如何使用 nginx proxy_pass 保留请求 url

发布于 2024-11-04 06:47:13 字数 771 浏览 5 评论 0原文

我尝试使用 Thin 应用服务器,但遇到了一个问题。

当 nginx 代理使用 proxy_pass http://my_app_upstream 向 Thin(或 Unicorn)发出请求时; 应用程序接收 nginx 发送的修改后的 URL (http://my_app_upstream)。

我想要的是传递原始 URL 和来自客户端的原始请求而不进行任何修改,因为应用程序严重依赖它。

nginx' doc 说:

如果需要传输URI 未处理的表单 then 指令 proxy_pass 应该在没有 URI 的情况下使用 部分。

但我不明白如何准确配置它,因为相关示例实际上使用 URI:

location  /some/path/ {
  proxy_pass   http://127.0.0.1;
}

所以您能帮我弄清楚如何保留来自客户端的原始请求 URL 吗?

I was trying to use Thin app server and had one issue.

When nginx proxies the request to Thin (or Unicorn) using proxy_pass http://my_app_upstream; the application receives the modified URL sent by nginx (http://my_app_upstream).

What I want is to pass the original URL and the original request from client with no modification as the app relies heavily on it.

The nginx' doc says:

If it is necessary to transmit URI in
the unprocessed form then directive
proxy_pass should be used without URI
part.

But I don't understand how exactly to configure that as the related sample is actually using URI:

location  /some/path/ {
  proxy_pass   http://127.0.0.1;
}

So could you please help me figuring out how to preserve the original request URL from the client?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(8

冷血 2024-11-11 06:47:14

只是
proxy_set_header 主机 $host
我的箱子错过了港口。解决方法:



    location / {
     proxy_pass http://BACKENDIP/;
     include /etc/nginx/proxy.conf;
    }

然后在 proxy.conf 中



    proxy_redirect off;
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

根据 nginx 1.8.x 的 @iwein 注释进行更新(参见 https://stackoverflow.com/ a/57350306/548473):

iso proxy_set_header 主机 $host:$server_port; 使用 proxy_set_header 主机 $http_host

Just
proxy_set_header Host $host
miss port for my case. Solved by:



    location / {
     proxy_pass http://BACKENDIP/;
     include /etc/nginx/proxy.conf;
    }

and then in the proxy.conf



    proxy_redirect off;
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Update according @iwein comment for nginx 1.8.x (see https://stackoverflow.com/a/57350306/548473):

iso proxy_set_header Host $host:$server_port; use proxy_set_header Host $http_host

花之痕靓丽 2024-11-11 06:47:14

nginx 还提供了 $http_host 变量,它将为您传递端口。
它是主机和端口的串联。

所以你只需要这样做:

proxy_set_header Host $http_host;

nginx also provides the $http_host variable which will pass the port for you.
its a concatenation of host and port.

So u just need to do:

proxy_set_header Host $http_host;
醉殇 2024-11-11 06:47:14

如果某些内容修改了您尝试提供服务的位置,例如 try_files,这会保留对后端的请求:

location / {
  proxy_pass http://127.0.0.1:8080$request_uri;
}

In case something modifies the location that you're trying to serve, e.g. try_files, this preserves the request for the back-end:

location / {
  proxy_pass http://127.0.0.1:8080$request_uri;
}
倥絔 2024-11-11 06:47:14

其他发现此内容的人请注意:解决方案的核心
nginx不操作URL,就是去掉末尾的斜杠
复制:proxy_pass 指令。 http://my_app_upstream
http://my_app_upstream/ – 雨果·约瑟夫森

我在上面的评论中发现了这一点,但我认为这确实应该是一个答案。

Note to other people finding this: The heart of the solution to make
nginx not manipulate the URL, is to remove the slash at the end of the
Copy: proxy_pass directive. http://my_app_upstream vs
http://my_app_upstream/ – Hugo Josefson

I found this above in the comments but I think it really should be an answer.

假面具 2024-11-11 06:47:14

要完美转发而不需要截断请求的 absoluteURI 和标头中的 Host

server {
    listen 35005;

    location / {
        rewrite            ^(.*)$   "://$http_host$uri$is_args$args";
        rewrite            ^(.*)$   "http$uri$is_args$args" break;
        proxy_set_header   Host     $host;

        proxy_pass         https://deploy.org.local:35005;
    }
}

可在此处找到:https://opensysnotes.wordpress.com/2016/11/17/nginx-proxy_pass-with-absolute-url/

To perfectly forward without chopping the absoluteURI of the request and the Host in the header:

server {
    listen 35005;

    location / {
        rewrite            ^(.*)$   "://$http_host$uri$is_args$args";
        rewrite            ^(.*)$   "http$uri$is_args$args" break;
        proxy_set_header   Host     $host;

        proxy_pass         https://deploy.org.local:35005;
    }
}

Found here: https://opensysnotes.wordpress.com/2016/11/17/nginx-proxy_pass-with-absolute-url/

