nginx PHP Forward Slash Before GET Params

Question

How do I configure nginx to allow a slash between my /test_file.php/?param1=test ? Currently is only allowing /test_file.php?param1=test ...

Here is my current configuration:

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;
    # rewrite ^/(.php*)/$ /$1 permanent;
    root /var/www/example.com;

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

Url working (undesirable):https://example.com/workouts.php?workout=206 Url I want: https://example.com/workouts.php/?workout=206

Answer 1

The block:

location ~ \.php$ { ... }

is responsible for processing any URI which ends with .php.

A simple solution would be to change the regular expression to accept URIs which include pathinfo. However, you should also make other changes within the block to mitigate known exploits. See this document for details.

For example:

location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    if (!-f $document_root$fastcgi_script_name) {
        return 404;
    }

    # Mitigate https://httpoxy.org/ vulnerabilities
    fastcgi_param HTTP_PROXY "";

    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
}