ingress-nginx: Setting headers doesn't seem to work at all

I’m trying to set headers with the 0.9 beta, and none of them are being set. Config is below.

nginx-deployment.yaml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: nginx
  namespace: nginx-ingress
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      terminationGracePeriodSeconds: 60
      containers:
        - image: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.2
          name: nginx
          env:
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          readinessProbe:
            httpGet:
              path: /healthz
              port: 10254
              scheme: HTTP
          livenessProbe:
            httpGet:
              path: /healthz
              port: 10254
              scheme: HTTP
            initialDelaySeconds: 30
            timeoutSeconds: 5
          ports:
            - containerPort: 80
            - containerPort: 443
          args:
            - /nginx-ingress-controller
            - --default-backend-service=nginx-ingress/default-http-backend
            - --configmap=nginx-ingress/nginx
            - --tcp-services-configmap=nginx-ingress/nginx-tcp

nginx-configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx
  namespace: nginx-ingress
data:
  proxy-connect-timeout: "15"
  proxy-read-timeout: "600"
  proxy-send-imeout: "600"
  proxy-body-size: "64m"
  server-name-hash-bucket-size: "256"
  server-tokens: "false"
  proxy-set-headers: "nginx-ingress/proxy-headers"

nginx-proxy-headers-configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: proxy-headers
  namespace: nginx-ingress
data:
  Content-Security-Policy: "default-src 'self'; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://www.google.com/recaptcha/"
  Referrer-Policy: "Referrer-Policy: strict-origin-when-cross-origin"
  X-Frame-Options: "SAMEORIGIN"
  X-XSS-Protection: "1; mode=block"
  X-Content-Type-Options: "nosniff"

About this issue

Original URL
State: closed
Created 7 years ago
Comments: 20 (8 by maintainers)

Most upvoted comments

@ccatlett2000 if you want to add header to the response you can use the configuration-snippet annotation

aledbf on Mar 8, 2017

Using add-headers instead of proxy-set-headers works for me.

apiVersion: v1
data:
  X-Frame-Options: SAMEORIGIN
kind: ConfigMap
metadata:
  name: custom-headers
  namespace: ingress-nginx

apiVersion: v1
data:
  add-headers: ingress-nginx/custom-headers
kind: ConfigMap
metadata:
  name: ingress-nginx-controller
  namespace: ingress-nginx

stpabhi on Mar 12, 2021