With forward_auth, how can I copy X-Updated-Cookies > Cookies?

1. The problem I’m having:

In a foward_auth server ( host.docker.internal:3040), I’m adding a value to the cookie, and setting a new header: X-Updated-Cookie.

# Caddyfile
:2999 {
  forward_auth host.docker.internal:3040 {
    uri /forward_auth #
    copy_headers X-Updated-Cookie > Cookie
  }
  reverse_proxy host.docker.internal:3000
}

2. Error messages and/or full log output:

In the backend system ) host.docker.internal:3000 - I can see both the X-Updated-Cookie and the Cookie values:

[ce21374a-6351-4d3b-ba63-35e19ded3767] [BACKEND_COOKIE_DEBUG] Raw Cookie header: "_booko_session=f3OwvHy8%2BTwz8fxHrTpUe8gmKHmZXntWTIjNk3LKeHm0d6FvbChO%2Bk%2FehQqeub88i7jh2XuIqIeXWXYr0GLBiQqor4H%2Bre2feEFfbFZZ7ujK97IyDg3U6WOdMPPfGupSw%2FDINlIdU3RIzvnZolwbav59RxhVbxf88tC548TgvyQ6%2Fv0dGL7xXxAF1Mr7KuijlOdS%2B9rMWTjNFJ0RYDSqLmc7LPr%2BPU6ufWDJAZUO47EpV%2BcrhToWXiqvFTACiOfWHxK%2BgP08Uh8AIY27bPN7ReyVbw4IbMf6RCJKMf1aNay8vObgt8Oe%2F2LnWQl2DAMZIKnLEhQtZK4Jr6lAWEPDI0D6OvRVJHfx27c%3D--%2Bpxup8iBd2ZIiPcQ--ww9oAlcjLzIz0z7W%2B6Pl8A%3D%3D; ahoy_visit=69325e17-7a73-4825-b580-88d91b4da52c; ahoy_visitor=367ea57b-a934-452d-b62c-9d50c343f7fa; cookie_confirmed=false; region_confirmed=false; region_id=eyJfcmFpbHMiOnsibWVzc2FnZSI6Ik1RPT0iLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5yZWdpb25faWQifX0%3D--65dc9882ae92f2195242b5d1d1f46fcda04e87e1; __profilin=p%3Dt"
[ce21374a-6351-4d3b-ba63-35e19ded3767] [BACKEND_COOKIE_DEBUG] X-Updated-Cookie header: "_booko_session=f3OwvHy8%2BTwz8fxHrTpUe8gmKHmZXntWTIjNk3LKeHm0d6FvbChO%2Bk%2FehQqeub88i7jh2XuIqIeXWXYr0GLBiQqor4H%2Bre2feEFfbFZZ7ujK97IyDg3U6WOdMPPfGupSw%2FDINlIdU3RIzvnZolwbav59RxhVbxf88tC548TgvyQ6%2Fv0dGL7xXxAF1Mr7KuijlOdS%2B9rMWTjNFJ0RYDSqLmc7LPr%2BPU6ufWDJAZUO47EpV%2BcrhToWXiqvFTACiOfWHxK%2BgP08Uh8AIY27bPN7ReyVbw4IbMf6RCJKMf1aNay8vObgt8Oe%2F2LnWQl2DAMZIKnLEhQtZK4Jr6lAWEPDI0D6OvRVJHfx27c%3D--%2Bpxup8iBd2ZIiPcQ--ww9oAlcjLzIz0z7W%2B6Pl8A%3D%3D; ahoy_visit=69325e17-7a73-4825-b580-88d91b4da52c; ahoy_visitor=367ea57b-a934-452d-b62c-9d50c343f7fa; cookie_confirmed=false; region_confirmed=false; region_id=eyJfcmFpbHMiOnsibWVzc2FnZSI6Ik1RPT0iLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5yZWdpb25faWQifX0%3D--65dc9882ae92f2195242b5d1d1f46fcda04e87e1; __profilin=p%3Dt; baffle_session=eyJhY3Rpb24iOiJhbGxvdyIsInJlZGlyZWN0X3VybCI6bnVsbCwicmVkaXJlY3Rfc3RhdHVzIjpudWxsLCJoZWFkZXJzIjp7fSwiY2xpZW50X2ZpbmdlcnByaW50Ijp7ImlwX2hhc2giOiIzODM4MTI0MjU3IiwidXNlcl9hZ2VudF9oYXNoIjoiMTkxNjQ5OTIwMSJ9LCJjcmVhdGVkX2F0IjoxNzYyNDczMjk3LjE0ODUyMSwibnJfcnVsZXNfdXBkYXRlZF9hdCI6IjIwMjUtMTEtMDZUMjM6NTQ6NTcuMTUwWiJ9--da41e0c9f132be7df55844f9f7703ceaa7d553b2"
[ce21374a-6351-4d3b-ba63-35e19ded3767] [BACKEND_COOKIE_DEBUG] Parsed cookies: {"_booko_session" => "f3OwvHy8+Twz8fxHrTpUe8gmKHmZXntWTIjNk3LKeHm0d6FvbChO+k/ehQqeub88i7jh2XuIqIeXWXYr0GLBiQqor4H+re2feEFfbFZZ7ujK97IyDg3U6WOdMPPfGupSw/DINlIdU3RIzvnZolwbav59RxhVbxf88tC548TgvyQ6/v0dGL7xXxAF1Mr7KuijlOdS+9rMWTjNFJ0RYDSqLmc7LPr+PU6ufWDJAZUO47EpV+crhToWXiqvFTACiOfWHxK+gP08Uh8AIY27bPN7ReyVbw4IbMf6RCJKMf1aNay8vObgt8Oe/2LnWQl2DAMZIKnLEhQtZK4Jr6lAWEPDI0D6OvRVJHfx27c=--+pxup8iBd2ZIiPcQ--ww9oAlcjLzIz0z7W+6Pl8A==", "ahoy_visit" => "69325e17-7a73-4825-b580-88d91b4da52c", "ahoy_visitor" => "367ea57b-a934-452d-b62c-9d50c343f7fa", "cookie_confirmed" => "false", "region_confirmed" => false, "region_id" => "eyJfcmFpbHMiOnsibWVzc2FnZSI6Ik1RPT0iLCJleHAiOm51bGwsInB1ciI6ImNvb2tpZS5yZWdpb25faWQifX0=--65dc9882ae92f2195242b5d1d1f46fcda04e87e1", "__profilin" => "p=t"}

you can see in the X-Update-Cookie there’s an extra baffle_session value I want to add to the cookie.

3. Caddy version:

v2.10.2 h1:g/gTYjGMD0dec+UgMw8SnfmJ3I9+M2TdvoRL/Ovu6U8=

4. How I installed and ran Caddy:

docker run --rm -it -p 2999:2999 -v $PWD/etc/caddy:/etc/caddy caddy:2-alpine

# Caddyfile
:2999 {
  forward_auth host.docker.internal:3040 {
    uri /forward_auth #
    copy_headers X-Updated-Cookie > Cookie
  }
  reverse_proxy host.docker.internal:3000
}

a. System environment:

MacOS 15,7,1

b. Command:

docker run --rm -it -p 2999:2999 -v $PWD/etc/caddy:/etc/caddy caddy:2-alpine

c. Service/unit/compose file:

d. My complete Caddy config:

2999 {
  forward_auth host.docker.internal:3040 {
    uri /forward_auth        # or whatever auth endpoint you expose
    copy_headers X-Updated-Cookie > Cookie
  }
  reverse_proxy host.docker.internal:3000
}

5. Links to relevant resources:

Self reply - it should have no spaces! X-Updated-Cookie>Cookie

Works now.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.