Solved: Re: Javascript set Host header policy works fine ...

PradeepMathada · 05-25-2023 06:29 AM

Hi,

I have a requirement to deploy APIGee micro-gateway on a cloud and make internal URLs accessible through micro-gateway URL+Proxy

Internal URL can be accessed through a NGINX load balancer as below.

curl -H "Host: nginx.local" http://istio-ingressgateway.gvillain-istio.svc.cluster.local

As the host and target URL are different, I have set Host Header JS policy for one of my proxies, works absolutely fine in APIGee SaaS when I trace. I can see host set to the value (nginx.local) set in my JS file

Host->nginx.local
URL->http://mocktarget.apigee.net/echo {changed URL for testing purpose}

https://apigee.com/platform/amadeus-dev/proxies/edgemicro_hello/develop/9
Response

{"headers":{"x-forwarded-proto":"http","x-cloud-trace-context":"b55b97afda65f1a2741df7a8686aea37\/12906793859235135570","host":"nginx.local","connection":"Keep-Alive","via":"1.1 google"},"method":"GET","body":"","url":"\/"}

I have APIGee micro-gateway POD running on local setup where it downloads products and accessed micro-gateway proxy URL. Surprisingly Host header is set to mocktarget.apigee.net instead of nginx.local

Can you please help me resolving the issue?

tapasthakkar

Yes, your observation is accurate. Apigee Edge Microgateway, unlike Apigee Edge, doesn't execute standard Apigee policies. This is because Edge Microgateway is designed as a standalone, lightweight component focusing primarily on product management and security.

In your situation, you're trying to alter the 'Host' header via a JavaScript policy which works on Apigee Edge but not on Edge Microgateway due to the above-mentioned constraint.

To achieve similar functionality in Edge Microgateway, you'll need to create a custom plugin. Through this plugin, you can directly inspect and modify the request and response objects, including the 'Host' header.

In summary, Edge Microgateway requires a programmatic approach for tasks requiring a level of customization typically provided by Apigee Edge's policies.

View solution in original post

tapasthakkar

Yes, your observation is accurate. Apigee Edge Microgateway, unlike Apigee Edge, doesn't execute standard Apigee policies. This is because Edge Microgateway is designed as a standalone, lightweight component focusing primarily on product management and security.

In your situation, you're trying to alter the 'Host' header via a JavaScript policy which works on Apigee Edge but not on Edge Microgateway due to the above-mentioned constraint.

To achieve similar functionality in Edge Microgateway, you'll need to create a custom plugin. Through this plugin, you can directly inspect and modify the request and response objects, including the 'Host' header.

In summary, Edge Microgateway requires a programmatic approach for tasks requiring a level of customization typically provided by Apigee Edge's policies.

PradeepMathada

You have github repo of sample custom plugins?

dchiesa1

Let me Google that for you.

PradeepMathada

Thanks.

I have added custom plugin, below code sets host.

module.exports.init = function(config, logger, stats) {

return {

onrequest: function(req, res, data, next) {

req.headers['host'] = 'nginx.amadeus.local';

next();

}

};

}

In the response, host is not modified, instead it is assigned to 'x-forwarded-host'. Host is still assigned to target endpoint host "mocktarget.apigee.net".

Is there any other workaround to fix this issue ?

dchiesa1

I think so. In your plugin can you try this:?

    // req.headers['host'] = 'nginx.amadeus.local';
    req.targetHostname = 'nginx.amadeus.local';

reference: [Apigee community post from 2016]

Javascript set Host header policy works fine in APIGee SaaS but not in edge micro-gateway local