zap The one-liner node.js http-proxy middleware for connect, express and browser-sync

License: MIT

Language: TypeScript

Keywords: browser-sync, connect, express, http-proxy, javascript, middleware, node, nodejs, proxy, proxy-middleware, websocket


Build Status Coveralls dependency Status dependency Status code style: prettier

Node.js proxying made simple. Configure proxy middleware with ease for connect, express, browser-sync and many more.

Powered by the popular Nodejitsu http-proxy. GitHub stars


Proxy /api requests to

var express = require('express');
var proxy = require('http-proxy-middleware');

var app = express();

  proxy({ target: '', changeOrigin: true })

// http://localhost:3000/api/foo/bar ->

All http-proxy options can be used, along with some extra http-proxy-middleware options.

💡 Tip: Set the option changeOrigin to true for name-based virtual hosted sites.

Table of Contents


$ npm install --save-dev http-proxy-middleware

Core concept

Proxy middleware configuration.

proxy([context,] config)

var proxy = require('http-proxy-middleware');

var apiProxy = proxy('/api', { target: '' });
//                   \____/   \_____________________________/
//                     |                    |
//                   context             options

// 'apiProxy' is now ready to be used as middleware in a server.
  • context: Determine which requests should be proxied to the target host. (more on context matching)
  • target host to proxy to. (protocol + host)

(full list of http-proxy-middleware configuration options)

proxy(uri [, config])

// shorthand syntax for the example above:
var apiProxy = proxy('');

More about the shorthand configuration.


An example with express server.

// include dependencies
var express = require('express');
var proxy = require('http-proxy-middleware');

// proxy middleware options
var options = {
  target: '', // target host
  changeOrigin: true, // needed for virtual hosted sites
  ws: true, // proxy websockets
  pathRewrite: {
    '^/api/old-path': '/api/new-path', // rewrite path
    '^/api/remove/path': '/path' // remove base path
  router: {
    // when == 'dev.localhost:3000',
    // override target '' to 'http://localhost:8000'
    'dev.localhost:3000': 'http://localhost:8000'

// create the proxy (without context)
var exampleProxy = proxy(options);

// mount `exampleProxy` in web server
var app = express();
app.use('/api', exampleProxy);

Context matching

Providing an alternative way to decide which requests should be proxied; In case you are not able to use the server's path parameter to mount the proxy or when you need more flexibility.

RFC 3986 path is used for context matching.

         \_/   \______________/\_________/ \_________/ \__/
          |           |            |            |        |
       scheme     authority       path        query   fragment
  • path matching

    • proxy({...}) - matches any path, all requests will be proxied.
    • proxy('/', {...}) - matches any path, all requests will be proxied.
    • proxy('/api', {...}) - matches paths starting with /api
  • multiple path matching

    • proxy(['/api', '/ajax', '/someotherpath'], {...})
  • wildcard path matching

    For fine-grained control you can use wildcard matching. Glob pattern matching is done by micromatch. Visit micromatch or glob for more globbing examples.

    • proxy('**', {...}) matches any path, all requests will be proxied.
    • proxy('**/*.html', {...}) matches any path which ends with .html
    • proxy('/*.html', {...}) matches paths directly under path-absolute
    • proxy('/api/**/*.html', {...}) matches requests ending with .html in the path of /api
    • proxy(['/api/**', '/ajax/**'], {...}) combine multiple patterns
    • proxy(['/api/**', '!**/bad.json'], {...}) exclusion

    Note: In multiple path matching, you cannot use string paths and wildcard paths together.

  • custom matching

    For full control you can provide a custom function to determine which requests should be proxied or not.

     * @return {Boolean}
    var filter = function(pathname, req) {
      return pathname.match('^/api') && req.method === 'GET';
    var apiProxy = proxy(filter, { target: '' });


http-proxy-middleware options

  • option.pathRewrite: object/function, rewrite target's url path. Object-keys will be used as RegExp to match paths.

    // rewrite path
    pathRewrite: {'^/old/api' : '/new/api'}
    // remove path
    pathRewrite: {'^/remove/api' : ''}
    // add base path
    pathRewrite: {'^/' : '/basepath/'}
    // custom rewriting
    pathRewrite: function (path, req) { return path.replace('/api', '/base/api') }
  • option.router: object/function, re-target for specific requests.

    // Use `host` and/or `path` to match requests. First match will be used.
    // The order of the configuration matters.
    router: {
        'integration.localhost:3000' : 'http://localhost:8001',  // host only
        'staging.localhost:3000'     : 'http://localhost:8002',  // host only
        'localhost:3000/api'         : 'http://localhost:8003',  // host + path
        '/rest'                      : 'http://localhost:8004'   // path only
    // Custom router function
    router: function(req) {
        return 'http://localhost:8004';
  • option.logLevel: string, ['debug', 'info', 'warn', 'error', 'silent']. Default: 'info'

  • option.logProvider: function, modify or replace log provider. Default: console.

