Node Http Proxy Middleware
http-proxy-middleware TypeScript icon, indicating … – npm
-proxy-middleware2. 0. 1 • Public • Published 3 months ago Readme Explore BETA5 Dependencies2, 558 Dependents72 Versions
proxying made simple. Configure proxy middleware with ease for connect, express, browser-sync and many more.
Powered by the popular Nodejitsu -proxy.
⚠️ Note
This page is showing documentation for version v1. x. x (release notes)
If you’re looking for v0. x documentation. Go to:
TL;DR
Proxy /api requests to // javascript
const express = require(‘express’);
const { createProxyMiddleware} = require(‘-proxy-middleware’);
const app = express();
(‘/api’, createProxyMiddleware({ target: ”, changeOrigin: true}));
(3000);
// localhost:3000/api/foo/bar -> // typescript
import * as express from ‘express’;
import { createProxyMiddleware, Filter, Options, RequestHandler} from ‘-proxy-middleware’;
// localhost:3000/api/foo/bar -> All -proxy options can be used, along with some extra -proxy-middleware options.
Tip: Set the option changeOrigin to true for name-based virtual hosted sites.
Table of Contents
Install
Core concept
Example
Context matching
Options
-proxy-middleware options
-proxy events
-proxy options
Shorthand
(path, proxy)
WebSocket
External WebSocket upgrade
Intercept and manipulate requests
Intercept and manipulate responses
Working examples
Recipes
Compatible servers
Tests
Changelog
License
$ npm install –save-dev -proxy-middleware
Proxy middleware configuration.
createProxyMiddleware([context, ] config)
const apiProxy = createProxyMiddleware(‘/api’, { target: ”});
// \____/ \_____________________________/
// | |
// context options
// ‘apiProxy’ is now ready to be used as middleware in a server.
context: Determine which requests should be proxied to the target host.
(more on context matching)
target host to proxy to. (protocol + host)
(full list of -proxy-middleware configuration options)
createProxyMiddleware(uri [, config])
// shorthand syntax for the example above:
const apiProxy = createProxyMiddleware(”);
More about the shorthand configuration.
An example with express server.
// include dependencies
// proxy middleware options
const options = {
target: ”, // target host
changeOrigin: true, // needed for virtual hosted sites
ws: true, // proxy websockets
pathRewrite: {
‘^/api/old-path’: ‘/api/new-path’, // rewrite path
‘^/api/remove/path’: ‘/path’, // remove base path},
router: {
// when == ‘dev. localhost:3000’,
// override target ” to ‘localhost:8000’
‘dev. localhost:3000’: ‘localhost:8000’, }, };
// create the proxy (without context)
const exampleProxy = createProxyMiddleware(options);
// mount `exampleProxy` in web server
(‘/api’, exampleProxy);
Providing an alternative way to decide which requests should be proxied; In case you are not able to use the server’s path parameter to mount the proxy or when you need more flexibility.
RFC 3986 path is used for context matching.
foo
\_/ \______________/\_________/ \_________/ \__/
| | | | |
scheme authority path query fragment
path matching
createProxyMiddleware({… }) – matches any path, all requests will be proxied.
createProxyMiddleware(‘/’, {… }) – matches any path, all requests will be proxied.
createProxyMiddleware(‘/api’, {… }) – matches paths starting with /api
multiple path matching
createProxyMiddleware([‘/api’, ‘/ajax’, ‘/someotherpath’], {… })
wildcard path matching
For fine-grained control you can use wildcard matching. Glob pattern matching is done by micromatch. Visit micromatch or glob for more globbing examples.
createProxyMiddleware(‘**’, {… }) matches any path, all requests will be proxied.
createProxyMiddleware(‘**/*’, {… }) matches any path which ends with
createProxyMiddleware(‘/*’, {… }) matches paths directly under path-absolute
createProxyMiddleware(‘/api/**/*’, {… }) matches requests ending with in the path of /api
createProxyMiddleware([‘/api/**’, ‘/ajax/**’], {… }) combine multiple patterns
createProxyMiddleware([‘/api/**’, ‘! **/’], {… }) exclusion
Note: In multiple path matching, you cannot use string paths and wildcard paths together.
custom matching
For full control you can provide a custom function to determine which requests should be proxied or not.
