Nginx獲取自定義頭部header的值
http://blog.csdn.net/xbynet/article/details/51899286?_t=tjavascript
http://shift-alt-ctrl.iteye.com/blog/2331455css
http://blog.csdn.net/bao19901210/article/details/52537279 html
在參考了資料:
http://stackoverflow.com/questions/8393772/how-to-get-non-standard-http-headers-on-nginx
http://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers
http://serverfault.com/questions/297225/nginx-passing-back-custom-header
https://easyengine.io/tutorials/nginx/forwarding-visitors-real-ip/
http://www.ttlsa.com/nginx/nginx-proxy_set_header/java
後獲得以下:
一、nginx是支持讀取非nginx標準的用戶自定義header的,可是須要在http或者server下開啓header的下劃線支持:node
-
underscores_in_headers on;
二、好比咱們自定義header爲X-Real-IP,經過第二個nginx獲取該header時須要這樣:nginx
-
$http_x_real_ip; (一概採用小寫,並且前面多了個http_)
三、若是須要把自定義header傳遞到下一個nginx:web
-
若是是在nginx中自定義採用proxy_set_header X_CUSTOM_HEADER $http_host;
-
若是是在用戶請求時自定義的header,例如curl –head -H 「X_CUSTOM_HEADER: foo」 http://domain.com/api/test,則須要經過
proxy_pass_header X_CUSTOM_HEADER來傳遞
注意nginx 1.11.x後的版本才支持 request_id 內置變量api
示例:網絡
http{
underscores_in_headers on;
upstream myServer {
server 127.0.0.1:8082;
}
server { listen 80; server_name localhost; location / { proxy_set_header Some-Thing $http_x_custom_header;; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://myServer; } } }
示例:session
網絡架構:
源站 <--> 1層nginx代理 <--> 2層nginx代理 <--> CDN <-->客戶端
2層代理 nginx.conf
underscores_in_headers on;
log_format main '$http_x_forwarded_for`$remote_addr`$proxy_add_x_forwarded_for`[$time_local]`"$request"`' '$status`$body_bytes_sent`"$http_referer"`' '"$http_user_agent"`"$request_time"`' '$request_id`$upstream_response_time`$upstream_addr`$upstream_connect_time`$upstream_status';
2層代理站點配置:
location中設置 proxy_set_header
upstream pc_proxy_group_ssl {
ip_hash;
zone pc_proxy_group_ssl_up 1m;
server x.x.x.x:443 weight=10;
server x.x.x.x2:443 weight=10;
check interval=3000 rise=2 fall=5 timeout=2000 type=ssl_hello;
}
server { listen 443 ssl; server_name www.xx.com; access_log logs/www.xx.com.access.log main; ssl on; ssl_certificate SSL_Certificate/xx.com/_.xx.com.cer; ssl_certificate_key SSL_Certificate/xx.com/_.xx.com.key; ssl_session_timeout 5m; ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:WEAK112TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:FS256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA; ssl_prefer_server_ciphers on; location / { proxy_pass https://pc_proxy_group_ssl; proxy_redirect default; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Request-ID $request_id; }
}
注意:
若是想把 proxy_set_header 設置在 http 塊所有生效,那麼,server塊、location塊中不能再出現 proxy_set_header,若是能則不繼續
1層代理nginx.conf配置:
user nginx nginx; worker_processes auto;
worker_cpu_affinity auto; error_log logs/error.log; pid logs/nginx.pid; worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { ## HttpGuard lua_package_path "/etc/nginx/httpGuard/?.lua"; lua_shared_dict dict_system 10m; lua_shared_dict dict_black 50m; lua_shared_dict dict_white 50m; lua_shared_dict dict_challenge 100m; lua_shared_dict dict_byDenyIp 30m; lua_shared_dict dict_byWhiteIp 30m; lua_shared_dict dict_captcha 70m; lua_shared_dict dict_others 30m; lua_shared_dict dict_perUrlRateLimit 30m; lua_shared_dict dict_needVerify 30m; init_by_lua_file "/etc/nginx/httpGuard/init.lua"; access_by_lua_file "/etc/nginx/httpGuard/runtime.lua"; lua_max_running_timers 1; include mime.types; default_type application/octet-stream; log_format main '$http_x_forwarded_for`$remote_addr`$proxy_add_x_forwarded_for`[$time_local]`"$request"`' '$status`$body_bytes_sent`"$http_referer"`' '"$http_user_agent"`"$request_time"`' '$http_x_request_id`$upstream_response_time`$upstream_addr`$upstream_connect_time`$upstream_status'; log_format access '$remote_addr`[$time_local]`"$request"`' '$status`$body_bytes_sent`"$http_referer"`' '"$http_user_agent"`"$http_x_forwarded_for"`' '$http_x_request_id`$upstream_response_time`$upstream_addr`$upstream_connect_time`$upstream_status'; # proxy_ignore_client_abort on; proxy_headers_hash_max_size 2048; proxy_headers_hash_bucket_size 256; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 60; server_tokens off; proxy_hide_header X-Powered-By; proxy_hide_header X-AspNet-Version; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; client_max_body_size 100m; client_body_buffer_size 128k; client_body_temp_path /dev/shm/client_body_temp; proxy_connect_timeout 600; proxy_read_timeout 600; proxy_send_timeout 600; proxy_buffer_size 16k; proxy_buffers 32 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_temp_path /dev/shm/proxy_temp; map $http_x_forwarded_for $clientRealIp { "" $remote_addr; ~^(?P<firstAddr>[0-9\.]+),?.*$ $firstAddr; } include /etc/nginx/conf.d/*.conf; }
1層代理站點配置:
upstream pc_proxy_group {
ip_hash;
zone pc_proxy_group_ssl_up 1m;
server x.x.x.x:8080 weight=10;
server x.x.x.x2:8080 weight=10;
check interval=3000 rise=2 fall=5 timeout=2000 type=http;
check_http_send "GET /do_not_delete/check.html HTTP/1.0\r\n\r\n";
}
server {
listen 443 ssl;
server_name www.xx.com;
access_log logs/www.xx.com.access.log main;
ssl on;
ssl_certificate SSL_Certificate/xx.com/_.xx.com.cer;
ssl_certificate_key SSL_Certificate/xx.com/_.xx.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:WEAK112TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:FS256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://pc_proxy_group;
proxy_redirect default;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
若源站爲IIS,可以使用IIS 高級日誌記錄獲取httpd頭 X-Request-ID,其餘web容器經過其餘方法獲取請求ID
相關文章
- 1. Nginx獲取自定義頭部header的值
- 2. nginx 自定義header 如何獲取
- 3. Nginx獲取自定義請求header參數
- 4. 經過Nginx定義Header頭信息
- 5. Vue 獲取自定義屬性的值
- 6. ElementUI的Table-column_render-header自定義表頭
- 7. PHP獲取header頭部信息
- 8. XHR獲取自定義響應頭
- 9. Apache和Nginx自定義修改Response Header中的Location值
- 10. NG、域名、https 獲取不到header的自定義參數的值
- 更多相關文章...
- • 自定義TypeHandler - MyBatis教程
- • XML DOM 獲取節點值 - XML DOM 教程
- • RxJava操作符(十)自定義操作符
- • 使用阿里雲OSS+CDN部署前端頁面與加速靜態資源
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
