id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 2331 proxy_cookie_path / proxy_cookie_domain and custom cookie fileds Tux12Fun@… "Hi, currently I have to hide a web-page behind nginx but this website is using a cookie to set the redirect URL after the login and for other pages. I know a ugly solution, but I can't change the 3th party product. In my Browser this looks like this: (RESPONSE-HEADER WebTools Google Chrome) {{{ set-cookie: Replicate.3552.Redirect=/attunityreplicate/2021.5.0.1011/; Path=/attunityreplicate; HttpOnly }}} as I have to reverse proxy 3 of this instances on one host(domain) and port(443) I built sub locations to host this 3 instances like this: {{{ location ^~ /ate01/ { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_ssl_verify off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host:$server_port; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Original-URI $request_uri; proxy_hide_header 'access-control-allow-origin'; proxy_hide_header X-Frame-Options; proxy_hide_header x-content-type-options; proxy_hide_header x-xss-protection; sub_filter '/attunityreplicate' '/ate01/attunityreplicate'; sub_filter_types *; sub_filter_once off; proxy_cookie_path ~*/attunityreplicate(.*) /ate01/attunityreplicate$1; rewrite ^/ate01/(.*)$ /$1 break; proxy_pass https###10.x.x.xxx:3552/; proxy_redirect /attunityreplicate https://our.domain.com/ate01/attunityreplicate; proxy_redirect https###our.domain.com/attunityreplicate https###our.domain.com/ate01/attunityreplicate; } }}} **Replaced :// with ### because got the TAC Message max URLs reached** With the proxy_cookie_path parameter i was able to transform the cookie to this. (RESPONSE-HEADER WebTools Google Chrome) {{{ set-cookie: Replicate.3552.Redirect=/attunityreplicate/2021.5.0.1011/; Path=/ate01/attunityreplicate; HttpOnly }}} but how can i rewrite the Replicate.3552.Redirect= Part to /ate01/attunityreplicate/.... . Even after looking into the nginx source code i wasn't able to find a solution, but I have seen in ngx_http_proxy_module.c line 2742 a compare to ""path"" case insensitive, 2727 a compare to domains. So I wonderd if it would possible to provide a more generic method to lookup cookie keys with a regex and use a search and replace regex with backrefs. Or I'm totally wrong and the development Team of nginx has already implemented a proper solution to solve this, that I haven't found? " enhancement closed minor nginx-module 1.18.x invalid ngx_http_proxy_module,proxy_cookie_path,proxy_cookie_domain Tux12Fun@… Linux hostname 5.11.0-1029-gcp #33~20.04.3-Ubuntu SMP Tue Jan 18 12:03:29 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux "nginx version: nginx/1.18.0 (Ubuntu) built with OpenSSL 1.1.1f 31 Mar 2020 TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-KTLRnK/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-compat --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-mail=dynamic --with-mail_ssl_module "