    // simple replace
    function logProvider(provider) {
      // replace the default console log provider.
      return require('winston');
    // verbose replacement
    function logProvider(provider) {
      var logger = new (require('winston')).Logger();
      var myCustomProvider = {
        log: logger.log,
        debug: logger.debug,
        warn: logger.warn,
        error: logger.error
      return myCustomProvider;

http-proxy events

Subscribe to http-proxy events:

  • option.onError: function, subscribe to http-proxy's error event for custom error handling.

    function onError(err, req, res) {
      res.writeHead(500, {
        'Content-Type': 'text/plain'
        'Something went wrong. And we are reporting a custom error message.'
  • option.onProxyRes: function, subscribe to http-proxy's proxyRes event.

    function onProxyRes(proxyRes, req, res) {
      proxyRes.headers['x-added'] = 'foobar'; // add new header to response
      delete proxyRes.headers['x-removed']; // remove header from response
  • option.onProxyReq: function, subscribe to http-proxy's proxyReq event.

    function onProxyReq(proxyReq, req, res) {
      // add custom header to request
      proxyReq.setHeader('x-added', 'foobar');
      // or log the req
  • option.onProxyReqWs: function, subscribe to http-proxy's proxyReqWs event.

    function onProxyReqWs(proxyReq, req, socket, options, head) {
      // add custom header
      proxyReq.setHeader('X-Special-Proxy-Header', 'foobar');
  • option.onOpen: function, subscribe to http-proxy's open event.

    function onOpen(proxySocket) {
      // listen for messages coming FROM the target here
      proxySocket.on('data', hybiParseAndLogMessage);
  • option.onClose: function, subscribe to http-proxy's close event.

    function onClose(res, socket, head) {
      // view disconnected websocket connections
      console.log('Client disconnected');

http-proxy options

The following options are provided by the underlying http-proxy library.

  • url string to be parsed with the url module

  • option.forward: url string to be parsed with the url module

  • option.agent: object to be passed to http(s).request (see Node's https agent and http agent objects)

  • option.ssl: object to be passed to https.createServer()

  • true/false: if you want to proxy websockets

  • option.xfwd: true/false, adds x-forward headers

  • true/false, if you want to verify the SSL Certs

  • option.toProxy: true/false, passes the absolute URL as the path (useful for proxying to proxies)

  • option.prependPath: true/false, Default: true - specify whether you want to prepend the target's path to the proxy path

  • option.ignorePath: true/false, Default: false - specify whether you want to ignore the proxy path of the incoming request (note: you will have to append / manually if required).

  • option.localAddress : Local interface string to bind for outgoing connections

  • option.changeOrigin: true/false, Default: false - changes the origin of the host header to the target URL

  • option.preserveHeaderKeyCase: true/false, Default: false - specify whether you want to keep letter case of response header key

  • option.auth : Basic authentication i.e. 'user:password' to compute an Authorization header.

  • option.hostRewrite: rewrites the location hostname on (301/302/307/308) redirects.

  • option.autoRewrite: rewrites the location host/port on (301/302/307/308) redirects based on requested host/port. Default: false.

  • option.protocolRewrite: rewrites the location protocol on (301/302/307/308) redirects to 'http' or 'https'. Default: null.

  • option.cookieDomainRewrite: rewrites domain of set-cookie headers. Possible values:

    • false (default): disable cookie rewriting
    • String: new domain, for example cookieDomainRewrite: "new.domain". To remove the domain, use cookieDomainRewrite: "".
    • Object: mapping of domains to new domains, use "*" to match all domains.
      For example keep one domain unchanged, rewrite one domain and remove other domains:
      cookieDomainRewrite: {
        "unchanged.domain": "unchanged.domain",
        "old.domain": "new.domain",
        "*": ""
  • option.cookiePathRewrite: rewrites path of set-cookie headers. Possible values:

    • false (default): disable cookie rewriting
    • String: new path, for example cookiePathRewrite: "/newPath/". To remove the path, use cookiePathRewrite: "". To set path to root use cookiePathRewrite: "/".
    • Object: mapping of paths to new paths, use "*" to match all paths. For example, to keep one path unchanged, rewrite one path and remove other paths:
      cookiePathRewrite: {
        "/unchanged.path/": "/unchanged.path/",
        "/old.path/": "/new.path/",
        "*": ""
  • option.headers: object, adds request headers. (Example: {host:''})

  • option.proxyTimeout: timeout (in millis) when proxy receives no response from target

