Knowledge Base

cancel
Showing results for 
Search instead for 
Did you mean: 

Why is NGINX server-side correlation missing?

Problem:

Users with a mobile app monitoring applications behind an NGINX server will experience missing server-side correlation. This is due to a security standard used by NGINX that acts on underscores in headers such as the metadata passed by the App agent. 

 

Example:

["Accept: application/json" --header "ADRUM: isAjax:true" --header "ADRUM_1: isMobile:true"]

 

According to NGINX documentation, this is done in order to prevent ambiguities when mapping headers to CGI variables, as both dashes and underscores are mapped to underscores during that process.

 

Diagnosis: 

Get the response header from the client side of the network with the following command:

curl -v --header "ADRUM: isAjax:true" --header "ADRUM_1: isMobile:true" <http[s]://<endpoint>>
 
Expected: abbreviated response headers, like the following.
< ADRUM_0: g:a3e4e4a4-0406-4fc2-819e-ea6521359a3c84480 
< ADRUM_1: i:563
< ADRUM_2: n:customer1_cef43e07-de57-4fce-939a-54a6c5dcdf56
 
Instead, Mobile Agent results:
< ADRUM_0: clientRequestGUID:3de4f995-e0ba-4d59-971f-d653e1ea44cf
< ADRUM_1: globalAccountName:customer1_7cc5e33b-579e-4e57-b302-b1eb63b30a0c
 

Solution:

The user must explicitly set underscores_in_headers on;, to prevent NGINX from silently dropping HTTP headers that contain underscores.

 
Version history
Revision #:
5 of 5
Last update:
‎10-12-2018 02:09 PM
Updated by:
 
Labels (1)
0 Kudos