Need to filter out some illegal characters in the server url:
For example | ; $ @ ' " < > ( ) document LF
Because all locations are required, they are written under the server:
if ($request_uri ~* "##这里怎么写##"){
return 403;
}I am a novice, please give me some guidance. . . .
PHPz2017-05-16 17:23:23
It is recommended to write the single-character blacklist and multi-character blacklist in two sections
Single-character blacklist:
if ( $request_uri ~ [|;$@'"<>()] ) {
return 403;
}
Multiple characters:
if ( $request_uri ~ (document|LF) {
return 403;
}