Mercurial > hg > nginx-site

annotate xml/ru/docs/http/ngx_http_secure_link_module.xml @ 1923:66a30a380fba

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed links to tools.ietf.org.
author Ruslan Ermilov <ru@nginx.com>
date Mon, 06 Mar 2017 16:02:23 +0300
parents 07402a11fd8d
children 4add6ae1296f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
222
bfe3eff81d04 Removed redundant encoding specification.
Ruslan Ermilov <ru@nginx.com>
parents: 110
diff changeset
1 <?xml version="1.0"?>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
2
580
be54c443235a Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents: 367
diff changeset
3 <!--
be54c443235a Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents: 367
diff changeset
4 Copyright (C) Igor Sysoev
be54c443235a Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents: 367
diff changeset
5 Copyright (C) Nginx, Inc.
be54c443235a Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents: 367
diff changeset
6 -->
be54c443235a Added copyright markers to documentation sources.
Ruslan Ermilov <ru@nginx.com>
parents: 367
diff changeset
7
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
8 <!DOCTYPE module SYSTEM "../../../../dtd/module.dtd">
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
9
342
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
10 <module name="Модуль ngx_http_secure_link_module"
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
11 link="/ru/docs/http/ngx_http_secure_link_module.html"
589
764fbac1b8b4 Added document revision.
Ruslan Ermilov <ru@nginx.com>
parents: 580
diff changeset
12 lang="ru"
1923
66a30a380fba Fixed links to tools.ietf.org.
Ruslan Ermilov <ru@nginx.com>
parents: 1155
diff changeset
13 rev="4">
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
14
110
40eec261c2a6 Added proper support for anonymous sections, notably for the summary.
Ruslan Ermilov <ru@nginx.com>
parents: 102
diff changeset
15 <section id="summary">
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
16
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
17 <para>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
18 Модуль <literal>ngx_http_secure_link_module</literal> (0.7.18)
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
19 позволяет проверять аутентичность запрашиваемых ссылок,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
20 защищать ресурсы от несанкционированного доступа,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
21 а также ограничивать срок действия ссылок.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
22 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
23
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
24 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
25 Правильность запрашиваемой ссылки проверяется сравнением переданного
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
26 в запросе значения контрольной суммы со значением,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
27 вычисляемым для запроса.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
28 Если ссылка имеет ограниченный срок действия и он истёк,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
29 ссылка считается устаревшей.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
30 Результат этих проверок делается доступным в переменной
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
31 <var>$secure_link</var>.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
32 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
33
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
34 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
35 Модуль реализует два альтернативных режима работы.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
36 В первом режиме, который включается директивой
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
37 <link id="secure_link_secret"/>, можно проверить аутентичность
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
38 запрашиваемых ссылок и защитить их от несанкционированного доступа.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
39 Второй режим (0.8.50) включается директивами
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
40 <link id="secure_link"/> и <link id="secure_link_md5"/>,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
41 и позволяет также ограничить срок действия ссылок.
342
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
42 </para>
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
43
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
44 <para>
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
45 По умолчанию этот модуль не собирается, его сборку необходимо
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
46 разрешить с помощью конфигурационного параметра
271
4c6d2c614d2c Cleaned up XML tag mess:
Ruslan Ermilov <ru@nginx.com>
parents: 222
diff changeset
47 <literal>--with-http_secure_link_module</literal>.
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
48 </para>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
49
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
50 </section>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
51
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
52
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
53 <section id="directives" name="Директивы">
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
54
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
55 <directive name="secure_link">
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
56 <syntax><value>выражение</value></syntax>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
57 <default/>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
58 <context>http</context>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
59 <context>server</context>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
60 <context>location</context>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
61
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
62 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
63 Задаёт строку с переменными, из которой будет выделено значение
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
64 контрольной суммы и время действия ссылки.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
65 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
66
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
67 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
68 Используемые в выражении переменные обычно связаны с запросом;
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
69 см. <link id="secure_link_md5">пример</link> ниже.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
70 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
71
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
72 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
73 Выделенное из строки значение контрольной суммы сравнивается со
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
74 значением MD5-хэша, вычисляемым для выражения, заданного
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
75 директивой <link id="secure_link_md5"/>.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
76 Если контрольные суммы не совпадают, значением переменной
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
77 <var>$secure_link</var> становится пустая строка.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
78 Если контрольные суммы совпадают, проверяется время действия ссылки.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
79 Если срок действия ссылки задан и истёк, переменная
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
80 <var>$secure_link</var> получает значение “<literal>0</literal>”.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
81 В противном случае она получает значение “<literal>1</literal>”.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
82 Значение MD5-хэш передаётся в запросе закодированным в
1923
66a30a380fba Fixed links to tools.ietf.org.
Ruslan Ermilov <ru@nginx.com>
parents: 1155
diff changeset
83 <link url="https://tools.ietf.org/html/rfc4648#section-5">base64url</link>.
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
84 </para>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
85
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
86 <para>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
87 Если ссылка имеет ограниченный срок действия, время её действия
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
88 задаётся в секундах с начала эпохи (1 января 1970 года 00:00:00 GMT).
