worker_processes 4; daemon on; master_process on; error_log logs/error.log warn; pid logs/nginx.pid; http { default_type text/plain; keepalive_timeout 68; upstream backend { drizzle_server 127.0.0.1:3306 dbname=test password=some_pass user=monty protocol=mysql; drizzle_keepalive max=400 overflow=ignore; } server { listen 8080; server_name localhost; client_max_body_size 1M; #client_body_buffer_size 4k; # Begin preamble config... # End preamble config... # Begin test case config... xss_get on; xss_callback_arg _callback; rds_json on; # XXX we should implement these in the ngx_xss module location @err500 { rds_json_ret 500 "Internal Server Error"; } location @err404 { rds_json_ret 404 "Not Found"; } location @err400 { rds_json_ret 400 "Bad Request"; } location @err403 { rds_json_ret 403 "Forbidden"; } location @err502 { rds_json_ret 502 "Bad Gateway"; } location @err503 { rds_json_ret 503 "Service Unavailable"; } error_page 500 = @err500; error_page 404 = @err404; error_page 403 = @err403; error_page 400 = @err400; error_page 502 = @err502; error_page 503 = @err503; error_page 504 507 = @err500; location = '/=/view/PostsByMonth/~/~' { if ($arg_year !~ '^\d{4}$') { rds_json_ret 400 'Bad "year" argument'; } if ($arg_month !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "month" argument'; } drizzle_query "select id, title, day(created) as day from posts where year(created) = $arg_year and month(created) = $arg_month order by created asc"; drizzle_pass backend; } location = '/=/view/RecentComments/~/~' { set $offset $arg_offset; set_if_empty $offset 0; set $limit $arg_limit; set_if_empty $limit 10; if ($offset !~ '^\d+$') { rds_json_ret 400 'Bad "offset" argument'; } if ($limit !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "limit" argument'; } drizzle_query "select comments.id as id, post, sender, title from posts, comments where post = posts.id order by comments.id desc limit $offset, $limit"; drizzle_pass backend; } location = '/=/view/RecentPosts/~/~' { set $offset $arg_offset; set_if_empty $offset 0; set $limit $arg_limit; set_if_empty $limit 10; if ($offset !~ '^\d+$') { rds_json_ret 400 'Bad "offset" argument'; } if ($limit !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "limit" argument'; } drizzle_query "select id, title from posts order by id desc limit $offset, $limit"; drizzle_pass backend; } location = '/=/view/PrevNextPost/~/~' { if ($arg_current !~ '^\d+$') { rds_json_ret 400 'Bad "current" argument'; } drizzle_query "(select id, title from posts where id < $arg_current order by id desc limit 1) union (select id, title from posts where id > $arg_current order by id asc limit 1)"; drizzle_pass backend; } location = '/=/view/RowCount/~/~' { if ($arg_model = 'Post') { drizzle_query "select count(*) as count from posts"; drizzle_pass backend; } if ($arg_model = 'Comment') { drizzle_query "select count(*) as count from comments"; drizzle_pass backend; } rds_json_ret 400 'Bad "model" argument'; } location = '/=/view/PostCountByMonths/~/~' { set $offset $arg_offset; set_if_empty $offset 0; set $limit $arg_limit; set_if_empty $limit 10; if ($offset !~ '^\d+$') { rds_json_ret 400 'Bad "offset" argument'; } if ($limit !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "limit" argument'; } drizzle_query "select date_format(created, '%Y-%m-01') `year_month`, count(*) count from posts group by `year_month` order by `year_month` desc limit $offset, $limit"; drizzle_pass backend; } location = '/=/view/FullPostsByMonth/~/~' { set $count $arg_count; set_if_empty $count 40; if ($arg_year !~ '^(?:19|20)\d{2}$') { rds_json_ret 400 'Bad "year" argument'; } if ($arg_month !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "month" argument'; } if ($arg_count !