Geek Answers Handbook

Adding a custom header to ARR requests

I start the service behind IIS using ARR as a reverse proxy. I know that there are x-forwarded-for and x-arr-log-id headers that are passed together. However, I would like the private key to be transmitted so that the backup application explicitly recognizes that the request is not local (although the server is an ARR server). I saw a few posts about adding / replacing server variables, but this does not seem to happen through request headers in the support application.

I assume there must be some kind of web.config parameter that will do this, but so far no luck finding it.

Example: X-PRIVATE-TOKEN: We are the children of Korn!

So that I can trust the x-forwarded-for address, this is the actual address, and not just not trust all the proxy request IP addresses.

+8
iis reverse-proxy
source share
2 answers

to try:

 <rule name="myRule_01"> ... <serverVariables> <set name="HTTP_X_PRIVATE_TOKEN" value="We are the children of Korn!" /> </serverVariables> ... </rule>

The HTTP request header field will be: x-private-token

+3
source share

The answer kindly provided by IIS.net will look like this: this is part of the associated URL rewrite module:

Request headers are set using the same mechanism as server variables, but with a special naming convention. If the server variable name in the collection begins with "HTTP_", then this causes the HTTP request header to be set according to the following naming convention:

All underscores ("_") in the name are converted to barcode characters ("-"). All letters are converted to lowercase. Prefix "HTTP_" removed For example, the following configuration is used for the custom header x-original-host upon request:

<set name="HTTP_X_ORIGINAL_HOST" value="{HTTP_HOST}" />

+9
source share

More articles:


All Articles