0

Im in the process of implementing a RFC 7239 compatible forwarded header in an internal reverse proxy. In brief, the specification states that the values of the host and by components should be as follows:

  • host - the value of the host header as received by the proxy
  • by - the user agent facing interface of the proxy

Whats the difference between these two? If i have a proxy server facing the internet on the address http://myexampleserver.com, as i understand it both host and by would have the same value?

richzilla
  • 40,440
  • 14
  • 56
  • 86

1 Answers1

1

No, the original request will contain the requested site's DNS address as host header, not the proxy's DNS address.

The RFC mentions this host value's intended use:

This can be used, for example, by the origin server if a reverse proxy is rewriting the "Host" header field to some internal host name.

So, for example:

  • User agent requests http://example.com/foo through proxy http://yourexampleproxy/. Request will contain GET / http://example.com/foo and Host: example.com.
  • Your proxy translates, by configuration, the Host: example.com header to Host: some-internal-foo, and adds the Forwarded: host=example.com;by=yourexampleproxy header, so the origin server can inspect it.
Community
  • 1
  • 1
CodeCaster
  • 147,647
  • 23
  • 218
  • 272