RE: Correct behavior of reverse proxies WRT host field.

> From: Wallace, William
> Sent: Wednesday, April 28, 1999 10:53

> I'm wondering what the correct behavior of a reverse proxy is with respect
> to the host field in the request. At least one of the
> commercially available
> proxies modifies this field as the request is forwarded, setting it to the
> address of the destination machine behind it.

First, there isn't any definition for a 'reverse' proxy, so there cannot be
any rule for how it should behave.

The functionality you describe sounds more like a gateway to me (an
http-http gateway) in that it is not transparent (it hides from the user
agent the fact that it is forwarding the request).
With respect to the real (internal) origin server, it is behaving as a
client, and so its translation of the Host header is appropriate (it is
setting it to the origin server as it sees it).

> This causes problems in the following scenario (and probably elsewhere as
> well):
> 1) user sends a request for /<directory name>
> 2) reverse proxy converts the host address in the request header (to an IP
> address known only on the internal network).
> 2) web server (IIS or Netscape) issues a redirect with Location: <internal
> host>://<directory name>/

This step appears to me to be where the problem actually occurs.  Either the
gateway server should realize that the redirect is to an internal server and
just do the redirected request (hiding the fact that it occurred from the
outside user agent), or it should translate the Location header in the
response that it forwards to that outside user so that the URL is useable
(presumably to direct the request to itself with whatever recognizer it uses
to translate to the internal server again).

--
Scott Lawrence           Director of R & D        <lawrence@agranat.com>
Agranat Systems, Inc.  Embedded Web Technology   http://www.agranat.com/

Received on Wednesday, 5 May 1999 11:32:29 UTC