Virtual Patching with the NGINX JavaScript Module

methods.js

function method_up(s) {
    var proxy_proto_header = '';
    var req = '';

    s.on('upload', function(data, flags) {
        var n;

	  req += data;
	  n = req.search('\n');

	  // Forward past PROXY Protocol header if present
	  if (n != -1 && req.startsWith('PROXY ')) {
		  proxy_proto_header = req.substr(0, n+1);
		  req = req.substr(n+1); 
		  n = req.search('\n');
	  }
	  if (n != -1) {
		  req = req.replace(/^(get|post)(\s\S+\sHTTP\/\d\.\d)/, function(m,method,uri_version) {
			  return method.toUpperCase() + uri_version;
		  });
		  s.send(proxy_proto_header + req, flags);
		  s.off('upload');
	   }
     });
}

export default { method_up }

nginx.conf

http {
    include conf.d/*.conf;
    include conf.d/*.js;
}

stream {
    include stream.d/*.conf;
    include stream.d/*.js;
}

virtual-patch-http.conf

# Place or include in the http{} context
server {
    listen 81 proxy_protocol;

    set_real_ip_from 127.0.0.1;
    real_ip_header proxy_protocol;

    # existing configuration (location blocks, etc.) for virtual server
}

# vim: syntax=nginx

virtual-patch-stream.conf

# Place or include in the stream{} context
js_import stream.d/methods.js;
server {
    listen 80;
    listen 443 ssl;
    ssl_certificate     /etc/nginx/certs/bundle.crt;
    ssl_certificate_key /etc/nginx/certs/key.pem;
    js_filter methods.method_up;
    proxy_pass 127.0.0.1:81;
    proxy_protocol on;
}

# vim: syntax=nginx

For a discussion of these files, see Virtual Patching with the NGINX JavaScript Module