Last active
December 26, 2023 01:35
-
-
Save sanmai/10341223 to your computer and use it in GitHub Desktop.
Hide referer header for outbound links with the power of nginx. For this to work you must use it within a https-enabled server.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Usage: | |
# https://www.example.com/hide-referer?http://en.wikipedia.org/wiki/HTTP_referer | |
server { | |
server_name www.example.com; | |
listen 80; | |
listen 443 ssl; | |
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; | |
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; | |
# ssl_... etc | |
location = /hide-referer { | |
if ($args = "") { | |
return 404; | |
} | |
# only works over https | |
if ($ssl_session_id = "") { | |
return 404; | |
} | |
add_header X-Robots-Tag "noindex, nofollow"; | |
add_header Content-Type "text/html; charset=us-ascii"; | |
add_header Refresh "1; url=$args"; | |
return 200 "<title></title><style>html,body{margin:0;min-height:100%;background:url(https://www.google.com/images/loading.gif) center no-repeat;}</style><body>"; | |
} | |
# and so forth | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Doesn't work for me. Only roll segments by circle with https://www.google.com/images/loading.gif and not redirect to $args.
2015/10/09 19:12:57 [debug] 1616#0: *1 http keepalive handler
2015/10/09 19:12:57 [debug] 1616#0: *1 recv: fd:3 583 of 1024
2015/10/09 19:12:57 [debug] 1616#0: *1 reusable connection: 0
2015/10/09 19:12:57 [debug] 1616#0: *1 malloc: 0000000002654DB0:1296
2015/10/09 19:12:57 [debug] 1616#0: *1 event timer del: 3: 1444403630716
2015/10/09 19:12:57 [debug] 1616#0: *1 generic phase: 0
2015/10/09 19:12:57 [debug] 1616#0: *1 rewrite phase: 1
2015/10/09 19:12:57 [debug] 1616#0: *1 test location: "/hide-referer"
2015/10/09 19:12:57 [debug] 1616#0: *1 using configuration "=/hide-referer"
2015/10/09 19:12:57 [debug] 1616#0: *1 http cl:-1 max:1048576
2015/10/09 19:12:57 [debug] 1616#0: *1 rewrite phase: 3
2015/10/09 19:12:57 [debug] 1616#0: *1 http script var
2015/10/09 19:12:57 [debug] 1616#0: *1 http script var: "http://itjunky.ws/register/new"
2015/10/09 19:12:57 [debug] 1616#0: *1 http script value: ""
2015/10/09 19:12:57 [debug] 1616#0: *1 http script equal
2015/10/09 19:12:57 [debug] 1616#0: *1 http script equal: no
2015/10/09 19:12:57 [debug] 1616#0: *1 http script if
2015/10/09 19:12:57 [debug] 1616#0: *1 http script if: false
2015/10/09 19:12:57 [debug] 1616#0: *1 http script complex value
2015/10/09 19:12:57 [debug] 1616#0: *1 http script var: "http://itjunky.ws/register/new"
2015/10/09 19:12:57 [debug] 1616#0: *1 http script set $r
2015/10/09 19:12:57 [debug] 1616#0: *1 http set discard body
2015/10/09 19:12:57 [debug] 1616#0: *1 http script copy: "1; url="
2015/10/09 19:12:57 [debug] 1616#0: *1 http script var: "http://itjunky.ws/register/new"
2015/10/09 19:12:57 [debug] 1616#0: *1 xslt filter header
2015/10/09 19:12:57 [debug] 1616#0: *1 HTTP/1.1 200 OK
Server: nginx/1.0.15
Date: Fri, 09 Oct 2015 15:12:57 GMT
Content-Type: application/octet-stream
Content-Length: 147
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Type: text/html; charset=us-ascii
Refresh: 1; url=http://itjunky.ws/register/new
