Use nginx as proxy to get around CORS - nginx

I am trying to use nginx as a proxy so that i can hit an API directly from a browser.
Currently. I wrote the nginx line below,
location /binance-api {
add_header Access-Control-Allow-Origin *;
rewrite ^/binance-api/(.*) /$1 break;
proxy_pass http://api.binance.com;
}
Basically whenever i try to hit the server containing nginx
http://nginx-server/binance-api/
I want nginx to hit http://api.binance.com instead.
But for some reason, judging by inspecting XHR responses, my request URL itself keeps getting redirected to https://api.binance.com and CORS would trigger and my request will fail.
What am I missing here?
Thanks

Related

Can a response from an http request alter the base address in the next client request?

I have an octoprint server running at http://192.168.1.205. I also have an nginx server hosting myDomain. I want to be able to use the nginx server to pass on a request for http://myDomain/octo to http://192.168.1.205 using a reverse proxy. Here is my nginx code...
server {
server_name myDomain;
location /octo/ {
rewrite ^/octo/(.*) /$1 break; #strip /octo from url
proxy_pass http://192.168.1.205;
}
}
The first http://myDomain/octo request is passed on to http://192.168.1.205 correctly. But after the first response the code in the client makes another request to http://myDomain/moreUri. Since this uri doesn't have /octo nginx doesn't know to send it to http://192.168.1.205/moreUri. Is there a way to have nginx change something in the first response so that the client then makes following requests to http://myDomain/octo/moreUri?
I was able to accomplish this for a case where the octoprint server responded with a redirect. I used ...
proxy_redirect http://192.168.1.205/ http://myDomain/octo/;
and it worked. But that only works on redirects and the following requests were wrong again.
Is there a way to have nginx change something in the first response so
that the client then makes following requests to
http://myDomain/octo/moreUri?
I am not aware that this is possible.
What about to adjust the nginx configuration accordingly ? using location / to process all requests within that block and add an additional redirect directive to address the "Since this uri doesn't have /octo nginx doesn't know to send it to http://192.168.1.205/moreUri" should do the trick.
server {
server_name myDomain;
location / {
rewrite ^/octo/(.*) /$1 break; #strip /octo from url
rewrite ^/(.*)/(.*) /octo/$2 break; #rewrite /moreURI to /octo/moreURI
proxy_pass http://192.168.1.205;
}
}
No matter if the above nginx reconfiguration fixes your issue, i assume the root cause why you need to configure the nginx as reverse proxy in this way might be a misconfigured (or not optimally configured) application. Check the config file if it is possible to configure the applications base path. If so, set it to /octo/ (so the application itself prepends /octo/ to all the links it presents to the user and all requests to the backend automatically) and adjust the rewrite rules accordingly.

How can I rewrite parts of a Location header with nginx?

I'm trying to setup a reverse proxy nginx in a docker-compose setup I have. It works fairly well, but I have a problem with a 302 redirect.
The nginx server runs on https://localhost:1253. When I return the redirect within my internal server, nginx will use the internal name (serviceweb) of my docker container in the redirect uri. This is my redirect uri:
https://accounts.google.com/o/oauth2/v2/auth?response_type=code&<...>&redirect_uri=https%3A%2F%serviceweb%2Fsignin-google...
I'd like to change serviceweb to localhost:1253.
How can I do this with nginx?
I've tried this simple setup:
location / {
proxy_pass https://serviceweb;
proxy_redirect serviceweb localhost:1253;
}
But this does not quite work. The location header still contains the original value. I'm sure I somehow have a problem in the proxy_redirect rule , but I'm not sure how. There's a regex based way of doing it according to http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_redirect, and I think my current setup would work with that.
What am I doing wrong?

