http://blog.csdn.net/xbynet/article/details/51899286?_t=t

http://shift-alt-ctrl.iteye.com/blog/2331455

http://blog.csdn.net/bao19901210/article/details/52537279

在参考了资料:
http://stackoverflow.com/questions/8393772/how-to-get-non-standard-http-headers-on-nginx
http://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers
http://serverfault.com/questions/297225/nginx-passing-back-custom-header
https://easyengine.io/tutorials/nginx/forwarding-visitors-real-ip/
http://www.ttlsa.com/nginx/nginx-proxy_set_header/

后得到如下:
1、nginx是支持读取非nginx标准的用户自定义header的,但是需要在http或者server下开启header的下划线支持:

  • underscores_in_headers on;

2、比如我们自定义header为X-Real-IP,通过第二个nginx获取该header时需要这样:

  • $http_x_real_ip; (一律采用小写,而且前面多了个http_)

3、如果需要把自定义header传递到下一个nginx:

  • 如果是在nginx中自定义采用proxy_set_header X_CUSTOM_HEADER $http_host;
  • 如果是在用户请求时自定义的header,例如curl –head -H “X_CUSTOM_HEADER: foo” http://domain.com/api/test,则需要通过proxy_pass_header X_CUSTOM_HEADER来传递

注意nginx 1.11.x后的版本才支持 request_id 内置变量

示例:

http{

    underscores_in_headers on;

    upstream myServer {

        server 127.0.0.1:8082;

    }
server { listen 80; server_name localhost; location / { proxy_set_header Some-Thing $http_x_custom_header;; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://myServer; } } }

示例:

网络架构:

源站 <-->  1层nginx代理 <-->  2层nginx代理 <--> CDN <-->客户端

2层代理  nginx.conf

    underscores_in_headers on;

    log_format  main  '$http_x_forwarded_for`$remote_addr`$proxy_add_x_forwarded_for`[$time_local]`"$request"`'

                      '$status`$body_bytes_sent`"$http_referer"`'

                      '"$http_user_agent"`"$request_time"`'

                      '$request_id`$upstream_response_time`$upstream_addr`$upstream_connect_time`$upstream_status';

2层代理站点配置:

location中设置 proxy_set_header

upstream pc_proxy_group_ssl {
        ip_hash;
        zone pc_proxy_group_ssl_up 1m;
        server x.x.x.x:443 weight=10;
        server x.x.x.x2:443 weight=10;
        check interval=3000 rise=2 fall=5 timeout=2000 type=ssl_hello;
}


server {

        listen      443 ssl;

        server_name www.xx.com;

        access_log  logs/www.xx.com.access.log  main;

        ssl                  on;

        ssl_certificate      SSL_Certificate/xx.com/_.xx.com.cer;

        ssl_certificate_key  SSL_Certificate/xx.com/_.xx.com.key;

        ssl_session_timeout  5m;

        ssl_protocols                   TLSv1.2 TLSv1.1 TLSv1;

        ssl_ciphers  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:WEAK112TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:FS256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

        ssl_prefer_server_ciphers   on;

        location / {

                proxy_pass https://pc_proxy_group_ssl;

                proxy_redirect default;

                proxy_set_header   Host             $host;

                proxy_set_header   X-Real-IP        $remote_addr;

                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

                proxy_set_header   X-Request-ID     $request_id;

        }
}

注意:

如果想把 proxy_set_header 设置在 http 块全部生效,那么,server块、location块中不能再出现 proxy_set_header,如果能则不继续

1层代理nginx.conf配置:

user nginx nginx;

worker_processes auto;
worker_cpu_affinity auto;

error_log  logs/error.log;

pid        logs/nginx.pid;

worker_rlimit_nofile 65535;

events {

    use epoll;

    worker_connections 65535;

