Examples

• Hello World
• URL Decoding
• URL Encoding
• Internal Redirect
• Returning Fastest Response from Proxy
• Creating HS JWT
• Accessing API from a Subrequest
• Creating secure_link Hash

Hello World

nginx.conf:

load_module modules/ngx_http_js_module.so;

events {}

http {
    js_include hello_world.js;

    server {
        listen 8000;

        location / {
            js_content hello;
        }
    }
}

hello_world.js:

function hello(r) {
    r.return(200, "Hello world!");
}

URL Decoding

nginx.conf:

js_include urldecode.js;

js_set $decoded_foo decoded_foo;

urldecode.js:

function decoded_foo(r) {
    return decodeURIComponent(r.args.foo);
}

URL Encoding

nginx.conf:

js_include urlencode.js;

js_set $encoded_foo encoded_foo;
...

location / {
    proxy_pass http://example.com?foo=$encoded_foo;
}

urlencode.js:

function encoded_foo(r) {
    return encodeURIComponent('foo & bar?');
}

Internal Redirect

nginx.conf:

js_include redirect.js;

location /redirect {
    js_content redirect;
}

location @named {
    return 200 named;
}

redirect.js:

function redirect(r) {
    r.internalRedirect('@named');
}

Returning Fastest Response from Proxy

nginx.conf:

js_include fastresponse.js;

location /start {
    js_content content;
}

location /foo {
    proxy_pass http://backend1;
}

location /bar {
    proxy_pass http://backend2;
}

fastresponse.js:

function content(r) {
    var n = 0;

    function done(res) {
        if (n++ == 0) {
            r.return(res.status, res.responseBody);
        }
    }

    r.subrequest('/foo', r.variables.args, done);
    r.subrequest('/bar', r.variables.args, done);
}

Creating HS JWT

nginx.conf:

js_include hs_jwt.js;

js_set $jwt jwt;

hs_jwt.js:

function create_hs256_jwt(claims, key, valid) {
    var header = { "typ" : "JWT", "alg" : "HS256", "exp" : Date.now() + valid };

    var s = JSON.stringify(header).toBytes().toString('base64url') + '.'
            + JSON.stringify(claims).toBytes().toString('base64url');

    var h = require('crypto').createHmac('sha256', key);

    return s + '.' + h.update(s).digest().toString('base64url');
}

function jwt(r) {
    var claims = {
        "iss" : "nginx",
        "sub" : "alice",
        "foo" : 123,
        "bar" : "qq",
        "zyx" : false
    };

    return create_hs256_jwt(claims, 'foo', 600);
}

Accessing API from a Subrequest

nginx.conf:

js_include subrequest.js;

keyval_zone zone=foo:10m;
...

location /keyval {
    js_content set_keyval;
}

location /version {
    js_content version;
}

location /api {
    api write=on;
}

subrequest.js:

function set_keyval(r) {
    r.subrequest('/api/3/http/keyvals/foo',
        { method: 'POST',
          body: JSON.stringify({ foo: 789, bar: "ss dd 00" })},

        function(res) {
            if (res.status >= 300) {
                r.return(res.status, res.responseBody);
                return;
            }
            r.return(500);
        });
}

function version(r) {
    r.subrequest('/api/3/nginx', { method: 'GET' }, function(res) {
        if (res.status != 200) {
            r.return(res.status);
            return;
        }

        var json = JSON.parse(res.responseBody);
        r.return(200, json.version);
    });
}

Creating secure_link Hash

nginx.conf:

js_include hash.js;

js_set $new_foo create_secure_link;
...

location / {
    secure_link $cookie_foo;
    secure_link_md5 "$uri mykey";
    ...
}

location @login {
    add_header Set-Cookie "foo=$new_foo; Max-Age=60";
    return 302 /;
}

hash.js:

function create_secure_link(r) {
    return require('crypto').createHash('md5')
                            .update(r.uri).update(" mykey")
                            .digest('base64url');
}