access_by_lua + custom error page

[Lord Nynex]

Hello, 

In the below example, I notice that ngx.exit() 'bypasses' my custom 403 handler. Is there a workaround? Is there a way to simply return ngx.HTTP_FORBIDDEN so the access phase can complete? 

server {

  listen 80;

  access_by_lua 'return ngx.exit(ngx.HTTP_FORBIDDEN)'

  error_page 403 @403;

  location @403 {

    echo '{"status": "forbidden"}';

  }

}

  

Thank You

[Yichun Zhang (agentzh)]

Hello!

On Thu, Aug 21, 2014 at 11:03 AM, Lord Nynex wrote:
> server {
> listen 80;
> access_by_lua 'return ngx.exit(ngx.HTTP_FORBIDDEN)'
> error_page 403 @403;
> location @403 {
> echo '{"status": "forbidden"}';
> }

Be very careful when you use access_by_lua directly on the server {}
block level because *every* location will inherit it if it has no
access_by_lua in itself, including your "location @403". So
essentially in your example, you create a infinite loop with internal
redirects and trigger error pages recursively. Then nginx decides to
shortcut [1]. A quick fix is to add a stub "access_by_lua return;" to
your location @403 but a better way is to avoid using access_by_lua on
the server {} or even higher level.

Regards,
-agentzh

[1] see http://nginx.org/en/docs/http/ngx_http_core_module.html#recursive_error_pages