0

My goal is to have one nginx that can proxy_pass to other server.

Desired input https://example.com/https://assets1.com/image.jpg?utm=whatever Desired output https://assets1.com/image.jpg?utm=whatever

Here my location block

server { index index.html index.htm index.nginx-debian.html; server_name example.com www.example.com; location ~/(.*) { if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-> } proxy_pass https://$1$is_args$args/; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host "www.example.com"; } listen 80; listen [::]:442 ssl ipv6only=on; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }

And the error I get:

2021/09/21 09:27:32 [error] 8475#8475: *16 invalid port in upstream "https:/assets1.com/image.jpg?utm=whatever", client: [IP], server: domain.com, request: "GET /https://assets1.com/image.jpg?utm=whatever HTTP/1.1", host: "example.com"

Improve this question
2
  • This location block does not correspond to the error log entry you posted. Please post the actual state of your complete nginx configuration using nginx -T. Commented Sep 21, 2021 at 10:59
  • Added the full server config Commented Sep 21, 2021 at 12:34

1 Answer 1

Reset to default
0

Your original request URL contains protocol prefix: https://example.com/https://assets1.com.

Your location block captures the part after first /, so $1 becomes https://assets1.com.

In your proxy_pass statement you have https://$1$is_args$args, which becomes https://https://assets1.com when variable is expanded.

nginx tries to parse https://assets1.com as an domain:port pair, so the domain part of URL is https and port is an empty string.

To address the issue, I propose the following configuration:

location ~^/https://(.+)$ { proxy_pass https://$1$is_args$args; ... }

This way we exclude the protocol part from being captured into $1, so that we have a proper URL. I also added start and end anchors to make the regex more robust.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.