Nginx

nginx 允許從應用程序發送重定向到客戶端

  • August 15, 2022

成功登錄後,我試圖將使用者重定向回我的移動應用程序。(連結回應用程序)

為此,我307使用此連結發送回复:exp://192.168.178.33:19000?steamId=76561198154889373

我用 go 編寫的伺服器程式碼如下所示:

http.Redirect(w, r, redirectUrl+"?steamId="+steamId, 307)

nginx作為反向代理負載平衡到執行 rest-API 的 2 台伺服器。

這是配置:

upstream rest_api {
       server 123.456.789.123:8081 fail_timeout=10s;
       server 111.222.333.444:8081 fail_timeout=10s weight=5;
   }


       server {
            listen          443 ssl ipv6only=on;
            ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;

            server_name     example.com www.example.com;

            ssl_certificate /etc/nginx/ssl/chain.crt;
        ssl_certificate_key /etc/nginx/ssl/privkey.key;

        root /usr/share/nginx/html;

        location / {
                index index.html index.htm;
        include /etc/nginx/headers/security_headers.conf;
        include /etc/nginx/headers/default_headers.conf;
            }

            location /hi {
                 index hi.html;
            }

        location ~* /notfound {
                index not_found.html;
            }
       }

       server {
            listen          443 ssl;
            ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;

            server_name     api.example.com;

            ssl_certificate /etc/nginx/ssl/chain.crt;
        ssl_certificate_key /etc/nginx/ssl/privkey.key;

        location / {
                proxy_pass https://rest_api;
        include /etc/nginx/headers/security_headers.conf;
        include /etc/nginx/headers/default_headers.conf;
            }

       }

     
   server {
       listen 80;
       listen [::]:80;
           server_name example.com;
           return 301 https://$host$request_uri;

   }

   server {

            listen          443 ssl;
            ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
            server_name     example.com;
            ssl_certificate /etc/nginx/ssl/chain.crt;
            ssl_certificate_key /etc/nginx/ssl/privkey.key;
            location ~* /notfound {
            root /usr/share/nginx/html/notfound;
                index not_found.html;
            }

       }

當在沒有 的情況下執行 apinginx並通過 訪問/login路由時111.222.333.444:8081/login,它工作正常,我被重定向。但是當使用nginx作為反向代理時,我得到了這個(注意瀏覽器視窗的標題rest_api就像upstreamin nginx.conf

https://i.stack.imgur.com/4tlk3.png

連結在這裡,因為我還沒有 10 個代表。

我將如何配置我nginx以將307響應傳遞回應用程序,而不是陷入上游聲明?

提前致謝。

編輯

似乎在使用nginx上游進行負載平衡時,登錄後我得到了以下蒸汽響應:

https://steamcommunity.com/openid/login?....&openid.realm=https://rest_api&openid.return_to=https://rest_api/login?redirectUrl=exp://THE_ACTUAL_REDIRECT_URL&....

這是行不通的

但是當我使用沒有以下內容的普通 IP 時,這是可行的nginx

https://steamcommunity.com/openid/login?....&openid.realm=https://111.222.333.444:8081&openid.return_to=https://111.222.333.444:8081/login?redirectUrl=exp://THE_ACTUAL_REDIRECT_URL

因此,在我看來,執行 , 的伺服器正在向世界loadbalancer/proxy公開。rest_api

似乎預設情況下 nginx 傳入$proxy_hostHost頭(見下文),您需要將其更改為實際主機:

        location / {
                proxy_pass https://rest_api;
                proxy_set_header Host $host;
                // ...
        }

句法: proxy_set_header field value;

$$ … $$ 預設情況下,只重新定義兩個欄位:

proxy_set_header Host       $proxy_host;
proxy_set_header Connection close;

https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header

$proxy_host

proxy_pass 指令中指定的代理伺服器的名稱和埠;

https://nginx.org/en/docs/http/ngx_http_proxy_module.html#variables

引用自:https://serverfault.com/questions/1108234