Lily Tsuru
35b09db127
Cleaned of most stuff *from* our config, but a template is provided to help you get started.
31 lines
955 B
Plaintext
31 lines
955 B
Plaintext
# no-ranges.conf
|
|
|
|
# Disables ranges and adds a simple lua block
|
|
# that will immediately fail requests.
|
|
|
|
# "max_ranges 0" doesn't seem to really work the way you'd expect
|
|
# which is kind of why I'm making this include..
|
|
# This will actually properly not allow ranged connections.
|
|
|
|
# Do the obligatory first
|
|
max_ranges 0;
|
|
|
|
# Add a Lua header filter that will explicitly 400
|
|
# any HTTP requests with the "Range" header; regardless of
|
|
# if they contain a valid range, set of ranges, or an invalid
|
|
# range.
|
|
#
|
|
# We also add the "Accept-Ranges" header here, because unlike
|
|
# nginx's native "add_header", it's not terminally broken and won't append
|
|
# a duplicate header in certain contexts... Don't ask how I had to find that out.
|
|
|
|
header_filter_by_lua_block {
|
|
local req_headers = ngx.req.get_headers();
|
|
ngx.header["Accept-Ranges"] = "none"
|
|
|
|
if req_headers["Range"] ~= nil then
|
|
ngx.log(ngx.ERR, "Request with ranges! Blocking")
|
|
return ngx.exit(400)
|
|
end
|
|
}
|