Repository files navigation

Node.js proxying made simple. Configure proxy middleware with ease forconnect,express,browser-sync andmany more.

Powered by the popular Nodejitsuhttp-proxy.

This page is showing documentation for version v2.x.x (release notes)

If you're looking for v0.x documentation. Go to:https://github.com/chimurai/http-proxy-middleware/tree/v0.21.0#readme

Proxy/api requests tohttp://www.example.org

// javascriptconstexpress=require('express');const{ createProxyMiddleware}=require('http-proxy-middleware');constapp=express();app.use('/api',createProxyMiddleware({target:'http://www.example.org',changeOrigin:true}));app.listen(3000);// http://localhost:3000/api/foo/bar -> http://www.example.org/api/foo/bar

// typescriptimport*asexpressfrom'express';import{createProxyMiddleware,Filter,Options,RequestHandler}from'http-proxy-middleware';constapp=express();app.use('/api',createProxyMiddleware({target:'http://www.example.org',changeOrigin:true}));app.listen(3000);// http://localhost:3000/api/foo/bar -> http://www.example.org/api/foo/bar

Allhttp-proxyoptions can be used, along with some extrahttp-proxy-middlewareoptions.

💡Tip: Set the optionchangeOrigin totrue forname-based virtual hosted sites.

• Install
• Core concept
• Example
• Context matching
• Options
  • http-proxy-middleware options
  • http-proxy events
  • http-proxy options
• Shorthand
  • app.use(path, proxy)
• WebSocket
  • External WebSocket upgrade
• Intercept and manipulate requests
• Intercept and manipulate responses
• Working examples
• Recipes
• Compatible servers
• Tests
• Changelog
• License

$ npm install --save-dev http-proxy-middleware

Proxy middleware configuration.

const{ createProxyMiddleware}=require('http-proxy-middleware');constapiProxy=createProxyMiddleware('/api',{target:'http://www.example.org'});//                                    \____/   \_____________________________///                                      |                    |//                                    context             options// 'apiProxy' is now ready to be used as middleware in a server.

• context: Determine which requests should be proxied to the target host.(more oncontext matching)
• options.target: target host to proxy to.(protocol + host)

(full list ofhttp-proxy-middleware configuration options)

// shorthand syntax for the example above:constapiProxy=createProxyMiddleware('http://www.example.org/api');

More about theshorthand configuration.

An example withexpress server.

// include dependenciesconstexpress=require('express');const{ createProxyMiddleware}=require('http-proxy-middleware');// proxy middleware options/**@type {import('http-proxy-middleware/dist/types').Options} */constoptions={target:'http://www.example.org',// target hostchangeOrigin:true,// needed for virtual hosted sitesws:true,// proxy websocketspathRewrite:{'^/api/old-path':'/api/new-path',// rewrite path'^/api/remove/path':'/path',// remove base path},router:{// when request.headers.host == 'dev.localhost:3000',// override target 'http://www.example.org' to 'http://localhost:8000''dev.localhost:3000':'http://localhost:8000',},};// create the proxy (without context)constexampleProxy=createProxyMiddleware(options);// mount `exampleProxy` in web serverconstapp=express();app.use('/api',exampleProxy);app.listen(3000);

Providing an alternative way to decide which requests should be proxied; In case you are not able to use the server'spath parameter to mount the proxy or when you need more flexibility.

RFC 3986path is used for context matching.

         foo://example.com:8042/over/there?name=ferret#nose         \_/   \______________/\_________/ \_________/ \__/          |           |            |            |        |       scheme     authority       path        query   fragment

• path matching

  • createProxyMiddleware({...}) - matches any path, all requests will be proxied.
  • createProxyMiddleware('/', {...}) - matches any path, all requests will be proxied.
  • createProxyMiddleware('/api', {...}) - matches paths starting with/api

• multiple path matching

  • createProxyMiddleware(['/api', '/ajax', '/someotherpath'], {...})

• wildcard path matching

  For fine-grained control you can use wildcard matching. Glob pattern matching is done bymicromatch. Visitmicromatch orglob for more globbing examples.

