Rootop 服务器运维与web架构

请求头参数带下划线,后端无法接收(underscores_in_headers)

如果在请求头中有下划线的参数时,nginx则会默认屏蔽此头信息。


比如 access_token 之类的想用来做身份认证时,就不能用下划线,要用中线 – 替代。

可以在server{}段中添加参数,允许下划线,但是不推荐:

underscores_in_headers on;

这样nginx就会接受带下划线的请求头(nginx默认配置是off)。

提及此原因的说明在此:
https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/?highlight=underscores#missing-disappearing-http-headers
Missing (disappearing) HTTP Headers
If you do not explicitly set underscores_in_headers on;, NGINX will silently drop HTTP headers with underscores (which are perfectly valid according to the HTTP standard).
This is done in order to prevent ambiguities when mapping headers to CGI variables as both dashes and underscores are mapped to underscores during that process.

原创文章,转载请注明。本文链接地址: https://www.rootop.org/pages/4992.html

作者:Venus

专注于 服务器运维与web架构 E-mail:venus#rootop.org

评论已关闭。