Nginx reverse proxy refer HTTP header only works for the first GET request

1

I've been struggling with my two Nginx servers and searched a lot but no luck.

Here is the scenario:

I have a backend server with a third party application on it and a pre-configured Nginx which is working fine independently. But now I want to add a reverse proxy to hide this server from users. Everything works fine when I test it with two Nginx that I myself configured but when I route the traffic from the proxy server to the backend server, just some of the contents of the website loads in the browser.

The only difference that I noticed is that whenever I am connecting to the backend server directly, I can see the following in the access.log of the backend server:

10.251.100.3 - - [08/Jul/2019:14:13:53 +0430] "GET /some/path/2 HTTP/1.1" 200 2762 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"
10.251.100.3 - - [08/Jul/2019:14:13:54 +0430] "GET /some/uri/file.css HTTP/1.1" 200 37276 "https://backend.server.com/some/path/2" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"

But when I am accessing the backend server through the proxy server I see:

10.251.100.4 - - [08/Jul/2019:14:18:27 +0430] "GET / HTTP/1.0" 200 17624 "https://backend.server.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"
10.251.100.3 - - [08/Jul/2019:14:18:29 +0430] "GET /some/uri/file.css HTTP/1.1" 200 37276 "https://server.com/proxy" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-" "backend.server.com"

I did add proxy_set_header Refer "https://backend.server.com" to my proxy server location directive but it seems that it is not changing anything. As you can see, it just sends the HTTP referrer for first GET request and does not change the following requests.

Below is my Nginx config for the proxy server.

                server {

        listen 443;
        server_name server.com;

        ssl_certificate           /etc/nginx/cert.crt;
        ssl_certificate_key       /etc/nginx/cert.key;

        ssl on;
        ssl_session_cache  builtin:1000  shared:SSL:10m;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
        ssl_prefer_server_ciphers on;
        gzip  on;
        gzip_min_length 1000;
        gzip_proxied no-cache no-store private expired auth;
        gzip_types text/plain text/css application/javascript text/javascript text/xml application/xml application/json;
        gunzip on;


        access_log /var/log/nginx/secure.access.log;
        error_log /var/log/nginx/secure.error.log debug;
        location /proxy {
             proxy_set_header Referer "https://backend.server.com";
             proxy_pass https://backend.server.com/;
             proxy_set_header Host backend.server.com;
             proxy_set_header X-Forwarded-For "-";
             gzip_static on;
             #proxy_connect_timeout      18000;
             #proxy_send_timeout         18000;
             #proxy_read_timeout         18000;
             add_header Referer "https://backend.server.com/";
             }

    }

Edit

I noticed an error regarding CORS in the client's browser as shown below:

Error image link

Where should I change my config and how?

Thanks for your help!

Yavar

Posted 2019-07-08T10:09:51.240

Reputation: 11

No answers

Asked: 2019-07-08T10:09:51.240

Viewed: 32 times

Active: 2019-07-10T10:35:40.983