/**
* @return {Boolean}
*/
const filter = function (pathname, req) {
return (‘^/api’) && === ‘GET’;};
const apiProxy = createProxyMiddleware(filter, {
target: ”, });
thRewrite: object/function, rewrite target’s url path. Object-keys will be used as RegExp to match paths.
// rewrite path
pathRewrite: {‘^/old/api’: ‘/new/api’}
// remove path
pathRewrite: {‘^/remove/api’: ”}
// add base path
pathRewrite: {‘^/’: ‘/basepath/’}
// custom rewriting
pathRewrite: function (path, req) { return place(‘/api’, ‘/base/api’)}
// custom rewriting, returning Promise
pathRewrite: async function (path, req) {
const should_add_something = await RequestToDecideSomething(path);
if (should_add_something) path += “something”;
return path;}
object/function, re-target for specific requests.
// Use `host` and/or `path` to match requests. First match will be used.
// The order of the configuration matters.
‘integration. localhost:3000’: ‘localhost:8001’, // host only
‘staging. localhost:3000’: ‘localhost:8002’, // host only
‘localhost:3000/api’: ‘localhost:8003’, // host + path
‘/rest’: ‘localhost:8004’ // path only}
// Custom router function (string target)
router: function(req) {
return ‘localhost:8004’;}
// Custom router function (target object)
return {
protocol: ‘:’, // The: is required
host: ‘localhost’,
port: 8004};}
// Asynchronous router function which returns promise
router: async function(req) {
const url = await doSomeIO();
return url;}
option. logLevel: string, [‘debug’, ‘info’, ‘warn’, ‘error’, ‘silent’]. Default: ‘info’
option. logProvider: function, modify or replace log provider. Default: console.
// simple replace
function logProvider(provider) {
// replace the default console log provider.
return require(‘winston’);}
// verbose replacement
const logger = new (require(‘winston’))();
const myCustomProvider = {
log:,
debug:,
info:,
warn:,
error:, };
return myCustomProvider;}
Subscribe to -proxy events:
rror: function, subscribe to -proxy’s error event for custom error handling.
function onError(err, req, res, target) {
res. writeHead(500, {
‘Content-Type’: ‘text/plain’, });
(‘Something went wrong. And we are reporting a custom error message. ‘);}
option. onProxyRes: function, subscribe to -proxy’s proxyRes event.
function onProxyRes(proxyRes, req, res) {
proxyRes. headers[‘x-added’] = ‘foobar’; // add new header to response
delete proxyRes. headers[‘x-removed’]; // remove header from response}
option. onProxyReq: function, subscribe to -proxy’s proxyReq event.
function onProxyReq(proxyReq, req, res) {
// add custom header to request
tHeader(‘x-added’, ‘foobar’);
// or log the req}
option. onProxyReqWs: function, subscribe to -proxy’s proxyReqWs event.
function onProxyReqWs(proxyReq, req, socket, options, head) {
// add custom header
tHeader(‘X-Special-Proxy-Header’, ‘foobar’);}
function, subscribe to -proxy’s open event.
function onOpen(proxySocket) {
// listen for messages coming FROM the target here
(‘data’, hybiParseAndLogMessage);}
option. onClose: function, subscribe to -proxy’s close event.
function onClose(res, socket, head) {
// view disconnected websocket connections
(‘Client disconnected’);}
The following options are provided by the underlying -proxy library.
url string to be parsed with the url module
rward: url string to be parsed with the url module
object to be passed to (s). request (see Node’s agent and agent objects)
object to be passed to eateServer()
true/false: if you want to proxy websockets
true/false, adds x-forward headers
true/false, if you want to verify the SSL Certs
Proxy: true/false, passes the absolute URL as the path (useful for proxying to proxies)
ependPath: true/false, Default: true – specify whether you want to prepend the target’s path to the proxy path
option. ignorePath: true/false, Default: false – specify whether you want to ignore the proxy path of the incoming request (note: you will have to append / manually if required).
option. localAddress: Local interface string to bind for outgoing connections
angeOrigin: true/false, Default: false – changes the origin of the host header to the target URL
eserveHeaderKeyCase: true/false, Default: false – specify whether you want to keep letter case of response header key: Basic authentication i. e. ‘user:password’ to compute an Authorization header.
