• F5.com
  • GitHub
  • Devcentral
  • Support
F5
  • Products
    • BIG-IP Extensibility
      • F5 BIG-IP Application Services Extension 3
      • BIG-IP APM Access Guided Configuration
      • iApps LX/iControl LX
      • F5 BIG-IP Declarative Onboarding
      • F5 BIG-IP Telemetry Streaming
      • F5 BIG-IP Cloud Failover
      • F5 BIG-IP Application Services Templates
    • Container Ingress Services
      • F5 BIG-IP Controller for Kubernetes/OpenShift
      Network Function Virtualization
      • F5 VNF Manager
      SDK
      • F5 BIG-IP SDK Python
    • Ecosystems Integrations
      • F5 ACI ServiceCenter
      F5OS/VELOS
      • F5OS/VELOS API
      • F5OS/VELOS CLI
      OSS Acknowledgements
      • F5 OSS Acknowledgements
    • Orchestration
      • F5 BIG-IP Modules for Ansible
      • F5 BIG-IP Templates for AWS CloudFormation (GitHub)
      • F5 BIG-IP Templates for Azure ARM (GitHub)
      • F5 BIG-IP Templates for Google Cloud Deployment Manager (GitHub)
      • F5 Templates for OpenStack Heat
      • F5 BIG-IP Resources for Terraform Provider
  • APIs
      • F5 BIG-IQ API
      • F5 BIG-IP iApps
      • F5 BIG-IP iRules API
      • F5 BIG-IP iRulesLX API
      • F5 BIG-IP iControlREST API
      • F5 BIG-IP iControl API
      • F5 iHealth API
      • F5 tmsh scripting API
      • F5OS/VELOS API
      • F5OS/F5 rSeries API
  • Cloud & Container
    • Cloud Services
      • Get Started
      • Beacon
      • DNS Cloud Service
      • DNS Load Balancer Cloud Service
      • Essential App Protect Service
    • Clouds
      • AWS
      • Azure
      • Google Cloud
      • OpenStack
      • F5 Distributed Cloud Platform
    • Containers
      • Kubernetes
      • OpenShift
  • Resources
    • Downloads
      • Docker Hub
      • Docker Store
      OpenSource
      • F5Networks on GitHub
      • F5DevCentral on GitHub
    • Training & Labs

      • Learn how to get the most out of the F5 platform

      • Community
    • ARCHIVED DOCUMENTATION

      • Archived documentation for end-of-life products

    • LearnF5

      • Get up to speed with free self-paced courses

      DevCentral

      • Join the community of 250,000+ technical peers

Search tips
Version: latest
NGINX Modern Apps latest

Contents:

  • Class 1 - Intro to NGINX Plus
  • Class 2 - NGINX Plus CI/CD Lab
  • Class 3 - NGINX Dataplane Scripting
    • Getting Started
    • Hello World [http/hello]
    • Decode URI [http/decode_uri]
    • Extract JWT Payload into NGINX Variable [http/authorization/jwt]
    • Subrequests join [http/join_subrequests]
    • Secure hash [http/authorization/secure_link_hash]
    • File IO [misc/file_io]
    • Complex redirects using njs file map. [http/complex_redirects]
    • Injecting HTTP header using stream proxy [stream/inject_header]
    • Generating JWT token [http/authorization/gen_hs_jwt]
    • Choosing upstream in stream based on the underlying protocol [stream/detect_http]
    • Authorizing requests using auth_request [http/authorization/auth_request]
    • Authorizing requests based on request body content [http/authorization/request_body]
    • Subrequests chaining [http/subrequests_chaining]
    • Authorizing connections using ngx.fetch() as auth_request [stream/auth_request]
    • Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]
    • Converting response body characters to lower case [http/response/to_lower_case]
    • Reading subject alternative from client certificate [http/certs/subject_alternative]
  • Class 4 - Introduction to NGINX Instance Manager
  • Class 5 - Application Security and Observability with NAP
  • Class 6 - NGINX API Management
  • Class 7 - NGINX Kubernetes Ingress Controller, the new Rancher Manager and Rancher Kubernetes Engine 2
  • Class 8 - Mastering NGINX One: Performance Tuning and Security Hardening Best Practices
  • Class 9: Zero Trust at Scale with F5 NGINX
  • Class 10 - NMS API Connectivity Manager
  • Class 11 - F5 NGINX Plus Ingress Controller as an API Gateway for Kubernetes
  • Class 12 - The Path to Understanding Kubernetes and Containers
  • Class 13 - Maximize ROI with F5 NGINX App Protect(NAP) using Observability
  • Class 14 – Operationalize NGINX One Configuration and Enable Self-Service through Templates
  • Class 15 - Introduction to F5 AI Gateway
  • Class 16 - Beyond Models: A Practical Guide to Protecting Your AI-Powered Apps
On this page:
  • Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]
    • Code Snippets
NGINX Modern Apps > Class 3 - NGINX Dataplane Scripting Source | Edit on

