From 07572f8e6cebed080f2817447de16dcec5beb2d4 Mon Sep 17 00:00:00 2001 From: PhatPhuckDave Date: Tue, 27 Jan 2026 13:56:00 +0100 Subject: [PATCH] Switch to openresty to better handle params --- Dockerfile | 16 ++++++---------- nginx.conf | 45 +++++++++++++++++++++++++++++++++++---------- 2 files changed, 41 insertions(+), 20 deletions(-) diff --git a/Dockerfile b/Dockerfile index cf593ae..6331bf2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,11 @@ -FROM nginx:alpine +FROM openresty/openresty:alpine -# Copy nginx configuration and HTML -COPY nginx.conf /etc/nginx/nginx.conf +# Copy config (OpenResty uses this path) +COPY nginx.conf /usr/local/openresty/nginx/conf/nginx.conf +# HTML and data dirs (config references /usr/share/nginx/html and /etc/nginx/data) +RUN mkdir -p /usr/share/nginx/html /etc/nginx/data/cache /etc/nginx/data/temp COPY index.html /usr/share/nginx/html/index.html -# Create data directories -RUN mkdir -p /etc/nginx/data/cache /etc/nginx/data/temp && \ - chown -R nginx:nginx /etc/nginx/data - -# Expose port EXPOSE 3000 -# Start nginx -CMD ["nginx", "-g", "daemon off;"] +CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"] diff --git a/nginx.conf b/nginx.conf index 77fd987..a4da609 100644 --- a/nginx.conf +++ b/nginx.conf @@ -18,21 +18,46 @@ http { resolver 127.0.0.11 valid=60s; + # Raw url= value from request (stops at next & so %26 in encoded URLs is preserved) + map $request_uri $url_encoded { + default ""; + "~*[?&]url=((?:[^&%]|%[0-9A-Fa-f][0-9A-f])*)(?:&|$)" $1; + } + server { listen 3000; location / { - # If no url parameter, serve the readme - if ($arg_url = "") { - rewrite ^ /index.html last; + set $backend_base ""; + # Decode url, build upstream URL, strip our "url=". Force that URI to upstream (variable proxy_pass can send original request URI otherwise) + rewrite_by_lua_block { + local enc = ngx.var.url_encoded + local decoded = (enc and enc ~= "") and ngx.unescape_uri(enc) or ngx.var.arg_url or "" + if decoded == "" then + ngx.exec("/index.html") + return + end + local args = ngx.var.args or "" + local rest = args:gsub("^url=[^&]*&?", ""):gsub("&url=[^&]*", ""):gsub("^url=[^&]*$", "") + local full = decoded + if rest ~= "" then + local sep = decoded:find("?") and "&" or "?" + full = decoded .. sep .. rest + end + local scheme, host, pathquery = full:match("^(https?)://([^/]+)(.*)$") + if not host then + ngx.status = 400 + ngx.say("invalid url") + return ngx.exit(400) + end + if pathquery == "" then pathquery = "/" end + local path = pathquery:match("^([^?]*)") or "/" + local query = pathquery:match("%?(.*)$") or "" + ngx.var.backend_base = scheme .. "://" .. host + ngx.req.set_uri(path) + ngx.req.set_uri_args((query:gsub("^%?", ""))) } - - # Forward query string to upstream (? if url has no query, & if it already has ?) - set $url_sep "?"; - if ($arg_url ~ \?) { - set $url_sep "&"; - } - proxy_pass $arg_url$url_sep$args; + proxy_pass $backend_base$uri$is_args$args; proxy_http_version 1.1; proxy_set_header Host $proxy_host; proxy_ssl_server_name on;