Reverse Proxy Load Balancing - proxy_set_header

Dustin Kanske dustin at chipin.com
Sat Mar 17 03:43:08 MSK 2007


On Mar 9, 2007, at 8:42 PM, Igor Sysoev wrote:

> On Fri, Mar 09, 2007 at 01:13:42PM -1000, Dustin Kanske wrote:
>
>> In my nginx config I am attempting to set the values of two request
>> headers using the following configuration:
>>
>> location / {
>>   proxy_set_header X_FORWARDED_PROTO http;
>>   proxy_set_header X_SSL_VERIFIED false;
>> }
>>
>> The goal is to ignore whatever the client sets for these headers, and
>> to pass our defined values on to the upstream cluster.
>>
>> It appears that these values only get set if the client leaves them
>> out of the request. If the client sets X_SSL_VERIFIED to true, the
>> backend application sees 'true'.
>>
>> I wanted to clarify that this is the expected behavior and that
>> proxy_set_header cannot be used to override the request header values
>> that a client sets. If this is the case, is there any way to
>> accomplish this?
>
> No, proxy_set_header always resets any client header.
> Are you shure that you do not mix X_SSL_VERIFIED and X-SSL-VERIFIED ?
>

Hi Igor,

It appears to be the case that our application was rewriting the  
dashes to underscores. What really needed to be in nginx was:

location / {
   proxy_set_header X-FORWARDED-PROTO http;
   proxy_set_header X-SSL-VERIFIED false;
}

What appeared to be happening was that nginx was always setting  
X_SSL_VERIFIED false, but the users were passing in X-SSL-VERIFIED  
true, both being in the headers. The application would then change  
the dashes to underscores and use the 'true' one.

Thanks for the help,
Dustin

>
> -- 
> Igor Sysoev
> http://sysoev.ru/en/






More information about the nginx mailing list