Mercurial > hg > nginx-site
annotate xml/ru/docs/http/ngx_http_secure_link_module.xml @ 1665:57b53a0818df
Slightly paraphrased aio_write description for better perception.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Wed, 23 Mar 2016 00:50:30 +0300 |
parents | 07402a11fd8d |
children | 66a30a380fba |
rev | line source |
---|---|
222
bfe3eff81d04
Removed redundant encoding specification.
Ruslan Ermilov <ru@nginx.com>
parents:
110
diff
changeset
|
1 <?xml version="1.0"?> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
2 |
580
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
367
diff
changeset
|
3 <!-- |
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
367
diff
changeset
|
4 Copyright (C) Igor Sysoev |
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
367
diff
changeset
|
5 Copyright (C) Nginx, Inc. |
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
367
diff
changeset
|
6 --> |
be54c443235a
Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents:
367
diff
changeset
|
7 |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd"> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
9 |
342 | 10 <module name="Модуль ngx_http_secure_link_module" |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
11 link="/ru/docs/http/ngx_http_secure_link_module.html" |
589 | 12 lang="ru" |
1155
07402a11fd8d
Assigned IDs to tags describing variables.
Vladimir Homutov <vl@nginx.com>
parents:
830
diff
changeset
|
13 rev="3"> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
14 |
110
40eec261c2a6
Added proper support for anonymous sections, notably for the summary.
Ruslan Ermilov <ru@nginx.com>
parents:
102
diff
changeset
|
15 <section id="summary"> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
16 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
17 <para> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
18 Модуль <literal>ngx_http_secure_link_module</literal> (0.7.18) |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
19 позволяет проверять аутентичность запрашиваемых ссылок, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
20 защищать ресурсы от несанкционированного доступа, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
21 а также ограничивать срок действия ссылок. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
22 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
23 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
24 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
25 Правильность запрашиваемой ссылки проверяется сравнением переданного |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
26 в запросе значения контрольной суммы со значением, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
27 вычисляемым для запроса. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
28 Если ссылка имеет ограниченный срок действия и он истёк, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
29 ссылка считается устаревшей. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
30 Результат этих проверок делается доступным в переменной |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
31 <var>$secure_link</var>. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
32 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
33 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
34 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
35 Модуль реализует два альтернативных режима работы. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
36 В первом режиме, который включается директивой |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
37 <link id="secure_link_secret"/>, можно проверить аутентичность |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
38 запрашиваемых ссылок и защитить их от несанкционированного доступа. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
39 Второй режим (0.8.50) включается директивами |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
40 <link id="secure_link"/> и <link id="secure_link_md5"/>, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
41 и позволяет также ограничить срок действия ссылок. |
342 | 42 </para> |
43 | |
44 <para> | |
45 По умолчанию этот модуль не собирается, его сборку необходимо | |
46 разрешить с помощью конфигурационного параметра | |
271 | 47 <literal>--with-http_secure_link_module</literal>. |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
48 </para> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
49 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
50 </section> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
51 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
52 |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
53 <section id="directives" name="Директивы"> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
54 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
55 <directive name="secure_link"> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
56 <syntax><value>выражение</value></syntax> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
57 <default/> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
58 <context>http</context> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
59 <context>server</context> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
60 <context>location</context> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
61 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
62 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
63 Задаёт строку с переменными, из которой будет выделено значение |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
64 контрольной суммы и время действия ссылки. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
65 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
66 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
67 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
68 Используемые в выражении переменные обычно связаны с запросом; |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
69 см. <link id="secure_link_md5">пример</link> ниже. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
70 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
71 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
72 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
73 Выделенное из строки значение контрольной суммы сравнивается со |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
74 значением MD5-хэша, вычисляемым для выражения, заданного |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
75 директивой <link id="secure_link_md5"/>. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
76 Если контрольные суммы не совпадают, значением переменной |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
77 <var>$secure_link</var> становится пустая строка. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
78 Если контрольные суммы совпадают, проверяется время действия ссылки. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
79 Если срок действия ссылки задан и истёк, переменная |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
80 <var>$secure_link</var> получает значение “<literal>0</literal>”. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
81 В противном случае она получает значение “<literal>1</literal>”. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
82 Значение MD5-хэш передаётся в запросе закодированным в |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
83 <link url="http://tools.ietf.org/html/rfc4648#section-5">base64url</link>. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
84 </para> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
85 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
86 <para> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
87 Если ссылка имеет ограниченный срок действия, время её действия |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
88 задаётся в секундах с начала эпохи (1 января 1970 года 00:00:00 GMT). |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
89 Значение указывается в выражении после MD5-хэша |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
90 и отделяется от него запятой. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
91 Время действия ссылки, переданное в запросе, делается доступным |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
92 в переменной <var>$secure_link_expires</var> для использования |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
93 в директиве <link id="secure_link_md5"/>. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
94 Если время действия ссылки не задано, ссылка имеет неограниченный |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
95 срок действия. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
96 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
97 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
98 </directive> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
99 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
100 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
101 <directive name="secure_link_md5"> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
102 <syntax><value>выражение</value></syntax> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
103 <default/> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
104 <context>http</context> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
105 <context>server</context> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
106 <context>location</context> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
107 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
108 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
109 Задаёт выражение, для которого считается значение MD5-хэш, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
110 сравниваемое с переданным в запросе. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
111 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
112 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
113 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
114 Выражение должно содержать защищаемую часть ссылки (ресурс) |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
115 и секретную составляющую. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
116 Если ссылка имеет ограниченный срок действия, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
117 выражение также должно содержать <var>$secure_link_expires</var>. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
118 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
