mirror of
https://gitlab.freedesktop.org/mesa/mesa.git
synced 2024-11-26 19:54:33 +08:00
8d8a91617d
When downloading traces from a restricted repository, the Authorization header will be set. Previous to this change, the http proxy would drop it. Signed-off-by: Tomeu Vizoso <tomeu.vizoso@collabora.com> Reviewed-by: Emma Anholt <emma@anholt.net> Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/6441>
38 lines
1.2 KiB
Plaintext
38 lines
1.2 KiB
Plaintext
set $proxy_authorization '';
|
|
|
|
set_by_lua $proxyuri '
|
|
unescaped = ngx.unescape_uri(ngx.var.arg_uri);
|
|
it, err = ngx.re.match(unescaped, "(https?://)(.*@)?([^/]*)(/.*)?");
|
|
if not it then
|
|
-- Hack to cause nginx to return 404
|
|
return "http://localhost/404"
|
|
end
|
|
|
|
scheme = it[1];
|
|
authstring = it[2];
|
|
host = it[3];
|
|
query = it[4];
|
|
|
|
if ngx.var.http_authorization and ngx.var.http_authorization ~= "" then
|
|
ngx.var.proxy_authorization = ngx.var.http_authorization;
|
|
elseif authstring then
|
|
auth = string.sub(authstring, 0, -2);
|
|
auth64 = ngx.encode_base64(auth);
|
|
ngx.var.proxy_authorization = "Basic " .. auth64;
|
|
end
|
|
|
|
-- Default to / if none is set to avoid using the request_uri query
|
|
if not query then
|
|
query = "/";
|
|
end
|
|
|
|
return scheme .. host .. query;
|
|
';
|
|
|
|
add_header X-GG-Cache-Status $upstream_cache_status;
|
|
proxy_set_header Authorization $proxy_authorization;
|
|
|
|
proxy_pass $proxyuri;
|
|
# Redirect back to ourselves on 301 replies
|
|
proxy_redirect ~^(.*)$ /cache/?uri=$1;
|