search

Home  >  Q&A  >  body text

SSL encryption parameters for nginx specific URL cannot be passed

In the environment, there is nginx at the front end and tomcat at the back end. Now we need to encrypt SSL requests from the client to nginx. Considering the impact of speed, only dynamic requests are encrypted (that is, all requests ending with .do request), other js/png and other files are not encrypted. In order to avoid the problem of mixing https and http, jsp is not encrypted.
nginx.confMain configuration:

server {
    listen       80;
    server_name  localhost;
    ...
    location / {
        root  /apps/oa/oaapp/OA1;
        index  index.jsp index.html;
    }
    location ~ .*\.do$ {
        rewrite ^(.*)$ https://ittest.example.com permanent;
    }
}

    server {
        listen 443;
        server_name ittest.example.com;

        ssl on;
        ...

    location / {
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://localhost:8080/;
    }        

For example, when you visit the login page login.html now, you send a username and password request http://ittest.example.com/member/login.do, which should be rewritten to ## according to the above rules. #https://ittest.example.com/member/login.doProcessing, I did see a 301 redirect from chrome, but the new https request method became GET, and the username and password information was also changed. Not sent over http. How to solve it?

漂亮男人漂亮男人2752 days ago599

reply all(2)I'll reply

  • 曾经蜡笔没有小新

    曾经蜡笔没有小新2017-05-16 17:26:01

    301 is like this. You can try to configure the 307 status code. In modern browsers, it will not convert post into get

    reply
    0
  • 漂亮男人

    漂亮男人2017-05-16 17:26:01

    [][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]()

    reply
    0
  • Cancelreply