我想允许 Nginx 自动索引文件夹,但不提供文件。在我的应用程序中,文件存储在受保护的文件文件夹中,用户无法访问该文件夹。当用户调用一个文件(例如:my-website.com/files/my-great-files.pdf)时,实际上,他被重定向到一个 PHP 脚本,该脚本验证用户是否有权调用该文件。我知道该怎么做,没关系。
但实际上,我想使用一个名为 jBrowse 的 JS 插件,这个程序需要访问很多文件,并且需要访问文件夹的索引才能在其中包含文件列表。
而且我不知道该怎么做...我们可以在 PHP 中返回文件索引吗?
或者其他想法,允许 Nginx 返回包含空文件的文件夹的索引。当用户或插件想要访问文件时,他会重定向到控制权限的 PHP 脚本。
我介意这个:
location /files {
autoindexon;
}
location ~* \.(doc|pdf)$ {
deny all;
}
没关系,用户可以在文件夹中导航,查看文件,但是如果他点击,就会出现 403 错误。但是我不能通过重定向到 php 来替换全部拒绝...
这是我的 default.conf 文件:
server {
server_name project.dev;
root /home/docker/web;
location / {
# try to serve file directly, fallback to app.php
#try_files $uri /app.php$is_args$args;
try_files $uri /app_dev.php$is_args$args;
}
location /protected_files {
internal;
alias /home/docker/protected-files;
}
location /files {
autoindex on;
}
location ~* \.(doc|pdf)$ {
try_files $uri /app_dev.php$is_args$args;
}
# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
fastcgi_pass engine:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/app.php/some-path
# Remove the internal directive to allow URIs like this
#internal;
}
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}