When I enter the request URL http://mydomain/url=http://example.com, I want Nginx to return http://example.com, but instead it gives me http:/example.com (one slash is removed).
What’s wrong?
This is my Nginx conf:
location ~ url=(.*)$ {
return 301 $1;
}
In addition to the suggestion of Alexey Ten to use http://nginx.org/r/merge_slashes, which indeed may cause security issues, you can also use the following, which is probably a better approach anyways (if you are aleady set at the URL structure, that is):
location /url= {
if ($request_uri ~ ^/url=(.*)$) {
return 301 $1;
}
return 403;
}
Another option would be:
location /url=http:/ {
rewrite ^/url=http:/(.*)$ http://$1;
}
BTW, I would avoid using regular expressions in top-level locations, as it's generally less efficient than using the approaches above, but you can basically do the same thing with your approach as well.
Note, however, that in any case, unconditionally redirecting users to a user-supplied string may itself make your site vulnerable to certain attacks.