Closed yezigl closed 11 years ago
Hello!
On Thu, Jan 10, 2013 at 3:19 AM, yezigl notifications@github.com wrote:
相同的配置用openresty,xss模块可以正常使用,官方的添加了xss模块就不行,error.log也没有错误信息。
你可以这样配置来得到更多的调试信息:
error_log logs/error.log debug;
Best regards, -agentzh
我使用了headers more模块把contentType设置为application/json,debug发现好像headers more的执行是在xss之后,xss就匹配不上contentType
[debug] 20423#0: 23 http proxy status 200 "200 OK" [debug] 20423#0: 23 http proxy header: "Server: Resin/3.1.12" [debug] 20423#0: 23 http proxy header: "Date: Thu, 21 Feb 2013 11:04:47 GMT" [debug] 20423#0: 23 http proxy header done [debug] 20423#0: 23 xss skipped due to unmatched Content-Type response header [debug] 20423#0: 23 headers more header filter, uri "/api/services/user/info" [debug] 20423#0: 23 lua capture header filter, uri "/api/services/user/info" [debug] 20423#0: 23 posix_memalign: 00000000054B4CB0:4096 @16 [debug] 20423#0: *23 HTTP/1.1 200 OK Server: nginx/1.2.7 Date: Thu, 21 Feb 2013 11:04:47 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: ppinfo=; domain=.sohu.com; path=/; expires=Thu, 01-Dec-1994 16:00:00 GMT Set-Cookie: passport=; domain=.sohu.com; path=/; expires=Thu, 01-Dec-1994 16:00:00 GMT Set-Cookie: ppinf=; domain=.sohu.com; path=/; expires=Thu, 01-Dec-1994 16:00:00 GMT Set-Cookie: pprdig=; domain=.sohu.com; path=/; expires=Thu, 01-Dec-1994 16:00:00 GMT Set-Cookie: ppmdig=; domain=.sohu.com; path=/; expires=Thu, 01-Dec-1994 16:00:00 GMT
Hello!
On Thu, Feb 21, 2013 at 3:16 AM, yezigl notifications@github.com wrote:
我使用了headers more模块把contentType设置为application/json,debug发现好像headers more的执行是在xss之后,xss就匹配不上contentType
你可以编译 nginx 时掉换这两个模块的顺序,即这样写:
./configure --add-module=/path/to/xss-nginx-module \
--add-module=/path/to/headers-more-nginx-module
这样 ngx_headers_more 的输出过滤器就会运行在 ngx_xss 之前了。(注意,这里输出过滤器的运行顺序与 --add-module=PATH 命令行选项的顺序刚好相反。)
Best regards, -agentzh
可以了,多谢!
相同的配置用openresty,xss模块可以正常使用,官方的添加了xss模块就不行,error.log也没有错误信息。 ngixx.conf配置如下:
nginx编译的参数如下: configure arguments: --prefix=/opt/apps_install/nginx-1.2.6 --conf-path=/opt/conf/nginx/nginx.conf --with-debug --with-pcre=../pcre-8.31 --with-http_stub_status_module --with-http_realip_module --with-http_ssl_module --add-module=../passport-v20120912 --add-module=../mod_saccounts --add-module=../ngx_devel_kit-0.2.17 --add-module=../lua-nginx-module-0.7.5 --add-module=../headers-more-nginx-module-0.19 --add-module=../xss-nginx-module-0.03
请帮忙给看下,感谢