nginx cookie - how to inject variable into cookie

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

nginx cookie - how to inject variable into cookie

Payam Chychi
Hey,

im trying to compare the cookie with  the remote_addr via nginx but
nginx sees $remote_addr as the text and not the a variable ... so it
wont match properly
I do have two cookies... the one I need to match for is the 2nd cookie
"YPF8827340282Jdskjhfiw_928937459182JAX666=96.48.77.222"

                if ( $http_cookie !~
YPF8827340282Jdskjhfiw_928937459182JAX666=$remote_addr ) {
                        rewrite  ^(.*)$  /check/$host.shtml  last;
                        break;
                }

2009/05/31 02:01:29 [debug] 1775#0: *6 http script regex:
"YPF8827340282Jdskjhfiw_928937459182JAX666=$remote_addr"
2009/05/31 02:01:29 [notice] 1775#0: *6
"YPF8827340282Jdskjhfiw_928937459182JAX666=$remote_addr" does not
match "YPF8827340282Jdskjhfiw_9289374591823=2;
YPF8827340282Jdskjhfiw_928937459182JAX666=96.48.77.222", client:
96.48.77.222, server: www.whatwentwrong.org, request: "GET /index.html
HTTP/1.1", host: "www.whatwentwrong.org", referrer:
"http://www.whatwentwrong.org/index.html"

any ideas?

Thanks in advance
--
Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer

Reply | Threaded
Open this post in threaded view
|

Re: nginx cookie - how to inject variable into cookie

Maxim Dounin
Hello!

On Sun, May 31, 2009 at 02:05:12AM -0700, Payam Chychi wrote:

> Hey,
>
> im trying to compare the cookie with  the remote_addr via nginx but
> nginx sees $remote_addr as the text and not the a variable ... so it
> wont match properly
> I do have two cookies... the one I need to match for is the 2nd cookie
> "YPF8827340282Jdskjhfiw_928937459182JAX666=96.48.77.222"
>
>                 if ( $http_cookie !~
> YPF8827340282Jdskjhfiw_928937459182JAX666=$remote_addr ) {
>                         rewrite  ^(.*)$  /check/$host.shtml  last;
>                         break;
>                 }

This wont work since nginx doesn't allow variables in a right-hand side
of the expression.  Workaround is to use something like this:

    set $blah "$remote_addr:$http_cookie";
    if ($blah !~ "^([0-9.]+):.*YPF8827340282Jdskjhfiw_928937459182JAX666=\1") {
        ...
    }

This uses static pattern with pcre builtin backreference and will
work as expected.

Maxim Dounin

Reply | Threaded
Open this post in threaded view
|

Re: nginx cookie - how to inject variable into cookie

Payam Chychi
On Mon, Jun 1, 2009 at 3:45 AM, Maxim Dounin <[hidden email]> wrote:

> Hello!
>
> On Sun, May 31, 2009 at 02:05:12AM -0700, Payam Chychi wrote:
>
>> Hey,
>>
>> im trying to compare the cookie with  the remote_addr via nginx but
>> nginx sees $remote_addr as the text and not the a variable ... so it
>> wont match properly
>> I do have two cookies... the one I need to match for is the 2nd cookie
>> "YPF8827340282Jdskjhfiw_928937459182JAX666=96.48.77.222"
>>
>>                 if ( $http_cookie !~
>> YPF8827340282Jdskjhfiw_928937459182JAX666=$remote_addr ) {
>>                         rewrite  ^(.*)$  /check/$host.shtml  last;
>>                         break;
>>                 }
>
> This wont work since nginx doesn't allow variables in a right-hand side
> of the expression.  Workaround is to use something like this:
>
>    set $blah "$remote_addr:$http_cookie";
>    if ($blah !~ "^([0-9.]+):.*YPF8827340282Jdskjhfiw_928937459182JAX666=\1") {
>        ...
>    }
>
> This uses static pattern with pcre builtin backreference and will
> work as expected.
>
> Maxim Dounin
>
>

Maxim,

Thanks much ... worked out great =)

--
Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer