Nginx Lua helpers for OPH

lua/oph_block.lua

Checks CSRF: Blocks request if method type is something other than "GET", "HEAD" and "OPTIONS" and "CSRF" cookie does not exist or does not have the same value as "CSRF" header
Supports HTML forms
- CSRF is read from post parameter named "CSRF"
- "clientSubSystemCode" form parameter is sent as request header "clientSubSystemCode"
Adds CSRF cookie to response if missing
Sets ID header to request: All requests are uniquely identified

lua/oph_log.lua

Getting started

install openresty or nginx with lua support

start dev server

openresty -p . -c dev-server.conf

reload configs

openresty -s reload

run automated tests

./test.sh

stopping dev server

openresty -s stop

Copy all three files so that they're available
Add lua_package_path "${prefix}/pathtoluafiles/?.lua"; directive to nginx's config at http level
Add access_by_lua_file directives to all relevant location blocks

Name		Name	Last commit message	Last commit date
Latest commit History 40 Commits
lua		lua
.gitignore		.gitignore
LICENSE.TXT		LICENSE.TXT
README.md		README.md
dev-server.conf		dev-server.conf
index.html		index.html
performance_post_data.txt		performance_post_data.txt
performance_test.sh		performance_test.sh
project_info.json		project_info.json
test.sh		test.sh