1 message in ru.sysoev.nginxHost header lost on internal redirect...
FromSent OnAttachments
Brice FigureauMay 15, 2007 5:14 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Host header lost on internal redirect in SSL vhost ?Actions...
From:Brice Figureau (bric@public.gmane.org)
Date:May 15, 2007 5:14:16 am
List:ru.sysoev.nginx

Hi,

It seems that when I address http://www.domain.com/?args to my nginx front-end proxy (which proxies to apache), the Host header is not sent to the upstream server as it should if the vhost is SSL enabled (I couldn't reproduce it on a non ssl server).

In the log below, you can see that it uses Host: 127.0.0.1 even though the client gave to the proxy Host: www.domain.com

I'm unsing proxy_set_header Host $host in the http{} section. A workaround was to use: proxy_set_header Host $server_name; or proxy_set_header Host $http_host; directly in the https server.

Here is the config I'm using with nginx 0.5.16:

______________________________ worker_processes 1;

error_log /var/log/nginx/error.log notice; pid /var/run/nginx.pid;

events { worker_connections 1024; }

http { include /etc/nginx/mime.types; default_type application/octet-stream;

log_format main '$server_name $remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" ' '$connection "$pipe" "$request_time"';

server_names_hash_bucket_size 64;

access_log /var/log/nginx/access.log; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m;

client_header_buffer_size 1k; large_client_header_buffers 4 4k;

gzip on; gzip_min_length 400; gzip_buffers 4 8k; gzip_types text/plain text/css application/x-javascript image/icon;

output_buffers 1 32k; postpone_output 1460;

sendfile on; tcp_nopush on; tcp_nodelay on;

keepalive_timeout 75 20;

map_hash_bucket_size 64; map $http_host $name { include /etc/nginx/vhosts.conf; }

proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

client_max_body_size 10m; client_body_buffer_size 128k;

client_body_temp_path /var/lib/nginx/client_body_temp;

proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90;

proxy_buffer_size 4k; proxy_buffers 8 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k;

proxy_temp_path /var/lib/nginx/proxy_temp;

... various server directives

# HTTPS server # server { listen 111.222.333.444:443 default deferred backlog=1024; server_name www.domain.com;

access_log /var/log/nginx/access.log main;

ssl on; ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:!LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on;

ssl_certificate /etc/ssl/www.domain.com.crt; ssl_certificate_key /etc/ssl/www.domain.com.key;

location / { root /var/www/www.domain.com; index index.php index.html index.htm; }

location ~* \.php$ { proxy_pass http://127.0.0.1; proxy_set_header X_FORWARDED_PROTO https; proxy_set_header HTTP_X_FORWARDED_PROTO https; proxy_set_header HTTPS on; proxy_redirect default; }

# redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /var/www/nginx-default; }

# deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } } ... various server directives }

----------------------------------------------------------------------------------

Here is the debug log, slightly edited: 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http request line: "GET
/?t=buypower HTTP/1.1" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http uri: "/" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http args: "t=buypower" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http exten: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http process request header line 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Host: www.domain.com" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "User-Agent:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.11) Gecko/20070312
Firefox/1.5.0.11" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Accept-Language:
de,en;q=0.7,en-us;q=0.3" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Accept-Encoding:
gzip,deflate" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Keep-Alive: 300" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Connection:
keep-alive" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Referer:
http://www.daysofwonder.com/" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header: "Cookie:
dow_session_1028012093=XYZ; frm_referer_id=23737; 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http header done 2007/05/15 09:58:14 [debug] 4552#0: *4048677 event timer del: 41: 2395034937 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 0 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 1 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location for "/" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location: "/" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location: = "/50x.html" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location: ~ "\.php$" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location: ~ "/\.ht" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 using configuration "/" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http cl:-1 max:10485760 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 3 2007/05/15 09:58:14 [debug] 4552#0: *4048677 post rewrite phase: 4 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 5 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 6 2007/05/15 09:58:14 [debug] 4552#0: *4048677 access phase: 7 2007/05/15 09:58:14 [debug] 4552#0: *4048677 access phase: 8 2007/05/15 09:58:14 [debug] 4552#0: *4048677 post access phase: 9 2007/05/15 09:58:14 [debug] 4552#0: *4048677 content phase: 10 2007/05/15 09:58:14 [debug] 4552#0: *4048677 open index
"/var/www/www.domain.com/index.php" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 add cleanup: 08185FF0 2007/05/15 09:58:14 [debug] 4552#0: *4048677 internal redirect:
"/index.php?t=buypower" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 1 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location for "/index.php" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location: "/" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location: = "/50x.html" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 find location: ~ "\.php$" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 using configuration "\.php$" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http cl:-1 max:10485760 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 3 2007/05/15 09:58:14 [debug] 4552#0: *4048677 post rewrite phase: 4 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 5 2007/05/15 09:58:14 [debug] 4552#0: *4048677 generic phase: 6 2007/05/15 09:58:14 [debug] 4552#0: *4048677 access phase: 7 2007/05/15 09:58:14 [debug] 4552#0: *4048677 access phase: 8 2007/05/15 09:58:14 [debug] 4552#0: *4048677 post access phase: 9 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http init upstream, client timer: 0 2007/05/15 09:58:14 [debug] 4552#0: *4048677 epoll add event: fd:41 op:3
ev:80000005 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http script copy: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http script copy: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http script copy: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http script copy: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http script var: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http script copy: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http script copy: "" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header: "User-Agent:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.11) Gecko/20070312
Firefox/1.5.0.11" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header: "Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header:
"Accept-Language: de,en;q=0.7,en-us;q=0.3" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header:
"Accept-Encoding: gzip,deflate" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header: "Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header: "Referer:
http://www.domain.com/" 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header: "Cookie:
dow_session_1028012093=XYZ; frm_referer_id=23737; 2007/05/15 09:58:14 [debug] 4552#0: *4048677 http proxy header: "GET /?t=buypower HTTP/1.0 X_FORWARDED_PROTO: https HTTP_X_FORWARDED_PROTO: https HTTPS: on Host: 127.0.0.1 Connection: close User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.11)
Gecko/20070312 Firefox/1.5.0.11 Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: de,en;q=0.7,en-us;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Referer: http://www.domain.com/ Cookie: dow_session_1028012093=XYZ; frm_referer_id=23737;

"

Thanks,