secure_token_uri_filename_prefix
Sets URI filename prefixes that must match for token generation in NGINX's secure token module.
Description
The secure_token_uri_filename_prefix directive allows the configuration of specific URI filename prefixes that must be matched for the generation of secure tokens. This is particularly useful for restricting which URIs will return a token, ensuring that only certain resources are protected by token-based access control. When this directive is used, only URIs whose filenames start with one of the specified prefixes will generate a token in response; any other URIs will not return a token, regardless of other security settings.
The directive accepts a single argument: the desired prefix or prefixes. Multiple prefixes can be specified by separating them with spaces. If no matching prefix is found in the URI filename, the request will continue normally but without the associated security benefits of token generation. This feature enhances control over resource protection and ensures that only critical endpoints are secured with tokens. As a result, it can reduce unnecessary token-based overhead for static content or less sensitive resources.
Config Example
http {
secure_token_uri_filename_prefix /videos/ /protected/;
}Ensure that the prefixes you specify do not unintentionally exclude necessary URIs from token protection.
Remember that this directive only affects URI filenames; the path or query string does not influence matching.
If no prefixes are defined, all URIs will be processed without token generation, leading to security risks for endpoints that require it.