Nginx

從 nginx 向 squid 發送請求時的前導斜杠

  • July 16, 2020

我正面臨一個奇怪的情況。我想載入一個位於 Nginx 後面的網頁。所以我代理將網頁請求傳遞給squid如下程式碼段所示:

           location /about-me/yellow {
                   proxy_pass http://@squid/http://my-site.example.com/?nu=1&l=2;
                   proxy_set_header Host $host;
                   proxy_set_header X-Real-IP $remote_addr;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_set_header X-Forwarded-Proto $scheme;
                   proxy_set_header Request-URI $request_uri;
                   proxy_redirect off;
           }

當 URL/about-me/yellow被命中時,請求被轉發到,squid但收到的請求是/http://my-site.example.com/?nu=1&l=2帶有前導正斜杠的。為什麼會這樣?我得到的錯誤是INVALID_URI. 我錯過了什麼?這是我完整的 Nginx 配置。

  upstream @squid {
    server x.x.x.x:3128;
  }

   server {
           root /public/; ## <-- Your only path reference.
           index index.php;
           server_name preprod.mygov.in;
           listen 83;
           add_header X-XSS-Protection "1; mode=block";
           add_header X-Content-Type-Options nosniff;
           add_header Strict-Transport-Security "max-age=31536000; includeSubDomains;preload";
           add_header 'Referrer-Policy' 'no-referrer-when-downgrade';
           add_header X-Frame-Options "SAMEORIGIN";
           add_header Content-Security-Policy upgrade-insecure-requests;
           ### Disable HTTP Methods
           if ($request_method !~ ^(GET|HEAD|POST)$ )
           {
           return 405;
           }

           # Enable compression, this will help if you have for instance advagg module
           # by serving Gzip versions of the files.
           gzip_static on;

           location ~ ^/s3/files/styles/ {
                   try_files $uri @rewrite;
           }

           location = /favicon.ico {
                   log_not_found off;
                   access_log off;
           }

           location = /robots.txt {
                   allow all;
                   log_not_found off;
                   access_log off;
           }


           location ~* \.(txt|log)$ {
                   allow 10.0.0.0/8;
                   deny all;
           }
           location ~* ^.+(\.(engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)|code-style\.pl|/Entries.*|/Repository|/Root|/Tag|/Template)$ {
                   deny all;
           }

           location ~ \..*/.*\.php$ {
                   return 403;
           }

           location ~ ^/sites/(.+)\.(phtml|pl|py|jsp|asp|aspx|shtml|htm|sh|cgi|exe) {
                   deny all;
           }

           location ~ ^/sites/(.+)\.php$ {
                   deny all;
           }

           # No no for private
           location ~ ^/sites/.*/private/ {
                   return 403;
           }

           # Block access to "hidden" files and directories whose names begin with a
           # period. This includes directories used by version control systems such
           # as Subversion or Git to store control files.
           location ~ (^|/)\. {
                   return 403;
           }

           location / {
                   # This is cool because no php is touched for static content
                   try_files $uri @rewrite;
           }

           
           location ~ ^/s3/files/styles/ {
                   try_files $uri @rewrite;
           }


           location @rewrite {
                   # You have 2 options here
                   # For D7 and above:
                   # Clean URLs are handled in drupal_environment_initialize().
                   rewrite ^ /index.php;
                   # For Drupal 6 and bwlow:
                   # Some modules enforce no slash (/) at the end of the URL
                   # Else this rewrite block wouldn't be needed (GlobalRedirect)
                   #rewrite ^/(.*)$ /index.php?q=$1;
           }

           fastcgi_connect_timeout 200;
           fastcgi_send_timeout 200;
           fastcgi_read_timeout 200;
           location ~ \.php$ {
                   fastcgi_split_path_info ^(.+\.php)(/.+)$;
                   # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                   include fastcgi_params;
                   fastcgi_param SCRIPT_FILENAME $request_filename;
                   #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                   fastcgi_intercept_errors on;
                   #fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
                   fastcgi_pass 127.0.0.1:9000;
           }


           location ~ ^/sites/.*/files/styles/ {
                   try_files $uri @rewrite;
           }

           location ~* \.(css|png|jpg|jpeg|gif|ico)$ {
                   expires max;
                   log_not_found off;
           }

           location ~* \.(js|json)$ {
                   expires 1d;
                   log_not_found off;
           }

           location ~* \.(svg|woff|woff2)$ {
                   expires 30d;
                   log_not_found off;
           }

           location ~* \.(eot|ttf|woff|woff2)$ {

                   add_header Access-Control-Allow-Origin *;

           }    

           location /about-me/yellow {
                   proxy_pass http://@squid/http://my-site.example.com/?wid=675&lang=bn;
                   proxy_set_header Host $host;
                   proxy_set_header X-Real-IP $remote_addr;
                   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                   proxy_set_header X-Forwarded-Proto $scheme;
                   proxy_set_header Request-URI $request_uri;
                   proxy_redirect off;
           }


   }

錯誤截圖:

在此處輸入圖像描述

這不是將請求轉發給 squid 的正確方法嗎?有什麼我想念的嗎?

location /about-me/yellow {
   proxy_pass http://@squid/?wid=675&lang=bn;
   proxy_set_header Host "my-site.example.com";
   ...

我希望您的 squid 配置的第一行包含

http_port 3128 accel defaultsite=my-site.example.com

引用自:https://serverfault.com/questions/1025307