checking headers

Tue May 31 15:38:28 UTC 2016

On Tue, May 31, 2016 at 10:26:26AM -0400, Larry Martell wrote:
> On Tue, May 31, 2016 at 9:45 AM, Francis Daly <francis at daoine.org> wrote:

Hi there,

> > Possibly one of them covers what you want?
> 
> There are 2 ways requests get to port 8000, which is the port I want
> to check headers on.
> 
> One is via a C++ Qt app, and the other is from a python django app.
> 
> The C++ app sends the request directly to port 8000. With the django
> app a request is sent to port 8004 and django sends a 301 redirect to
> 8000. In both cases the header field X-Capdata-Auth is set. And in
> neither case does my config pick that up. This is what I have:
> 
> map $http_x_capdata_auth $not_auth {
>         default 1;
>         "authorized" 0;
> }
> 
> Is that the correct way to check for that header value?

Yes. That checks for the request header from the client.

It works for me:

==
http {
  map $http_x_capdata_auth $not_auth {
    default 1;
    "authorized" 0;
  }

  server {
    listen 8080;
    location / {
      if ($not_auth) { return 401 "$http_x_capdata_auth, $not_auth\n"; }
      return 200 "$http_x_capdata_auth, $not_auth\n";
    }
  }
}
==

curl -v -H 'X-CapData-Auth: authorized' http://127.0.0.1:8080/test
--> HTTP/1.1 200 OK; authorized, 0

curl -v  http://127.0.0.1:8080/test
--> HTTP/1.1 401 Unauthorized: , 1

> Is there a way for me to dump the headers that it sees on requests to port 8000?

Within nginx, probably the debug log is simplest.

Outside nginx: tcpdump, or ask the client what it sends.

	f
-- 
Francis Daly        francis at daoine.org