nginx proxy and Date header
gfrankliu at gmail.com
Thu May 23 16:41:58 UTC 2019
I understand your argument when nginx is normally used as a frontend server
and "generation of the message" happens in nginx, but in this case, the
is about the nginx proxy module where nginx proxies the "message"
originated from upstream.
When nginx is used as a reverse proxy, I think nginx proxy module should
NOT remove the "Date" header from origin by default. Other reverse
proxies/caches, like Varnish, are doing the same:
On Thu, May 23, 2019 at 2:55 AM Maxim Dounin <mdounin at mdounin.ru> wrote:
> On Wed, May 22, 2019 at 10:30:57AM -0700, Frank Liu wrote:
> > Is there a reason why by default nginx doesn't pass the "Date" header
> > upstream?
> > https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html seems to
> > Date header shouldn't be altered:
> > The HTTP-date sent in a Date header SHOULD NOT represent a date and time
> > subsequent to the generation of the message. It SHOULD represent the best
> > available approximation of the date and time of message generation,
> > the implementation has no means of generating a reasonably accurate date
> > and time. In theory, the date ought to represent the moment just before
> > entity is generated. In practice, the date can be generated at any time
> > during the message origination without affecting its semantic value.
> > If nginx, as a proxy, changes the Date header, it may mess up the caching
> > model of HTTP in some pretty subtle ways in the downstream.
> And not changing the Date will mess pretty badly with various
> things as introduced in nginx, such as by the "expires"
> directive (not to mention SSI, as well as returning various
> responses from cache).
> Since nginx is primarily developed as a frontend server, it is
> generally considered to be an origin server in terms of RFC 2616.
> Accordingly, "generation of the message" in the quote above
> happens in nginx, and it uses the current date by default.
> If you want to preserve Date as returned by the upstream server,
> you can use the proxy_pass_header directive to do so.
> Maxim Dounin
> nginx mailing list
> nginx at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx