A full-featured httpp reverse proxy for node.js
- Reverse proxies incoming http.ServerRequest streams
- Can be used as a CommonJS module in node.js
- Uses event buffering to support application latency in proxied requests
- Reverse or Forward Proxy based on simple JSON-based configuration
- Supports WebSockets
- Supports HTTPS
- Supports HTTPP
- Minimal request overhead and latency
- Full suite of functional tests
- Battled-hardened through production usage @ nodejitsu.com
- Easy to use API
<= 0.8.x compatible, if you're looking for a
>= 0.10 compatible version please check caronte
Let's suppose you were running multiple http application servers, but you only wanted to expose one machine to the internet. You could setup node-http-proxy on that one machine and then reverse-proxy the incoming http requests to locally running services which were not exposed to the outside network.
curl | sh
npm install httpp-proxy
There are several ways to use node-http-proxy; the library is designed to be flexible so that it can be used by itself, or in conjunction with other node.js libraries / tools:
- Standalone HTTP Proxy server
- Inside of another HTTP server (like Connect)
- In conjunction with a Proxy Routing Table
- As a forward-proxy with a reverse proxy
- From the command-line as a long running process
- customized with 3rd party middleware.
In each of these scenarios node-http-proxy can handle any of these types of requests:
- HTTP Requests (http://)
- HTTPS Requests (https://)
- WebSocket Requests (ws://)
- Secure WebSocket Requests (wss://)
See the examples for more working sample code.
var http = require'http'httpProxy = require'http-proxy';//// Create your proxy server//httpProxycreateServer9000 'localhost'listen8000;//// Create your target server//httpcreateServerreswriteHead200 'Content-Type': 'text/plain' ;reswrite'request successfully proxied!' + '\n' + JSONstringifyreqheaders true 2;resend;listen9000;
var http = require'http'httpProxy = require'http-proxy';//// Create a proxy server with custom application logic//httpProxycreateServer//// Put your custom server logic here//proxyproxyRequestreq reshost: 'localhost'port: 9000;listen8000;httpcreateServerreswriteHead200 'Content-Type': 'text/plain' ;reswrite'request successfully proxied: ' + requrl +'\n' + JSONstringifyreqheaders true 2;resend;listen9000;
var http = require'http'httpProxy = require'http-proxy';//// Create a proxy server with custom application logic//httpProxycreateServer//// Buffer the request so that `data` and `end` events// are not lost during async operation(s).//var buffer = httpProxybufferreq;//// Wait for two seconds then respond: this simulates// performing async actions before proxying a request//setTimeoutproxyproxyRequestreq reshost: 'localhost'port: 9000buffer: buffer;2000;listen8000;httpcreateServerreswriteHead200 'Content-Type': 'text/plain' ;reswrite'request successfully proxied: ' + requrl +'\n' + JSONstringifyreqheaders true 2;resend;listen9000;
var http = require'http'httpProxy = require'http-proxy';//// Create a new instance of HttProxy to use in your server//var proxy = ;//// Create a regular http server and proxy its handler//httpcreateServer//// Put your custom server logic here, then proxy//proxyproxyRequestreq reshost: 'localhost'port: 9000;listen8001;httpcreateServerreswriteHead200 'Content-Type': 'text/plain' ;reswrite'request successfully proxied: ' + requrl +'\n' + JSONstringifyreqheaders true 2;resend;listen9000;
A Proxy Table is a simple lookup table that maps incoming requests to proxy target locations. Take a look at an example of the options you need to pass to httpProxy.createServer:
var options =router:'foo.com/baz': '127.0.0.1:8001''foo.com/buz': '127.0.0.1:8002''bar.com/buz': '127.0.0.1:8003';
The above route table will take incoming requests to 'foo.com/baz' and forward them to '127.0.0.1:8001'. Likewise it will take incoming requests to 'foo.com/buz' and forward them to '127.0.0.1:8002'. The routes themselves are later converted to regular expressions to enable more complex matching functionality. We can create a proxy server with these options by using the following code:
var proxyServer = httpProxycreateServeroptions;proxyServerlisten80;
As mentioned in the previous section, all routes passes to the ProxyTable are by default converted to regular expressions that are evaluated at proxy-time. This is good for complex URL rewriting of proxy requests, but less efficient when one simply wants to do pure hostname routing based on the HTTP 'Host' header. If you are only concerned with hostname routing, you change the lookup used by the internal ProxyTable:
var options =hostnameOnly: truerouter:'foo.com': '127.0.0.1:8001''bar.com': '127.0.0.1:8002'
Notice here that I have not included paths on the individual domains because this is not possible when using only the HTTP 'Host' header. Care to learn more? See RFC2616: HTTP/1.1, Section 14.23, "Host".
