0

My script made in cgi-bin is using html input form to login. After submitting the form, password is visible in URL. I would like to rewrite this URL so the password is not visible in the address bar.

I would like to change this /cgi-bin/script.sh?host=somehost&user=user&pass=password

to /cgi-bin/script.sh So basically match all behind script.sh and remove it. This ^script.sh(.*) would match my use case but it's not working.

This is my simple Nginx config:

server {
    listen 80;
    server_name x.x.x.x;
    location /cgi-bin/ {
            gzip off;
            root /var/www;
            fastcgi_pass unix:/var/run/fcgiwrap.socket;
            include /etc/nginx/fastcgi_params;
            fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    }
}

Any tips appreciated.

newbie123
  • 23
  • 4
  • This is related to your HTML form and has nothing to do with nginx. Use HTTP POST method instead of HTTP GET (see [When should I use GET or POST method? What's the difference between them?](https://stackoverflow.com/questions/504947/when-should-i-use-get-or-post-method-whats-the-difference-between-them) or [What is the difference between POST and GET?](https://stackoverflow.com/questions/3477333/what-is-the-difference-between-post-and-get)) – Ivan Shatsky Oct 16 '21 at 09:16

0 Answers0