对nginx的特定URL进行ssl加密参数无法传递
漂亮男人
漂亮男人 2017-05-16 17:24:01
0
2
611

环境中前端一台nginx,后端tomcat,现在要对client到nginx的请求进行ssl加密,考虑到速度的影响,只对动态请求加密(即所有已.do结尾的请求),其它js/png 等文件不加密,为避免https与http混排的问题,jsp也不加密。
nginx.conf主要配置:

server {
    listen       80;
    server_name  localhost;
    ...
    location / {
        root  /apps/oa/oaapp/OA1;
        index  index.jsp index.html;
    }
    location ~ .*\.do$ {
        rewrite ^(.*)$ https://ittest.example.com permanent;
    }
}

    server {
        listen 443;
        server_name ittest.example.com;

        ssl on;
        ...

    location / {
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://localhost:8080/;
    }        

比如现在访问登录页面login.html时,发送用户名密码请求http://ittest.example.com/member/login.do,按照上面的规则应该被rewrite到https://ittest.example.com/member/login.do处理,我从chrome也确实看到了301重定向了,但是,新的https请求方法变成了GET,用户名密码信息也没从http传送过去。请问该怎么解决?

漂亮男人
漂亮男人

全部回复(2)
曾经蜡笔没有小新

301就是这样的,可以尝试配置307状态码,在现代浏览器中它不会把post转化为get

漂亮男人

[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![] +[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[] +!+[]]+(!![]+[])[+!+[]]]([][(![]+[])[+[]]+([![]]+[ ][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[ +[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[ ])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[ ][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[ +[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[ +!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[] +!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[]) [+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]] ]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[ ]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]] +(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[ ]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[] ]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+ []+[+[]]]+(!![]+[])[+!+[]]()

热门教程
更多>
最新下载
更多>
网站特效
网站源码
网站素材
前端模板