Set-Cookie is missing via proxy

Isaac Hailperin i.hailperin at heinlein-support.de
Wed Dec 5 11:00:51 UTC 2012 

Hi,


I am using nginx as a reverse proxy for apache.
I have the following symptom: Sessions of users get mixed up.
The original html from the apache looks like this via curl:

[...]
<a href="/ueber-uns/?acmeID=e58927c4c728307aa0596f23a87c8136" class="to_page
right_btn"><img src="/layout/cyt/img/blind.gif" alt="" /></a></div>
<div class="teaser teaser4a">
[...]

If I get this page through nginx, it looks like this:
[...]
<a href="/ueber-uns/" class="to_page right_btn"><img
src="/layout/cyt/img/blind.gif" alt="" /></a></div>
[...]

So obviously the query string containing the identifing ID is missing. I 
guess
this is where sessions get mixed up. Now I had
a look a the headers, and there I got via apache:
curl --head http://www.foobar-shop.de/
HTTP/1.1 200 OK
Date: Wed, 05 Dec 2012 10:19:48 GMT
Server: Apache
X-Powered-By: PHP/5.2.17-0.dotdeb.0
Set-Cookie: acmeID=48dceed9217eea2b691f75e26276bdb8; expires=Fri, 
15-Mar-2013
10:19:48 GMT; path=/; domain=.foobar-shop.de
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, 
pre-check=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8

and via nginx:
HTTP/1.1 200 OK
Server: nginx/1.2.5
Date: Wed, 05 Dec 2012 10:45:54 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 945
Connection: keep-alive
Last-Modified: Fri, 13 Apr 2012 02:58:01 GMT
ETag: "132b39c-3b1-4bd86a3f74040"
Accept-Ranges: bytes
Vary: Accept-Encoding

So the "Set-Cookie" header is missing via nginx. I guess this is the 
reason why the query
string is also missing in the html. ( Odly though, if I browse the site with
firefox, I still get the cookie ...? )
I tried setting
proxy_pass_header Set-Cookie;
but with no success.

Now I am a bit clueless.

My config:

/etc/nginx/nginx.conf
user www-data;
worker_processes 16;
pid /var/run/nginx.pid;

events {
         worker_connections 2000;
         # multi_accept on;
}

http {

         ##
         # Basic Settings
         ##

         sendfile on;
         tcp_nopush on;
         tcp_nodelay on;
         keepalive_timeout 65;
         types_hash_max_size 2048;
         # server_tokens off;

         # server_names_hash_bucket_size 64;
         # server_name_in_redirect off;

         include /etc/nginx/mime.types;
         default_type application/octet-stream;

         ##
         # Logging Settings
         ##

         access_log /var/log/nginx/access.log;
         error_log /var/log/nginx/error.log;

         ##
         # Gzip Settings
         ##

         gzip on;
         gzip_disable "msie6";
        # gzip_vary on;
         # gzip_proxied any;
         # gzip_comp_level 6;
         # gzip_buffers 16 8k;
         # gzip_http_version 1.1;
         # gzip_types text/plain text/css application/json
         # application/x-javascript text/xml application/xml 
application/xml+rss
         # text/javascript;

         # Because we have a lot of server_names, we need to increase
         # server_names_hash_bucket_size
         # (http://nginx.org/en/docs/http/server_names.html)
         server_names_hash_max_size 6000;
         server_names_hash_bucket_size 512;
                                                            # raise default
                                                            # values for php
         client_max_body_size 20M;
         client_body_buffer_size 128k;

         ##
         # Virtual Host Configs
         ##
         include /var/www3/acme_cache/load_balancer/upstream.conf;
         include /etc/nginx/conf.d/*.conf;
         include /etc/nginx/sites-enabled/*;
         include /etc/nginx/proxy_params;

         index index.html index.htm ;

         ##
         # Proxy Settings
         ##

         # include hostname in request to backend
         proxy_set_header Host $host;

         # only honor internal Caching policies
         proxy_ignore_headers X-Accel-Expires Expires Cache-Control;

         # let cookies from the backend pass
         proxy_pass_header Set-Cookie;

}


/etc/nginx/proxy_params
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

/etc/nginx/conf.d/proxy_paths.conf
proxy_temp_path   /var/lib/nginx/proxy/tmp;
proxy_cache_path  /var/lib/nginx/proxy/cache levels=2:2:2
keys_zone=acme-cache:800m max_size=55000m inactive=10m;

/etc/nginx/sites-enabled/foobar-shop.de_p80
server
{
         server_name www.foobar-shop.de foobar-shop.de foobar-beta.de;
         listen 80;
         access_log /var/log/www/asdf/foobar/log/access.log;
         error_log /var/log/nginx/vhost_error.log;
         proxy_cache acme-cache;
         proxy_cache_key "$scheme$host$proxy_host$uri$is_args$args";
         proxy_cache_valid       200 302 60m;
         proxy_cache_valid       404             10m;

         location ~* \.(jpg|gif|png|css|js)
         {
                 try_files $uri @proxy;
         }

         location @proxy
         {
                 proxy_pass http://backend-all-apaches;
         }

         location /
         {
                 proxy_pass http://backend-all-apaches;
         }

}

Any Ideas?


Isaac

More information about the nginx mailing list