In nginx, it is often necessary to modify the header for various reasons, so today I will sort out some instructions of the header in nginx
header is the message header in http, which contains a lot of information, usually divided into request headers (request header) and response headers (response header)
The request sent by the client to the server contains the request header, and the response sent by the server to the client contains the response header. The message header is usually a colon-separated key-value pair
There is a headers module in nginx, which has three instructions, namely:
-
add_header
-
add_trailer
-
expires
Needless to say, expires is used to control the cache time, the certificate is the cache time, 0 or negative number means the cache is invalid
add_trailer has the same effect as add_header, adding fields in headers, but trailer is added to the end of the response header
In nginx, these three headers usually control the response information
In addition, the instructions related to the modification of the headers are usually in the reverse proxy, that is, when the proxy_pass, there are the following instructions to operate the header
-
proxy_set_header
-
proxy_ignore_headers
-
proxy_pass_header
-
proxy_hide_header
-
proxy_pass_request_headers
proxy_set_header is usually used the most, you can add or rewrite the header in the header submitted to the upstream server, such as commonly used, when reverse proxy, add client IP, XFF and other fields
proxy_ignore_headers is usually used to disable certain response fields of upstream servers, such as:
-
X-Accel-Expires
-
Expires
-
Cache-Control
-
Set-Cookie
-
Vary
-
X-Accel-Redirect
-
X-Accel-Limit-Rate
-
X-Accel-Buffering
-
X-Accel-Charset
However, according to the test, it does not work at all. I wrote a simple php script, used proxy_pass as a proxy, and wrote the Expires field in the header in php.
Visit to view response headers
Then, use proxy_ignore_headers to ignore the Expires field, and request to see the effect again
It didn't work. At first I thought it couldn't be written in php, so I tried to write it in the upstream nginx configuration
Access test, still not ignored
What is effective is still the expires of the backend. From the official and online articles, as far as I understand, they all ignore the expires set by the upstream
However, proxy_hide_header can ignore the fields in the header in the upstream response
The request is as follows:
proxy_pass_header is exactly the opposite of proxy_hide_header. Some header fields nginx will not respond to the proxy by default. The official nginx documentation gives examples of Date, Server, X-Pad, X-Accel and other fields. For testing, also set the Server in php
Set proxy_pass_header Server in nginx
proxy_pass_request_headers is to control the header of the client request, whether it is passed to the upstream server, it is enabled by default, that is, the header carried by the client request will be forwarded to the upstream server, or use the php script to obtain the request_header information
View access results:
Turn off proxy_pass_request_headers in nginx
Get access results again
The above are the adjustments that come with nginx, some instructions for setting headers, and the most common scenarios for adjusting headers:
-
Adding allow cross-domain via add_header
-
Through the header header, set the effective time of the cache
-
Do grayscale by adding a custom header
-
Reverse proxy, pass custom fields to the backend, especially xff to get the real client IP
In addition to the built-in headers module, you can also install the third-party headers-more module. The control of corresponding headers is more comprehensive and convenient. headers-more is a module of openresty, which comes with openresty. For nginx, you need to compile and add dynamic module
Headers-more module download link: GitHub - openresty/headers-more-nginx-module: Set, add, and clear arbitrary output headers in NGINX http servers
After downloading, edit and add
Compile the dynamic module file through make modules, generate it in the objs directory, copy the .so file to the modules directory, and load it through load_modules in the nginx configuration file
In this way, the headers-more module is added
This module mainly has 4 instructions:
-
more_set_headers is used to add, modify, and clear response headers
-
more_clear_headers is used to clear the response headers
-
more_set_input_headers is used to add, modify, and clear request headers
-
more_clear_input_headers is used to clear the request headers
headers-more is more convenient and flexible to process headers than the headers that come with nginx. Therefore, if there are needs that cannot be met by the headers module that comes with nginx, you can add the headers-more module