Express and Node.js Training from StrongLoop

该文件可能是相对于英文的文档已经过时。有关最新更新,请以英文的文档

This document might be outdated relative to the documentation in English. For the latest updates, please refer the documentation in English.

Express behind proxies

Using Express behind a reverse proxy (such as Varnish or Nginx) is trivial; however, it does require configuration. By enabling the “trust proxy” setting via app.enable('trust proxy'), Express will have knowledge that it’s sitting behind a proxy and that the X-Forwarded-* header fields may be trusted. (Otherwise, they are easily spoofed.)

Enabling this setting has several subtle effects. The first is that X-Forwarded-Proto may be set by the reverse proxy to tell the app whether it is https or simply http. This value is reflected by req.protocol.

The second change is that the req.ip and req.ips values will be populated with X-Forwarded-For’s list of addresses.