anomalizer / ngx_aws_auth

nginx module to proxy to authenticated AWS services
BSD 2-Clause "Simplified" License
470 stars 144 forks source link

Possible Error in Readme Examples #73

Open BrutalSimplicity opened 4 years ago

BrutalSimplicity commented 4 years ago

Hi there!! Thank you for writing this module, it has really saved me a ton of time!!

I just wanted to point out a possible issue with two of the examples in the README.

I'm no expert with Nginx, but it appears that the proxy_pass directive for the non-root locations is incorrect.

Instead of...

proxy_pass http://your_s3_bucket.s3.amazonaws.com/$1;

I believe the path specification is not needed.

I based this on the following Nginx documentation.

http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass_header

When the URI is changed inside a proxied location using the rewrite directive, and this same configuration will be used to process a request (break):

location /name/ {
    rewrite    /name/([^/]+) /users?name=$1 break;
    proxy_pass http://127.0.0.1;
}

In this case, the URI specified in the directive is ignored and the full changed request URI is passed to the server.

So your example only requires the server name.

proxy_pass http://your_s3_bucket.s3.amazonaws.com;

I believe there is also another example with the same issue.

My Nginx knowledge is pretty noobish so this could be something I've overlooked. But, if there is an issue, I will gladly create a PR to update the README docs... I love doing all the heavy-lifting ya know 💪 😉

Oh, and I'm talking about the AuthV2 examples, which may be the issue... Not sure if these are being maintained still.