How to escape "?" in nginx rewrite rule output

I am trying to reverse proxy in nginx, rewriting a front end page like "/a/b?page=2" into a backend request to "/a/b%3fpage=2"
I cannot figure out how to get nginx to make reverse proxy requests which include "%3f".
With the following config:
rewrite ^/one$ /a%3fb;
rewrite ^/two$ /a?b;
rewrite ^/three$ /a\?b;
/one makes a backend request like GET /a%253fb HTTP/1.0
/two makes a backend request like GET /a?b HTTP/1.0
/three makes a backend request like GET /a\?b HTTP/1.0
How can I get a backend request like GET /a%3fb HTTP/1.0?
Thanks to #Richard Smith's comment, I was able to fix this for my specific case with the following code:
location / {
set $backend_uri $request_uri;
if ($args ~* "page=(\d+)") {
set $page $1;
set $backend_uri $uri%3fpage=$1;
}
proxy_pass http://example.com$backend_uri;
}
I think that I might also have been able to do something more general with the lua rewrite directive, but I was unable to install mod-lua on an Amazon Linux 2 machine, see https://serverfault.com/questions/961337/how-to-install-nginx-mod-lua-on-amazon-linux-2

Redirect/Rewrite (in nginx) Requests to Subdirectory to S3-Compatible Bucket

I am attempting to get nginx to redirect/rewrite requests to a specific subdirectory so that they are served by an S3-compatible bucket instead of the server. Here is my current server block:
{snip} (See infra.)
Despite fiddling with this for some time now, I've only been able to get it to return 404s.
Additional Information
https://omnifora.com/t/redirect-rewrite-in-nginx-requests-to-subdirectory-to-s3-compatible-bucket/402
Attempts Solutions So Far
rewrite
rewrite ^/security-now/(.*) $scheme://s3.us-west-1.wasabisys.com/bits-podcasts/security-now/$1;
return
return 302 $scheme://s3.us-west-1.wasabisys.com/bits-podcasts/security-now/$1;
proxy_pass
proxy_set_header Host s3.us-west-1.wasabisys.com;
proxy_pass $scheme://s3.us-west-1.wasabisys.com/bits-podcasts/security-now/$1;
You can't use rewrite for cross-domain redirections, for this case you must use proxy_pass, for example:
location ~ ^/directory1/(.*) {
proxy_set_header Host s3.us-west-1.wasabisys.com;
proxy_pass $scheme://s3.us-west-1.wasabisys.com/target-bucket/security-now/$1;
}
Note that if you specify your server with domain name instead or IP address, you'll need to specify additional parameter resolver in your server configuration block, for example:
server {
...
resolver 8.8.8.8;
...
}
Update.
It seems I was wrong stating that you can't use rewrite for cross-domain redirections. You can, but in this case your user got HTTP 301 redirect instead of "transparent" content delivery. Maybe you got 404 error because you missed a $ sign before scheme variable?

Nginx proxy redirect without changing url

I have a nginx (:80) and an upstream server (:8080) running on my machine.
I want to proxy all requests to /assets/(*.?) to upstream's /upstream/$1 location.
The upstream server redirects (302) /upstream/file_id to the /real/file/location.ext
Here is my code:
location /assets/ {
rewrite ^/assets/(.*) /upstream/$1 break;
proxy_pass http://127.0.0.1:8000;
}
This seems to work, but on the client side I get the redirected location:
http://myserver.com/real/file/location.ext
I kinda want to hide it so that it stays:
http://myserver.com/assets/file_id
The idea behind this is to make the upstream server find the real file's location, but let the nginx serve the file without giving away its real location. Is this even possible?
first you're using 8000 in proxy_pass, but you're mentioning your port is 8080.
Second, remove the rewrite line should do the trick, because youre actually using the rewrite rule here and never get to the proxy_pass line. Something like the following should work:
location /assets/ {
include proxy_params;
proxy_pass http://127.0.0.1:8080;
}
There are also proxy_rewrite and proxy_redirect commands which might help you in getting this upstream-redirect handled internally by nginx.
Hope that helps!

Resources