How to Allow Underscore Headers in Nginx
Learn how to configure Nginx to accept HTTP headers containing underscores.
Have you ever noticed that some HTTP request headers are missing when using Nginx?
I experienced this issue myself. Headers containing underscores (such as _Security_Token_ or _Device_ID_) were silently dropped by Nginx. This caused problems during mobile app testing, as token authentication kept failing.
It turns out that HTTP headers with underscores are uncommon and generally discouraged when possible.
The problem is, sometimes you don’t have control over how the upstream server works.
Luckily, Nginx does provide an option to allow them.
To enable support for underscore headers, add the following directive to your Nginx configuration:
underscores_in_headers on;Here’s an example from my Nginx config:
server {
listen 80;
server_name api.example.junian.net;
underscores_in_headers on;
location / {
proxy_pass http://upstream.example.com;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}After enabling underscores_in_headers, my upstream server was able to process HTTP headers with underscores without any issues.
I hope this simple tutorial helps if you’re facing a similar problem.
Have you had a similar experience or found a different solution? Feel free to share in the comments below.
Thank you, and have a great day!
