nginx的proxy_set_header

nginx配置的server段：

listen 8888;
server_name wyc.com;
location /user {
proxy_set_header HOST fake.com;
proxy_set_header X-Real-IP 8.8.8.8;
proxy_set_header X-Forwarded-For 8.8.8.8,9.9.9.9;
proxy_pass http://wyc.com:8888/name; }
location /name {
echo $host;
echo $proxy_add_x_forwarded_for;
echo $remote_addr;
}

如果直接调用http://wyc.com:8888/name 返回

localhost
127.0.0.1
127.0.0.1

将HOST修改为一个欺骗的host发送给代理服务器，调用http://wyc.com:8888/user

fake.com
8.8.8.8,9.9.9.9, 127.0.0.1
127.0.0.1

自定义header头

自定义的header头www，会默认被proxy_pass到后端，如果header头aaa是依赖于其他的header头而改变：例如取决于另一个header头xyz的值。

规则： $http_自定义header名 这里要注意 header名要都转成小写 中划线改成下划线

proxy_set_header www  "2223";
proxy_set_header aaa  $http_xyz;

请求：

curl -X GET \ http://wyc.com:8888/wuyachao \
-H 'cache-control: no-cache' \
-H 'token: 3be0f904-ab22-5a9d-d389-57e584f30097' \
-H 'user: wyc' \
-H 'xyz: 123456'

结果：

{
"x-forwarded-for": "127.0.0.1",
"connection": "close",
"user": "wyc",
"accept-language": "zh-CN,zh;q=0.8,en;q=0.6",
"x-real-ip": "127.0.0.1",
"cache-control": "no-cache",
"host": "wwyycc.com",
"accept-encoding": "gzip, deflate",
"accept": "*/*",
"www": "2223",
"token": "aa68b268-a56d-5687-5542-9659c0b54bd4",
"xyz": "123456",
"aaa": "123456",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36"
}