nginx配置的server段:
listen 8888;
server_name wyc.com;
location /user {
proxy_set_header HOST fake.com;
proxy_set_header X-Real-IP 8.8.8.8;
proxy_set_header X-Forwarded-For 8.8.8.8,9.9.9.9;
proxy_pass http://wyc.com:8888/name;
}
location /name {
echo $host;
echo $proxy_add_x_forwarded_for;
echo $remote_addr;
}
如果直接调用http://wyc.com:8888/name 返回
localhost
127.0.0.1
127.0.0.1
将HOST修改为一个欺骗的host发送给代理服务器,调用http://wyc.com:8888/user
fake.com
8.8.8.8,9.9.9.9, 127.0.0.1
127.0.0.1
自定义header头
自定义的header头www,会默认被proxy_pass到后端,如果header头aaa是依赖于其他的header头而改变:例如取决于另一个header头xyz的值。
规则: $http_自定义header名 这里要注意 header名要都转成小写 中划线改成下划线
proxy_set_header www "2223";
proxy_set_header aaa $http_xyz;
请求:
curl -X GET
http://wyc.com:8888/wuyachao
-H 'cache-control: no-cache'
-H 'token: 3be0f904-ab22-5a9d-d389-57e584f30097'
-H 'user: wyc'
-H 'xyz: 123456'
结果:
{
"x-forwarded-for": "127.0.0.1",
"connection": "close",
"user": "wyc",
"accept-language": "zh-CN,zh;q=0.8,en;q=0.6",
"x-real-ip": "127.0.0.1",
"cache-control": "no-cache",
"host": "wwyycc.com",
"accept-encoding": "gzip, deflate",
"accept": "*/*",
"www": "2223",
"token": "aa68b268-a56d-5687-5542-9659c0b54bd4",
"xyz": "123456",
"aaa": "123456",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36"
}