  • createProxyMiddleware('**', {...}) matches any path, all requests will be proxied.
  • createProxyMiddleware('**/*.html', {...}) matches any path which ends with.html
  • createProxyMiddleware('/*.html', {...}) matches paths directly under path-absolute
  • createProxyMiddleware('/api/**/*.html', {...}) matches requests ending with.html in the path of/api
  • createProxyMiddleware(['/api/**', '/ajax/**'], {...}) combine multiple patterns
  • createProxyMiddleware(['/api/**', '!**/bad.json'], {...}) exclusion

  Note: In multiple path matching, you cannot use string paths and wildcard paths together.

• custom matching

  For full control you can provide a custom function to determine which requests should be proxied or not.

  /** *@return {Boolean} */constfilter=function(pathname,req){returnpathname.match('^/api')&&req.method==='GET';};constapiProxy=createProxyMiddleware(filter,{target:'http://www.example.org',});

• option.pathRewrite: object/function, rewrite target's url path. Object-keys will be used asRegExp to match paths.

  // rewrite pathpathRewrite:{'^/old/api' :'/new/api'}// remove pathpathRewrite:{'^/remove/api' :''}// add base pathpathRewrite:{'^/' :'/basepath/'}// custom rewritingpathRewrite:function(path,req){returnpath.replace('/api','/base/api')}// custom rewriting, returning PromisepathRewrite:asyncfunction(path,req){constshould_add_something=awaithttpRequestToDecideSomething(path);if(should_add_something)path+="something";returnpath;}

• option.router: object/function, re-targetoption.target for specific requests.

  // Use `host` and/or `path` to match requests. First match will be used.// The order of the configuration matters.router:{'integration.localhost:3000' :'http://localhost:8001',// host only'staging.localhost:3000'     :'http://localhost:8002',// host only'localhost:3000/api'         :'http://localhost:8003',// host + path'/rest'                      :'http://localhost:8004'// path only}// Custom router function (string target)router:function(req){return'http://localhost:8004';}// Custom router function (target object)router:function(req){return{protocol:'https:',// The : is requiredhost:'localhost',port:8004};}// Asynchronous router function which returns promiserouter:asyncfunction(req){consturl=awaitdoSomeIO();returnurl;}

• option.logLevel: string, ['debug', 'info', 'warn', 'error', 'silent']. Default:'info'

• option.logProvider: function, modify or replace log provider. Default:console.

  // simple replacefunctionlogProvider(provider){// replace the default console log provider.returnrequire('winston');}

  // verbose replacementfunctionlogProvider(provider){constlogger=new(require('winston').Logger)();constmyCustomProvider={log:logger.log,debug:logger.debug,info:logger.info,warn:logger.warn,error:logger.error,};returnmyCustomProvider;}

Subscribe tohttp-proxy events:

• option.onError: function, subscribe to http-proxy'serror event for custom error handling.

  functiononError(err,req,res,target){res.writeHead(500,{'Content-Type':'text/plain',});res.end('Something went wrong. And we are reporting a custom error message.');}

• option.onProxyRes: function, subscribe to http-proxy'sproxyRes event.

  functiononProxyRes(proxyRes,req,res){proxyRes.headers['x-added']='foobar';// add new header to responsedeleteproxyRes.headers['x-removed'];// remove header from response}

• option.onProxyReq: function, subscribe to http-proxy'sproxyReq event.

  functiononProxyReq(proxyReq,req,res){// add custom header to requestproxyReq.setHeader('x-added','foobar');// or log the req}

• option.onProxyReqWs: function, subscribe to http-proxy'sproxyReqWs event.

  functiononProxyReqWs(proxyReq,req,socket,options,head){// add custom headerproxyReq.setHeader('X-Special-Proxy-Header','foobar');}

• option.onOpen: function, subscribe to http-proxy'sopen event.

  functiononOpen(proxySocket){// listen for messages coming FROM the target hereproxySocket.on('data',hybridParseAndLogMessage);}

• option.onClose: function, subscribe to http-proxy'sclose event.

  functiononClose(res,socket,head){// view disconnected websocket connectionsconsole.log('Client disconnected');}

The following options are provided by the underlyinghttp-proxy library.

