0

我试图了解发生了什么LocationMatch。现在我有一个Location类似于以下内容,

<Location "/context">
  RequestHeader set X-Forwarded-Proto https
  RequestHeader set X-Forwarded-Port 443
  ProxyPreserveHost On
  ProxyPass        http://example.com/context retry=0 connectiontimeout=300 timeout=300
  ProxyPassReverse http://example.com/context
</Location>

接下来我只更改LocationLocationMatch,如下所示,并且效果很好。

<LocationMatch "/context">
  RequestHeader set X-Forwarded-Proto https
  RequestHeader set X-Forwarded-Port 443
  ProxyPreserveHost On
  ProxyPass        http://example.com/context retry=0 connectiontimeout=300 timeout=300
  ProxyPassReverse http://example.com/context
</LocationMatch>

但是,一旦我引入正则表达式,它就不再正确匹配。例如,我想匹配以 开头的路径/context

<LocationMatch "^/context">
  RequestHeader set X-Forwarded-Proto https
  RequestHeader set X-Forwarded-Port 443
  ProxyPreserveHost On
  ProxyPass        http://example.com/context retry=0 connectiontimeout=300 timeout=300
  ProxyPassReverse http://example.com/context
</LocationMatch>

我已经多次阅读文档,似乎无法弄清楚为什么这个正则表达式不匹配。我还看到了诸如Apache LocationMatch 之类的 SOQ 匹配以...开头的 url,但是这个正则表达式不起作用。我VirtualHost在香草 Ubuntu apache2 上安装了一个单曲LocationMatch。整个 conf 文件看起来像这样,

ProxyRequests off

PassEnv HTTPD_SERVER_NAME HTTPD_SERVER_ADMIN SSL_CERTIFICATE_FILE SSL_CERTIFICATE_KEY_FILE

<VirtualHost *:443>
  SSLEngine on
  SSLCertificateFile ${SSL_CERTIFICATE_FILE}
  SSLCertificateKeyFile ${SSL_CERTIFICATE_KEY_FILE}

  Protocols h2 http/1.1
  ServerName ${HTTPD_SERVER_NAME}
  ServerAdmin ${HTTPD_SERVER_ADMIN}
  DocumentRoot /var/www/html

  ErrorLog ${APACHE_LOG_DIR}/error.log
  CustomLog ${APACHE_LOG_DIR}/access.log combined

  SSLCipherSuite EECDH+AESGCM:EDH+AESGCM
  # Requires Apache 2.4.36 & OpenSSL 1.1.1
  SSLProtocol -all +TLSv1.3 +TLSv1.2
  SSLOpenSSLConfCmd Curves X25519:secp521r1:secp384r1:prime256v1
  # Older versions
  # SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
  SSLHonorCipherOrder On
  Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
  Header always set X-Frame-Options DENY
  Header always set X-Content-Type-Options nosniff
  # Requires Apache >= 2.4
  SSLCompression off
  # Requires Apache >= 2.4.11
  SSLSessionTickets Off
  SSLProxyEngine on
  SSLProxyVerify none
  SSLProxyCheckPeerCN off
  SSLProxyCheckPeerName off
  SSLProxyCheckPeerExpire off

  <LocationMatch "^/context">
    RequestHeader set X-Forwarded-Proto https
    RequestHeader set X-Forwarded-Port 443
    ProxyPreserveHost On
    ProxyPass        http://example.com/context retry=0 connectiontimeout=300 timeout=300
    ProxyPassReverse http://example.com/context
  </LocationMatch>
</VirtualHost>

我的问题是,应该<LocationMatch "^/context">匹配以/context? 例如,https://mydomain/context?如果这应该匹配,知道还有什么可能会干扰吗?我使用的是 2.4.41 版本,但至少从 2.4.6 开始我就看到了这种行为。谢谢

4

1 回答 1

0

根据指令上的Apache 文档:ProxyPass

<Location>节内使用时,第一个参数被省略,本地目录从<Location>. 在一个<LocationMatch>部分内也会发生同样的情况;但是,ProxyPass 不会这样解释正则表达式,因此有必要在这种情况下使用 ProxyPassMatch。

如果我理解正确,并不是您的<Location>正则表达式无效,只是您<ProxyPass>没有将其解释为正则表达式。所以<ProxyPassMatch> 改用.

此外,这个SO 问题<LocationMatch>让我看到了一些其他页面,这些页面支持并且<ProxyPass>彼此不兼容的想法:

this commentthis page所示,在块内使用时我需要替换 ProxyPass[with]ProxyPassMatchLocationMatch

于 2020-07-09T15:53:15.413 回答