Skip to main content

Intercept and Rewrite Headers in HTTP Redirect Responses

Many of our customers use ngrok for site-to-site connectivity. This is usually pretty straightforward, but occasionally a service requires a specific Host header or uses internal DNS names or redirect flows that break in an outbound tunneled environment (e.g., 302 redirects to internal.corp.local).

With ngrok, you can use the url-rewrite action in a to intercept 302 redirect headers coming from customer apps to preserve UX and agent behavior.

1. Create an endpoint for the customer's upstream service

Start an internal Agent Endpoint, replacing $PORT based on where the upstream service listens and using a URL namespacing scheme that logically separates individual services and customers. You can also use one of our SDKs or the Kubernetes Operator.

Depending on how you work with your customer, you may be creating this endpoint or instructing them how to do it themselves.

Loading…

2. Reserve a domain

Navigate to the Domains section of the ngrok dashboard and click New + to reserve a free static domain like https://service-01.customer-abc.ngrok.app or a custom domain you already own.

We'll refer to this domain as $NGROK_DOMAIN from here on out.

3. Create a Cloud Endpoint

Navigate to the Endpoints section of the ngrok dashboard, then click New + and Cloud Endpoint.

In the URL field, enter the domain you just reserved to finish creating your Cloud Endpoint.

4. Use Traffic Policy to route traffic and edit headers

While still viewing your new cloud endpoint in the dashboard, copy and paste the policy below into the Traffic Policy editor, then replace $NGROK_DOMAIN.

Loading…

What's happening here? First, this policy rewrites the Host header on all requests to 127.0.0.1 so that your customer's upstream service recognizes the request as coming from the same local network, not through ngrok, then forwards the request to the internal Agent Endpoint you created in the first step.

During the HTTP response, the policy then checks whether the status code is 302, which indicates content has moved. If the status code is 302, then the policy saves the existing path to a variable, removes the Location header, and writes a new Location header by building a new URL based on $NGROK_URL and the original path.

What's next?