third_party_mesa3d/docs/ci/uri-caching.conf
Tomeu Vizoso 8d8a91617d docs/ci: Update http cache config to let Authorization headers pass through
When downloading traces from a restricted repository, the Authorization
header will be set. Previous to this change, the http proxy would drop
it.

Signed-off-by: Tomeu Vizoso <tomeu.vizoso@collabora.com>
Reviewed-by: Emma Anholt <emma@anholt.net>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/6441>
2021-07-28 13:49:11 +00:00

38 lines
1.2 KiB
Plaintext

set $proxy_authorization '';
set_by_lua $proxyuri '
unescaped = ngx.unescape_uri(ngx.var.arg_uri);
it, err = ngx.re.match(unescaped, "(https?://)(.*@)?([^/]*)(/.*)?");
if not it then
-- Hack to cause nginx to return 404
return "http://localhost/404"
end
scheme = it[1];
authstring = it[2];
host = it[3];
query = it[4];
if ngx.var.http_authorization and ngx.var.http_authorization ~= "" then
ngx.var.proxy_authorization = ngx.var.http_authorization;
elseif authstring then
auth = string.sub(authstring, 0, -2);
auth64 = ngx.encode_base64(auth);
ngx.var.proxy_authorization = "Basic " .. auth64;
end
-- Default to / if none is set to avoid using the request_uri query
if not query then
query = "/";
end
return scheme .. host .. query;
';
add_header X-GG-Cache-Status $upstream_cache_status;
proxy_set_header Authorization $proxy_authorization;
proxy_pass $proxyuri;
# Redirect back to ourselves on 301 replies
proxy_redirect ~^(.*)$ /cache/?uri=$1;