nginx

リバースプロキシ(Nginx)経由でリクエストを投げるとカスタムヘッダが消えて困った

More than 5 years have passed since last update.


なんぞ

Nginxを使ったリバースプロキシ経由でリクエストを投げると、カスタムヘッダが消えて困った。

ヘッダはこんな感じ → X-Test.Hoge


結論

Nginxのデフォルトではヘッダ名に英数字とハイフン以外は認めてない。

http://nginx.org/en/docs/http/ngx_http_core_module.html#ignore_invalid_headers

リクエストヘッダをそのままBodyに入れて返すスクリプト書いた。


Nginx的に合法なヘッダの場合

$ curl -H 'X-Test-Hoge: hoge' http://hoge.huga.com/

[('X-Forwarded-Server', 'hoge.huga.com'),
('X-Real-Ip', 'xxx.xxx.xxx.xxx'),
('Connection', 'close'),
('Content-Length', ''),
('Accept', '*/*'),
('User-Agent',
'curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8y zlib/1.2.5'),
('Host', 'hoge.huga.com'),
('X-Test-Hoge', 'hoge'),
('X-Forwarded-For', 'xxx.xxx.xxx.xxx'),
('X-Forwarded-Host', 'hoge.huga.com'),
('Content-Type', 'text/plain')]


Nginx的にに非合法な場合

$ curl -H 'X-Test.Hoge: hoge' http://hoge.huga.com/

[('X-Forwarded-Server', 'hoge.huga.com'),
('X-Real-Ip', 'xxx.xxx.xxx.xxx'),
('Connection', 'close'),
('Content-Length', ''),
('Accept', '*/*'),
('User-Agent',
'curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8y zlib/1.2.5'),
('Host', 'hoge.huga.com'),
('X-Forwarded-For', 'xxx.xxx.xxx.xxx'),
('X-Forwarded-Host', 'hoge.huga.com'),
('Content-Type', 'text/plain')]


対応策

httpもしくはserverコンテキストにignore_invalid_headers off; を追加する


example.conf

upstream hoge-huga-com {

server xxx.xxx.xxx.xxx:yyyy;
}

server {
listen 80;
server_name hoge.huga.com;
access_log on;
ignore_invalid_headers off;

location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://hoge-huga-com;
}
}



ignore_invalid_headersをoffにした後

$ curl -H 'X-Test.Hoge: hoge' http://hoge.huga.com/

[('X-Forwarded-Server', 'hoge.huga.com'),
('X-Real-Ip', 'xxx.xxx.xxx.xxx'),
('Connection', 'close'),
('Content-Length', ''),
('Accept', '*/*'),
('X-Test.Hoge', 'hoge'),
('User-Agent',
'curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8y zlib/1.2.5'),
('Host', 'hoge.huga.com'),
('X-Forwarded-For', 'xxx.xxx.xxx.xxx'),
('X-Forwarded-Host', 'hoge.huga.com'),
('Content-Type', 'text/plain')]


小ネタ


_は-に直される

$ curl -H 'X-Test_Hoge: hoge' http://hoge.huga.com/

[('X-Forwarded-Server', 'hoge.huga.com'),
('X-Real-Ip', 'xxx.xxx.xxx.xxx'),
('Connection', 'close'),
('Content-Length', ''),
('Accept', '*/*'),
('User-Agent',
'curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8y zlib/1.2.5'),
('Host', 'hoge.huga.com'),
('X-Test-Hoge', 'hoge'),
('X-Forwarded-For', 'xxx.xxx.xxx.xxx'),
('X-Forwarded-Host', 'hoge.huga.com'),
('Content-Type', 'text/plain')]