~ '^\d+$') { rds_json_ret 400 'Bad "count" argument'; } drizzle_query "select * from posts where year(created) = $arg_year and month(created) = $arg_month order by id desc limit $count"; drizzle_pass backend; } location = '/=/view/PrevNextArchive/~/~' { if ($arg_now !~ '^\d{4}-\d{1,2}(?:-\d{1,2})?$') { rds_json_ret 400 'Bad "now" argument'; } if ($arg_month !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "month" argument'; } drizzle_query "(select 'next' as id, month(created) as month, year(created) as year from posts where created > $arg_now and month(created) <> $arg_month order by created asc limit 1) union (select 'prev' as id, month(created) as month, year(created) as year from posts where created < $arg_now and month(created) <> $arg_month order by created desc limit 1)"; drizzle_pass backend; } location = '/=/batch/GetSidebar/~/~' { if ($arg_year !~ '^(?:19|20)\d{2}$') { rds_json_ret 400 'Bad "year" argument'; } if ($arg_month !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "month" argument'; } default_type 'application/json'; echo '['; echo_location_async '/=/view/PostsByMonth/~/~' "year=$arg_year&month=$arg_month"; echo ','; echo_location_async '/=/view/RecentPosts/~/~' "offset=0&limit=6"; echo ','; echo_location_async '/=/view/RecentComments/~/~' "offset=0&limit=6"; echo ','; echo_location_async '/=/view/PostCountByMonths/~/~' "offset=0&limit=12"; echo ']'; } location = '/=/batch/GetFullPost/~/~' { if ($arg_id !~ '^\d+$') { rds_json_ret 400 'Bad "id" argument'; } default_type 'application/json'; echo '['; echo_location_async "/=/model/Post/id/$arg_id"; echo ','; echo_location_async "/=/view/PrevNextPost/~/~" "current=$arg_id"; echo ','; echo_location_async "/=/model/Comment/post/$arg_id" "_order_by=id:desc"; echo ']'; } location ~* '^/=/model/Post/id/(.*)$' { set $id $1; if ($id !~ '^\d+$') { rds_json_ret 400 'Bad "id" value'; } drizzle_query "select * from posts where id = $id"; drizzle_pass backend; } location ~* '^/=/model/Comment/post/(.*)$' { set $post $1; if ($post !~ '^\d+$') { rds_json_ret 400 'Bad "post" value'; } drizzle_query "select * from comments where post = $post"; drizzle_pass backend; } location = '/=/model/Post/~/~' { if ($arg__offset !~ '^\d+$') { rds_json_ret 400 'Bad "_offset" argument'; } if ($arg__limit !~ '^\d{1,2}$') { rds_json_ret 400 'Bad "_limit" argument'; } if ($arg__order_by !~ '^([A-Za-z]\w*)%3A(desc|asc)$') { rds_json_ret 400 'Bad "_order_by" argument'; } set $col $1; set $order $2; drizzle_query "select * from posts order by `$col` $order limit $arg__offset, $arg__limit"; drizzle_pass backend; } location = '/=/batch/NewComment/~/~' { default_type 'application/json'; set_unescape_uri $sender $arg_sender; set_unescape_uri $email $arg_email; set_unescape_uri $url $arg_url; set_unescape_uri $body $arg_body; set_unescape_uri $post_id $arg_post_id; if ($sender !~ '\S') { rds_json_ret 400 "Bad \"sender\" argument"; } if ($email !~ '^[-A-Za-z0-9_.]+@[-A-Za-z0-9_.]+$') { rds_json_ret 400 "Bad \"email\" argument"; } if ($url !~ '^(?:\s*|https?://\S+)$') { rds_json_ret 400 "Bad \"url\" argument: $url"; } if ($body ~ '^\s*$') { rds_json_ret 400 "Bad \"body\" argument"; } if ($post_id !~ '^[1-9]\d*$') { rds_json_ret 400 "Bad \"post_id\" argument"; } set_quote_sql_str $sender; set_quote_sql_str $email; set_quote_sql_str $url; set_quote_sql_str $body; # XXX these operations should be put into a # single transaction echo '['; echo_location '/=/action/RunSQL/~/~' "insert into comments (sender, email, url, body, post) values($sender, $email, $url, $body, $post_id)"; echo ','; echo_location '/=/action/RunSQL/~/~' "update posts set comments = comments + 1 where id = $post_id"; echo ']'; } location = '/=/action/RunSQL/~/~' { internal; drizzle_query $query_string; drizzle_pass backend; } # End test case config. location / { root html; index index.html index.htm; } } } events { worker_connections 1024; }