https://tech.uvoo.io/index.php?action=history&feed=atom&title=HTTPHTTP - Revision history2026-04-19T23:34:58ZRevision history for this page on the wikiMediaWiki 1.35.2https://tech.uvoo.io/index.php?title=HTTP&diff=176&oldid=previmported>Jeremy-busk at 18:12, 28 March 20192019-03-28T18:12:59Z<p></p>
<p><b>New page</b></p><div># Headers<br />
<br />
## Cookies<br />
<br />
Format example using curl --cookie "access_token=123"<br />
```<br />
Cookie: access_token=123<br />
```<br />
<br />
NGINX LUA Example<br />
```<br />
local access_token = ngx.var.cookie_access_token<br />
ngx.say(access_token)<br />
```<br />
<br />
nginx lua raw/get_headers to extract and check header key/value pairs<br />
```<br />
ngx.say(ngx.req.raw_header())<br />
local h = ngx.req.get_headers()<br />
for k, v in pairs(h) do<br />
if k == "numifex_token" then<br />
ngx.say("allow")<br />
ngx.say(k, ": ", v)<br />
end<br />
end<br />
```<br />
<br />
## Using underscores in header<br />
<br />
In NGINX enable this under server by adding `underscores_in_headers off`;<br />
<br />
* https://github.com/ledgetech/lua-resty-http/issues/114<br />
* https://stackoverflow.com/questions/22856136/why-underscores-are-forbidden-in-http-header-names - They are not forbidden. It's CGI legacy<br />
* https://serverfault.com/questions/855720/how-to-prevent-haproxy-from-dropping-http-headers-with-underscores<br />
<br />
```<br />
If you do not explicitly set underscores_in_headers on;, nginx will silently drop HTTP headers with underscores (which are perfectly valid according to the HTTP standard). This is done in order to prevent ambiguities when mapping headers to CGI variables, as both dashes and underscores are mapped to underscores during that process.<br />
```<br />
<br />
http://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers<br />
```<br />
Syntax: underscores_in_headers on | off;<br />
Default: <br />
underscores_in_headers off;<br />
Context: http, server<br />
```<br />
<br />
Security</div>imported>Jeremy-busk