Don't use context path in web application behind reverse proxy

Recently, I and my colleague build a small web project together using Spring. We use a context path other than “/“, say, “/abc” which is the project name. This setting is consistent with existing projects in my team.

But after we deploy this project behind nginx, we encounter problem. In nginx, we config something like this:

location / {

It works fine for handwritten url from client. But the url links in the response html, which is generated by this application and points to resources inside this application, does not work. All url forwarded by nginx will be prefixed with “/abc”, which is the context path of this application in web container. While the application generated url links have that prefix already. This results in wrong url links for those resources.

There are workarounds to solve this, though, but after investigation and thinking, I concludes to:

If you use reverse proxy to forward HTTP request, then don’t use context path in your application, instead let reverse proxy set context path for you.

First, if you use context path other than “/“ in your application and you want your application visited via top domain without subpath, then you must hardcode that context path in reverse proxy. The same information is hardcoded in two places, your application and the reverse proxy.

Second, if you use context path “/“ in your application and you want your application visited via subpath, reverse proxy such as nginx can set X-Forwarded-Prefix for your application to generate url links prefixed with that subpath. If the framework backing your application respect this header, you probably don’t notice that.

The underlying cause behind this conclusion is that both web application and reverse proxy are passive. They accept request, handle it, response it. The solution comes from the fact that reverse proxy stand before web application so that it can add extra informations for web application to handle in programming approach without the need to handcode such informations.