checking headers

Francis Daly francis at
Tue May 31 13:45:57 UTC 2016

On Tue, May 31, 2016 at 09:23:36AM -0400, Larry Martell wrote:
> On Tue, May 31, 2016 at 7:55 AM, Larry Martell <larry.martell at> wrote:
> >>> On Sat, May 28, 2016 at 12:48 PM, Larry Martell <larry.martell at>
> >>> wrote:

Hi there,

> >>>> Is there any way with nginx to check a request's headers and send back
> >>>> a 401 if the headers are not proper?

> > Looking with tcpdump I do not see that header field set. The request
> > is coming from a django app which is doing a redirect and I set the
> > header before the redirect. Guess I have to debug from that side.
> I traced the django code all the way through to when the response is
> going out and I see this:
> (Pdb) response._headers
> {'x-capdata-auth': ('X-Capdata-Auth', 'authorized'), 'content-type':
> ('Content-Type', 'text/html; charset=utf-8'), 'location': ('Location',
> ''), 'vary': ('Vary', 'Cookie')}
> Any one have any ideas as to why it doesn't seem to make it over to nginx?

There is a request from the client to nginx.

There is a response from nginx to the client.

There can be a request from nginx to its upstream, and a response from
upstream to nginx.

Any of those requests and responses can include headers.

In your architecture, what "header" do you care about?

That should tell you which variable value to check.$http_$sent_http_$upstream_http_

are three different families of variables set within nginx.

Possibly one of them covers what you want?

Francis Daly        francis at

More information about the nginx mailing list