}

http {

    ## HttpGuard

    lua_package_path "/etc/nginx/httpGuard/?.lua";

    lua_shared_dict dict_system 10m;

    lua_shared_dict dict_black 50m;

    lua_shared_dict dict_white 50m;

    lua_shared_dict dict_challenge 100m;

    lua_shared_dict dict_byDenyIp 30m;

    lua_shared_dict dict_byWhiteIp 30m;

    lua_shared_dict dict_captcha 70m;

    lua_shared_dict dict_others 30m;

    lua_shared_dict dict_perUrlRateLimit 30m;

    lua_shared_dict dict_needVerify 30m;

    init_by_lua_file "/etc/nginx/httpGuard/init.lua";

    access_by_lua_file "/etc/nginx/httpGuard/runtime.lua";

    lua_max_running_timers 1;

    include       mime.types;

    default_type  application/octet-stream;

    log_format  main  '$http_x_forwarded_for`$remote_addr`$proxy_add_x_forwarded_for`[$time_local]`"$request"`'

                      '$status`$body_bytes_sent`"$http_referer"`'

                      '"$http_user_agent"`"$request_time"`'

                      '$http_x_request_id`$upstream_response_time`$upstream_addr`$upstream_connect_time`$upstream_status';

    log_format  access  '$remote_addr`[$time_local]`"$request"`'

                      '$status`$body_bytes_sent`"$http_referer"`'

                      '"$http_user_agent"`"$http_x_forwarded_for"`'

                      '$http_x_request_id`$upstream_response_time`$upstream_addr`$upstream_connect_time`$upstream_status';

#    proxy_ignore_client_abort on;

    proxy_headers_hash_max_size 2048;

    proxy_headers_hash_bucket_size 256;

    sendfile    on;

    tcp_nopush  on;

    tcp_nodelay on;

    keepalive_timeout 60;

    server_tokens off;

    proxy_hide_header X-Powered-By;

    proxy_hide_header X-AspNet-Version;

    gzip    on;

    gzip_min_length 1k;

    gzip_buffers    4 16k;

    gzip_http_version 1.1;

    gzip_comp_level 2;

    gzip_types  text/plain  application/x-javascript text/css application/xml;

    gzip_vary on;

    client_max_body_size 100m;

    client_body_buffer_size 128k;

    client_body_temp_path /dev/shm/client_body_temp;

    proxy_connect_timeout 600;

    proxy_read_timeout 600;

    proxy_send_timeout 600;

    proxy_buffer_size 16k;

    proxy_buffers 32 32k;

    proxy_busy_buffers_size 64k;

    proxy_temp_file_write_size 64k;

    proxy_temp_path /dev/shm/proxy_temp;

    map $http_x_forwarded_for $clientRealIp {

        "" $remote_addr;

        ~^(?P<firstAddr>[0-9\.]+),?.*$ $firstAddr;

    }

    include /etc/nginx/conf.d/*.conf;

}

1层代理站点配置:

upstream pc_proxy_group {

        ip_hash;

        zone pc_proxy_group_ssl_up 1m;

        server x.x.x.x:8080 weight=10;

        server x.x.x.x2:8080 weight=10;

check interval=3000 rise=2 fall=5 timeout=2000 type=http;
        check_http_send "GET /do_not_delete/check.html HTTP/1.0\r\n\r\n";

}

server {

        listen      443 ssl;

        server_name www.xx.com;

        access_log  logs/www.xx.com.access.log  main;

        ssl                  on;

        ssl_certificate      SSL_Certificate/xx.com/_.xx.com.cer;

        ssl_certificate_key  SSL_Certificate/xx.com/_.xx.com.key;

        ssl_session_timeout  5m;

        ssl_protocols        TLSv1.2 TLSv1.1 TLSv1;

        ssl_ciphers  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:WEAK112TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:FS256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;

        ssl_prefer_server_ciphers   on;

        location / {

                proxy_pass http://pc_proxy_group;

                proxy_redirect default;

                proxy_set_header   Host             $host;

                proxy_set_header   X-Real-IP        $remote_addr;

                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

        }

}

若源站为IIS,可使用IIS 高级日志记录获取httpd头 X-Request-ID,其他web容器通过其他方法获取请求ID

Nginx获取自定义头部header的值的更多相关文章

  1. Spring启动时获取自定义注解的属性值

    1.自定义注解 @Target({ElementType.TYPE, ElementType.METHOD}) @Retention(RetentionPolicy.RUNTIME) @Documen ...

  2. nginx 获取自定义header头部信息

    为了排查线上的bug,需要在nginx的日志中,打印客户端上传上来的header头部信息,同时头部信息是自定义的.在尝试多重方案后,找到解决方法: log_format dm '"$remo ...

