Hello!
On Wed, May 29, 2013 at 02:49:46PM +0300, Hagai Avrahami wrote:
> Hi
>
> I am trying to configure Nginx to deny HTTP HEAD requests
>
> 1. By adding the following to configuration file
>
> if ($request_method !~ ^(GET)$) {
> return 405;
> }
>
> 2. Explicitly in the module
>
> if (!(r->method & (NGX_HTTP_GET))) {
> return NGX_HTTP_NOT_ALLOWED;
> }
>
> Nginx returns 405 status code but the response content length is not 0
> it's counting the error page text but when coming to send the response it
> ignores the body because it is HEAD request
>
> HTTP/1.1 405 Not Allowed
> Server: nginx
> Date: Wed, 29 May 2013 11:35:02 GMT
> Content-Type: text/html
> Content-Length: 161
> Connection: keep-alive
>
> ***No-Body**
And the question is? The behaviour you observe is correct as per
HTTP protocol.
--
Maxim Dounin
http://nginx.org/en/donation.html
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Wed, May 29, 2013 at 02:49:46PM +0300, Hagai Avrahami wrote:
> Hi
>
> I am trying to configure Nginx to deny HTTP HEAD requests
>
> 1. By adding the following to configuration file
>
> if ($request_method !~ ^(GET)$) {
> return 405;
> }
>
> 2. Explicitly in the module
>
> if (!(r->method & (NGX_HTTP_GET))) {
> return NGX_HTTP_NOT_ALLOWED;
> }
>
> Nginx returns 405 status code but the response content length is not 0
> it's counting the error page text but when coming to send the response it
> ignores the body because it is HEAD request
>
> HTTP/1.1 405 Not Allowed
> Server: nginx
> Date: Wed, 29 May 2013 11:35:02 GMT
> Content-Type: text/html
> Content-Length: 161
> Connection: keep-alive
>
> ***No-Body**
And the question is? The behaviour you observe is correct as per
HTTP protocol.
--
Maxim Dounin
http://nginx.org/en/donation.html
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx