server {
listen 80 default_server;
server_name www.tripelover.com;
root /usr/share/nginx/html;
index index.html index.htm;
location / {
#### Backend ====> Proxy ----> User
# Sanitize Session IDs from <href=""> links in response HTML
# Note: Compression must be disabled on the backend server,
# otherwise this won\'t work
subs_filter \'sid=([\\w\\d]{32})\' \'\' ir;
# Invalidate cookie if user logs out
if ($args ~ mode=logout) {
add_header Set-Cookie \'sessionid=deleted; path=/; domain=.tripelover.com; Expires=Thu, 01-Jan-1970 00:00:01 GMT\';
# Sanitise \'sid=\' from Location: header sent by the backend
more_set_headers \'Location: http://www.tripelover.com/\';
}
# This is where the magic happens
# The \'sid=\' query parameter from the backend is replaced with a cookie
if ($args !~ mode=logout) {
header_filter_by_lua_file /etc/nginx/sid_killer.lua;
}
#### User ----> Proxy ====> Backend
# Add \'sid=\' query parameter back from cookie for the backend application server
if ($args !~ sid) {
rewrite ^(.*)$ $1?sid=$cookie_sessionid;
}
# This is where the legacy application is hosted
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
}
}