  3. js(jQuery)获取自定义data属性的值

    有时候因为需要在标签上设置自定义data属性值, <div class="col-sm-6 col-md-4" id="get_id" data-c_id ...

  4. js ajax设置和获取自定义header信息的方法总结

    目录 1.js ajax 设置自定义header 1.1 方法一: 1.2 方法二: 2.js ajax 获取请求返回的response的header信息 3.js ajax 跨域请求的情况下获取自定 ...

  5. nginx通过自定义header属性来转发不同的服务

    一.背景 因为需要上线灰度发布,只要nginx接收到头部为: wx_unionid: 就会跳转到另外一个url,比如: 通过配置nginx 匹配请求头wx_unionid 来转发到灰度环境.核心:客户 ...

  6. VS2008 C++ 利用WinHttp API获取Http请求/响应头部Header

    http://www.cnblogs.com/LCCRNblog/p/3833472.html 这一篇博客中,实现了获取http请求/响应后的html源码,现在需要获取http请求/响应的头部Head ...

  7. C# 如何获取自定义的config中节点的值,并修改节点的值

    现定义一个方法 DIYConfigHelper.cs using System; using System.Xml; using System.Configuration; using System. ...

  8. java反射机制获取自定义注解值和方法

    由于工作需求要应用到java反射机制,就做了一下功能demo想到这些就做了一下记录 这个demo目的是实现动态获取到定时器的方法好注解名称,废话不多说了直接上源码 1.首先需要自定义注解类 /** * ...

  9. nginx获取头部信息带下划线,获取不到解决方案

    nginx获取头部信息带下划线,获取不到解决方案 解决方案: 修改配置文件,进行添加信息如下: underscores_in_headers on; 然后进行重新加载: [root@qa-web co ...

随机推荐

  1. RC1意思

    软件各种版本的表示 alpha 内部测试版 beta 外部测试版 demo 演示版 Enhance 增强版或者加强版 属于正式版 Free 自由版 Full version 完全版 属于正式版 sha ...

  2. Linux及安全实践二

    Linux及安全实践二   基本内核模块 20135238 龚睿 1.  理解模块原理 linux模块是一些可以作为独立程序来编译的函数和数据类型的集合.之所以提供模块机制,是因为Linux本身是一个 ...

  3. 论cudnn与cuda之间的关系,和实际例子测试。

    1.其中cudnn是一个常见的神经网络层加速库文件,其能够很大程度的把加载到显卡上的网络层数据进行优化计算.cuda就像一个傻大粗的加速库,其主要是依靠的是显卡 计算速度跟一些算法的优化,而且其也是进 ...

  4. Java静态内存与动态内存分配的解析

    1. 静态内存 静态内存是指在程序开始运行时由编译器分配的内存,它的分配是在程序开始编译时完成的,不占用CPU资源. 程序中的各种变量,在编译时系统已经为其分配了所需的内存空间,当该变量在作用域内使用 ...

  5. 一个轻量级分布式 RPC 框架 — NettyRpc

    原文出处: 阿凡卢 1.背景 最近在搜索Netty和Zookeeper方面的文章时,看到了这篇文章<轻量级分布式 RPC 框架>,作者用Zookeeper.Netty和Spring写了一个 ...

  6. UVa 10375 选择与除法(唯一分解定理)

    https://vjudge.net/problem/UVA-10375 题意: 输入整数p,q,r,s,计算C(p,q)/C(r,s). 思路: 先打个素数表,然后用一个数组e来保存每个素数所对应的 ...

  7. ${user.home} is not working in jenkins windows system

    default setting create m2 in C:\Windows\system32\config\systemprofile change it to <localReposito ...

  8. codeforces 11 B.Jumping Jack 想法题

    B. Jumping Jack Jack is working on his jumping skills recently. Currently he's located at point zero ...

  9. sapply

    列表并非总是存储结果的最佳容器.有时,我们希望将结果放在一个向量或者矩阵中.sapply( )函数可以根据结果的结构将其合理简化.假设,我们将平方运算应用到 1:10 的每个元素上.如果使用 lapp ...

  10. platforms

    1.Qt551x86_vs2013 所有的 platforms文件夹 的路径: 1.1.E:\ZC_ProgramFiles_161104\Qt551_vs2013\5.5\msvc2013\plug ...