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
89 Значение указывается в выражении после MD5-хэша
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
90 и отделяется от него запятой.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
91 Время действия ссылки, переданное в запросе, делается доступным
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
92 в переменной <var>$secure_link_expires</var> для использования
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
93 в директиве <link id="secure_link_md5"/>.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
94 Если время действия ссылки не задано, ссылка имеет неограниченный
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
95 срок действия.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
96 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
97
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
98 </directive>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
99
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
100
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
101 <directive name="secure_link_md5">
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
102 <syntax><value>выражение</value></syntax>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
103 <default/>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
104 <context>http</context>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
105 <context>server</context>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
106 <context>location</context>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
107
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
108 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
109 Задаёт выражение, для которого считается значение MD5-хэш,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
110 сравниваемое с переданным в запросе.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
111 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
112
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
113 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
114 Выражение должно содержать защищаемую часть ссылки (ресурс)
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
115 и секретную составляющую.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
116 Если ссылка имеет ограниченный срок действия,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
117 выражение также должно содержать <var>$secure_link_expires</var>.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
118 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
119
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
120 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
121 Для предотвращения несанкционированного доступа выражение
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
122 может содержать информацию о клиенте, например, его адрес и
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
123 версию браузера.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
124 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
125
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
126 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
127 Пример:
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
128 <example>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
129 location /s/ {
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
130 secure_link $arg_md5,$arg_expires;
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
131 secure_link_md5 "$secure_link_expires$uri$remote_addr secret";
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
132
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
133 if ($secure_link = "") {
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
134 return 403;
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
135 }
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
136
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
137 if ($secure_link = "0") {
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
138 return 410;
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
139 }
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
140
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
141 ...
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
142 }
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
143 </example>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
144 Ссылка
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
145 “<literal>/s/link?md5=_e4Nc3iduzkWRm01TBBNYw&amp;expires=2147483647</literal>”
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
146 ограничивает доступ к “<literal>/s/link</literal>” для клиента с IP-адресом
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
147 127.0.0.1.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
148 Ссылка также имеет ограниченный срок действия до 19 января 2038 года (GMT).
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
149 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
150
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
151 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
152 Значение аргумента запроса <value>md5</value> на UNIX можно получить так:
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
153 <example>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
154 echo -n '2147483647/s/link127.0.0.1 secret' | \
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
155 openssl md5 -binary | openssl base64 | tr +/ -_ | tr -d =
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
156 </example>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
157 </para>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
158
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
159 </directive>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
160
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
161
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
162 <directive name="secure_link_secret">
102
c76a257f3fd4 The directive name is now automatically printed in <default> and <syntax>.
Ruslan Ermilov <ru@nginx.com>
parents: 99
diff changeset
163 <syntax><value>слово</value></syntax>
99
1d315ef37215 The case <default/> is now language-agnostic.
Ruslan Ermilov <ru@nginx.com>
parents: 76
diff changeset
164 <default/>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
165 <context>location</context>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
166
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
167 <para>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
168 Задаёт секретное <value>слово</value> для проверки аутентичности
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
169 запрашиваемых ссылок.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
170 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
171
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
172 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
173 Полный URI запрашиваемой ссылки выглядит так:
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
174 <example>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
175 /<value>префикс</value>/<value>хэш</value>/<value>ссылка</value>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
176 </example>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
177 где <value>хэш</value> — MD5-хэш в шестнадцатеричном виде,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
178 вычисленный для конкатенации ссылки и секретного слова,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
179 а <value>префикс</value> — произвольная строка без слэшей.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
180 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
181
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
182 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
183 Если запрашиваемая ссылка проходит проверку на аутентичность,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
184 значением переменной <var>$secure_link</var> становится ссылка,
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
185 выделенная из URI запроса.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
186 В противном случае значением переменной <var>$secure_link</var>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
187 становится пустая строка.
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
188 </para>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
189
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
190 <para>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
191 Пример:
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
192 <example>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
193 location /p/ {
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
194 secure_link_secret secret;
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
195
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
196 if ($secure_link = "") {
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
197 return 403;
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
198 }
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
199
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
200 rewrite ^ /secure/$secure_link;
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
201 }
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
202
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
203 location /secure/ {
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
204 internal;
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
205 }
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
206 </example>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
207 По запросу “<literal>/p/5e814704a28d9bc1914ff19fa0c4a00a/link</literal>”
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
208 будет выполнено внутреннее перенаправление на
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
209 “<literal>/secure/link</literal>”.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
210 </para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
211
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
212 <para>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
213 Значение хэша для данного примера на UNIX можно получить так:
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
214 <example>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
215 echo -n 'linksecret' | openssl md5 -hex
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
216 </example>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
217 </para>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
218
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
219 </directive>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
220
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
221 </section>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
222
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
223
342
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
224 <section id="variables" name="Встроенные переменные">
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
225
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
226 <para>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
227 <list type="tag" compact="no">
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
228
1155
07402a11fd8d Assigned IDs to tags describing variables.
Vladimir Homutov <vl@nginx.com>
parents: 830
diff changeset
229 <tag-name id="var_secure_link"><var>$secure_link</var></tag-name>
342
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
230 <tag-desc>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
231 Результат проверки ссылки.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
232 Конкретное значение зависит от выбранного режима работы.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
233 </tag-desc>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
234
1155
07402a11fd8d Assigned IDs to tags describing variables.
Vladimir Homutov <vl@nginx.com>
parents: 830
diff changeset
235 <tag-name id="var_secure_link_expires"><var>$secure_link_expires</var>
07402a11fd8d Assigned IDs to tags describing variables.
Vladimir Homutov <vl@nginx.com>
parents: 830
diff changeset
236 </tag-name>
830
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
237 <tag-desc>
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
238 Время действия ссылки, переданное в запросе.
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
239 Предназначено исключительно для использования в директиве
42750c1b8d1b Secure_link: documented newer operation mode.
Ruslan Ermilov <ru@nginx.com>
parents: 589
diff changeset
240 <link id="secure_link_md5"/>.
342
a076f7661569 Revision.
Ruslan Ermilov <ru@nginx.com>
parents: 285
diff changeset
241 </tag-desc>
76
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
242
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
243 </list>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
244 </para>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
245
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
246 </section>
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
247
4a4caa566120 Russian documentation import.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff changeset
248 </module>