2015/10/09 19:12:57 [debug] 1616#0: *1 write new buf t:1 f:0 000000000260A698, pos 000000000260A698, size: 287 file: 0, size: 0
2015/10/09 19:12:57 [debug] 1616#0: *1 http write filter: l:0 f:0 s:287
2015/10/09 19:12:57 [debug] 1616#0: *1 http output filter "/hide-referer?http://itjunky.ws/register/new"
2015/10/09 19:12:57 [debug] 1616#0: *1 http copy filter: "/hide-referer?http://itjunky.ws/register/new"
2015/10/09 19:12:57 [debug] 1616#0: *1 image filter
2015/10/09 19:12:57 [debug] 1616#0: *1 xslt filter body
2015/10/09 19:12:57 [debug] 1616#0: *1 http postpone filter "/hide-referer?http://itjunky.ws/register/new" 00007FFF578F85B0
2015/10/09 19:12:57 [debug] 1616#0: *1 write old buf t:1 f:0 000000000260A698, pos 000000000260A698, size: 287 file: 0, size: 0
2015/10/09 19:12:57 [debug] 1616#0: *1 write new buf t:0 f:0 0000000000000000, pos 000000000262233D, size: 147 file: 0, size: 0
2015/10/09 19:12:57 [debug] 1616#0: *1 http write filter: l:1 f:0 s:434
2015/10/09 19:12:57 [debug] 1616#0: *1 http write filter limit 0
2015/10/09 19:12:57 [debug] 1616#0: *1 writev: 434
2015/10/09 19:12:57 [debug] 1616#0: *1 http write filter 0000000000000000
2015/10/09 19:12:57 [debug] 1616#0: *1 http copy filter: 0 "/hide-referer?http://itjunky.ws/register/new"
2015/10/09 19:12:57 [debug] 1616#0: *1 http finalize request: 0, "/hide-referer?http://itjunky.ws/register/new" a:1, c:1
2015/10/09 19:12:57 [debug] 1616#0: *1 set http keepalive handler
2015/10/09 19:12:57 [debug] 1616#0: *1 http close request
2015/10/09 19:12:57 [debug] 1616#0: *1 http log handler
==> /var/log/nginx/link.espx.net-access.log <==
188.134.20.9 - - [09/Oct/2015:19:12:57 +0400] "GET /hide-referer?http://itjunky.ws/register/new HTTP/1.1" 200 147 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:41.0) Gecko/20100101 Firefox/41.0" "-"
==> /var/log/nginx/link.espx.net-error.log <==
2015/10/09 19:12:57 [debug] 1616#0: *1 free: 0000000002609A30, unused: 254
2015/10/09 19:12:57 [debug] 1616#0: *1 event timer add: 3: 65000:1444403642126
2015/10/09 19:12:57 [debug] 1616#0: *1 free: 0000000002654DB0
2015/10/09 19:12:57 [debug] 1616#0: *1 free: 00000000025FD080
2015/10/09 19:12:57 [debug] 1616#0: *1 hc free: 0000000000000000 0
2015/10/09 19:12:57 [debug] 1616#0: *1 hc busy: 0000000000000000 0
2015/10/09 19:12:57 [debug] 1616#0: *1 reusable connection: 1
2015/10/09 19:12:57 [debug] 1616#0: *1 post event 00000000026F4860
2015/10/09 19:12:57 [debug] 1616#0: *1 delete posted event 00000000026F4860
2015/10/09 19:12:57 [debug] 1616#0: *1 http keepalive handler
2015/10/09 19:12:57 [debug] 1616#0: *1 malloc: 00000000025FD080:1024
2015/10/09 19:12:57 [debug] 1616#0: *1 recv: fd:3 -1 of 1024
2015/10/09 19:12:57 [debug] 1616#0: *1 recv() not ready (11: Resource temporarily unavailable)
2015/10/09 19:14:02 [debug] 1616#0: *1 event timer del: 3: 1444403642126
2015/10/09 19:14:02 [debug] 1616#0: *1 http keepalive handler
2015/10/09 19:14:02 [debug] 1616#0: *1 close http connection: 3
2015/10/09 19:14:02 [debug] 1616#0: *1 reusable connection: 0
2015/10/09 19:14:02 [debug] 1616#0: *1 free: 00000000025FD080
2015/10/09 19:14:02 [debug] 1616#0: *1 free: 0000000000000000
2015/10/09 19:14:02 [debug] 1616#0: *1 free: 0000000002653CF0, unused: 8
2015/10/09 19:14:02 [debug] 1616#0: *1 free: 0000000002653E50, unused: 128