summaryrefslogtreecommitdiffstats
path: root/docs/manual/mod/mod_proxy_http.xml
blob: 7f3cef5f2686d32469cee5899b08df351c6ae46b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
<!-- $LastChangedRevision$ -->

<!--
 Licensed to the Apache Software Foundation (ASF) under one or more
 contributor license agreements.  See the NOTICE file distributed with
 this work for additional information regarding copyright ownership.
 The ASF licenses this file to You under the Apache License, Version 2.0
 (the "License"); you may not use this file except in compliance with
 the License.  You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
-->

<modulesynopsis metafile="mod_proxy_http.xml.meta">

<name>mod_proxy_http</name>
<description>HTTP support module for
<module>mod_proxy</module></description>
<status>Extension</status>
<sourcefile>mod_proxy_http.c</sourcefile>
<identifier>proxy_http_module</identifier>

<summary>
    <p>This module <em>requires</em> the service of <module
    >mod_proxy</module>. It provides the features used for
    proxying HTTP and HTTPS requests. <module>mod_proxy_http</module>
    supports HTTP/0.9, HTTP/1.0 and HTTP/1.1. It does <em>not</em>
    provide any caching abilities. If you want to set up a caching
    proxy, you might want to use the additional service of the
    <module>mod_cache</module> module.</p>

    <p>Thus, in order to get the ability of handling HTTP proxy requests,
    <module>mod_proxy</module> and <module>mod_proxy_http</module>
    have to be present in the server.</p>

    <note type="warning"><title>Warning</title>
      <p>Do not enable proxying until you have <a
      href="mod_proxy.html#access">secured your server</a>. Open proxy
      servers are dangerous both to your network and to the Internet at
      large.</p>
    </note>
</summary>
<seealso><module>mod_proxy</module></seealso>
<seealso><module>mod_proxy_connect</module></seealso>

<section id="env"><title>Environment Variables</title>
    <p>In addition to the configuration directives that control the
    behaviour of <module>mod_proxy</module>, there are a number of
    <dfn>environment variables</dfn> that control the HTTP protocol
    provider. Environment variables below that don't specify specific values
    are enabled when set to any value.</p>
    <dl>
        <dt>proxy-sendextracrlf</dt>
        <dd>Causes proxy to send an extra CR-LF newline on the end of a
        request.  This is a workaround for a bug in some browsers.</dd>
        <dt>force-proxy-request-1.0</dt>
        <dd>Forces the proxy to send requests to the backend as HTTP/1.0
        and disables HTTP/1.1 features.</dd>
        <dt>proxy-nokeepalive</dt>
        <dd>Forces the proxy to close the backend connection after
        each request.</dd>
        <dt>proxy-chain-auth</dt>
        <dd>If the proxy requires authentication, it will read and
        consume the proxy authentication credentials sent by the client.
        With <var>proxy-chain-auth</var> it will <em>also</em> forward
        the credentials to the next proxy in the chain.  This may
        be necessary if you have a chain of proxies that share
        authentication information.  <strong>Security Warning:</strong>
        Do not set this unless you know you need it, as it forwards
        sensitive information!</dd>
        <dt>proxy-sendcl</dt>
        <dd>HTTP/1.0 required all HTTP requests that include a body
        (e.g. POST requests) to include a <var>Content-Length</var>
        header.  This environment variable forces the Apache proxy to
        send this header to the backend server, regardless of what the
        Client sent to the proxy.  It ensures compatibility when
        proxying for an HTTP/1.0 or unknown backend.  However, it
        may require the entire request to be buffered by the proxy,
        so it becomes very inefficient for large requests.</dd>
        <dt>proxy-sendchunks or proxy-sendchunked</dt>
        <dd>This is the opposite of <var>proxy-sendcl</var>.  It allows
        request bodies to be sent to the backend using chunked transfer
        encoding.  This allows the request to be efficiently streamed,
        but requires that the backend server supports HTTP/1.1.</dd>
        <dt>proxy-interim-response</dt>
        <dd>This variable takes values <code>RFC</code> (the default) or
        <code>Suppress</code>.  Earlier httpd versions would suppress
        HTTP interim (1xx) responses sent from the backend.  This is
        technically a violation of the HTTP protocol.  In practice,
        if a backend sends an interim response, it may itself be
        extending the protocol in a manner we know nothing about,
        or just broken.  So this is now configurable: set
        <code>proxy-interim-response RFC</code> to be fully protocol
        compliant, or <code>proxy-interim-response Suppress</code>
        to suppress interim responses.</dd>
        <dt>proxy-initial-not-pooled</dt>
        <dd>If this variable is set, no pooled connection will be reused
        if the client request is the initial request on the frontend connection. This avoids
        the "proxy: error reading status line from remote server" error message
        caused by the race condition that the backend server closed the
        pooled connection after the connection check by the proxy and
        before data sent by the proxy reached the backend. It has to be
        kept in mind that setting this variable downgrades performance,
        especially with HTTP/1.0 clients.
        </dd>
    </dl>
</section>

<section id="notes"><title>Request notes</title>
    <p><module>mod_proxy_http</module> creates the following request notes for
        logging using the <code>%{VARNAME}n</code> format in
        <directive module="mod_log_config">LogFormat</directive> or
        <directive module="core">ErrorLogFormat</directive>:
    </p>
    <dl>
        <dt>proxy-source-port</dt>
        <dd>The local port used for the connection to the backend server.</dd>
        <dt>proxy-status</dt>
        <dd>The HTTP status received from the backend server.</dd>
    </dl>
</section>

</modulesynopsis>