@thrnd/http-proxy v1.5.2
@thrnd/http-proxy
@thrnd/http-proxy is a proxy service intended for supporting local development. It allows you to quickly
define rules that you need to properly run and develop your local services and properly accessing the remote services.
Example use cases:
- rewrite cookies set by the origin service;
- rewrite location headers set by the origin service;
- rewrite urls in responses from the origin service.
Usage
npx
npx @thrnd/http-proxy -c path/to/your/rewrite.jsondocker-compose
Download the contents of the docker folder from this repository and run docker-compose up in the folder.
See the docker/README.md for more information.
Run from source code repository
npm start -c rewrites.json -p 8000If you want to use the proxy with a different port, you can use the -p flag. \
If you want to use a different configuration file, you can use the -c flag.
Changing the host for rewrites
If you want to change the host for cookie and redirect rewrites, you can use the -h flag.
npm start -h https://127.0.0.1.nip.ioVerbosity
To change the verbosity of the proxy, you can use the LOG_LEVEL environment variable.
env "LOG_LEVEL=debug" npm startAll available LOG_LEVELs are:
errorwarninfodebug
Default is info.
Configuration file
The configuration file is a JSON file that contains an array of objects.\
Each object has a source and a target property. The source property is the path that you want to proxy.\
The target property is the URL that you want to proxy to.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000"
}
]Rewrite options
response.rewrite.cookies
Use cases: Authorization services, APIs.
If this property is set to true, cookies set by the target service will be rewritten to the proxy host.
response.rewrite.redirects
Use cases: API services, redirects.
If this property is set to true, location headers set by the target service will be rewritten to the proxy host, if they are targeting the proxied service.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"rewrite": {
"redirects": true
}
}
}
]response.rewrite.rebase
Use cases: SPAs, forms.
You can also set response.rewrite.rebase to true to rewrite the body contents of the request. This is useful if you are having issues with asset urls, form action urls etc.
It will rewrite the body contents of the request to the target url.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"rewrite": {
"rebase": true
}
}
}
]By default, it will only modify contents of text/html content types. If you want to modify other content types, you can set the rebase.match.contentTypes property to an array of content types.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"rewrite": {
"rebase": {
"match": {
"contentTypes": ["text/html", "application/json"]
}
}
}
}
}
]matchAbsolutePathsByReferer (CLI)
Use cases: SPAs
default: true
NOTE: This option is set via CLI flag --rebaseAbsolutePathsByReferer, not in the config file.
This option will help if you are proxying a service that requests assets from itself using absolute paths and you cannot or doesn't want to change the base url.
When this option is enabled, if an app requests a resource via an absolute path to itself, the path will automatically be rebased and forwarded to the requesting service.
Example:
SPA proxied under /admin-panel requests /assets/img/logo.png
Browser send request:
GET /assets/img/logo.png HTTP/1.1
Referer: http://localhost:3000/admin-panel/index.html
...Proxy will check the referer header for matching service and rebase the path to /admin-panel/assets/img/logo.png
warning: In order for this to work properly, request must be made with proper referer header set to requesting service.
response.cors
Use cases: API services
In all use cases:
- the proxy will set the
Access-Control-Allow-Methodsheader toGET, POST, PUT, PATCH, DELETE, OPTIONS. - the proxy will set the
Access-Control-Allow-Headersheader toX-Requested-With, Content-Type, Accept, Origin, Authorization, Cache-Control, Pragma, Expires.
Value of Access-Control-Allow-Origin and Access-Control-Allow-Credentials varies depending on the set value of cors:
true
If this property is set to true, the proxy will add Access-Control-Allow-Origin: * header to the response.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"cors": true
}
}
]"proxy"
If this property is set to proxy, the proxy will add Access-Control-Allow-Origin: http://{proxy host}:{proxy port} header and Access-Control-Allow-Credentials: true header to the response.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"cors": "proxy"
}
}
]"referer"
If this property is set to referer, the proxy will add Access-Control-Allow-Origin: http://{referer origin} header and Access-Control-Allow-Credentials: true header to the response.
warning: In order for this to work properly, request must be made with proper referer header set to requesting service.\
If referer header is not set, the proxy behaves as if the option is set to proxy.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"cors": "referer"
}
}
]preflight
Use cases: API services\
Default: "auto"
This option controls how the proxy handles preflight requests.
It works only if cors option is set.
If this property is set to false, the proxy will not handle preflight requests. They will be passed to the service.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"cors": {
"mode": true,
"preflight": false
}
}
}
]If this property is set to true, the proxy will handle preflight requests without passing them to the service.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"cors": {
"mode": true,
"preflight": true
}
}
}
]If this property is set to "auto", the proxy will handle preflight requests if the service responded with non-200 status code.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"cors": {
"mode": true,
"preflight": "auto"
}
}
}
]response.headers
NOTE: This operation modifies the response headers of the proxied service before any other operation that modifies the response headers (like cors).
drop
Use cases: API services, SPAs (IFrames, CSP)
If you want to drop any of response headers, you can set the header value to drop or an action to drop.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"headers": {
"X-Frame-Options": "drop",
"Content-Security-Policy": {
"action": "drop"
}
}
}
}
]set
Use cases: API services, SPAs (IFrames, CSP)
If you want to set any of response headers, you can set the action to set and value to the value you want to set the header to.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"headers": {
"Content-Security-Policy": {
"action": "set",
"value": "default-src 'self'"
}
}
}
}
]setIfMissing
Use cases: API services, SPAs (IFrames, CSP)
If you want to set any of response headers only if it is not set, you can set the action to setIfMissing and value to the value you want to set the header to.
[
{
"match": {
"path": "/api"
},
"target": "http://localhost:3000",
"response": {
"headers": {
"Content-Security-Policy": {
"action": "setIfMissing",
"value": "default-src 'self'"
}
}
}
}
]