英文:
Regular expression negative lookaheads RE2 syntax used by Caddy
问题
将Apache和Nginx配置翻译为Caddyfile时,我在正则表达式方面遇到了问题。在Apache中,我使用以下配置来限制访问以点(.
)开头且不在.well-known
目录中的文件和目录。
<IfModule mod_authz_core.c>
<LocationMatch "(^|/)\.(?!well-known/)">
Require all denied
</LocationMatch>
</IfModule>
这是一个Apache配置块,使用mod_authz_core
模块来拒绝访问请求URL路径中以点(.
)开头的任何文件或目录,但.well-known
目录除外。
@block {
path_regexp ^(\/\..*)$
not path_regexp "^/\.well-known\/.*$"
}
respond @block 403
然而,我想使用一个单独的正则表达式,而不使用not path_regexp
。
问题在于正则表达式中的负向先行断言语法。Caddy使用的RE2语法不支持(?!pattern)
这种负向先行断言语法。
现在我陷入了困境,即使阅读了关于这个问题的先前问题,我也无法解决它。有什么想法吗?
如果你好奇,以下是Nginx的等效配置:
location ~* /\.(?!well-known\/) {
deny all;
}
英文:
When translating my Apache and Nginx configuration to Caddyfile, I'm having a problem with a regular expression. I use the following in Apache to restrict access to files and directories that start with a dot (.
) and are not in the .well-known
directory.
<IfModule mod_authz_core.c>
<LocationMatch "(^|/)\.(?!well-known/)">
Require all denied
</LocationMatch>
</IfModule>
This is an Apache configuration block that uses the mod_authz_core
module to deny access to any files or directories that begin with a dot (.
) in the requested URL path, except those in the .well-known
directory:
@block {
path_regexp ^(\/\..*)$
not path_regexp "^/\.well-known\/.*$"
}
respond @block 403
However, I'd like to use a single regular expression without using not path_regexp
.
The problem is the negative lookahead syntax in the regexp. The RE2 syntax used by Caddy does not support the (?!pattern)
syntax for negative lookaheads.
Now I'm stuck, even after reading previous questions about this issue, I can't figure out how to solve this. Any ideas?
If you're curious, Nginx equivalent:
location ~* /\.(?!well-known\/) {
deny all;
}
答案1
得分: 0
如果不支持负向环视,使用单个正则表达式是不可能的。除非使用负向环视语法绕过此问题,否则正则表达式无法完成此操作。
英文:
It’s not possible using a single regex if negative lookaround isn’t supported. This is not something that regexes do other than working around it using the negative lookaround syntax, so if that’s not supported then it’s not possible.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论