Selectively implement something like proxy_ignore_headers Set-Cookie?

Peter Booth Peter_Booth at
Fri Mar 8 17:00:16 UTC 2013

I'm wondering if anyone has any thoughts about how I might address the


I am using nginx as a caching reverse proxy in front of a complex
Apache/Weblogic Java application. 

I have a half-dozen Location blocks that have different caching policies
with custom keys and 

different cache lifetimes. I'm using openresty to implement different
cache key logic with lua scripts

and until now everything has gone smoothly.


Some of the locations use the combination of 


proxy_ignore_headers Set-Cookie and proxy_hide_header Set-Cookie to
strip cookies from cached responses.


Another location needs to allow for session cookies to be created and so
it has the default nginx behavior of not caching 

responses that contain cookies. 


Now I need a different hybrid behavior- 


if a response contains "Set-Cookie: TLTHID", then strip it from the
response, but still cache the response.

If the response contains any other Set-Cookie header then don't cache
the response.


I have tried to use more_clear_headers 'Set-Cookie: TLTHID*" to strip
the cookie and I see 

that it does indeed remove the cookie from the response, however the
debug log shows me that the object is still

seen as being not cacheable, presumably because nginx knows that the
stripped Set-Cookie was there.

Is there an easy way to work around this? I'd considered running a
second nginx process to simply act as a 

proxy that strips the 'Set-Cookie: TLTHID*" header - it sounds clunky
but I expect it would work.



Is there a way to achieve this within a single nginx instance?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list