Rewrite: rewrites the location hostname on (301/302/307/308) redirects.
toRewrite: rewrites the location host/port on (301/302/307/308) redirects based on requested host/port. Default: false.
otocolRewrite: rewrites the location protocol on (301/302/307/308) redirects to ” or ”. Default: null.
okieDomainRewrite: rewrites domain of set-cookie headers. Possible values:
false (default): disable cookie rewriting
String: new domain, for example cookieDomainRewrite: “”. To remove the domain, use cookieDomainRewrite: “”.
Object: mapping of domains to new domains, use “*” to match all domains.
For example keep one domain unchanged, rewrite one domain and remove other domains:
cookieDomainRewrite: {
“”: “”,
“*”: “”}
okiePathRewrite: rewrites path of set-cookie headers. Possible values:
String: new path, for example cookiePathRewrite: “/newPath/”. To remove the path, use cookiePathRewrite: “”. To set path to root use cookiePathRewrite: “/”.
Object: mapping of paths to new paths, use “*” to match all paths.
For example, to keep one path unchanged, rewrite one path and remove other paths:
cookiePathRewrite: {
“/”: “/”,
option. headers: object, adds request headers. (Example: {host:”})
oxyTimeout: timeout (in millis) when proxy receives no response from target
option. timeout: timeout (in millis) for incoming requests
llowRedirects: true/false, Default: false – specify whether you want to follow redirects
lfHandleResponse true/false, if set to true, none of the webOutgoing passes are called and it’s your responsibility to appropriately return the response by listening and acting on the proxyRes event
stream of data to send as the request body. Maybe you have some middleware that consumes the request stream before proxying it on e. g. If you read the body of a request into a field called ‘req. rawbody’ you could restream this field in the buffer option:
‘use strict’;
const streamify = require(‘stream-array’);
const HttpProxy = require(‘-proxy’);
const proxy = new HttpProxy();
module. exports = (req, res, next) => {
(
req,
res,
{
target: ‘localhost:4003/’,
buffer: streamify(req. rawBody), },
next);};
Use the shorthand syntax when verbose configuration is not needed. The context and will be automatically configured when shorthand is used. Options can still be used if needed.
createProxyMiddleware(”);
// createProxyMiddleware(‘/api’, {target: ”});
createProxyMiddleware(‘/**’);
// createProxyMiddleware(‘/api/books/*/**’, {target: ”});
createProxyMiddleware(”, { changeOrigin: true});
// createProxyMiddleware(‘/api’, {target: ”, changeOrigin: true});
If you want to use the server’s path parameter to match requests;
Create and mount the proxy without the -proxy-middleware context parameter:
documentation:
express:
connect:
polka:
// verbose api
createProxyMiddleware(‘/’, { target: ”, ws: true});
// shorthand
createProxyMiddleware(”, { ws: true});
// shorter shorthand
createProxyMiddleware(‘ws’);
In the previous WebSocket examples, -proxy-middleware relies on a initial request in order to listen to the upgrade event. If you need to proxy WebSockets without the initial request, you can subscribe to the server’s upgrade event manually.
const wsProxy = createProxyMiddleware(‘ws’, { changeOrigin: true});
(wsProxy);
const server = (3000);
(‘upgrade’, wsProxy. upgrade); // <-- subscribe to 'upgrade'
Intercept requests from downstream by defining onProxyReq in createProxyMiddleware.
Currently the only pre-provided request interceptor is fixRequestBody, which is used to fix proxied POST requests when bodyParser is applied before this middleware.
Example:
const { createProxyMiddleware, fixRequestBody} = require('-proxy-middleware');
const proxy = createProxyMiddleware({
* Fix bodyParser
**/
onProxyReq: fixRequestBody, });
Intercept responses from upstream with responseInterceptor. (Make sure to set selfHandleResponse: true)
Responses which are compressed with brotli, gzip and deflate will be decompressed automatically. The response will be returned as buffer (docs) which you can manipulate.
With buffer, response manipulation is not limited to text responses (html/css/js, etc... ); image manipulation will be possible too. (example)
NOTE: responseInterceptor disables streaming of target's response.
const { createProxyMiddleware, responseInterceptor} = require('-proxy-middleware');
* IMPORTANT: avoid being called automatically
selfHandleResponse: true, // () will be called internally by responseInterceptor()
* Intercept response and replace 'Hello' with 'Goodbye'
onProxyRes: responseInterceptor(async (responseBuffer, proxyRes, req, res) => {
const response = String(‘utf8’); // convert buffer to string
return place(‘Hello’, ‘Goodbye’); // manipulate response and return the result}), });
Check out interception recipes for more examples.
