Nginx accepts trailing dot (e.g. example.tld.). The regex has set start and end of server_name, see bellow.
server_name ~^example.tld$;
The server_name regex does not match example.tld. but nginx matches this vhost. I have found this question about redirecting trailing dot question but it is something like workaround, isn't it?
I wonder why nginx matches vhost even while the regex does not match? Is it some kind of internal logic based on RFC standards?
Yes, I believe it stems from the trailing dot being the standard DNS notation that signifies a fully-qualified-domain-name (FQDN). In a BIND-compatible zone file, any name without a trailing dot is relative to $ORIGIN.
Similarly, the same goes for resolv.conf, where, if it contains search online.net, then instead of going to console.online.net., you can simply go to just console (OTOH, going to console. won't work, as such root zone doesn't currently exist (I know — I was actually very surprised myself that no registry has taken up such an awesome TLD zone yet ^_^ — although even if it did exist, it'll likely not have an A record anyways)).
As such, the trailing dot is automatically removed from the string that is deemed to be the host, as per nginx server name regex when "Host" header has a trailing dot, which, for correctness and completeness sake, must happen prior to the execution of the regex within the context of the server_name directive, hence, the trailing dot will never match.
