Forwarding custom headers

Hi there, you will have to forgive me because I am very green at this stuff. But could you tell me whether Boringproxy can forward custom headers - the reason for this is kind of a first level of security - i only people to be able access the tunnel if this is done from my site - so I have an nginx server running on the local machine that checks if a custom header is present and if so forwards it to a flask app to authenticate the user. But the headers don’t seem to be forwarded. Any help whatsoever would be greatly appreciated. (BTW what a brilliant piece of software, congratulations and thanks Anders)

1 Like

Thanks Paul. boringproxy should transparently forward any headers that aren’t related to security. For example, the X-Forwarded-For header will not be forwarded unless you set the -behind-proxy flag, because otherwise clients could spoof their IP.

If you can provide more details about how your system is set up and what is connected to what I might be able to help debug. It sounds like you have a flask app and nginx both running on the same machine as the boringproxy client?

One thing you might try is using Client raw TLS termination when creating the tunnel. That prevents boringproxy from doing anything to the headers, so what nginx sees is exactly what the client sent.