3

我正在使用 Play Framework 开发一个 web api。我使用 nginx 作为反向代理。由于 api 将被嵌入式系统使用,因此返回的信息应尽可能简单。

生产模式下的 Play Framework 异常返回:(RAW HTTP 取自 Fiddler)

HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache
Content-Length: 14

aTqYu1mxQPy|10

但是,当我在用户和 api 之间放置 nginx 时,响应变成了这样:

HTTP/1.1 200 OK
Server: nginx/1.2.0
Date: Sun, 05 Aug 2012 15:08:31 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 14
Connection: close
Cache-Control: no-cache

aTqYu1mxQPy|10

我根本不需要ServerDateConnection标头。它们由 nginx 自动添加。(或者是因为我在之前的实验中弄乱了我的 nginx 配置)

有没有办法告诉 ngnix 不要告诉任何标题并原封不动地传递它们?

4

2 回答 2

3

您可以使用 nginx 的第三方模块修改(和删除)任何标头,https://github.com/agentzh/headers-more-nginx-module
但根据 RFC 2616,在 HTTP 协议中,您只能删除服务器标头.
Connection: close - 用于关闭持久 (HTTP/1.1) 连接。在所有请求中,必须在 HTTP/1.1 中显示
日期标头,但以下情况除外:

  1. If the response status code is 100 (Continue) or 101 (Switching
     Protocols), the response MAY include a Date header field, at
     the server's option.

  2. If the response status code conveys a server error, e.g. 500
     (Internal Server Error) or 503 (Service Unavailable), and it is
     inconvenient or impossible to generate a valid Date.

  3. If the server does not have a clock that can provide a
     reasonable approximation of the current time, its responses
     MUST NOT include a Date header field

据我所知,nginx 严格遵循 RFC。

于 2012-08-06T03:45:02.493 回答
0

这是 nginx 源删除“连接”标头的补丁:http: //mailman.nginx.org/pipermail/nginx-devel/2017-February/009440.html

diff -r d2b2ff157da5 -r 25129d5509b8 src/http/ngx_http_header_filter_module.c
--- a/src/http/ngx_http_header_filter_module.c  Tue Jan 31 21:19:58 2017 +0300
+++ b/src/http/ngx_http_header_filter_module.c  Thu Feb 02 02:14:06 2017 +0800
@@ -389,7 +389,9 @@
         }

     } else {
-        len += sizeof("Connection: close" CRLF) - 1;
+        if (clcf->keepalive_header != 0) {
+            len += sizeof("Connection: close" CRLF) - 1;
+        }
     }

 #if (NGX_HTTP_GZIP)
@@ -560,8 +562,10 @@
         }

     } else {
-        b->last = ngx_cpymem(b->last, "Connection: close" CRLF,
-                             sizeof("Connection: close" CRLF) - 1);
+        if (clcf->keepalive_header != 0){
+             b->last = ngx_cpymem(b->last, "Connection: close" CRLF,
+                                  sizeof("Connection: close" CRLF) - 1);
+        }
     }

 #if (NGX_HTTP_GZIP)

这是 nginx 删除其他标头的模块: https ://github.com/openresty/headers-more-nginx-module

keepalive_timeout 0;
keepalive_requests 0;

chunked_transfer_encoding off;

more_clear_headers 'Cache-Control';
more_clear_headers 'Content-Type';
more_clear_headers 'Date';
more_clear_headers 'Expires';
more_clear_headers 'Server';
more_clear_headers 'X-Debug-Token';
more_clear_headers 'X-Debug-Token-Link';
more_clear_headers 'X-Powered-By';
more_clear_headers 'X-Robots-Tag';
于 2020-06-08T02:21:23.757 回答