This module computes and checks request URLs for a required security token. This module is not compiled by default and must be specified using the 这个模块计算和检测URL请求中必须的安全标识 这个模块没有默认编译,在编译Nginx时,必须使用明确的配置参数

  1. --with-http_secure_link_module

argument to configure when compiling Nginx. Note that this module is only supported in nginx version 0.7.18 and higher. 来说明配置.这个模块在Nginx 0.7.18及以上版本中被支持.

Example usage:

  1. location /prefix/ {
  2.     secure_link_secret   secret_word;
  5.     if ($secure_link = "") {
  6.         return 403;
  7.     }
  8. }

指令

syntax:*secure_link_secret secret_word*

default:*none*

context:*location*

The directive specifies a secret word to verify requests. The full URL for a protected links follows this form: 这个指令明确一个安全关键字来审核请求。完整的被保护的URL如下表:

/prefix/hash/reference

hash is computed as as 使用md5('参考','安全密码')函数计算

  1. md5 (reference, secret_word);

prefix is the scope of the location block, and must not be '/'. secure_link can only be used in non-root paths. 前缀是定位块的范围,绝对不能使用'/'。安全连接只能被用在非根目录路径。

变量

$secure_link

Automatically set to the reference component of the URL, isolated from the prefix and hash. If the hash is incorrect, an empty string is returned instead. 自动设置模块到URL的关联,分开前缀和HASH。如果HASH不正确,将返回空字符串。

原文: https://wizardforcel.gitbooks.io/nginx-doc/content/Text/4.14_securelink.html