This example demonstrates how to inspect and filter POST parameters sent through nginx to a backend server with Perl:
```apacheconf
nginx => filter (perl) => backend
```
This could also be done with the Lua module.
nginx.conf:
```apacheconf
http {
perl_modules /tmp;
perl_require filter.pm;
server {
# The action we want to filter
location = /bananas/create {
perl filter::handler;
}
# The backend server
location = /backend {
internal; # Only allowed internally
proxy_pass http://backend/bananas/create;
}
# The action that handles blocked requests
location = /blocked {
internal;
perl filter::block;
}
}
```
/tmp/filter.pm:
```apacheconf
package filter;
use nginx;
# Handle request
sub handler {
my $r = shift;
if ($r->has_request_body(\&checkRequest)) {
return OK;
}
return OK;
}
# Print a message
sub blocked {
my $r = shift;
$r->send_http_header("text/html");
$r->print("Blocked...\n
"); $r->rflush; return OK; } # Check request for invalid parameter sub checkRequest { my $r = shift; my $body = $r->request_body; # Try to detect invalid POST parameters if ($body =~ /credit_card=/) { $r->internal_redirect("/blocked"); # Redirect to /blocked } else { $r->internal_redirect("/backend"); # Redirect to /backend } return OK; } 1; __END__ ```
"); $r->rflush; return OK; } # Check request for invalid parameter sub checkRequest { my $r = shift; my $body = $r->request_body; # Try to detect invalid POST parameters if ($body =~ /credit_card=/) { $r->internal_redirect("/blocked"); # Redirect to /blocked } else { $r->internal_redirect("/backend"); # Redirect to /backend } return OK; } 1; __END__ ```