checking headers

Larry Martell larry.martell at
Tue May 31 14:26:26 UTC 2016

On Tue, May 31, 2016 at 9:45 AM, Francis Daly <francis at> wrote:
> On Tue, May 31, 2016 at 09:23:36AM -0400, Larry Martell wrote:
>> On Tue, May 31, 2016 at 7:55 AM, Larry Martell <larry.martell at> wrote:
>> >>> On Sat, May 28, 2016 at 12:48 PM, Larry Martell <larry.martell at>
>> >>> wrote:
> Hi there,
>> >>>> Is there any way with nginx to check a request's headers and send back
>> >>>> a 401 if the headers are not proper?
>> > Looking with tcpdump I do not see that header field set. The request
>> > is coming from a django app which is doing a redirect and I set the
>> > header before the redirect. Guess I have to debug from that side.
>> I traced the django code all the way through to when the response is
>> going out and I see this:
>> (Pdb) response._headers
>> {'x-capdata-auth': ('X-Capdata-Auth', 'authorized'), 'content-type':
>> ('Content-Type', 'text/html; charset=utf-8'), 'location': ('Location',
>> ''), 'vary': ('Vary', 'Cookie')}
>> Any one have any ideas as to why it doesn't seem to make it over to nginx?
> There is a request from the client to nginx.
> There is a response from nginx to the client.
> There can be a request from nginx to its upstream, and a response from
> upstream to nginx.
> Any of those requests and responses can include headers.
> In your architecture, what "header" do you care about?
> That should tell you which variable value to check.
> are three different families of variables set within nginx.
> Possibly one of them covers what you want?

There are 2 ways requests get to port 8000, which is the port I want
to check headers on.

One is via a C++ Qt app, and the other is from a python django app.

The C++ app sends the request directly to port 8000. With the django
app a request is sent to port 8004 and django sends a 301 redirect to
8000. In both cases the header field X-Capdata-Auth is set. And in
neither case does my config pick that up. This is what I have:

map $http_x_capdata_auth $not_auth {
        default 1;
        "authorized" 0;

Is that the correct way to check for that header value?

Is there a way for me to dump the headers that it sees on requests to port 8000?

More information about the nginx mailing list