Ocsigen

Server

Home

Doc

Eliom

Js_of_ocaml

Server

Lwt

Tyxml

Start

Warning: Reason support is experimental. We are looking for beta-tester and contributors.

Revproxy

Revproxy is a reverse proxy for Ocsigen.

This module allows to transmit some requests to another Web server using the HTTP or HTTPS protocol. For example if you want to use Ocsigen together with another Web server (Apache, Tomcat, etc. or even another Ocsigen).

Configuration

To use that extension, load OCamlfind package ocsigenserver.ext.revproxy, either from your Dune file (if you are using static linking), or from the configuration file: 

<extension findlib-package="ocsigenserver.ext.revproxy"/>

This page describes the configuration file options. If you are building a statically linked executable without configuration file, use the corresponding functions from module Revproxy.

Here are some examples of configuration file options: 

<revproxy suburl="(.*)" dest="http://my.newaddress.org:8080/\1"/>
<revproxy suburl="dir/(.*)\.html" dest="https://my.newaddress.org/\1.php"/>
<revproxy fullurl="http://(.*).mydomain.org:(80|8080)/(.*)" dest="http://\1.my.newdomain.org:\2/\3"/>

regexp is a regular expression using PERL syntax (PCRE). The destination URL is built from dest, where \i corresponds to the i-th part between parenthesis of the regular expression (was $i in older versions).

Add the attribute keephost="keephost" if you want to send the original Host header to the distant server. Otherwise, it will be computed from dest.

Add the attribute nopipeline="nopipeline" if for some reason you don't want to pipeline reverse proxy's requests. With that option, the reverse proxy will open a new connection for all requests, instead of trying to reuse connections. You probably don't need that, but if you do, please contact us to tell us what is the problem. Thank you!

You probably also need to rewrite locations in the output (if the server is doing redirections). For example: 

<outputfilter header="location" regexp="http://my.newaddress.org/(.*)" dest="http://my.publicaddress.org/\1"/>

Note that if you are using ocsigen behind a reverse proxy handling X-Forward-For and X-Forward-Proto headers ( like the revproxy module ), you should allow ocsigen to use those informations, using accesscontrol extension 

<if>
	<ip value="ip of the proxy"/>
	<then>
	 	<allow-forward-for/>
    		<allow-forward-proto/>
	</then>
</if>

Technical details

  • The reverse proxy does no caching for now.
  • The reverse proxy does pipeline the requests for server it trusts for pipelining. But current trusting criteria are probably too strong. They will probably evolve soon.