• option.target: url string to be parsed with the url module

• option.forward: url string to be parsed with the url module

• option.agent: object to be passed to http(s).request (see Node'shttps agent andhttp agent objects)

• option.ssl: object to be passed to https.createServer()

• option.ws: true/false: if you want to proxy websockets

• option.xfwd: true/false, adds x-forward headers

• option.secure: true/false, if you want to verify the SSL Certs

• option.toProxy: true/false, passes the absolute URL as thepath (useful for proxying to proxies)

• option.prependPath: true/false, Default: true - specify whether you want to prepend the target's path to the proxy path

• option.ignorePath: true/false, Default: false - specify whether you want to ignore the proxy path of the incoming request (note: you will have to append / manually if required).

• option.localAddress : Local interface string to bind for outgoing connections

• option.changeOrigin: true/false, Default: false - changes the origin of the host header to the target URL

• option.preserveHeaderKeyCase: true/false, Default: false - specify whether you want to keep letter case of response header key

• option.auth : Basic authentication i.e. 'user:password' to compute an Authorization header.

• option.hostRewrite: rewrites the location hostname on (301/302/307/308) redirects.

• option.autoRewrite: rewrites the location host/port on (301/302/307/308) redirects based on requested host/port. Default: false.

• option.protocolRewrite: rewrites the location protocol on (301/302/307/308) redirects to 'http' or 'https'. Default: null.

• option.cookieDomainRewrite: rewrites domain ofset-cookie headers. Possible values:

  • false (default): disable cookie rewriting
  • String: new domain, for examplecookieDomainRewrite: "new.domain". To remove the domain, usecookieDomainRewrite: "".
  • Object: mapping of domains to new domains, use"*" to match all domains.
    For example keep one domain unchanged, rewrite one domain and remove other domains:

    cookieDomainRewrite: {"unchanged.domain":"unchanged.domain","old.domain":"new.domain","*":""}

• option.cookiePathRewrite: rewrites path ofset-cookie headers. Possible values:

  • false (default): disable cookie rewriting
  • String: new path, for examplecookiePathRewrite: "/newPath/". To remove the path, usecookiePathRewrite: "". To set path to root usecookiePathRewrite: "/".
  • Object: mapping of paths to new paths, use"*" to match all paths.For example, to keep one path unchanged, rewrite one path and remove other paths:

    cookiePathRewrite: {"/unchanged.path/":"/unchanged.path/","/old.path/":"/new.path/","*":""}

• option.headers: object, addsrequest headers. (Example:{host:'www.example.org'})

• option.proxyTimeout: timeout (in millis) when proxy receives no response from target

• option.timeout: timeout (in millis) for incoming requests

• option.followRedirects: true/false, Default: false - specify whether you want to follow redirects

• option.selfHandleResponse true/false, if set to true, none of the webOutgoing passes are called and it's your responsibility to appropriately return the response by listening and acting on theproxyRes event

• option.buffer: stream of data to send as the request body. Maybe you have some middleware that consumes the request stream before proxying it on e.g. If you read the body of a request into a field called 'req.rawbody' you could restream this field in the buffer option:

  'use strict';conststreamify=require('stream-array');constHttpProxy=require('http-proxy');constproxy=newHttpProxy();module.exports=(req,res,next)=>{proxy.web(req,res,{target:'http://localhost:4003/',buffer:streamify(req.rawBody),},next);};

Use the shorthand syntax when verbose configuration is not needed. Thecontext andoption.target will be automatically configured when shorthand is used. Options can still be used if needed.

