commit: more docs

2022-03-05 18:45:59 +00:00 · 2022-03-05 18:45:59 +00:00 · 3fc8be61f4
commit 3fc8be61f4
--- a/demo.d/example.tconf
+++ b/demo.d/example.tconf
@ -34,6 +34,13 @@
 #
 # set x_from_onion_value 1

+# Other headers to pass upstream to Origin; be careful not to tread on
+# any which are controlled elsewhere / by other means, such as "Host"
+# or "Accept-Encoding", as those MUST win. See "nginx.conf.txt" for
+# relevant code.
+#
+# set inject_headers_upstream header-name,header-value [...]
+
 # When you're proving SSL ownership, you may want arbitrary text
 # strings to be returned for a GET upon an arbitrary "/path"
 #
--- a/templates.d/nginx.conf.txt
+++ b/templates.d/nginx.conf.txt
@ -783,12 +783,13 @@ http {

      # a note re: proxy_set_header, add_header, similar methods, etc;
      # if you override *any* header then you will lose the other
-      # headers inherited from the parent contexts:
+      # headers inherited from the parent contexts / other scopes;
+      # ergo: they all need to be "done" in a single bank.
      # https://blog.g3rt.nl/nginx-add_header-pitfall.html

-      # request_rewrites and injections:
      %%IF %INJECT_HEADERS_UPSTREAM%
-      # inject_headers_upstream
+      # inject_headers_upstream;
+      # this is above the ones below in order to disambiguate which ones "win"
      %%CSV %INJECT_HEADERS_UPSTREAM%
      proxy_set_header %1% "%2%";
      %%ENDCSV