View and play around with working examples.
Browser-Sync (example source)
express (example source)
connect (example source)
WebSocket (example source)
Response Manipulation (example source)
View the recipes for common use cases.
-proxy-middleware is compatible with the following servers:
connect
express
fastify
browser-sync
lite-server
polka
grunt-contrib-connect
grunt-browser-sync
gulp-connect
gulp-webserver
Sample implementations can be found in the server recipes.
Run the test suite:
# install dependencies
$ yarn
# linting
$ yarn lint
$ yarn lint:fix
# building (compile typescript to js)
$ yarn build
# unit tests
$ yarn test
# code coverage
$ yarn cover
View changelog
The MIT License (MIT)
Copyright (c) 2015-2021 Steven Chim
Keywordsreverseproxymiddlewareconnectexpressfastifypolkabrowser-syncgulpgrunt-contrib-connectwebsocketwscors
villadora/express-http-proxy – GitHub
Express middleware to proxy request to another host and pass response back to original caller.
Install
$ npm install express–proxy –save
Usage
Example:
To proxy URLS starting with ‘/proxy’ to the host ”:
var proxy = require(‘express–proxy’);
var app = require(‘express’)();
(‘/proxy’, proxy(”));
Streaming
Proxy requests and user responses are piped/streamed/chunked by default.
If you define a response modifier (userResDecorator, userResHeaderDecorator),
or need to inspect the response before continuing (maybeSkipToNext), streaming
is disabled, and the request and response are buffered.
This can cause performance issues with large payloads.
Promises
Many function hooks support Promises.
If any Promise is rejected, next(x) is called in the hosting application, where x is whatever you pass to;
e. g.
(proxy(‘/reject-promise’, {
proxyReqOptDecorator: function() {
return (‘An arbitrary rejection message. ‘);}}));
eventually calls
next(‘An arbitrary rejection messasage’);
Host
The first positional argument is for the proxy host; in many cases you will use a static string here, eg.
(‘/’, proxy(”))
However, this argument can also be a function, and that function can be
memoized or computed on each request, based on the setting of
memoizeHost.
function selectProxyHost() {
return (new Date()% 2)? ”: ”;}
(‘/’, proxy(selectProxyHost));
Middleware mixing
If you use ” you should declare it AFTER the proxy configuration, otherwise original ‘POST’ body could be modified and not proxied correctly.
(‘/proxy’, ”)
// Declare use of body-parser AFTER the use of proxy
((bar))
(‘/api’,… )
Options
proxyReqPathResolver (supports Promises)
Note: In express–proxy, the path is considered the portion of
the url after the host, and including all query params. E. g. for the URL; the path is
/search/path? q=123. Authors using this resolver must also handle the query parameter portion of the path.
Provide a proxyReqPathResolver function if you’d like to
operate on the path before issuing the proxy request. Use a Promise for async
operations.
(proxy(‘localhost:12345’, {
proxyReqPathResolver: function (req) {
var parts = (‘? ‘);
var queryString = parts[1];
var updatedPath = parts[0]. replace(/test/, ‘tent’);
return updatedPath + (queryString? ‘? ‘ + queryString: ”);}}));
Promise form
(‘/proxy’, proxy(‘localhost:12345’, {
proxyReqPathResolver: function(req) {
return new Promise(function (resolve, reject) {
setTimeout(function () { // simulate async
var resolvedPathValue = updatedPath + (queryString? ‘? ‘ + queryString: ”);
resolve(resolvedPathValue);}, 200);});}}));
forwardPath
DEPRECATED. See proxyReqPathResolver
forwardPathAsync
filter (supports Promises)
The filter option can be used to limit what requests are proxied. Return
true to continue to execute proxy; return false-y to skip proxy for this
request.
