NGINX Modern Apps latest

Contents:

  • Class 1 - Intro to NGINX Plus
  • Class 2 - NGINX Plus CI/CD Lab
  • Class 3 - NGINX Dataplane Scripting
    • Getting Started
    • Hello World [http/hello]
    • Decode URI [http/decode_uri]
    • Extract JWT Payload into NGINX Variable [http/authorization/jwt]
    • Subrequests join [http/join_subrequests]
    • Secure hash [http/authorization/secure_link_hash]
    • File IO [misc/file_io]
    • Complex redirects using njs file map. [http/complex_redirects]
    • Injecting HTTP header using stream proxy [stream/inject_header]
    • Generating JWT token [http/authorization/gen_hs_jwt]
    • Choosing upstream in stream based on the underlying protocol [stream/detect_http]
    • Authorizing requests using auth_request [http/authorization/auth_request]
    • Authorizing requests based on request body content [http/authorization/request_body]
    • Subrequests chaining [http/subrequests_chaining]
    • Authorizing connections using ngx.fetch() as auth_request [stream/auth_request]
    • Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]
    • Converting response body characters to lower case [http/response/to_lower_case]
    • Reading subject alternative from client certificate [http/certs/subject_alternative]
  • Class 4 - Introduction to NGINX Instance Manager
  • Class 5 - Application Security and Observability with NAP
  • Class 6 - NGINX API Management
  • Class 7 - NGINX Kubernetes Ingress Controller, the new Rancher Manager and Rancher Kubernetes Engine 2
  • Class 8 - Mastering NGINX One: Performance Tuning and Security Hardening Best Practices
  • Class 9: Zero Trust at Scale with F5 NGINX
  • Class 10 - NMS API Connectivity Manager
  • Class 11 - F5 NGINX Plus Ingress Controller as an API Gateway for Kubernetes
  • Class 12 - The Path to Understanding Kubernetes and Containers
  • Class 13 - Maximize ROI with F5 NGINX App Protect(NAP) using Observability
  • Class 14 – Operationalize NGINX One Configuration and Enable Self-Service through Templates
  • Class 15 - Introduction to F5 AI Gateway
  • Class 16 - Beyond Models: A Practical Guide to Protecting Your AI-Powered Apps
On this page:
  • Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]
    • Code Snippets
NGINX Modern Apps > Class 3 - NGINX Dataplane Scripting Source | Edit on

Version notice:

Modifying or deleting cookies sent by the upstream server [http/response/modify_set_cookie]¶

NGINX Javascript uses the js_header_filter directive to modify headers sent by the upstream server before they are proxied back to the client. In this example, we remove any cookie that is shorter than the minimum length specified in a len argument on the query string.

Step 1: Use the following commands to start your NGINX container with this lab’s files:

EXAMPLE='http/response/modify_set_cookie'
docker run --rm --name njs_example  -v $(pwd)/conf/$EXAMPLE.conf:/etc/nginx/nginx.conf:ro -v $(pwd)/njs/:/etc/nginx/njs/:ro -p 80:80 -d nginx

Step 2: Now let’s use curl to test our NGINX server:

curl http://localhost/modify_cookies?len=1 -v
  ...
< Set-Cookie: XXXXXX
< Set-Cookie: BB
< Set-Cookie: YYYYYYY

curl http://localhost/modify_cookies?len=3 -v
  ...
< Set-Cookie: XXXXXX
< Set-Cookie: YYYYYYY

docker stop njs_example

Code Snippets¶

The upstream server listens on port 8080 and returns three Set-Cookie headers. In the server block listening on port 80, we proxy requests to the upstream, but call the main.cookies_filter method to inspect the headers returned.

nginx.conf¶
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
...

http {
  js_path "/etc/nginx/njs/";

  js_import main from http/response/modify_set_cookie.js;

  server {
        listen 80;

        location /modify_cookies {
            js_header_filter main.cookies_filter;
            proxy_pass http://localhost:8080;
        }
  }

  server {
        listen 8080;

        location /modify_cookies {
            add_header Set-Cookie "XXXXXX";
            add_header Set-Cookie "BB";
            add_header Set-Cookie "YYYYYYY";
            return 200;
        }
  }
}

This njs code copies the response headers to a “cookies” variable and then creates a new set of headers that includes only the cookies that are longer than the length specified in the len argument.

modify_set_cookie.js¶
1
2
3
4
5
6
  function cookies_filter(r) {
      var cookies = r.headersOut['Set-Cookie'];
      r.headersOut['Set-Cookie'] = cookies.filter(v=>v.length > Number(r.args.len));
  }

  export default {cookies_filter};
Previous Next