  • option.timeout: timeout (in millis) for incoming requests

  • option.followRedirects: true/false, Default: false - specify whether you want to follow redirects

  • option.selfHandleResponse true/false, if set to true, none of the webOutgoing passes are called and it's your responsibility to appropriately return the response by listening and acting on the proxyRes event

  • option.buffer: stream of data to send as the request body. Maybe you have some middleware that consumes the request stream before proxying it on e.g. If you read the body of a request into a field called 'req.rawbody' you could restream this field in the buffer option:

    'use strict';
    const streamify = require('stream-array');
    const HttpProxy = require('http-proxy');
    const proxy = new HttpProxy();
    module.exports = (req, res, next) => {
      proxy.web(req, res, {
        target: 'http://localhost:4003/',
        buffer: streamify(req.rawBody)
      }, next);


Use the shorthand syntax when verbose configuration is not needed. The context and will be automatically configured when shorthand is used. Options can still be used if needed.

// proxy('/api', {target: ''});

// proxy('/api/books/*/**.json', {target: ''});

proxy('', { changeOrigin: true });
// proxy('/api', {target: '', changeOrigin: true});

app.use(path, proxy)

If you want to use the server's app.use path parameter to match requests; Create and mount the proxy without the http-proxy-middleware context parameter:

  proxy({ target: '', changeOrigin: true })

app.use documentation:


// verbose api
proxy('/', { target: '', ws: true });

// shorthand
proxy('', { ws: true });

// shorter shorthand

External WebSocket upgrade

In the previous WebSocket examples, http-proxy-middleware relies on a initial http request in order to listen to the http upgrade event. If you need to proxy WebSockets without the initial http request, you can subscribe to the server's http upgrade event manually.

var wsProxy = proxy('ws://', { changeOrigin: true });

var app = express();

var server = app.listen(3000);
server.on('upgrade', wsProxy.upgrade); // <-- subscribe to http 'upgrade'

Working examples

View and play around with working examples.


View the recipes for common use cases.

Compatible servers

http-proxy-middleware is compatible with the following servers:

Sample implementations can be found in the server recipes.


Run the test suite:

# install dependencies
$ yarn

# linting
$ yarn lint
$ yarn lint:fix

# building (compile typescript to js)
$ yarn build

# unit tests
$ yarn test

# code coverage
$ yarn cover



The MIT License (MIT)

Copyright (c) 2015-2019 Steven Chim

Project Statistics

Sourcerank 21
Repository Size 623 KB
Stars 5,725
Forks 460
Watchers 98
Open issues 88
Dependencies 810
Contributors 14
Tags 35
Last updated
Last pushed

Top Contributors See all

chimurai Radu Serbanescu Chris Martin Paul Klimashkin Gustav Tiger Thomas Grainger Huangshi Tian Yunjun Mu Sorin Davidoi Michael Tazelaar Warren Flack Sunny Luo Duncan Lock

Packages Referencing this Repo

fork from http-proxy-middleware. Support Dynamic target
Latest release 1.0.0 - Published - 5.73K stars
The one-liner node.js proxy middleware for connect, express and browser-sync
Latest release 0.20.0 - Updated - 5.73K stars
The one-liner node.js proxy middleware for connect, express and browser-sync
Latest release 0.22.5-alpha.0 - Updated - 5.73K stars
The one-liner node.js proxy middleware for connect, express and browser-sync
Latest release 0.17.3 - Updated - 5.73K stars
The one-liner node.js proxy middleware for connect, express and browser-sync
Latest release 10.0.0 - Published - 5.73K stars

Recent Tags See all

v0.20.0 September 03, 2019
v0.20.0-beta.0 June 02, 2019
v0.19.1 November 25, 2018
v0.19.0 August 29, 2018
v0.18.0 March 12, 2018
v0.17.4 March 02, 2017
v0.17.3 December 07, 2016
v0.17.2 September 28, 2016
v0.17.1 August 11, 2016
v0.17.0 July 03, 2016
v0.16.0 June 13, 2016
v0.15.2 May 29, 2016
v0.15.1 May 26, 2016
v0.15.0 May 03, 2016
v0.14.0 April 18, 2016

Interesting Forks See all

zap The one-liner node.js http-proxy middleware for connect, express and browser-sync
JavaScript - Updated - 1 stars
zap The one-liner node.js http-proxy middleware for connect, express and browser-sync
JavaScript - Updated - 1 stars
zap The one-liner node.js http-proxy middleware for connect, express and browser-sync
JavaScript - Updated - 1 stars

Something wrong with this page? Make a suggestion

Last synced: 2019-07-09 19:44:10 UTC

Login to resync this repository