For example, if you only want to proxy get request:
(‘/proxy’, proxy(”, {
filter: function(req, res) {
return == ‘GET’;}}));
Promise form:
(proxy(‘localhost:12346’, {
filter: function (req, res) {
return new Promise(function (resolve) {
resolve( === ‘GET’);});}}));
Note that in the previous example, resolve(false) will execute the happy path
for filter here (skipping the rest of the proxy, and calling next()).
reject() will also skip the rest of proxy and call next().
userResDecorator (was: intercept) (supports Promise)
You can modify the proxy’s response before sending it to the client.
userResDecorator: function(proxyRes, proxyResData, userReq, userRes) {
data = (String(‘utf8’));
wProperty = ‘exciting data’;
return ringify(data);}}));
(proxy(”, {
userResDecorator: function(proxyRes, proxyResData) {
return new Promise(function(resolve) {
kyMessage = ‘oi io oo ii’;
setTimeout(function() {
resolve(proxyResData);}, 200);});}}));
304 – Not Modified
When your proxied service returns 304, not modified, this step will be skipped, since there is no body to decorate.
exploiting references
The intent is that this be used to modify the proxy response data only.
Note:
The other arguments (proxyRes, userReq, userRes) are passed by reference, so
you can currently exploit this to modify either response’s headers, for
instance, but this is not a reliable interface. I expect to close this
exploit in a future release, while providing an additional hook for mutating
the userRes before sending.
gzip responses
If your proxy response is gzipped, this program will automatically unzip
it before passing to your function, then zip it back up before piping it to the
user response. There is currently no way to short-circuit this behavior.
limit
This sets the body size limit (default: 1mb). If the body size is larger than the specified (or default) limit,
a 413 Request Entity Too Large error will be returned. See for
a list of supported formats.
limit: ‘5mb’}));
memoizeHost
Defaults to true.
When true, the host argument will be parsed on first request, and
memoized for subsequent requests.
When false, host argument will be parsed on each request.
E. g.,
function coinToss() { return () >. 5}
function getHost() { return coinToss()? ”: ”}
(proxy(getHost, {
memoizeHost: false}))
In this example, when memoizeHost:false, the coinToss occurs on each
request, and each request could get either value.
Conversely, When memoizeHost:true, the coinToss would occur on the first
request, and all additional requests would return the value resolved on the
first request.
userResHeaderDecorator
When a userResHeaderDecorator is defined, the return of this method will replace (rather than be merged on to) the headers for userRes.
userResHeaderDecorator(headers, userReq, userRes, proxyReq, proxyRes) {
// recieves an Object of headers, returns an Object of headers.
return headers;}}));
decorateRequest
REMOVED: See proxyReqOptDecorator and proxyReqBodyDecorator.
skipToNextHandlerFilter(supports Promise form)
(experimental: this interface may change in upcoming versions)
Allows you to inspect the proxy response, and decide if you want to continue processing (via express–proxy) or call next() to return control to express.
skipToNextHandlerFilter: function(proxyRes) {
return atusCode === 404;}}));
proxyErrorHandler
By default, express–proxy will pass any errors except ECONNRESET to
next, so that your application can handle or react to them, or just drop
through to your default error handling. ECONNRESET errors are immediately
returned to the user for historical reasons.
If you would like to modify this behavior, you can provide your own proxyErrorHandler.
// Example of skipping all error handling.
proxyErrorHandler: function(err, res, next) {
next(err);}}));
// Example of rolling your own
switch (err &&) {
case ‘ECONNRESET’: { return (405)(‘504 became 405’);}
case ‘ECONNREFUSED’: { return (200)(‘gotcher back’);}
default: { next(err);}}}}));
proxyReqOptDecorator (supports Promise form)
You can override most request options before issuing the proxyRequest.
proxyReqOpt represents the options argument passed to the (|). request
module.
NOTE: cannot be changed via this method; use proxyReqPathResolver instead. (see)
proxyReqOptDecorator: function(proxyReqOpts, srcReq) {
// you can update headers
proxyReqOpts. headers[‘Content-Type’] = ‘text/html’;
// you can change the method
= ‘GET’;
return proxyReqOpts;}}));
You can use a Promise for async style.
return new Promise(function(resolve, reject) {
resolve(proxyReqOpts);})}}));
proxyReqBodyDecorator (supports Promise form)
You can mutate the body content before sending the proxyRequest.
proxyReqBodyDecorator: function(bodyContent, srcReq) {
return (”). reverse()(”);}}));
proxyReqBodyDecorator: function(proxyReq, srcReq) {
(‘dev/null’, function (err, res) {
if (err) { reject(err);}
resolve(res);});})}}));
Normally, your proxy request will be made on the same protocol as the host
parameter. If you’d like to force the proxy request to be, use this
option.