Version notice:

Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]¶

NGINX Javascript uses the js_header_filter directive to modify headers sent by the upstream server before they are proxied back to the client. In this example, we remove any cookie that is shorter than the minimum length specified in a len argument on the query string.

Step 1: Use the following commands to start your NGINX container with this lab’s files:

EXAMPLE='http/response/modify_set_cookie'
docker run --rm --name njs_example  -v $(pwd)/conf/$EXAMPLE.conf:/etc/nginx/nginx.conf:ro -v $(pwd)/njs/:/etc/nginx/njs/:ro -p 80:80 -d nginx
Copy to clipboard

Step 2: Now let’s use curl to test our NGINX server:

curl http://localhost/modify_cookies?len=1 -v
  ...
< Set-Cookie: XXXXXX
< Set-Cookie: BB
< Set-Cookie: YYYYYYY

curl http://localhost/modify_cookies?len=3 -v
  ...
< Set-Cookie: XXXXXX
< Set-Cookie: YYYYYYY

docker stop njs_example
Copy to clipboard

Code Snippets¶

The upstream server listens on port 8080 and returns three Set-Cookie headers. In the server block listening on port 80, we proxy requests to the upstream, but call the main.cookies_filter method to inspect the headers returned.

nginx.conf¶
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
...

http {
  js_path "/etc/nginx/njs/";

  js_import main from http/response/modify_set_cookie.js;

  server {
        listen 80;

        location /modify_cookies {
            js_header_filter main.cookies_filter;
            proxy_pass http://localhost:8080;
        }
  }

  server {
        listen 8080;

        location /modify_cookies {
            add_header Set-Cookie "XXXXXX";
            add_header Set-Cookie "BB";
            add_header Set-Cookie "YYYYYYY";
            return 200;
        }
  }
}
Copy to clipboard

This njs code copies the response headers to a “cookies” variable and then creates a new set of headers that includes only the cookies that are longer than the length specified in the len argument.

modify_set_cookie.js¶
1
2
3
4
5
6
  function cookies_filter(r) {
      var cookies = r.headersOut['Set-Cookie'];
      r.headersOut['Set-Cookie'] = cookies.filter(v=>v.length > Number(r.args.len));
  }

  export default {cookies_filter};
Copy to clipboard
Previous Next

HAVE A QUESTION?

| Support and Sales >

FOLLOW US

About F5

  • Corporate Information
  • Newsroom
  • Investor Relations
  • Careers
  • About Clouddocs

Education

  • Training
  • Certification
  • LearnF5
  • Free Online Training

F5 sites

  • F5.com
  • DevCentral
  • Support Portal
  • Partner Central
  • F5 Labs

Support Tasks

  • Read Support Policies
  • Create Service Request
  • Leave Feedback [+]

©2024 F5, Inc. All rights reserved.

Trademarks | Policies | Privacy | California Privacy | Do Not Sell My Personal Information |