If you dont care about forwarding to different hosts, you can redirect based on the request path.
var options =pathnameOnly: truerouter:'/wiki': '127.0.0.1:8001''/blog': '127.0.0.1:8002''/api': '127.0.0.1:8003'
This comes in handy if you are running separate services or applications on separate paths. Note, using this option disables routing by hostname entirely.
Sometimes in addition to a reverse proxy, you may want your front-facing server to forward traffic to another location. For example, if you wanted to load test your staging environment. This is possible when using node-http-proxy using similar JSON-based configuration to a proxy table:
var proxyServerWithForwarding = httpProxycreateServer9000 'localhost'forward:port: 9000host: 'staging.com';proxyServerWithForwardinglisten80;
The forwarding option can be used in conjunction with the proxy table options by simply including both the 'forward' and 'router' properties in the options passed to 'createServer'.
Sometimes you want to listen to an event on a proxy. For example, you may want to listen to the 'end' event, which represents when the proxy has finished proxying a request.
var httpProxy = require'http-proxy';var server = httpProxycreateServervar buffer = httpProxybufferreq;proxyproxyRequestreq reshost: '127.0.0.1'port: 9000buffer: buffer;;serverproxyon'end'console.log"The request was proxied.";;serverlisten8000;
It's important to remember not to listen for events on the proxy object in the function passed to
httpProxy.createServer. Doing so would add a new listener on every request, which would end up being a disaster.
You have all the full flexibility of node-http-proxy offers in HTTPS as well as HTTP. The two basic scenarios are: with a stand-alone proxy server or in conjunction with another HTTPS server.
This is probably the most common use-case for proxying in conjunction with HTTPS. You have some front-facing HTTPS server, but all of your internal traffic is HTTP. In this way, you can reduce the number of servers to which your CA and other important security files are deployed and reduce the computational overhead from HTTPS traffic.
Using HTTPS in
node-http-proxy is relatively straight-forward:
var fs = require'fs'http = require'http'https = require'https'httpProxy = require'http-proxy';var options =https:key: fsreadFileSync'path/to/your/key.pem' 'utf8'cert: fsreadFileSync'path/to/your/cert.pem' 'utf8';//// Create a standalone HTTPS proxy server//httpProxycreateServer8000 'localhost' optionslisten8001;//// Create an instance of HttpProxy to use with another HTTPS server//var proxy =target:host: 'localhost'port: 8000;httpscreateServeroptionshttpsproxyproxyRequestreq reslisten8002;//// Create the target HTTPS server for both cases//httpcreateServerreswriteHead200 'Content-Type': 'text/plain' ;reswrite'hello https\n';resend;listen8000;
Suppose that your reverse proxy will handle HTTPS traffic for two different domains
If you need to use two different certificates you can take advantage of Server Name Indication.