(‘/proxy’, proxy(”, {: true}));
preserveHostHdr
You can copy the host HTTP header to the proxied express server using the preserveHostHdr option.
preserveHostHdr: true}));
parseReqBody
The parseReqBody option allows you to control parsing the request body.
For example, disabling body parsing is useful for large uploads where it would be inefficient
to hold the data in memory.
Note: this setting is required for binary uploads. A future version of this library may handle this for you.
This defaults to true in order to preserve legacy behavior.
When false, no action will be taken on the body and accordingly will no longer be set.
Note that setting this to false overrides reqAsBuffer and reqBodyEncoding below.
parseReqBody: false}));
reqAsBuffer
Note: this is an experimental feature. ymmv
The reqAsBuffer option allows you to ensure the req body is encoded as a Node
Buffer when sending a proxied request. Any value for this is truthy.
This defaults to to false in order to preserve legacy behavior. Note that
the value of reqBodyEnconding is used as the encoding when coercing strings
(and stringified JSON) to Buffer.
Ignored if parseReqBody is set to false.
reqAsBuffer: true}));
reqBodyEncoding
Encoding used to decode request body. Defaults to utf-8.
Use null to preserve as Buffer when proxied request body is a Buffer. (e. g image upload)
Accept any values supported by raw-body.
The same encoding is used in the intercept method.
(‘/post’, proxy(”, {
reqBodyEncoding: null}));
timeout
By default, node does not express a timeout on connections.
Use timeout option to impose a specific timeout.
Timed-out requests will respond with 504 status code and a X-Timeout-Reason header.
(‘/’, proxy(”, {
timeout: 2000 // in milliseconds, two seconds}));
Trace debugging
The node-debug module is used to provide a trace debugging capability.
DEBUG=express–proxy npm run YOUR_PROGRAM
DEBUG=express–proxy npm run YOUR_PROGRAM | grep ‘express–proxy’ # to filter down to just these messages
Will trace the execution of the express–proxy module in order to aide debugging.
Upgrade to 1. 0, transition guide and breaking changes
decorateRequest has been REMOVED, and will generate an error when called. See proxyReqOptDecorator and proxyReqBodyDecorator.
Resolution: Most authors will simply need to change the method name for their
decorateRequest method; if author was decorating reqOpts and reqBody in the
same method, this will need to be split up.
intercept has been REMOVED, and will generate an error when called. See userResDecorator.
Resolution: Most authors will simply need to change the method name from intercept to userResDecorator, and exit the method by returning the value, rather than passing it to a callback. :
Before:
intercept: function(proxyRes, proxyResData, userReq, userRes, cb) {
cb(null, ringify(data));}}));
Now:
forwardPath and forwardPathAsync have been DEPRECATED and will generate a warning when called. See proxyReqPathResolver.
Resolution: Simple update the name of either forwardPath or forwardPathAsync to proxyReqPathResolver.
When errors occur on your proxy server
When your proxy server responds with an error, express–proxy returns a response with the same status code. See test/catchingErrors for syntax details.
When your proxy server times out, express–proxy will continue to wait indefinitely for a response, unless you define a timeout as described above.
Questions
Q: Does it support proxy?
The library will automatically use if the provided path has ” or ‘:443’. You may also set option to true to always use.
You can use proxyReqOptDecorator to ammend any auth or challenge headers required to succeed.
Q: How can I support non-standard certificate chains?
You can use the ability to decorate the proxy request prior to sending. See proxyReqOptDecorator for more details.
proxyReqOptDecorator: function(proxyReqOpts, originalReq) {
= [caCert, intermediaryCert]
return proxyReqOpts;}})
Q: How to ignore self-signed certificates?
You can set the rejectUnauthorized value in proxy request options prior to sending. See proxyReqOptDecorator for more details.
jectUnauthorized = false
return proxyReqOpts;}}))
Release Notes
Release
Notes
1. 6. 2
Update versions used by ci.
1. 1
Minor bug fixes and documentation.
1. 0
Do gzip and gunzip aysyncronously. Test and documentation improvements, dependency updates.
1. 5. 1
Fixes bug in stringifying debug messages.
1. 0
Fixes bug in filter signature. Fix bug in skipToNextHandler, add expressHttpProxy value to user res when skipped. Add tests for host as ip address.
1. 4. 0
DEPRECATED. Critical bug in the filter api.
