HttpSecureLink

This module computes and checks request URLs for a required security token. This module is not compiled by default and must be specified using the

这个模块计算和检测URL请求中必须的安全标识

这个模块没有默认编译,在编译Nginx时,必须使用明确的配置参数

  1. --with-http_secure_link_module

argument to configure when compiling Nginx. Note that this module is only supported in nginx version 0.7.18 and higher.

来说明配置.这个模块在Nginx 0.7.18及以上版本中被支持.

Example usage:

  1. location /prefix/ {
  2. secure_link_secret secret_word;
  3. if ($secure_link = "") {
  4. return 403;
  5. }
  6. }

指令

syntax:secure_link_secret secret_word

default:none

context:location

The directive specifies a secret word to verify requests. The full URL for a protected links follows this form:

这个指令明确一个安全关键字来审核请求。完整的被保护的URL如下表:

/prefix/hash/reference

hash is computed as as 使用md5('参考','安全密码')函数计算

  1. md5 (reference, secret_word);

prefix is the scope of the location block, and must not be '/'. secure_link can only be used in non-root paths.

前缀是定位块的范围,绝对不能使用'/'。安全连接只能被用在非根目录路径。

变量

$secure_link

Automatically set to the reference component of the URL, isolated from the prefix and hash. If the hash is incorrect, an empty string is returned instead.

自动设置模块到URL的关联,分开前缀和HASH。如果HASH不正确,将返回空字符串。