2

I want to allow Nginx to autoindex a folder, but not serve the files. In my app, the files are stocked in a protected-files folder and this folder isn't accessible for users. When a user calls a file (eg: my-website.com/files/my-great-files.pdf), in reality, he was redirected on a PHP script that verify if the user have the rights to call this file. I know how to do that, and it's ok.

But actually, I want use a JS plugin named jBrowse, and this program need to access to a lot of files, and to the index of a folder to have the files list in it.

And I don't know how to do this... Can we return a file index in PHP ?

Or an other idea, permit to Nginx to return the index of a folder with empty files. And when a user or the plugin want access to the file, he's redirect on the PHP script that control the rights.

I've mind this:

location /files {
  autoindexon;
}


location ~* \.(doc|pdf)$ {
  deny all;
}

This is ok, the user can navigate in the folder, see the files, but if he click on, he has an 403 error. But I can't replace the deny all, by a redirection to php...

This is my default.conf file:

server {
server_name project.dev;
root /home/docker/web;

location / {
# try to serve file directly, fallback to app.php
 #try_files $uri /app.php$is_args$args;
try_files $uri /app_dev.php$is_args$args;
}

 location /protected_files {
internal;
 alias /home/docker/protected-files;
}

 location /files {
autoindex on;
}

 location ~* \.(doc|pdf)$ {
try_files $uri /app_dev.php$is_args$args;
}

# DEV
 # This rule should only be placed on your development environment
 # In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
 # current version of your application, you should pass the real
 # application path instead of the path to the symlink to PHP
 # FPM.
 # Otherwise, PHP's OPcache may not properly detect changes to
 # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
 # for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
 # current version of your application, you should pass the real
 # application path instead of the path to the symlink to PHP
 # FPM.
 # Otherwise, PHP's OPcache may not properly detect changes to
 # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
 # for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
 # http://domain.tld/app.php/some-path
 # Remove the internal directive to allow URIs like this
 #internal;
}

 error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
4

1 に答える 1

0

deny allをディレクティブに置き換えてrewrite、php ハンドラーへの内部リダイレクトを実行できます。

location /files {
    autoindex on;
}

location ~* ^/files.*\.(doc|pdf)$ {
    rewrite ^ /app_dev.php last;
}

詳細については、このドキュメントを参照してください。

編集: or で始まり、またはで/files終わるURI のみが一致するように、正規表現をより具体的にすることができます。次のように、正規表現を (上記のように) 変更するか、ブロック内にネストします。.doc.pdflocation /files

location /files {
    autoindex on;

    location ~* \.(doc|pdf)$ {
        rewrite ^ /app_dev.php last;
    }
}
于 2016-03-25T11:03:33.847 に答える