1. 3. Critical bug in the filter api. filter now supports Promises. Update linter to eslint.
1. 2. 0
Auto-stream when no decorations are made to req/res. Improved docs, fixes issues in maybeSkipToNexthandler, allow authors to manage error handling.
1. 1. 0
Add step to allow response headers to be modified.
1. 0. 7
Update dependencies. Improve docs on promise rejection. Fix promise rejection on body limit. Improve debug output.
1. 6
Fixes preserveHostHdr not working, skip userResDecorator on 304, add maybeSkipToNext, test improvements and cleanup.
1. 5
Minor documentation and test patches
1. 4
Minor documentation, test, and package fixes
1. 3
Fixes ‘limit option is not taken into account
1. 2
Minor docs corrections.
1. 1
Minor docs adjustments.
1. 0
Major revision. REMOVE decorateRequest, ADD proxyReqOptDecorator and proxyReqBodyDecorator. REMOVE intercept, ADD userResDecorator userResDecorator supports a Promise form for async operations. General cleanup of structure and application of hooks. Documentation improvements. Update all dependencies. Re-organize code as a series of workflow steps, each (potentially) supporting a promise, and creating a reusable pattern for future development.
0. 11. 0
Allow author to prevent host from being memoized between requests. General program cleanup.
0. 10. 1
Fixed issue where ‘body encoding’ was being incorrectly set to the character encoding. Dropped explicit support for node 0. Intercept can now deal with gziped responses. Author can now ‘force ‘, even if the original request is over. Do not call next after ECONNRESET catch.
0. 0
Fix regression in forwardPath implementation.
0. 9. 1
Documentation updates. Set ‘Accept-Encoding’ header to match bodyEncoding.
0. 0
Better handling for request body when body is JSON.
0. 8. 0
Features: add forwardPathAsync option Updates: modernize dependencies Fixes: Exceptions parsing proxied response causes error: Can’t set headers after they are sent. (#111) If client request aborts, proxied request is aborted too (#107)
0. 7. 4
Move jscs to devDependencies to avoid conflict with nsp.
0. 3
Adds a timeout option. Code organization and small bug fixes.
0. 2
Collecting many minor documentation and test improvements.
0. 0
Signature of intercept callback changed from function(data, req, res, callback) to function(rsp, data, req, res, callback) where rsp is the original response from the target
Licence
MIT
Build a Node.js Proxy Server in Under 10 minutes! – Twilio
We have all heard the term “proxy”. It might sound like it’s some kind of portal to a new dimension from the Matrix movies, but it turns out it’s very very useful!
In a nutshell, a proxy is an intermediary application which sits between two (or more) services and processes/modifies the requests and responses in both directions. This sounds complicated, I know, but let’s try with a simpler analogy:
Imagine you meet someone from Spain, but you don’t speak Spanish. What do you do? Well, you remember that your friend Santiago knows both Spanish and English and can translate for you.
The process goes like this:
You tell something to Santiago in English
Santiago translates it to Spanish in his head and says it in Spanish to your new friend
Your new friend replies back to Santiago in Spanish
Santiago then translates it in his head and tells you the response in English
Santiago in this case serves as a proxy between you and your new friend. You can’t speak directly to each other but thanks to the translator you can relay messages (i. e. requests and responses) and have a conversation!
Okay, now that we know what a proxy is, what are the use cases for it? Well, here are a few that we, at Twilio, find really useful:
Authorization – Forward only requests that are authorized to access a service
Load balancing – Distribute the requests equally among many instances
Logging – Log every requests going to a Back End API service
And many more…
Now that you know what a proxy is and why it is useful, let’s build a simple one using!
Prerequisites
To follow along, you need and Yarn installed, which are available on Mac, Windows and Linux distributions.
Build the simple proxy
In a few easy steps we are going to create a simple proxy in which can forward requests to multiple different servers/endpoints!
The full code which will be implemented step-by-step is available on GitHub here.
Initialize the project
Let’s start by initiating a new node project:
This will generate a file which will contain a basic project configuration. The command will prompt you with multiple questions (name, version, description, etc. ) – you can click ‘Enter’ on all of them to accept the default values (for example, by default the entry point will be).
