地解释了文件数据,文件扩展名包含在 URL 的末尾。

两个例子:

示例 1

https://myapi.com/file/read/0e3970ea32b2cce0285564aeadb36c9d/m7hwCjCKDju88mKbW29EBhxoiuWTz9SF/Q2290814_BDKC3_031122_165240.xlsx

此请求通过管道传输到$server_root/index.php,PHP 脚本从 S3 提取文件数据,并使用正确的 mime 类型标头传输二进制数据。浏览器启动下载,一切正常。(这对 .doc 和 .pdf 文件也有效)

示例 2

https://myapi.com/file/read/0e3970ea32b2cce0285564aeadb36c9d/m7hwCjCKDju88mKbW29EBhxoiuWTz9SF/Q2290814_BDKC3_031122_165240.jpg

此 JPEG 文件无法正确提供,而是显示 NGINX 生成的 404 页面。经过一些测试,我确定 NGINX 未将请求传输到$server_root/index.php

NGINX 配置

主要配置

server {
        listen 80;

        server_name myapi.com;
        
        set_real_ip_from 0.0.0.0/0;
        real_ip_header CF-Connecting-IP;

        index index.php index.html index.htm;

        access_log /var/log/nginx/myapi.com_access.log;
        error_log /var/log/nginx/myapi.com_error.log;

        root /var/www/vhosts/myapi.com/public;

        client_max_body_size 25m;

        include /etc/nginx/conf/include_template.conf;

        add_header                Strict-Transport-Security "max-age=15768000; includeSubDomains; preload";
        add_header                X-Content-Type-Options "nosniff" always;
        add_header                X-Frame-Options "SAMEORIGIN" always;
        add_header                X-XSS-Protection "1; mode=block";
        add_header                Referrer-Policy "no-referrer";

        location / {
            try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ .php$ {
                try_files $uri =404;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;

                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param  PATH_INFO          $fastcgi_path_info;
                fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;

                fastcgi_param  HTTPS 'on';

                fastcgi_buffer_size 128k;
                fastcgi_buffers 256 16k;
                fastcgi_busy_buffers_size 256k;
                fastcgi_temp_file_write_size 256k;

                fastcgi_read_timeout 1800;
                fastcgi_connect_timeout 1800;
                fastcgi_send_timeout 1800;
                proxy_read_timeout 1800;
                proxy_connect_timeout 1800;
                proxy_send_timeout 1800;
                send_timeout 1800;

                include fastcgi_params;
        }

}

/etc/nginx/conf/include_template.conf

    include /etc/nginx/conf/gzip.conf;
    include /etc/nginx/conf/restrictions.conf;
    include /etc/nginx/conf/cors.conf;
    include /etc/nginx/conf/browsercache.conf;

/etc/nginx/conf/gzip.conf

# Enable Gzip compression.
gzip on;

# Disable Gzip on IE6.
gzip_disable "msie6";

# Allow proxies to cache both compressed and regular version of file.
# Avoids clients that don't support Gzip outputting gibberish.
gzip_vary on;

# Compress data, even when the client connects through a proxy.
gzip_proxied any;

# The level of compression to apply to files. A higher compression level increases
# CPU usage. Level 5 is a happy medium resulting in roughly 75% compression.
gzip_comp_level 5;

# The minimum HTTP version of a request to perform compression.
gzip_http_version 1.1;

# Don't compress files smaller than 256 bytes, as size reduction will be negligible.
gzip_min_length 256;

# Compress the following MIME types.
gzip_types
    application/atom+xml
    application/javascript
    application/json
    application/ld+json
    application/manifest+json
    application/rss+xml
    application/vnd.geo+json
    application/vnd.ms-fontobject
    application/x-font-ttf
    application/x-web-app-manifest+json
    application/xhtml+xml
    application/xml
    font/opentype
    image/bmp
    image/svg+xml
    image/x-icon
    text/cache-manifest
    text/css
    text/plain
    text/vcard
    text/vnd.rim.location.xloc
    text/vtt
    text/x-component
    text/x-cross-domain-policy;
# text/html is always compressed when enabled.

/etc/nginx/conf/restrictions.conf

location /.git { deny all; }
location /.htaccess { deny all; }
location /.htpasswd { deny all; }
location /.user.ini { deny all; }

location ~ ^/\. { deny all; }

location ~ ~$ { deny all; }

location ~* \.sql { deny all; }
location ~* config\.json { deny all; }

#if ($request_method !~ ^(GET|HEAD|POST)$ )
#if ($request_method !~ ^(GET|HEAD|POST|PUT|DELETE|OPTIONS)$ )
#{
#       return 405;
#}

/etc/nginx/conf/cors.conf

        location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff|woff2)$ {
            add_header Access-Control-Allow-Origin "*";
            expires 8d;
        }

/etc/nginx/conf/browsercache.conf

location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
            expires 7d;
        }

问题

我如何修改我的配置以便将每个请求(包括图像文件扩展名)传送到 index.php?

相关内容