I recently implemented something similar, and one issue I ran in to was
that $sent_http_content_type doesn't always map to a mime type. For
example, "Content-Type: text/html" would match mime type text/html, but
"Content-Type: text/html; charset=utf-8" would match only the default. You
need to all Content-Type header variants to your map for it to work as
expected, or use a regular expression.
On Mon, Sep 3, 2018 at 10:13 PM petecooper <nginx-fo...@forum.nginx.org>
wrote:
> Hello.
> I am attempting to use `expires` on Nginx 1.15.3 to define the expiry of
> files on a per MIME type basis.
>
> I have used [1] as a base, and constructed the following `map` in the
> `http`
> section of a `include`-d `server` block (domain sanitised):
>
> map $sent_http_content_type $www_example_com_expires {
> default 1M;
> application/atom+xml 1h;
> application/javascript 1M;
> application/json 0s;
> application/ld+json 0s;
> application/manifest+json 1w;
> application/rdf+xml 1h;
> application/rss+xml 1h;
> application/schema+json 0s;
> application/x-javascript 1M;
> application/xml 0s;
> font/woff 1M;
> image/gif 1M;
> image/jpeg 1M;
> image/png 1M;
> image/svg+xml 1M;
> image/vnd.microsoft.icon 1M;
> image/webp 1M;
> image/x-icon 1M;
> text/cache-manifest 0s;
> text/css 1M;
> text/html 0s;
> text/javascript 1M;
> text/x-cross-domain-policy 1w;
> text/xml 0s;
> video/mp4 1M;
> video/webm 1M;
> }
>
> Later on, after the `map` is defined, I call it using `expires` in a
> `server` block:
>
> server {#IPv4 and IPv6, https, PHP fastcgi, check https://cipherli.st
> for latest ciphers
> access_log /var/log/nginx/www.example.com.access.log ipscrubbed;
> add_header Access-Control-Allow-Origin "https://*.example.com";;
> add_header Content-Security-Policy "default-src 'self'; connect-src
> 'self' https://api.github.com; font-src 'self'; img-src 'self' data: *
> https://*; media-src 'self' * https://*; style-src 'self' 'unsafe-in$
> add_header Expect-CT "max-age=0;
> report-uri=https://example.com/expect-ct-report";;
> add_header Feature-Policy "camera 'self'; geolocation 'none';
> microphone 'none'; midi 'none'; payment 'none'";
> add_header Referrer-Policy strict-origin;
> add_header Strict-Transport-Security "max-age=15768000;
> includeSubDomains; preload";
> add_header X-Content-Type-Options nosniff;
> add_header X-Frame-Options DENY;
> add_header X-XSS-Protection "1; mode=block";
> error_log /var/log/nginx/www.example.com.error.log crit;
> etag off;
> expires $www_example_com_expires;
> index index.html index.php;
> listen [::]:443 http2 ssl;
> listen 443 http2 ssl;
> [...]
> }
>
> My config passes the `nginx -t` self-test with no errors, and I can restart
> Nginx without issue.
>
> In the browser inspector, all MIME types are assigned a 1 month expiry, as
> if they're inheriting the `default` value from the map. Example headers for
> a .php file:
>
> Date: Mon, 03 Sep 2018 20:09:30 GMT
> Expires: Wed, 03 Oct 2018 20:09:30 GMT
>
> If I remove the `expires` directive, the 'Expires:' header is not shown, so
> `expires` is doing *something*.
>
> I suspect my syntax is wrong, and I would be very grateful for any feedback
> -- I am particularly interested a clue or pointer to aid my research into
> why this is not working.
>
> Thank you for your attention and interest.
>
> [1] http://nginx.org/en/docs/http/ngx_http_headers_module.html#expires
>
> Posted at Nginx Forum:
> https://forum.nginx.org/read.php?2,281087,281087#msg-281087
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
