Question 98479 in Nginx Question posted in
The official documentation can be found here.

How to relay outbound request from docker container to modify headers? – Nginx

I have an application that is running in Docker configured with an NGINX reverse proxy. The application is a binary, I don’t have source code and there’s no way to modify the header of an HTTP request from the app itself. My goal is to append a header field before the request is dispatched out of the host machine:

/// @dev some http proxy or similar
listener(PORT, function(request) {
  // 1) modifies header
  request.setHeader('FOO', 'bar')
  // 2) passes through to original or intended destination
  request.continue()
})

The key is to modify the request’s header within the host machine where the Docker app is running.

I looked at MITM proxies and to reroute the Docker outbound traffic with iptables or socat.

Is there anything you would suggest for this operation?

Tags:

2

Answers


  1. 0

    You could use Traefik reverse proxy v2.4+ with Traefik Pilot enabled and a plugin like Header transformation.

    You run Traefik as a container which routes the traffic to the other containers. You can then link your instance to Traefik Pilot using a token, which enables plugins. If you use labels in a docker-compose.yml file:

    services:
    traefik:
        # ...
        labels:
         - "--pilot.token=XXXXXXXX"
         # ...

    To add the plugin you can also add labels to the Traefik service and to your app too:

    services:
    traefik:
        # ...
        labels:
         # ...
         - "--entrypoints.web.address=:80"
         - "--pilot.token=XXXXXXXX"
         - "--experimental.plugins.htransformation.modulename=github.com/tommoulard/htransformation"
         - "--experimental.plugins.htransformation.version=v0.2.3"

    your_service:
        # ...
        labels:
         - "traefik.enable=true"
         - "traefik.http.routers.your_service.rule=Host(`some.host`)"
         - "traefik.http.routers.your_service.entrypoints=web"
         - "traefik.http.routers.your_service.middlewares=add_header"
         - "traefik.http.middlewares.add_header.plugin.htransformation.Rules[0].Name=set_foo"
         - "traefik.http.middlewares.add_header.plugin.htransformation.Rules[0].Header=FOO"
         - "traefik.http.middlewares.add_header.plugin.htransformation.Rules[0].Value=bar"
         - "traefik.http.middlewares.add_header.plugin.htransformation.Rules[0].Type=Set"

    You can also use other configuration files in YAML or TOML, everything is shown in the documentations.

    Login or Signup to reply.
  2. 0

    To add a header to an outgoing response, simply use add_header directive:

    location /foo/ {
  add_header name "value";
  proxy_pass http://my-legacy-app;
}

    To add a header to an outgoing request you can try a forward proxy:

    server {
  listen 127.0.0.121:80;
  
  location / {
    proxy_add_header name "value";
    proxy_pass http://$http_host$request;
  }
}

    This will work if you can make your application to send all outgoing requests to 127.0.0.121:80 (the forward proxy) instead of actual targets. For example you can make the legacy app container to use a dedicated DNS server, which will say that every host is on 127.0.0.121 (or any other value).

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search