Shulou(Shulou.com)05/31 Report--

This article introduces the relevant knowledge of "add_header instruction instance Analysis of Nginx". Many people will encounter such a dilemma in the operation of actual cases, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Preface

As you all know, the nginx configuration file sets the response header by using the add_header directive.

Use curl to view the information of a site and find that the returned header is not the same as expected:

Http/2 200date: thu, 07 feb 2019 04:26:38 gmtcontent-type: text/html; charset=utf-8vary: accept-encoding, cookiecache-control: max-age=3, must-revalidatelast-modified: thu, 07 feb 2019 03:54:54 gmtx-cache: missserver: cloudflare...

The main site is configured with header such as hsts in nginx.conf:

Add_header strict-transport-security "max-age=63072000; preload"; add_header x-frame-options sameorigin;add_header x-content-type-options nosniff;add_header x-xss-protection "1; mode=block"

But the response header does not have these header. In addition to the regular header, there is only one header x-cache configured in location.

The first impression is that cdn filtered out these header? So I looked for the documents of cloudflare, and I didn't find that they would be processed. On second thought, why does cdn filter all this? Have you had enough to eat? They don't do the zheng trial!

The problem shifts to the configuration of nginx. Open google search for "nginx location add_header", and sure enough found a lot of slots. Click on the document on the official website add_header and have the following description (other information has been omitted):

There could be several add_header directives. These directives are inherited from the previous level if and only if there are no add_header directives defined on the current level.

Note that the focus is on "these directives are inherited from the previous level if and only if there are no add_header directives defined on the current level." That is, the parent setting is inherited only if there is no add_header directive in the current level. So my question is clear: there is a configuration in add_header,nginx.conf in location that has been discarded.

This is a deliberate act of nginx, not a bug or a trap. But if you take a closer look at this sentence, you will find something more interesting: only the add_header in the most recent place works. Add_header can be configured in http, server, and location, but the closest configuration works, and the upper configuration will fail.

But the problem doesn't stop there. If there is a rewrite to another location in the location, only the second header appears in the end result. For example:

Location / foo1 {add_header foo1 1; rewrite / / foo2;} location / foo2 {add_header foo2 1; return 200 "ok";}

Regardless of the request / foo1 or / foo2, the final header is only foo2:

Although it makes sense that this is normal behavior, it always feels a little reluctant and uncomfortable: server loses http configuration, location loses server configuration, but the two location are at the same level!

You cannot inherit the parent configuration and do not want to repeat instructions in the current block. The solution is to use the include instruction.

This is the end of the content of "add_header instruction example Analysis of Nginx". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.