var https = require'https'path = require"path"fs = require"fs"crypto = require"crypto";//// generic function to load the credentials context from disk//return cryptocreateCredentialskey: fsreadFileSyncpathjoin__dirname 'certs' cer + '.key'cert: fsreadFileSyncpathjoin__dirname 'certs' cer + '.crt'context;//// A certificate per domain hash//var certs ="fobar.com": getCredentialsContext"foobar""barbaz.com": getCredentialsContext"barbaz";//// Proxy options//var options =https:return certshostname;cert: myCertkey: myKeyca: myCahostnameOnly: truerouter:'fobar.com': '127.0.0.1:8001''barbaz.com': '127.0.0.1:8002';//// Create a standalone HTTPS proxy server//httpProxycreateServeroptionslisten8001;//// Create the target HTTPS server//httpcreateServerreswriteHead200 'Content-Type': 'text/plain' ;reswrite'hello https\n';resend;listen8000;
Proxying from HTTPS to HTTPS is essentially the same as proxying from HTTPS to HTTP, but you must include the
target option in when calling
httpProxy.createServer or instantiating a new instance of
var fs = require'fs'https = require'https'httpProxy = require'http-proxy';var options =https:key: fsreadFileSync'path/to/your/key.pem' 'utf8'cert: fsreadFileSync'path/to/your/cert.pem' 'utf8'target:https: true // This could also be an Object with key and cert properties;//// Create a standalone HTTPS proxy server//httpProxycreateServer8000 'localhost' optionslisten8001;//// Create an instance of HttpProxy to use with another HTTPS server//var proxy =target:host: 'localhost'port: 8000https: true;httpscreateServeroptionshttpsproxyproxyRequestreq res;listen8002;//// Create the target HTTPS server for both cases//httpscreateServeroptionshttpsreswriteHead200 'Content-Type': 'text/plain' ;reswrite'hello https\n';resend;listen8000;
node-http-proxy now supports connect middleware. Add middleware functions to your createServer call:
A regular request we receive is to support the modification of html/xml content that is returned in the response from an upstream server.
Harmon is a stream based middleware plugin that is designed to solve that problem in the most effective way possible.
Websockets are handled automatically when using
httpProxy.createServer(), however, if you supply a callback inside the createServer call, you will need to handle the 'upgrade' proxy event yourself. Here's how:
var options =;var server = httpProxycreateServercallback/middlewareoptions;serverlistenport ;serveron'upgrade'serverproxyproxyWebSocketRequestreq socket head;;
If you would rather not use createServer call, and create the server that proxies yourself, see below:
var http = require'http'httpProxy = require'http-proxy';//// Create an instance of node-http-proxy//var proxy =target:host: 'localhost'port: 8000;var server = httpcreateServer//// Proxy normal HTTP requests//proxyproxyRequestreq res;;serveron'upgrade'//// Proxy websocket requests too//proxyproxyWebSocketRequestreq socket head;;serverlisten8080;
var httpProxy = require'http-proxy'var server = httpProxycreateServer//// Put your custom server logic here//proxyproxyRequestreq reshost: 'localhost'port: 9000;serveron'upgrade'//// Put your custom server logic here//serverproxyproxyWebSocketRequestreq socket headhost: 'localhost'port: 9000;;serverlisten8080;
node-http-proxy will set a 100 socket limit for all
host:port proxy targets. You can change this in two ways:
- By passing the
- By calling
nis the number of sockets you with to use.
express.bodyParser will interfere with proxying of POST requests (and other methods that have a request body). With bodyParser active, proxied requests will never send anything to the upstream server, and the original client will just hang. See https://github.com/nodejitsu/node-http-proxy/issues/180 for options.
When you install this package with npm, a node-http-proxy binary will become available to you. Using this binary is easy with some simple options:
usage: node-http-proxy optionsAll options should be set with the syntax --option=valueoptions:--port PORT Port that the proxy server should run on--target HOST:PORT Location of the server the proxy will target--config OUTFILE Location of the configuration file for the proxy server--silent Silence the log output from the proxy server-h --help You're staring at it
If you have a suggestion for a feature currently not supported, feel free to open a support issue. node-http-proxy is designed to just proxy http requests from one server to another, but we will be soon releasing many other complimentary projects that can be used in conjunction with node-http-proxy.
createServer() supports the following options
forward: // options for forward-proxyport: 8000host: 'staging.com'target : // options for proxy targetport : 8000host : 'localhost';source : // additional options for websocket proxyinghost : 'localhost'port : 8000https: trueenable :xforward: true // enables X-Forwarded-ForchangeOrigin: false // changes the origin of the host header to the target URLtimeout: 120000 // override the default 2 minute http socket timeout value in milliseconds
The test suite is designed to fully cover the combinatoric possibilities of HTTP and HTTPS proxying:
- HTTP --> HTTP
- HTTPS --> HTTP
- HTTPS --> HTTPS
- HTTP --> HTTPS
vows test/*-test.js --specvows test/*-test.js --spec --httpsvows test/*-test.js --spec --https --target=httpsvows test/*-test.js --spec --target=https
(The MIT License)
Copyright (c) 2010 Charlie Robbins, Mikeal Rogers, Fedor Indutny, & Marak Squires
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.