119 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
120 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
121 Для предотвращения несанкционированного доступа выражение |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
122 может содержать информацию о клиенте, например, его адрес и |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
123 версию браузера. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
124 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
125 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
126 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
127 Пример: |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
128 <example> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
129 location /s/ { |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
130 secure_link $arg_md5,$arg_expires; |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
131 secure_link_md5 "$secure_link_expires$uri$remote_addr secret"; |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
132 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
133 if ($secure_link = "") { |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
134 return 403; |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
135 } |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
136 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
137 if ($secure_link = "0") { |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
138 return 410; |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
139 } |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
140 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
141 ... |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
142 } |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
143 </example> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
144 Ссылка |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
145 “<literal>/s/link?md5=_e4Nc3iduzkWRm01TBBNYw&expires=2147483647</literal>” |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
146 ограничивает доступ к “<literal>/s/link</literal>” для клиента с IP-адресом |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
147 127.0.0.1. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
148 Ссылка также имеет ограниченный срок действия до 19 января 2038 года (GMT). |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
149 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
150 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
151 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
152 Значение аргумента запроса <value>md5</value> на UNIX можно получить так: |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
153 <example> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
154 echo -n '2147483647/s/link127.0.0.1 secret' | \ |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
155 openssl md5 -binary | openssl base64 | tr +/ -_ | tr -d = |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
156 </example> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
157 </para> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
158 |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
159 </directive> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
160 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
161 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
162 <directive name="secure_link_secret"> |
102
c76a257f3fd4
The directive name is now automatically printed in <default> and <syntax>.
Ruslan Ermilov <ru@nginx.com>
parents:
99
diff
changeset
|
163 <syntax><value>слово</value></syntax> |
99
1d315ef37215
The case <default/> is now language-agnostic.
Ruslan Ermilov <ru@nginx.com>
parents:
76
diff
changeset
|
164 <default/> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
165 <context>location</context> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
166 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
167 <para> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
168 Задаёт секретное <value>слово</value> для проверки аутентичности |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
169 запрашиваемых ссылок. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
170 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
171 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
172 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
173 Полный URI запрашиваемой ссылки выглядит так: |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
174 <example> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
175 /<value>префикс</value>/<value>хэш</value>/<value>ссылка</value> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
176 </example> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
177 где <value>хэш</value> — MD5-хэш в шестнадцатеричном виде, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
178 вычисленный для конкатенации ссылки и секретного слова, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
179 а <value>префикс</value> — произвольная строка без слэшей. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
180 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
181 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
182 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
183 Если запрашиваемая ссылка проходит проверку на аутентичность, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
184 значением переменной <var>$secure_link</var> становится ссылка, |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
185 выделенная из URI запроса. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
186 В противном случае значением переменной <var>$secure_link</var> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
187 становится пустая строка. |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
188 </para> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
189 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
190 <para> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
191 Пример: |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
192 <example> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
193 location /p/ { |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
194 secure_link_secret secret; |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
195 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
196 if ($secure_link = "") { |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
197 return 403; |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
198 } |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
199 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
200 rewrite ^ /secure/$secure_link; |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
201 } |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
202 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
203 location /secure/ { |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
204 internal; |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
205 } |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
206 </example> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
207 По запросу “<literal>/p/5e814704a28d9bc1914ff19fa0c4a00a/link</literal>” |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
208 будет выполнено внутреннее перенаправление на |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
209 “<literal>/secure/link</literal>”. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
210 </para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
211 |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
212 <para> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
213 Значение хэша для данного примера на UNIX можно получить так: |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
214 <example> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
215 echo -n 'linksecret' | openssl md5 -hex |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
216 </example> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
217 </para> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
218 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
219 </directive> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
220 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
221 </section> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
222 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
223 |
342 | 224 <section id="variables" name="Встроенные переменные"> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
225 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
226 <para> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
227 <list type="tag" compact="no"> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
228 |
1155
07402a11fd8d
Assigned IDs to tags describing variables.
Vladimir Homutov <vl@nginx.com>
parents:
830
diff
changeset
|
229 <tag-name id="var_secure_link"><var>$secure_link</var></tag-name> |
342 | 230 <tag-desc> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
231 Результат проверки ссылки. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
232 Конкретное значение зависит от выбранного режима работы. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
233 </tag-desc> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
234 |
1155
07402a11fd8d
Assigned IDs to tags describing variables.
Vladimir Homutov <vl@nginx.com>
parents:
830
diff
changeset
|
235 <tag-name id="var_secure_link_expires"><var>$secure_link_expires</var> |
07402a11fd8d
Assigned IDs to tags describing variables.
Vladimir Homutov <vl@nginx.com>
parents:
830
diff
changeset
|
236 </tag-name> |
830
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
237 <tag-desc> |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
238 Время действия ссылки, переданное в запросе. |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
239 Предназначено исключительно для использования в директиве |
42750c1b8d1b
Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents:
589
diff
changeset
|
240 <link id="secure_link_md5"/>. |
342 | 241 </tag-desc> |
76
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
242 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
243 </list> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
244 </para> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
245 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
246 </section> |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
247 |
4a4caa566120
Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
248 </module> |