[PATCH 3 of 6] Auth request: fixed prefix variables handling
Maxim Dounin
mdounin at mdounin.ru
Wed Jun 3 15:46:51 UTC 2026
# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1780500567 -10800
# Wed Jun 03 18:29:27 2026 +0300
# Node ID 9fc7ceee87c6fb6f96be73450d715200e3174a11
# Parent 3ea72346b4743b474771bb60a435223f67b83dec
Auth request: fixed prefix variables handling.
Previously, auth_request_set did not use the NGX_HTTP_VAR_WEAK flag,
and using auth_request_set with a prefix variable anywhere in the
configuration resulted in an empty value of the variable in other
contexts. For example, in the following configuration the $http_foo
variable was always empty in requests to "/", even if the "Foo" header
was present in requests:
location / {
return 200 $http_foo;
}
location /protected/ {
auth_request /auth;
auth_request_set $http_foo "set";
...
}
The fix is to use the NGX_HTTP_VAR_WEAK flag, much like the "set"
directive does.
diff --git a/src/http/modules/ngx_http_auth_request_module.c b/src/http/modules/ngx_http_auth_request_module.c
--- a/src/http/modules/ngx_http_auth_request_module.c
+++ b/src/http/modules/ngx_http_auth_request_module.c
@@ -419,7 +419,8 @@ ngx_http_auth_request_set(ngx_conf_t *cf
return NGX_CONF_ERROR;
}
- v = ngx_http_add_variable(cf, &value[1], NGX_HTTP_VAR_CHANGEABLE);
+ v = ngx_http_add_variable(cf, &value[1],
+ NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_WEAK);
if (v == NULL) {
return NGX_CONF_ERROR;
}
More information about the nginx-devel
mailing list