Reputation: 520
openresty nginx search for keyword in post request body data
I have been using openresty nginx for simple request forwarding purpose, it is working as expected, i am forwarding each incoming request to another URL using below code :
location /app/ {
proxy_pass https://example.com/abc/;
proxy_read_timeout 60s;
proxy_pass_header Server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
add_header X-Frame-Options "SAMEORIGIN" always;
and i am logging each POST request with below code :
server {
log_format post_logs '[$time_local] "$request" $status '
'$body_bytes_sent "$http_referer" '
'"$http_user_agent" [$request_body]';
}
location /app/ {
access_log logs/post.log post_logs;
}
Now my requirement is that before forwarding each request, i want to filter post request body data for specific string/keyword , it should only forwarded to proxy URL https://example.com/abc/ if specific string/keyword is found in post data.
I did some research but did not find anything that helps me achieve this, can anyone help ?
Upvotes: 0
Views: 1063
Answers (2)
Reputation: 520
Finally I got it done with help of lua :
location /app/ {
.
.
.
access_by_lua '
ngx.req.read_body()
local data = ngx.req.get_body_data()
local match = ngx.re.match(ngx.var.request_body, "<reqid>search</reqid>")
#local match = ngx.re.match(ngx.var.request_body, "<reqid>search</reqid>","i") for case insensitive match
if match then
#nothing to do
else
return ngx.exit(ngx.HTTP_FORBIDDEN)
end';
proxy_pass https://example.com/abc/;
}
here request body data will be assign to variable 'data' and with use of ngx.re.match we can match string/keyword with request body data, in above example if <reqid>search</reqid> not found in request body then it will return 403 forbidden, if found then it will be passed to proxy_pass.
It can be very useful for filtering incoming request before processing it.
Upvotes: 0
Reputation: 71
Don’t know much about Lua, but hopefully this helps:
location /app {
set $flag_true 1;
set_by_lua $flag '
local token = ngx.var.arg_token
local request_body = ngx.req.get_body_data()
ngx.req.read_body()
# do your filtering here
if string.find(request_body, "tiger") then
return ngx.var.flag_true
end
return "false"
';
if ($flag = 1) {
proxy_pass http://x.x.x.x:8092;
break;
}
echo "You do not have permission: $flag";
}
Inspired by:
Filter request on proxy_pass using lua on nginx
How to check if matching text is found in a string in Lua?
Upvotes: 0
Related Questions
- nginx match request body without using lua module
- Openresty: Make an http call with lua and return its parsed result
- get complete url using nginx and lua with openresty
- LUA / URL Query Parsing
- Retrieve regex location inside OpenResty Lua?
- Use NGINX to replace body from proxy_pass
- Nginx put POST/GET request body to variable
- Send request with body with openresty lua-resty-http module
- fetch parameters passed with url into nginx.conf by lua in Openresty
- Read form POST variables with nginx