Opened 10 years ago

Closed 10 years ago

Last modified 10 years ago

#578 closed defect (invalid)

X header with underscore is not correctly parsed when put above Host:

Reported by: Ahmy Yulrizka Owned by:
Priority: minor Milestone:
Component: nginx-core Version: 1.5.x
Keywords: Cc:
uname -a: Linux 3.13.0-29-generic #53-Ubuntu SMP Wed Jun 4 21:00:20 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.6.0
built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1)
TLS SNI support enabled
configure arguments: --prefix=/opt/nginx-1.6.0 --conf-path=/etc/nginx/nginx.conf --sbin-path=/opt/nginx-1.6.0/sbin/nginx --add-module=/var/chef/cache/headers_more/7e45d5cbe4ed6865b3bce4fcb6c05f13a52a315702335bcedf68691ad41d8294 --with-http_gzip_static_module --with-http_realip_module --with-http_ssl_module


I test this with nginx version 1.4.4 and 1.6.0

When setting up nginx as a load balancer, i notice some weird behavior

Step to reproduce

  1. enable default site '000-default'. create another site to be tested. (i did not see this behavior if there is only one site)
  1. create post

GET /users/current.json HTTP/1.1
X-SESSION_FOO: 9abcdef999999abcde.99999999

nginx will forward X-SESSION_FOO

  1. another post with custom session above host

GET /users/current.json HTTP/1.1
X-SESSION_FOO: 9abcdef999999abcde.99999999

nginx will NOT forward X-SESSION_FOO

  1. another post without underscore

GET /users/current.json HTTP/1.1
X-SESSION-FOO: 9abcdef999999abcde.99999999

nginx will forward X-SESSION-FOO

Some information

# /etc/nginx/sites-enabled/api.local
upstream api_general {



server {

listen *:80;
server_name lb

access_log /var/log/nginx/api.local.access.log timed_combined;
error_log /var/log/nginx/api.local.error.log;

underscores_in_headers on;
add_header Access-Control-Expose-Headers "X-SESSION_ID, Content-Type, Location";

location / {

proxy_pass http://api_general;



Change History (1)

comment:1 by Valentin V. Bartenev, 10 years ago

Resolution: invalid
Status: newclosed

It's expected behavior. Until the Host header is received nginx uses configuration from the default server block.

Version 0, edited 10 years ago by Valentin V. Bartenev (next)
Note: See TracTickets for help on using tickets.