createProxyMiddleware('http://www.example.org:8000/api');// createProxyMiddleware('/api', {target: 'http://www.example.org:8000'});createProxyMiddleware('http://www.example.org:8000/api/books/*/**.json');// createProxyMiddleware('/api/books/*/**.json', {target: 'http://www.example.org:8000'});createProxyMiddleware('http://www.example.org:8000/api',{changeOrigin:true});// createProxyMiddleware('/api', {target: 'http://www.example.org:8000', changeOrigin: true});

If you want to use the server'sapp.usepath parameter to match requests;Create and mount the proxy without the http-proxy-middlewarecontext parameter:

app.use('/api',createProxyMiddleware({target:'http://www.example.org',changeOrigin:true}));

app.use documentation:

• express:http://expressjs.com/en/4x/api.html#app.use
• connect:https://github.com/senchalabs/connect#mount-middleware
• polka:https://github.com/lukeed/polka#usebase-fn

// verbose apicreateProxyMiddleware('/',{target:'http://echo.websocket.org',ws:true});// shorthandcreateProxyMiddleware('http://echo.websocket.org',{ws:true});// shorter shorthandcreateProxyMiddleware('ws://echo.websocket.org');

In the previous WebSocket examples, http-proxy-middleware relies on a initial http request in order to listen to the httpupgrade event. If you need to proxy WebSockets without the initial http request, you can subscribe to the server's httpupgrade event manually.

constwsProxy=createProxyMiddleware('ws://echo.websocket.org',{changeOrigin:true});constapp=express();app.use(wsProxy);constserver=app.listen(3000);server.on('upgrade',wsProxy.upgrade);// <-- subscribe to http 'upgrade'

Intercept requests from downstream by definingonProxyReq increateProxyMiddleware.

Currently the only pre-provided request interceptor isfixRequestBody, which is used to fix proxied POST requests whenbodyParser is applied before this middleware.

Example:

const{ createProxyMiddleware, fixRequestBody}=require('http-proxy-middleware');constproxy=createProxyMiddleware({/**   * Fix bodyParser   **/onProxyReq:fixRequestBody,});

Intercept responses from upstream withresponseInterceptor. (Make sure to setselfHandleResponse: true)

Responses which are compressed withbrotli,gzip anddeflate will be decompressed automatically. The response will be returned asbuffer (docs) which you can manipulate.

Withbuffer, response manipulation is not limited to text responses (html/css/js, etc...); image manipulation will be possible too. (example)

NOTE:responseInterceptor disables streaming of target's response.

Example:

const{ createProxyMiddleware, responseInterceptor}=require('http-proxy-middleware');constproxy=createProxyMiddleware({/**   * IMPORTANT: avoid res.end being called automatically   **/selfHandleResponse:true,// res.end() will be called internally by responseInterceptor()/**   * Intercept response and replace 'Hello' with 'Goodbye'   **/onProxyRes:responseInterceptor(async(responseBuffer,proxyRes,req,res)=>{constresponse=responseBuffer.toString('utf8');// convert buffer to stringreturnresponse.replace('Hello','Goodbye');// manipulate response and return the result}),});

Check outinterception recipes for more examples.

View and play around withworking examples.

• Browser-Sync (example source)
• express (example source)
• connect (example source)
• WebSocket (example source)
• Response Manipulation (example source)

View therecipes for common use cases.

http-proxy-middleware is compatible with the following servers:

• connect
• express
• fastify
• browser-sync
• lite-server
• polka
• grunt-contrib-connect
• grunt-browser-sync
• gulp-connect
• gulp-webserver

Sample implementations can be found in theserver recipes.

Run the test suite:

# install dependencies$ yarn# linting$ yarn lint$ yarn lint:fix# building (compile typescript to js)$ yarn build# unit tests$ yarntest# code coverage$ yarn cover# check spelling mistakes$ yarn spellcheck

• View changelog

The MIT License (MIT)

Copyright (c) 2015-2022 Steven Chim