New release from counting users

Hi all,

Today, we [] released our patches to sign cookies, httponly
property and add user name to the ngx_http_userid_filter_module’s

The summary:

  • Two new options:

    userid_secretforsign  "0ur-S3CRet.HerE!";
    userid_httponly       on;
  • So, the new syntax of “unauthenticated” (1) cookie is:

  • The “authenticated cookie” (2) is:


    With a syntax for <more_data> like:

  • Then, when the sign of (1) or (2) is verified, two new enviroment
    variables could be sent to backend:

    IDUSR ---> the <NGINX_cookie>
    NAMEUSR -> the <userName>

    So, the backend knows nothing about authetication and all work is
    done by Nginx.

You have a complete description and the patch in:

This is our second release of new modules or patches to Nginx. The first
one was a new module to clean HTML, delete special comments and add a
block of HTML after the tag (more info in


Raul Rivero wrote:

    userid_httponly       on;

Hi Raul,

I think it would be helpful if you packaged these as standalone modules
rather than patches. Then people could use them against any Nginx
version with:

./configure --add-module=/path/to/soitu-userid

Some tips on packaging standalone modules can be found here:


Evan M. wrote:

./configure --add-module=/path/to/soitu-userid

Some tips on packaging standalone modules can be found here:

Hi Evan,

We make standalone modules when a new full module is developed (example:
our new ngx_http_html_clean_filter_module.c module

This email was about modifications to standard modules activated with
new parameters (same functionality, new options). Standard modules which
Igor changes or evolves. If standalone modules, Igor’s changes would
need to be ported to these modules.

Anyway, thanks a lot for your comment.


This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs