允许索引文件夹,但不提供文件
Allow index a folder, but don't serve files
我想让 Nginx 自动索引文件夹,但不提供文件。
在我的应用程序中,文件存放在一个受保护的文件夹中,用户无法访问该文件夹。当用户调用文件(例如:my-website.com/files/my-great-files.pdf)时,实际上,他被重定向到一个 PHP 脚本,该脚本验证用户是否有权调用该文件。我知道怎么做,没关系。
但实际上,我想使用一个名为 jBrowse 的 JS 插件,这个程序需要访问很多文件,并且需要一个文件夹的索引才能在其中包含文件列表。
而且我不知道该怎么做...我们可以 return PHP 中的文件索引吗?
或者另一个想法,允许 Nginx return 包含空文件的文件夹的索引。当用户或插件想要访问该文件时,他会重定向到控制权限的 PHP 脚本。
我介意这个:
location /files {
autoindexon;
}
location ~* \.(doc|pdf)$ {
deny all;
}
这没问题,用户可以在文件夹中导航,查看文件,但如果他单击,则会出现 403 错误。但是我无法通过重定向到 php...
来替换全部拒绝
这是我的 default.conf 文件:
server {
server_name project.dev;
root /home/docker/web;
location / {
# try to serve file directly, fallback to app.php
#try_files $uri /app.php$is_args$args;
try_files $uri /app_dev.php$is_args$args;
}
location /protected_files {
internal;
alias /home/docker/protected-files;
}
location /files {
autoindex on;
}
location ~* \.(doc|pdf)$ {
try_files $uri /app_dev.php$is_args$args;
}
# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
#internal;
}
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
您可以将 deny all 替换为 rewrite 指令以执行到 php 处理程序的内部重定向。
location /files {
autoindex on;
}
location ~* ^/files.*\.(doc|pdf)$ {
rewrite ^ /app_dev.php last;
}
详情见this document。
编辑:您可能希望使您的正则表达式更具体,以便只有以 /files 开头并以 .doc 或 .pdf 结尾的 URI 匹配。更改正则表达式(如上所述)或将其嵌套在 location /files 块中,如下所示:
location /files {
autoindex on;
location ~* \.(doc|pdf)$ {
rewrite ^ /app_dev.php last;
}
}
我想让 Nginx 自动索引文件夹,但不提供文件。 在我的应用程序中,文件存放在一个受保护的文件夹中,用户无法访问该文件夹。当用户调用文件(例如:my-website.com/files/my-great-files.pdf)时,实际上,他被重定向到一个 PHP 脚本,该脚本验证用户是否有权调用该文件。我知道怎么做,没关系。
但实际上,我想使用一个名为 jBrowse 的 JS 插件,这个程序需要访问很多文件,并且需要一个文件夹的索引才能在其中包含文件列表。
而且我不知道该怎么做...我们可以 return PHP 中的文件索引吗?
或者另一个想法,允许 Nginx return 包含空文件的文件夹的索引。当用户或插件想要访问该文件时,他会重定向到控制权限的 PHP 脚本。
我介意这个:
location /files {
autoindexon;
}
location ~* \.(doc|pdf)$ {
deny all;
}
这没问题,用户可以在文件夹中导航,查看文件,但如果他单击,则会出现 403 错误。但是我无法通过重定向到 php...
来替换全部拒绝这是我的 default.conf 文件:
server {
server_name project.dev;
root /home/docker/web;
location / {
# try to serve file directly, fallback to app.php
#try_files $uri /app.php$is_args$args;
try_files $uri /app_dev.php$is_args$args;
}
location /protected_files {
internal;
alias /home/docker/protected-files;
}
location /files {
autoindex on;
}
location ~* \.(doc|pdf)$ {
try_files $uri /app_dev.php$is_args$args;
}
# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
#internal;
}
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
您可以将 deny all 替换为 rewrite 指令以执行到 php 处理程序的内部重定向。
location /files {
autoindex on;
}
location ~* ^/files.*\.(doc|pdf)$ {
rewrite ^ /app_dev.php last;
}
详情见this document。
编辑:您可能希望使您的正则表达式更具体,以便只有以 /files 开头并以 .doc 或 .pdf 结尾的 URI 匹配。更改正则表达式(如上所述)或将其嵌套在 location /files 块中,如下所示:
location /files {
autoindex on;
location ~* \.(doc|pdf)$ {
rewrite ^ /app_dev.php last;
}
}