環境中前端一台nginx,後端tomcat,現在要對client到nginx的請求進行ssl加密,考慮到速度的影響,只對動態請求加密(即所有已.do結尾的請求),其它js/png 等檔案不加密,為避免https與http混排的問題,jsp也不加密。 nginx.conf主要配置:
server {
listen 80;
server_name localhost;
...
location / {
root /apps/oa/oaapp/OA1;
index index.jsp index.html;
}
location ~ .*\.do$ {
rewrite ^(.*)$ https://ittest.example.com permanent;
}
}
server {
listen 443;
server_name ittest.example.com;
ssl on;
...
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8080/;
}
例如現在訪問登入頁面login.html時,發送使用者名稱密碼請求http://ittest.example.com/member/login.do,依照上面的規則應該被rewrite到https://ittest.example.com/member/login.do處理,我從chrome也確實看到了301重定向了,但是,新的https請求方法變成了GET,使用者名稱密碼資訊也沒從http傳送過去。請問該怎麼解決?
301就是這樣的,可以嘗試配置307狀態碼,在現代瀏覽器中它不會把post轉換成get
[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![] +[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[] +!+[]]+(!![]+[])[+!+[]]]([][(![]+[])[+[]]+([![]]+[ ][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[ +[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[ ])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[ ][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[ +[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[ +!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[] +!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[]) [+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]] ]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[ ]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]] +(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[ ]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[] ]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+ []+[+[]]]+(!![]+[])[+!+[]]()