Score:1

Server

Exclude google doc embed iframe from nginx rewrite rule?

bakar

3/9/23, 4:04 PM

I hope that someone can help me here as I have very limited knowledge about server related stuff.

I have a WordPress site where I want to limit the /wp-content/uploads/ directory access to logged in users only. For this I have used the workaround as specified in the following link on an nginx server:

https://wordpress.stackexchange.com/questions/37144/how-to-protect-uploads-if-user-is-not-logged-in

And this solution works fine. However, there is a problem.

I have some pdfs embedded via google doc embed on certain pages. The google doc embed uses to load the PDFs as follows:

<iframe src="//docs.google.com/viewer?url=https://link-to-file.pdf&hl=en_US&embedded=true" class="" style="width:100%; height:500px; border: none;" scrolling="no"></iframe>

My nginx rule is as follows:

location ~* /(?:uploads)/* {
   rewrite /wp-content/uploads/(.*)$ /dl-file.php?file=$1;
}

How can I exclude above iframe or //docs.google.com url from this rule?

Any help would be highly appreciated.

Thanks

Bakar

0 + 0

mod-rewrite

rewrite

nginx

wordpress

ngx-http-rewrite-module

MrWhite

3/10/23, 5:14 PM

By excluding the Google docs viewer you are essentially making the PDFs publicly available... so why not just make the PDFs publicly available? Alternatively, are the IP address(es) that Google requests these documents with consistent?

Score:0

Server

JFK

3/9/23, 5:25 PM

You can use referrers (http://nginx.org/en/docs/http/ngx_http_referer_module.html#valid_referers)

valid_referers none blocked server_names docs.google.com;

Than you can just use $invalid_referer variable in your location block.

if ($invalid_referer) {
    rewrite /wp-content/uploads/(.*)$ /dl-file.php?file=$1;
}

0 + 0

bakar

3/9/23, 5:50 PM

Sorry but this does not work. Looks like it does not even validate the former nginx rule.

Tero Kilkanen

3/9/23, 9:56 PM

It might be that the `doc.google.com` viewer does not send correct HTTP referrer header when it requests the file for display. If this is the case, you need to find some other PDF viewer.

JFK

3/9/23, 10:00 PM

Add $http_refferer to your log (https://docs.nginx.com/nginx/admin-guide/monitoring/logging/) and check what, if anything, google is sending to you.

bakar

3/10/23, 5:03 PM

@TeroKilkanen, thank you for the comment. You are right, there is no referrer in the access log. Finally, I have decided to use a different pdf viewer plugin.

bakar

3/10/23, 5:04 PM

@JFK, thank you for the comment. Looks like google is not sending any referrer and that is the cause above rule did not work. Thanks for the help btw.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Exclude google doc embed iframe from nginx rewrite rule?

TH: ไม่รวม google doc ที่ฝัง iframe จากกฎ nginx rewrite หรือไม่

RO: Excludeți google doc embed iframe din regula de rescriere nginx?

RU: Исключить встраивание iframe в документ Google из правила перезаписи nginx?

VI: Loại trừ iframe nhúng google doc khỏi quy tắc viết lại nginx?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.