开发者

lost custom http header when using nginx+passenger

开发者 https://www.devze.com 2023-03-04 18:21 出处:网络
I\'m trying to add some custom http headers for the authentication from mobile client, like {\'MOBILE_KEY\' => \'xxx\', \'MOBILE_SIGNATURE\' => \'yyy\'}

I'm trying to add some custom http headers for the authentication from mobile client, like

{'MOBILE_KEY' => 'xxx', 'MOBILE_SIGNATURE' => 'yyy'}

when I work with webrick/thin/mongrel in development, it works fine, but when I开发者_如何学C deployed it to the production server with nginx+passenger, the custom headers are removed, why? and what can I do?


There is a directive in nginx that says to ignore headers with a '_' in the name.

http://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers

That helped me, but rewriting your software to use the X- format may be even better.


Try using X- style naming for your custom headers. I ran into this problem when passing a header named "device_id". It would get stripped out somewhere in the nginx/Passenger layer. I suspect it was Passenger, but not sure.

I changed the header to "X-device-id" and the header was then available to me in my Rails controller as request.headers['X-device-id'].


You'll need to do two things:

  1. Make sure all your tokens start with "X-"

    example: "X-your-token"

  2. Configure nginx to pass this token through:

    proxy_pass_header X-mobile-access-token;


Just in case i was having exactly the same issue with Apache (httpd-service) + Passenger and just like all of you all i had to do was to change "access_token" to "access-token" from

curl --header "access_token:MnRj6qCefRc8NuYzcBvhUvRreEGVvxh9yuNe0XcOIoEA==" --data "uuid=cef8dfa1ae6cab68d8bd47e8137707ee" http://localhost/website/transactions/pull-latest

to

curl --header "access-token:MnRj6qCefRc8NuYzcBvhUvRreEGVvxh9yuNe0XcOIoEA==" --data "uuid=cef8dfa1ae6cab68d8bd47e8137707ee" http://localhost/website/transactions/pull-latest
0

精彩评论

暂无评论...
验证码 换一张
取 消