Ask about a filtering rule for nginx

Question

Need to filter out some illegal characters in the server url:

For example | ; $ @ ' " < > ( ) document LF

Because all locations are required, they are written under the server:

if ($request_uri ~* "##这里怎么写##"){
    return 403;
}

I am a novice, please give me some guidance. . . .

Answer 1

It is recommended to write the single-character blacklist and multi-character blacklist in two sections
Single-character blacklist:

if ( $request_uri ~ [|;$@'"<>()] ) {
    return 403;
    }

Multiple characters:

if ( $request_uri ~ (document|LF) {
    return 403;
    }

Answer 2

The question should be written more clearly