Redirect to external asset nginx

Question

My goal is to have one nginx that can proxy_pass to other server.

Desired input

https://example.com/https://assets1.com/image.jpg?utm=whatever

Desired output
https://assets1.com/image.jpg?utm=whatever

Here my location block

server {

    index index.html index.htm index.nginx-debian.html;
    server_name example.com www.example.com;

    location ~/(.*) {
            if ($request_method = 'GET') {
                    add_header 'Access-Control-Allow-Origin' '*';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User->
    }
    proxy_pass https://$1$is_args$args/;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host "www.example.com";
}
listen 80;
listen       [::]:442 ssl ipv6only=on;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

And the error I get:

2021/09/21 09:27:32 [error] 8475#8475: *16 invalid port in upstream "https:/assets1.com/image.jpg?utm=whatever", client: [IP], server: domain.com, request: "GET /https://assets1.com/image.jpg?utm=whatever HTTP/1.1", host: "example.com"

This `location` block does not correspond to the error log entry you posted. Please post the actual state of your _complete_ nginx configuration using `nginx -T`. — Michael Hampton, Sep 21 '21 at 10:59

score 0 · Answer 1 · answered Sep 23 '21 at 19:53

Your original request URL contains protocol prefix: https://example.com/https://assets1.com.

Your location block captures the part after first /, so $1 becomes https://assets1.com.

In your proxy_pass statement you have https://$1$is_args$args, which becomes https://https://assets1.com when variable is expanded.

nginx tries to parse https://assets1.com as an domain:port pair, so the domain part of URL is https and port is an empty string.

To address the issue, I propose the following configuration:

location ~^/https://(.+)$ {
    proxy_pass https://$1$is_args$args;
    ...
}

This way we exclude the protocol part from being captured into $1, so that we have a proper URL. I also added start and end anchors to make the regex more robust.

Redirect to external asset nginx

1 Answers1