Embedded variable $cookie_YYY and "-" symbol

Hi all. I observe unexpected behavior when trying to use $cookie_YYY
embended variable when cookie name include “-” symbol.

set $uwaver $cookie_un-uwa-version;

$uwaver always equal to “-uwa-version” string instead of real cookie
value.

maybe i should use some kind of escaping here?

nginx -v
nginx version: nginx/1.2.7

uname -a
Linux cabal 3.2.0-37-generic #58-Ubuntu SMP Thu Jan 24 15:28:10 UTC 2013
x86_64 x86_64 x86_64 GNU/Linux

On Mon, Feb 18, 2013 at 03:54:33PM +0400, Igor Karymov wrote:

Hi there,

set $uwaver $cookie_un-uwa-version;

$uwaver always equal to “-uwa-version” string instead of real cookie value.

maybe i should use some kind of escaping here?

I believe that the reason is that there are some characters which are
valid in cookie names, but which are not valid in nginx variable names;
and I believe that the only way to access them in nginx.conf is to parse
$http_cookie yourself.

There is a similar problem with the $arg_* variables.

Both the $cookie_ and the $arg_ variables are convenience features,
and they work well provided that you restrict your inputs appropriately.

I’m not sure how much work it would be to create a patch allow, for
example, ${var.iab-le} as a way of accessing a variable named like that;
but I guess that it has been “more work than just avoiding or working
around those variable names” for everyone who has hit the issue so far.

f

Francis D. [email protected]

Francis D. wrote in post #1097580:

On Mon, Feb 18, 2013 at 03:54:33PM +0400, Igor Karymov wrote:

Hi there,

set $uwaver $cookie_un-uwa-version;

$uwaver always equal to “-uwa-version” string instead of real cookie value.

maybe i should use some kind of escaping here?

I believe that the reason is that there are some characters which are
valid in cookie names, but which are not valid in nginx variable names;
and I believe that the only way to access them in nginx.conf is to parse
$http_cookie yourself.

There is a similar problem with the $arg_* variables.

Both the $cookie_ and the $arg_ variables are convenience features,
and they work well provided that you restrict your inputs appropriately.

I’m not sure how much work it would be to create a patch allow, for
example, ${var.iab-le} as a way of accessing a variable named like that;
but I guess that it has been “more work than just avoiding or working
around those variable names” for everyone who has hit the issue so far.

f

Francis D. [email protected]

You can work around this for now with a quirk of the way the map module
works. It treats any value beginning with $ as a variable name and
skips some of the validation, so you can:

The first variable is irrelevant, $is_args just doesn’t

do much processing.

map $is_args $uwaver {
default $cookie_un-uwa-version;
}

This workaround may become invalid if the map module is ever extended to
accept complex values, but it just worked in a test for me.

Jon

This workaround has solve my issues. Thank you!

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs