For my REST API, I am trying to pass a custom header X-APP-ID
through an apache2 reverse proxy to the application hosting the API, however, it seems like apache2 is stripping away the header. It doesn't arrive at the application. Why is that?
Here is my apache2 config
<VirtualHost *:443>
ServerName $SERVER_NAME
ServerAlias $SERVER_ALIASES
# Make sure requests are rewritten to use https://
RewriteEngine on
RewriteCond %{HTTP_HOST} !^$SERVER_ALIASES [NC]
RewriteCond %{HTTP_HOST} !^$SERVER_NAME
RewriteRule ^/?(.*) https://$SERVER_NAME/$1 [L,R,NE]
SSLEngine on
SSLOptions +StrictRequire
<Directory />
Require all granted
SSLRequireSSL
</Directory>
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
# Enable SSL (disabling weak/vulnerable protocols)
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
SSLCertificateFile /etc/letsencrypt/live/$SERVER_NAME/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/$SERVER_NAME/privkey.pem
# Logging
LogLevel warn
CustomLog /var/log/apache2/access.log combined
# Static files
Alias /static/ [redacted]
Alias favicon.ico [redacted]
# If the URL mentions favicon, but is not acutally pointing to a file
# location, rewrite the url to point to the favicon file
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .*favicon\.ico$ [redacted] [L]
ProxyPass /static/ !
ProxyPass /media/ !
ProxyPass / http://localhost:8000/
ProxyPassReverse / http://localhost:8000/
</VirtualHost>
<VirtualHost *:80>
# Rewrite request to use SSL
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteCond %{REQUEST_URI} !/.well-known
RewriteRule ^/(.*) https://$SERVER_NAME/$1 [NC,R,L]
ServerName $SERVER_NAME
ServerAlias $SERVER_ALIASES
# Logging
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined
# Location for Let's Encrypt to read and write files
Alias /.well-known /var/www/html/.well-known
</VirtualHost>
When Django converts HTTP header to keys in request.META
, it converts all characters to uppercase, replaces hyphens with underscores, and adds an HTTP_
prefix.
Therefore you should access the X-APP-ID
HTTP header by using request.META['HTTP_X_APP_ID']
.