Install dependencies
We need a few packages to make the proxy work:
express: Minimalist web framework
-proxy-middleware: Simple proxy framework
(optional) morgan – HTTP request logger middleware
which we can install by running:
yarn add express -proxy-middleware morgan
Define a start command
We need to add a start command to our project, so after a small change, your file should look like this (Depending on when you install these packages, some version numbers might differ, but their core functionality should stay the same. If the behaviour is drastically different, check their latest documentations. ):
{
“name”: “simple-nodejs-proxy”,
“version”: “1. 0. 0”,
“main”: “”,
“license”: “MIT”,
“dependencies”: {
“express”: “^4. 17. 1”,
“-proxy-middleware”: “^1. 5”,
“morgan”: “^1. 10. 0”},
“scripts”: {
“start”: “node “}}
If we now add an empty file, we can execute the project through:
This should run the file. Because the file is empty the console output should also be empty.
But enough configurations, let’s actually proxy some requests!
Create a simple proxy
This is where the interesting bits begin. Go ahead and open the file and add the necessary imports:
const express = require(‘express’);
const morgan = require(“morgan”);
const { createProxyMiddleware} = require(‘-proxy-middleware’);
Now we can create a basic express server and define some constants which we will use later:
// Create Express Server
const app = express();
// Configuration
const PORT = 3000;
const HOST = “localhost”;
const API_SERVICE_URL = “;
Before we implement the proxy logic, we can add the morgan middleware which logs the incoming requests:
// Logging
(morgan(‘dev’));
To be able to test that we proxy only what we want, let’s add a mock /info endpoint which doesn’t forward the request, but rather returns a simple text response:
// Info GET endpoint
(‘/info’, (req, res, next) => {
(‘This is a proxy service which proxies to Billing and Account APIs. ‘);});
Before defining the proxy endpoints, let’s also add a simple authorization/permission handling middleware which sends 403 (Forbidden) if the Authorization Header is missing:
// Authorization
(”, (req, res, next) => {
if (thorization) {
next();} else {
ndStatus(403);}});
Then we define the proxy endpoint. We want to proxy all requests starting with /json_placeholder to the notorious JSONPlaceholder API (a simple mock API which contains multiple endpoints supporting all HTTP methods). We also define a pathRewrite so that /json_placeholder is omitted when forwarded to the API:
// Proxy endpoints
(‘/json_placeholder’, createProxyMiddleware({
target: API_SERVICE_URL,
changeOrigin: true,
pathRewrite: {
[`^/json_placeholder`]: ”, }, }));
This way, when we, for example, send a request to localhost:3000/json_placeholder/posts/1, the URL will be rewritten to
And, last but not least, we start the configured server with this function call:
// Start the Proxy
(PORT, HOST, () => {
(`Starting Proxy at ${HOST}:${PORT}`);});
Run the proxy
Let’s start the proxy with the following command:
This prints something along the lines of:
yarn run v1. 22. 4
$ node
[HPM] Proxy created: / -> [HPM] Proxy rewrite rule created: “^/json_placeholder” ~> “”
Starting Proxy at localhost:3000
The proxy should now be running and if we open a second terminal and send a GET request to the /info:
We should receive a response from our proxy. And, unsurprisingly, we get:
This is a proxy service which proxies to JSONPlaceholder API.
Okay, this is great and all, but we don’t want some boring GET endpoints, we want to proxy!
In order to test the proxying, we can send a new GET request like this:
curl localhost:3000/json_placeholder/posts/1
Oh, no! This returns:
Fear not, this is expected because we included the authorization middleware which requires that every request contains an Authorization Header. So, make this small modification (you can even change it to your name because due to the simplicity of our authorization step, every name would work! ):
curl -H “Authorization: nikolay” localhost:3000/json_placeholder/posts/1
This gives us:
“userId”: 1,
“id”: 1,
“title”: “sunt aut facere repellat provident occaecati excepturi optio reprehenderit”,
“body”: “quia et suscipit\nsuscipit recusandae consequuntur expedita et cum\nreprehenderit molestiae ut ut quas totam\nnostrum rerum est autem sunt rem eveniet architecto”}
Hooray! Your first successfully proxied request! We can even try this with a POST request:
curl -X POST -H “Authorization: real_user” –data ‘{“title”: “Build a Proxy Server in Under 10 minutes! “, “body”: “We have all heard the term “proxy”… “, userId=”1”}’ localhost:3000/json_placeholder/posts
The POST request works as expected:
“{\”title\””: \””Build a Proxy Server in Under 10 minutes! \””