我目前正在開發一個在舊 Symfony 版本上運行的舊版 API(2.8 正在升級到 3.4)。
該應用程式有兩個「主要」PHP 入口點:app_dev.php
和 app.php
。 _dev
端點僅應在開發環境中使用,但在舊的生產應用程式中使用不正確。
我們可以輕鬆修改 API 以避免暴露此檔案(並且已經成功完成),但是,我們無法輕鬆更新連接到 API 的某些應用程式。例如,某些應用程式仍在嘗試使用 https://domain/app_dev.php/the/path
進行連接。
作為臨時解決方案,當我們努力修復使用API 的應用程式時,我們希望將https://domain/app_dev.php/the/path
重寫為 https:/ /domain/app.php/the/path
或更好的是https://domain/the/path
。 我們相信重寫是正確的選擇,但也許我們不正確?
我們有 NGINX 的目前配置:
## nginx.conf user www-data; worker_processes auto; worker_rlimit_nofile 65535; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 4096; } http { server_tokens off; include /etc/nginx/mime.types; default_type application/octet-stream; # log_format must come before access_log! log_format main '$remote_addr - $remote_user [$time_local] "$request" $status ' '$body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; client_max_body_size 50M; proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; large_client_header_buffers 4 16k; include /etc/nginx/conf.d/*.conf; }
## php-prod.conf upstream php { server 127.0.0.1:9000; } server { listen 80; client_max_body_size 50M; client_body_buffer_size 128k; fastcgi_param REMOTE_USER $remote_user; root /var/www/web; location = /favicon.ico { break; } location / { try_files $uri /app.php$is_args$args; } # Configuration for PHP passthrough on remote / production endpoints location ~ ^/app\.php(/|$) { if ($request_method = OPTIONS ) { add_header Content-Length 0; add_header Content-Type text/plain; add_header Access-Control-Allow-Headers "x-custom-auth, content-type, x-requested-with, authorization, mobile"; add_header Access-Control-Allow-Methods "POST, PUT, PATCH, GET, DELETE"; add_header Access-Control-Allow-Origin "$http_origin"; add_header Access-Control-Max-Age 1728000; return 204; } fastcgi_pass php; fastcgi_read_timeout 3600; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; # When you are using symlinks to link the document root to the current version of your application, you # should pass the real application path instead of the path to the symlink to PHP FPM. Otherwise, PHP's OPcache # may not properly detect changes to your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126 # for more information). fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT $realpath_root; # Prevents URIs that include the front controller. This will 404: http://domain.tld/app.php/some-path # Remove the internal directive to allow URIs like this internal; } # Return 404 for all other php files not matching the front controller. # This prevents access to other php files you don't want to be accessible. location ~ \.php$ { return 404; } error_log /var/log/nginx/error.log; access_log off; }
我嘗試將rewrite /app_dev\.php/(.*) /app.php$1 break;
加入到各個地方,包括主server
區塊和location /
區塊和似乎無法使重定向正常工作。我嘗試過使用 break
和 last
但我只從 API 收到沒有內容的 500 回應。
如果我更新location ~ ^/app\.php(/|$) {
到location ~ ^/(app|app_dev)\.php(/|$) {
它可以正常工作,所以我知道API 在NGINX 背後「工作」。
我應該提到 301 重定向在這裡不起作用,因為我還需要重寫 POST 請求。然而,我已經將其作為 301 重定向進行了測試,並且得到了預期的結果(但 301 不適用於我們的 POST 請求):
location / { rewrite /app_dev\.php/(.*) / permanent; try_files $uri /app.php$is_args$args; } ... 127.0.0.1 - testCommand [25/May/2023:09:04:31 +0000] "POST /app_dev.php/api/path HTTP/1.0" 301 162 "-" "PostmanRuntime/7.32.2" 172.20.0.1 - testCommand [25/May/2023:09:04:31 +0000] "POST /app_dev.php/api/path HTTP/1.1" 301 162 "-" "PostmanRuntime/7.32.2" "-" 172.20.0.1 - - [25/May/2023:09:04:31 +0000] "GET /api/path HTTP/1.1" 301 162 "https://api.domain.com/app_dev.php/api/path" "PostmanRuntime/7.32.2"
如果我將其設定為中斷:
172.20.0.1 - testCommand [25/May/2023:09:08:05 +0000] "POST /app_dev.php/api/path HTTP/1.1" 500 5 "-" "PostmanRuntime/7.32.2" "-" 127.0.0.1 - testCommand [25/May/2023:09:08:05 +0000] "POST /app_dev.php/api/path HTTP/1.0" 500 0 "-" "PostmanRuntime/7.32.2"
如果我將其設為最後:
172.20.0.1 - testCommand [25/May/2023:09:13:57 +0000] "POST /app_dev.php/api/path HTTP/1.1" 500 5 "-" "PostmanRuntime/7.32.2" "-" 127.0.0.1 - testCommand [25/May/2023:09:13:57 +0000] "POST /app_dev.php/api/path HTTP/1.0" 500 0 "-" "PostmanRuntime/7.32.2"
所以我的問題是如何讓這個重寫工作,將https://domain/app_dev.php/the/path
等URL 重寫為https://domain/app .php /the/path
甚至更好https://domain/the/path
?
您嘗試
重寫/app_dev\.php/(.*) /app.php$1 break;
,但break是錯誤的標誌- 您需要使用最後强>。請參閱rewrite
指令。 p>或者,要重定向 POST 請求,您可以使用 307狀態回應,例如:
確保將其放置在
location ~ \.php$
區塊上方。我注意到
location ~ ^/app\.php(/|$)
區塊被標記為internal
,這會阻止您的伺服器回應的外部請求>/app.php
。這似乎與您問題中的某些陳述相矛盾。