I have an Nginx server block that proxies requests to a node.js server. This server serves both HTTP content and WS (websocket) content. Is it okay to add upgrade headers on requests that should NOT upgrade to websocket connections?
i.e. Using Nginx to proxy to a Node.js server that serves HTTP and WS, would it be good practice to use separate server blocks?
This is my Nginx server block currently:
server {
listen 443 ssl;
listen [::]:443;
server_name api.mysite.com;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_dhparam ...;
ssl_protocols ...;
ssl_prefer_server_ciphers on;
ssl_ciphers ...;
location / {
proxy_pass http://localhost:5000;
proxy_buffering off;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header Access-Control-Allow-Origin *;
}
}
It looks like I'm always adding Upgrade and Connection headers to requests being proxied to the Node.js server, even if I don't want to upgrade:
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
The first line looks like it's setting the "Upgrade" header to $http_upgrade, passed from the request. I assume that if this header is NOT passed in the request then "Upgrade" will be set to null (or equivalent), which will have no effect. Is that correct?