没有你我更好 2024-11-11 06:47:14

在我的场景中,我通过 nginx vhost 配置中的以下代码进行此操作

server {
server_name dashboards.etilize.com;

location / {
    proxy_pass http://demo.etilize.com/dashboards/;
    proxy_set_header Host $http_host;
}}

$http_host 将在标头中设置与请求相同的 URL

In my scenario i have make this via below code in nginx vhost configuration

server {
server_name dashboards.etilize.com;

location / {
    proxy_pass http://demo.etilize.com/dashboards/;
    proxy_set_header Host $http_host;
}}

$http_host will set URL in Header same as requested

花心好男孩 2024-11-11 06:47:14

对于我的身份验证服务器...这有效。我喜欢为 /auth 提供选项以实现我自己的人性化可读性...或者我也通过端口/上游为机器到机器配置它。

在conf的开头

####################################################
upstream auth {
    server 127.0.0.1:9011 weight=1 fail_timeout=300s;
    keepalive 16;
  }

在我的443服务器块内

          if (-d $request_filename) {
          rewrite [^/]$ $scheme://$http_host$uri/ permanent;
      }

  location /auth {
          proxy_pass http://$http_host:9011;
          proxy_set_header Origin           http://$host;
          proxy_set_header Host             $http_host:9011;
          proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade          $http_upgrade;
          proxy_set_header Connection       $http_connection;
          proxy_http_version 1.1;
      }

在conf的底部

#####################################################################
#                                                                   #
#     Proxies for all the Other servers on other ports upstream     #
#                                                                   #
#####################################################################


#######################
#        Fusion       #
#######################

server {
    listen 9001 ssl;

#############  Lock it down  ################

# SSL certificate locations
    ssl_certificate /etc/letsencrypt/live/allineed.app/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/allineed.app/privkey.pem;

# Exclusions

    include snippets/exclusions.conf;

# Security

    include snippets/security.conf;
    include snippets/ssl.conf;

# Fastcgi cache rules

    include snippets/fastcgi-cache.conf;
    include snippets/limits.conf;
    include snippets/nginx-cloudflare.conf;

###########  Location upstream ##############

    location  ~ / {
        proxy_pass http://auth;
        proxy_set_header Origin           http://$host;
        proxy_set_header Host             $host:$server_port;
        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade          $http_upgrade;
        proxy_set_header Connection       $http_connection;
        proxy_http_version 1.1;
    }
        if (-d $request_filename) {
        rewrite [^/]$ $scheme://$http_host$uri/ permanent;
    }
}

for my auth server... this works. i like to have options for /auth for my own humanized readability... or also i have it configured by port/upstream for machine to machine.

.

at the beginning of conf

####################################################
upstream auth {
    server 127.0.0.1:9011 weight=1 fail_timeout=300s;
    keepalive 16;
  }

Inside my 443 server block

          if (-d $request_filename) {
          rewrite [^/]$ $scheme://$http_host$uri/ permanent;
      }

  location /auth {
          proxy_pass http://$http_host:9011;
          proxy_set_header Origin           http://$host;
          proxy_set_header Host             $http_host:9011;
          proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade          $http_upgrade;
          proxy_set_header Connection       $http_connection;
          proxy_http_version 1.1;
      }

At the bottom of conf

#####################################################################
#                                                                   #
#     Proxies for all the Other servers on other ports upstream     #
#                                                                   #
#####################################################################


#######################
#        Fusion       #
#######################

server {
    listen 9001 ssl;

#############  Lock it down  ################

# SSL certificate locations
    ssl_certificate /etc/letsencrypt/live/allineed.app/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/allineed.app/privkey.pem;

# Exclusions

    include snippets/exclusions.conf;

# Security

    include snippets/security.conf;
    include snippets/ssl.conf;

# Fastcgi cache rules

    include snippets/fastcgi-cache.conf;
    include snippets/limits.conf;
    include snippets/nginx-cloudflare.conf;

###########  Location upstream ##############

    location  ~ / {
        proxy_pass http://auth;
        proxy_set_header Origin           http://$host;
        proxy_set_header Host             $host:$server_port;
        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade          $http_upgrade;
        proxy_set_header Connection       $http_connection;
        proxy_http_version 1.1;
    }
        if (-d $request_filename) {
        rewrite [^/]$ $scheme://$http_host$uri/ permanent;
    }
}
南汐寒笙箫 2024-11-11 06:47:13

我认为 proxy_set_header 指令可以提供帮助:

location / {
    proxy_pass http://my_app_upstream;
    proxy_set_header Host $host;
    # ...
}

I think the proxy_set_header directive could help:

location / {
    proxy_pass http://my_app_upstream;
    proxy_set_header Host $host;
    # ...
}
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文