Nginx and source headers

Question

Nginx and source headers

I am developing web api using Play Framework. I use nginx as a reverse proxy. Since api will be used by embedded systems, the returned information should be as light as possible.

Play Framework in production mode returns excatly this: (HTTP RAW is taken from Fiddler)

HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Cache-Control: no-cache Content-Length: 14 aTqYu1mxQPy|10

However, when I put nginx between the user and api, the answer turns into this:

 HTTP/1.1 200 OK Server: nginx/1.2.0 Date: Sun, 05 Aug 2012 15:08:31 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 14 Connection: close Cache-Control: no-cache aTqYu1mxQPy|10

I do not need headers Server , Date , . They are automatically added by nginx. (or is it because I messed up the nginx configuration in my previous experiments)

Is there anyway to tell ngnix not to report any headers and pass them intact?

+1

nginx

Umut benzer Aug 05 '12 at 15:28

source share

1 answer

CyberDem0n · Accepted Answer · 2012-08-06T03:45:02+0000

You can change (and delete) any headers using a third-party module for nginx, https://github.com/agentzh/headers-more-nginx-module
But according to RFC 2616, in the HTTP protocol you can only remove the Server header.
Connection: close - used to close a permanent connection (HTTP / 1.1).
The Date header must be provided in HTTP / 1.1 in all requests, except when:

  1. If the response status code is 100 (Continue) or 101 (Switching Protocols), the response MAY include a Date header field, at the server option. 2. If the response status code conveys a server error, eg 500 (Internal Server Error) or 503 (Service Unavailable), and it is inconvenient or impossible to generate a valid Date. 3. If the server does not have a clock that can provide a reasonable approximation of the current time, its responses MUST NOT include a Date header field

As far as I know, nginx strictly monitors the RFC.

Nginx and source headers

More articles: