1

As a sanity test, at the head of my HTML page, I'm trying to do a very simple SSI echo to indicate to the browser that SSI is working:

index.html:

<script>var ssi_enabled = false</script>
<!--# set var="test" value="<script>ssi_enabled=true</script>" -->
<!--# echo var="test" -->

then later in JS:

if (!ssi_enabled) { console.log("SSI is not enabled!"); }

But when nginx echoes the string, the HTML tags are sanitized as follows:

&lt;script&gt;ssi_enabled=true&lt;/script&gt;

I can't find anything in the nginx docs that indicates how to echo raw HTML.

Yes I know I could import a html file, but was trying to avoid it as that adds more complexity. Seems like this could be done but I'm just missing the correct parameter for echo.

Thanks

Ryan Griggs
  • 885
  • 2
  • 12
  • 27

1 Answers1

2

nginx has an encoding parameter to the echo command (cf. supported commands), which decides how to escape the text. It can have three values none (which is what you are looking for), url and the default entity. Compare the results of:

<!--#set var="GREETING" value="<h1><strong>Hello <em>&World</em></strong></h1><p>àäáąåǎâ</p>" -->
<!--#echo var="GREETING" encoding="none" -->
<!--#echo var="GREETING" encoding="url" -->
<!--#echo var="GREETING" encoding="entity" -->
Piotr P. Karwasz
  • 5,292
  • 2
  • 9
  • 20