为什么在全局服务器变量中,query_param 单元格无效
Why in the global server variable, the query_param cell is not valid
我正在尝试设置电子邮件验证,但由于服务器或 php 配置错误,我总是收到 403 Invalid signature 错误。如果您知道如何解决这个问题,我将不胜感激。我用谷歌搜索的所有解决方案都不适合我。
我的路线与参数:
https://mysite.lo/email/verify/1001/82f42f0bbc6880958a68b56159cb7cbf96199ddf?expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
PHP调试
$request->server->get('QUERY_STRING')
输出:
/email/verify/1001/82f42f0bbc6880958a68b56159cb7cbf96199ddf&expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
enter image description here
但应该还有另一个输出,从 ?到最后,例如:
expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
还是我误会了什么?
无论如何,我不明白为什么会这样。
nginx 设置如下。
server {
listen 80;
listen 443 ssl;
listen [::]:80;
server_name mysite.lo *.mysite.lo;
ssl_certificate /etc/nginx/ssl/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
access_log /var/www/mysite/mpa/storage/logs/nginx_access.log;
error_log /var/www/mysite/mpa/storage/logs/nginx_error.log;
root /var/www/mysite/mpa/public;
index index.php;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
# serve static files directly
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
expires max;
log_not_found off;
}
# removes trailing slashes (prevents SEO duplicate content issues)
if (!-d $request_filename)
{
rewrite ^/(.+)/$ / permanent;
}
# enforce NO www
if ($host ~* ^www\.(.*))
{
set $host_without_www ;
rewrite ^/(.*)$ $scheme://$host_without_www/ permanent;
}
# unless the request is for a valid file (image, js, css, etc.), send to bootstrap
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php?/ last;
break;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
这是本地环境。
我正在使用:laradock php 8
这是您的 rewrite ^/(.*)$ /index.php?/ last;
规则添加原始 URI 作为第一个查询参数。作为 rewrite
指令文档 says:
If a replacement
string includes the new request arguments, the previous request arguments are appended after them.
您可以避免将原始 URI 添加为专门针对 /email/verify/
路由的第一个查询参数:
if (!-e $request_filename)
{
# do not append an original URI to this route
rewrite ^/email/verify/ /index.php last;
# but append it to everything else
rewrite ^/(.*)$ /index.php?/ last;
break;
}
我正在尝试设置电子邮件验证,但由于服务器或 php 配置错误,我总是收到 403 Invalid signature 错误。如果您知道如何解决这个问题,我将不胜感激。我用谷歌搜索的所有解决方案都不适合我。
我的路线与参数:
https://mysite.lo/email/verify/1001/82f42f0bbc6880958a68b56159cb7cbf96199ddf?expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
PHP调试
$request->server->get('QUERY_STRING')
输出:
/email/verify/1001/82f42f0bbc6880958a68b56159cb7cbf96199ddf&expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
enter image description here
但应该还有另一个输出,从 ?到最后,例如:
expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
还是我误会了什么?
无论如何,我不明白为什么会这样。 nginx 设置如下。
server {
listen 80;
listen 443 ssl;
listen [::]:80;
server_name mysite.lo *.mysite.lo;
ssl_certificate /etc/nginx/ssl/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
access_log /var/www/mysite/mpa/storage/logs/nginx_access.log;
error_log /var/www/mysite/mpa/storage/logs/nginx_error.log;
root /var/www/mysite/mpa/public;
index index.php;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
# serve static files directly
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
expires max;
log_not_found off;
}
# removes trailing slashes (prevents SEO duplicate content issues)
if (!-d $request_filename)
{
rewrite ^/(.+)/$ / permanent;
}
# enforce NO www
if ($host ~* ^www\.(.*))
{
set $host_without_www ;
rewrite ^/(.*)$ $scheme://$host_without_www/ permanent;
}
# unless the request is for a valid file (image, js, css, etc.), send to bootstrap
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php?/ last;
break;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
这是本地环境。 我正在使用:laradock php 8
这是您的 rewrite ^/(.*)$ /index.php?/ last;
规则添加原始 URI 作为第一个查询参数。作为 rewrite
指令文档 says:
If a
replacement
string includes the new request arguments, the previous request arguments are appended after them.
您可以避免将原始 URI 添加为专门针对 /email/verify/
路由的第一个查询参数:
if (!-e $request_filename)
{
# do not append an original URI to this route
rewrite ^/email/verify/ /index.php last;
# but append it to everything else
rewrite ^/(.*)$ /index.php?/ last;
break;
}