我想為不同的位置提供不同的標頭,但回退到始終提供特定文件(如果找不到匹配的文件)。
我還需要將一些全域標頭添加到所有請求中,但需要注意的是,如果它們已經在該location
層級添加,我不希望添加它們。
.template.conf
到目前為止我已經得到了這個:
server {
listen ${PORT};
# Don't include any local server address info in redirects
absolute_redirect off;
index index.html;
root ${HTML_SRC};
include ${INCLUDE_DIR}/*.conf;
# Serve any matching requested file (CSS, etc.) fallbacking to /index.html
location / {
# First try a matching existing file, then just show index.html
try_files $uri $uri/ /index.html;
}
}
(include
中INCLUDE_DIR/headers.conf
) 定義為:
# Global headers
add_header X-FRAME-OPTIONS "DENY" always;
add_header Cache-Control "no-store, must-revalidate" always;
add_header Report-To "<global-config>" always;
add_header Content-Security-Policy "<global-config>" always;
# Location specific paths
# Specific known existing file in /$HTML_SRC/.well-known
location /.well-known/apple-app-site-association$ {
default_type application/json;
# Redirect everything to fallback / location to serve the file
rewrite .* / last;
}
# Assets
location ~* \.(jpg|jpeg|gif|png|svg|ttf)$ {
# Redeclare global headers (not inherited)
add_header X-FRAME-OPTIONS "DENY" always;
add_header Report-To "<global-config>" always;
add_header Content-Security-Policy "<global-config>" always;
# Cache assets for a bit longer
add_header Cache-Control "max-age=31557600";
# Redirect everything to fallback / location to serve any files file
rewrite .* / last;
}
location = /login {
# Redeclare global headers (not inherited)
add_header X-FRAME-OPTIONS "DENY" always;
add_header Cache-Control "no-store, must-revalidate" always;
# Path specific CSP headers
add_header Report-To "<specific-config>" always;
add_header Content-Security-Policy "<specific-config>" always;
# Redirect everything to /
rewrite .* / last;
}
# All locations with this prefix have these headers
location /some-other-path {
# Redeclare global headers (not inherited)
add_header X-FRAME-OPTIONS "DENY" always;
add_header Cache-Control "no-store, must-revalidate" always;
# Path specific CSP headers
add_header Report-To "<other-specific-config>" always;
add_header Content-Security-Policy "<other-specific-config>" always;
# Redirect everything to /
rewrite .* / last;
}
我意識到任何location
s 都add_header
意味著任何頂級(在本例中是在server
模板中add_header
)不被繼承。
上面的問題是它根本不起作用!location
並不總是使用特定的標頭。我認為這就是rewrite
問題所在,但我也嘗試過try_files
(匹配模板)但沒有成功。我也嘗試過除了塊中的額外標頭之外什麼都沒有,location
但沒有運氣。我也認為我所做的也不是最好的方法...
請注意,我已經簡化了新增的標頭,例如包含 CSP 標頭,還有其他全域標頭和其他特定於位置的標頭。我還有其他需要不同標頭的路徑,但我認為上面的內容可以透過我可以應用於這些的通用解決方案來修復。
答案1
rewrite...last
將會導致 Nginx尋找新地點處理請求。只有最後一個location
才能設定響應標頭。
location
您可以在設定回應標頭的同一塊中處理整個請求,rewrite...break
或者更簡單使用try_files
如下:
try_files /index.html =404;
請注意,該/index.html
術語是不是最後一個參數。如果它是最後一個參數,則會導致 Nginx 搜尋新的位置來處理請求。
或者,將所有add_header
語句放在一起,並使用 amap
設定特定值。看這個答案。