Openresty cookies whitelist when using proxy_pass

I'm setting up an openresty reverse proxy that will dispatch traffic to one of 2 backends depending on the path.

I would like certain cookies from backend1 not to be passed to backend2.

How should I do ?

Here is an my nginx.conf :

worker_processes 1;
error_log stderr;

env BACKEND_URL;
env BACKEND2_URL;

events {
    worker_connections 1024;
}
http {
    resolver local=on;

    server {
        listen 80;

        root   /usr/share/nginx/html;
        include       /usr/local/openresty/nginx/conf/mime.types;
        
        set_by_lua $backend_url 'return os.getenv("BACKEND_URL")';
        set_by_lua $backend2_url 'return os.getenv("BACKEND2_URL")';

        location / {
            try_files $uri $uri/ /index.html;
        }

        location ~ /backend/(.*)$ {
            proxy_pass $backend_url$1$is_args$args;
        }

        location /backend2/ {
            access_by_lua_block {
                
            }
            proxy_pass $backend2_url;
        }
    }
}

You can use the following.

rewrite_by_lua_file /usr/local/openresty/lualib/remove_cookies.lua;
proxy_set_header Cookie $modified_cookie;
set $modified_cookie "";

And in your remove_cookies.lua file, have

local whiteList = { "cookiename1", "cookiename2" } ...
local newCookieHeader = nil
for index, value in ipairs(whiteList) do
    local cookieValue = assert(loadstring("return ".. "ngx.var.cookie_" .. value))()
    if cookieValue ~= nil then
        if newCookieHeader == nil then
            newCookieHeader = value .. "=" .. cookieRequestValue .. "; "
        else
            newCookieHeader = newCookieHeader .. value .. "=" .. cookieRequestValue .. "; "
        end
    end
end

ngx.var.modified_cookie = newCookieHeader

Openresty cookies whitelist when using proxy_pass

Related

Recent Posts