Using correct variable for proxy_pass
Rob Fulton
rob at cow-frenzy.co.uk
Mon Nov 19 09:47:32 UTC 2018
Hi,
I'm trying to work out the best way to setup the proxy_pass url and
which variables to use. Initially we were using proxy_pass to proxy to a
single https URL, we used a rewrite to change https://hostname/ to
https://hostname/index.html.
We've recently discovered issues due to the single DNS query nginx
performs so moved to using a variable for the hostname, this required us
to set proxy_pass to the full requests url. We started with :
proxy_pass ${content_server}content$request_uri
This worked as expected but our rewrite rules failed to work, looking at
the documentation, this is seems to be expected since this is the
request pre-processing by nginx.
We then moved to :
proxy_pass ${content_server}content$uri
This works fine with the rewrite rules but I noticed a comment on
StackOverflow stating this opens you up to header injection
vulnerabilities. Is there a variable / combination of variables that
allow you to preserve rewrites without the potential security issues, or
a better way of doing this ensuring we can use variables in the
proxy_pass hostname?
Regards
Rob
More information about the nginx
mailing list